From 1c2a63e86136c42cd407f5c35679fe69d69eeb0d Mon Sep 17 00:00:00 2001 From: mls-361 Date: Sun, 8 Aug 2021 19:04:30 +0200 Subject: [PATCH] =?UTF-8?q?En=20cours=20de=20d=C3=A9veloppement?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- go.mod | 4 +-- go.sum | 8 +++--- internal/api/api.go | 12 ++++++-- internal/cli/requestor.go | 11 +++++++- internal/middleware/{log.go => middleware.go} | 28 +++++++++++++++++++ 5 files changed, 54 insertions(+), 9 deletions(-) rename internal/middleware/{log.go => middleware.go} (71%) diff --git a/go.mod b/go.mod index ed4c239..2c4b4cf 100644 --- a/go.mod +++ b/go.mod @@ -6,13 +6,13 @@ require ( forge.chapril.org/armen/jw v0.0.0-20210805210545-da8788595df5 forge.chapril.org/armen/memory v0.0.0-20210805210634-d02aca0da758 forge.chapril.org/armen/model v0.0.0-20210805210659-1e2499fdebb8 - forge.chapril.org/armen/requestor v0.0.0-20210805210723-9e1d47c5a5ee + forge.chapril.org/armen/requestor v0.0.0-20210808165107-af10da389584 forge.chapril.org/armen/runner v0.0.0-20210805210803-07ab6d0373d9 forge.chapril.org/armen/workers v0.0.0-20210805210824-756d247bb747 forge.chapril.org/mls-361/application v0.0.0-20210805205753-c663b93b7e1a forge.chapril.org/mls-361/crypto v0.0.0-20210507222429-aa9bfa212956 forge.chapril.org/mls-361/errors v0.0.0-20210507222244-6017b9315140 - forge.chapril.org/mls-361/jsonapi v0.0.0-20210806202843-a801f9a20758 + forge.chapril.org/mls-361/jsonapi v0.0.0-20210808150555-87cb5ce9a0f4 forge.chapril.org/mls-361/logger v0.0.0-20210805205904-6c659f2ae253 forge.chapril.org/mls-361/uuid v0.1.0 github.com/julienschmidt/httprouter v1.3.0 diff --git a/go.sum b/go.sum index 527e097..b6a80a0 100644 --- a/go.sum +++ b/go.sum @@ -6,8 +6,8 @@ forge.chapril.org/armen/memory v0.0.0-20210805210634-d02aca0da758 h1:cEHlMCL2N2h forge.chapril.org/armen/memory v0.0.0-20210805210634-d02aca0da758/go.mod h1:Y8JRYs23Dt4kT00PHGUmObmc1+UoB0bGyzhbk9R+hJw= forge.chapril.org/armen/model v0.0.0-20210805210659-1e2499fdebb8 h1:y7SxEdO7CYPPgEjNJMhOpEFDg6GLhVpJTClTY/bkKWc= forge.chapril.org/armen/model v0.0.0-20210805210659-1e2499fdebb8/go.mod h1:LuUKO1d3ueQC9XD2lCIyvUGcbeHdu1erSoOF7c8MKHo= -forge.chapril.org/armen/requestor v0.0.0-20210805210723-9e1d47c5a5ee h1:AJZ9LfPE4Y/TFVAOdzwhdcUV8W+/mRCIa1dzD/KTsqI= -forge.chapril.org/armen/requestor v0.0.0-20210805210723-9e1d47c5a5ee/go.mod h1:yZYVn9Uwfsdk3ieqkV7slLx9xh2bVZEwiboxK8FKdD8= +forge.chapril.org/armen/requestor v0.0.0-20210808165107-af10da389584 h1:VYa8EpVWHSmTXp9IrgNqCtTH6sp/vCSbPczFKkzGZao= +forge.chapril.org/armen/requestor v0.0.0-20210808165107-af10da389584/go.mod h1:yZYVn9Uwfsdk3ieqkV7slLx9xh2bVZEwiboxK8FKdD8= forge.chapril.org/armen/runner v0.0.0-20210805210803-07ab6d0373d9 h1:r5GosY9G4iNRVcjfMGVLG0Upep8CvFIk47RbWdDjATY= forge.chapril.org/armen/runner v0.0.0-20210805210803-07ab6d0373d9/go.mod h1:JOoUDfdPqo2TiEFpLhYKCgYtcLSbbLij/LuQArpBjLE= forge.chapril.org/armen/workers v0.0.0-20210805210824-756d247bb747 h1:rjbteEWr7PSkYt7kRYITpzpndekH7R7f2Lk2AVudZyw= @@ -22,8 +22,8 @@ forge.chapril.org/mls-361/errors v0.0.0-20210507222244-6017b9315140 h1:uBp4Uz62/ forge.chapril.org/mls-361/errors v0.0.0-20210507222244-6017b9315140/go.mod h1:GBBbrcpLm0Hww05AoFQJY3tTXbNBOQPqV+qTFEWpL20= forge.chapril.org/mls-361/fqdn v0.0.0-20210507222326-a85c3c19b9af h1:TbPVsBz8TYVmyqcrskFWlheyapWsuNrCVd6HedWuRjc= forge.chapril.org/mls-361/fqdn v0.0.0-20210507222326-a85c3c19b9af/go.mod h1:AFGBvcK+UEZ9riVN+xN0suL8mVhBrxQIMKK39EX434s= -forge.chapril.org/mls-361/jsonapi v0.0.0-20210806202843-a801f9a20758 h1:9rbjHsnQWGG9if4/ytqpST+N4Fmrqyrru2yottH8vqk= -forge.chapril.org/mls-361/jsonapi v0.0.0-20210806202843-a801f9a20758/go.mod h1:Nc0FLjdJbMKeIJaVHYdTDj1b8GkioxqRfnlLxJBptB4= +forge.chapril.org/mls-361/jsonapi v0.0.0-20210808150555-87cb5ce9a0f4 h1:RFievukgaNkEFEOcpEB3D3M0qKZ4QqgakjfZolMha6A= +forge.chapril.org/mls-361/jsonapi v0.0.0-20210808150555-87cb5ce9a0f4/go.mod h1:Nc0FLjdJbMKeIJaVHYdTDj1b8GkioxqRfnlLxJBptB4= forge.chapril.org/mls-361/kvfmt v0.0.0-20210507213839-4f18d8b29e73 h1:OKwxmpmkdhy9SWwZcJrz7Fp57LWpY/PNloHdFiDc4Ek= forge.chapril.org/mls-361/kvfmt v0.0.0-20210507213839-4f18d8b29e73/go.mod h1:bv44R0CAd8lQV4ub1hjLE3kWYwpfsW4Ro9zRnD4YOMU= forge.chapril.org/mls-361/logger v0.0.0-20210805205904-6c659f2ae253 h1:kKtJwB/GoikCP/OChU566z8ORkOK9xR4VwW4htbrqSY= diff --git a/internal/api/api.go b/internal/api/api.go index 84f6cae..396835f 100644 --- a/internal/api/api.go +++ b/internal/api/api.go @@ -22,23 +22,31 @@ import ( const _maxBodySize = 1024 * 32 type api struct { + crypto components.Crypto logger components.Logger model components.Model } func newAPI(ccs *components.Components) *api { return &api{ + crypto: ccs.Crypto, logger: ccs.Logger.NewLogger(uuid.New(), "api"), model: ccs.Model, } } func (api *api) debug(hf jsonapi.HandlerFunc) jsonapi.Handler { - return middleware.Debug(hf, api.logger) + return middleware.Debug( + middleware.Authentification(hf, api.crypto), + api.logger, + ) } func (api *api) trace(hf jsonapi.HandlerFunc) jsonapi.Handler { - return middleware.Trace(hf, api.logger) + return middleware.Trace( + middleware.Authentification(hf, api.crypto), + api.logger, + ) } func (api *api) createJob(r *jsonapi.Request) { diff --git a/internal/cli/requestor.go b/internal/cli/requestor.go index 6dd3454..6f16788 100644 --- a/internal/cli/requestor.go +++ b/internal/cli/requestor.go @@ -11,14 +11,23 @@ import ( "forge.chapril.org/armen/jw" "forge.chapril.org/armen/requestor" + "forge.chapril.org/mls-361/errors" "forge.chapril.org/armen/armen/internal/components" ) func newRequestor(ccs *components.Components) (jw.Model, error) { + username := "cli" + password, err := ccs.Crypto.EncryptString(username) + if err != nil { + return nil, errors.WithMessage(err, "unable to encrypt the requestor's username") ////////////////////////////// + } + cfg := ccs.Config.Server() endpoint := &requestor.Endpoint{ - URL: fmt.Sprintf("http://localhost:%d", cfg.Port), + URL: fmt.Sprintf("http://localhost:%d", cfg.Port), + Username: username, + Password: password, } rc := &requestor.Config{ diff --git a/internal/middleware/log.go b/internal/middleware/middleware.go similarity index 71% rename from internal/middleware/log.go rename to internal/middleware/middleware.go index a10b0cb..e29a530 100644 --- a/internal/middleware/log.go +++ b/internal/middleware/middleware.go @@ -7,11 +7,39 @@ package middleware import ( + "net/http" + "forge.chapril.org/mls-361/jsonapi" "forge.chapril.org/armen/armen/internal/components" ) +func setHeaderWWWAuthenticate(r *jsonapi.Request) { + r.SetHeader("WWW-Authenticate", `Basic realm="Give username and password"`) +} + +// Authentification AFAIRE. +func Authentification(next jsonapi.Handler, crypto components.Crypto) jsonapi.Handler { + return jsonapi.HandlerFunc(func(r *jsonapi.Request) { + username, password, ok := r.BasicAuth() + if !ok { + setHeaderWWWAuthenticate(r) + r.RenderError(http.StatusUnauthorized, "No basic auth present") + return + } + + value, err := crypto.DecryptString(password) + + if err != nil || value != username { + setHeaderWWWAuthenticate(r) + r.RenderError(http.StatusUnauthorized, "Invalid username or password") + return + } + + next.Serve(r) + }) +} + // Debug AFAIRE. func Debug(next jsonapi.Handler, logger components.Logger) jsonapi.Handler { return jsonapi.HandlerFunc(func(r *jsonapi.Request) {