Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
G
Gin-Gonic OAuth2 Authenticator
Manage
Activity
Members
Labels
Plan
Issues
0
Issue boards
Milestones
Wiki
Code
Merge requests
0
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Francesco De Martino
Gin-Gonic OAuth2 Authenticator
Commits
f2ea158e
Commit
f2ea158e
authored
4 years ago
by
Francesco De Martino
Browse files
Options
Downloads
Patches
Plain Diff
+ roles middleware
parent
a819598c
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
authentication.go
+45
-9
45 additions, 9 deletions
authentication.go
with
45 additions
and
9 deletions
authentication.go
+
45
−
9
View file @
f2ea158e
...
...
@@ -3,7 +3,7 @@
Use Redis as a cache in which store an oauth2 authentication for 1 hour
Insert in gin.Context user_id (*DataReceive)
Insert in gin.Context user_roles ([]string)
*/
*/
package
oauth2_authenticator
...
...
@@ -15,9 +15,11 @@ import (
"net/http"
)
const
ExpirationTimeRedis
=
3600000000000
/*
Json of api/user
*/
*/
type
DataReceive
struct
{
User
struct
{
Active
bool
`json:"active"`
...
...
@@ -50,7 +52,7 @@ type DataReceive struct {
/*
Gin-Gonic middleware to import for oauth2 authentication
*/
*/
func
Authentication
(
c
*
gin
.
Context
)
{
userInfo
:=
redisClient
.
Get
(
ctx
,
createKey
(
c
.
GetHeader
(
"Authorization"
)))
...
...
@@ -61,11 +63,45 @@ func Authentication(c *gin.Context) {
}
}
/*
Gin-Gonic middleware to import for check roles of an user
it MUST be used after Authentication
*/
func
Rule
(
roles
[]
string
)
func
(
c
*
gin
.
Context
)
{
return
func
(
c
*
gin
.
Context
)
{
var
rolesUser
[]
string
canContinue
:=
true
rolesUser
,
_
=
c
.
GetQueryArray
(
"user_roles"
)
for
_
,
role
:=
range
roles
{
if
!
isInArray
(
role
,
rolesUser
)
{
c
.
AbortWithStatusJSON
(
http
.
StatusForbidden
,
gin
.
H
{})
canContinue
=
false
break
}
}
if
canContinue
{
c
.
Next
()
}
}
}
/*
Simple function to check if a value is in an array
*/
func
isInArray
(
value
string
,
arrayValues
[]
string
)
bool
{
for
_
,
arrayValue
:=
range
arrayValues
{
if
value
==
arrayValue
{
return
true
}
}
return
false
}
/*
If the Redis key doesn't exist, it creates and use it
*/
*/
func
keyRedisNotExist
(
c
*
gin
.
Context
)
{
request
,
_
:=
http
.
NewRequest
(
"GET"
,
endPointOauthAuth
+
"/api/user"
,
nil
)
request
,
_
:=
http
.
NewRequest
(
"GET"
,
endPointOauthAuth
+
"/api/user"
,
nil
)
request
.
Header
.
Add
(
"Authorization"
,
c
.
GetHeader
(
"Authorization"
))
response
,
err
:=
clientHttp
.
Do
(
request
)
...
...
@@ -82,7 +118,7 @@ func keyRedisNotExist(c *gin.Context) {
if
roles
==
nil
{
c
.
AbortWithStatusJSON
(
http
.
StatusForbidden
,
gin
.
H
{})
}
else
{
redisClient
.
Set
(
ctx
,
createKey
(
c
.
GetHeader
(
"Authorization"
)),
string
(
body
),
3600000000000
)
redisClient
.
Set
(
ctx
,
createKey
(
c
.
GetHeader
(
"Authorization"
)),
string
(
body
),
ExpirationTimeRedis
)
c
.
Set
(
"user_id"
,
&
send
)
c
.
Set
(
"user_roles"
,
roles
)
c
.
Next
()
...
...
@@ -93,7 +129,7 @@ func keyRedisNotExist(c *gin.Context) {
/*
It uses the data in the Redis key
*/
*/
func
keyRedisExists
(
c
*
gin
.
Context
,
userInfo
*
redis
.
StringCmd
)
{
var
send
DataReceive
text
:=
userInfo
.
Val
()
...
...
@@ -109,7 +145,7 @@ func keyRedisExists(c *gin.Context, userInfo *redis.StringCmd) {
/*
Check if the application ID of the user is equal to the application ID of the project
*/
*/
func
checkApplicationIDAndGetRules
(
data
*
DataReceive
)
[]
string
{
for
_
,
registration
:=
range
data
.
User
.
Registrations
{
if
registration
.
ApplicationID
==
applicationIdAuth
{
...
...
@@ -121,7 +157,7 @@ func checkApplicationIDAndGetRules(data *DataReceive) []string {
/*
Create the key for Redis
*/
*/
func
createKey
(
authentication
string
)
string
{
return
"oauth2-authenticator."
+
authentication
}
This diff is collapsed.
Click to expand it.
Preview
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment