add secure requests with tokens.
generate new token on every new page load
This commit is contained in:
@ -6,6 +6,7 @@ import (
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"openmediacenter/apiGo/api/oauth"
|
||||
)
|
||||
|
||||
const APIPREFIX = "/api"
|
||||
@ -36,10 +37,13 @@ func AddHandler(action string, apiNode int, n interface{}, h func() []byte) {
|
||||
}
|
||||
|
||||
func ServerInit(port uint16) {
|
||||
http.Handle(APIPREFIX+"/video", http.HandlerFunc(videoHandler))
|
||||
http.Handle(APIPREFIX+"/tags", http.HandlerFunc(tagHandler))
|
||||
http.Handle(APIPREFIX+"/settings", http.HandlerFunc(settingsHandler))
|
||||
http.Handle(APIPREFIX+"/actor", http.HandlerFunc(actorHandler))
|
||||
http.Handle(APIPREFIX+"/video", oauth.ValidateToken(videoHandler))
|
||||
http.Handle(APIPREFIX+"/tags", oauth.ValidateToken(tagHandler))
|
||||
http.Handle(APIPREFIX+"/settings", oauth.ValidateToken(settingsHandler))
|
||||
http.Handle(APIPREFIX+"/actor", oauth.ValidateToken(actorHandler))
|
||||
|
||||
// initialize oauth service and add corresponding auth routes
|
||||
oauth.InitOAuth()
|
||||
|
||||
fmt.Printf("OpenMediacenter server up and running on port %d\n", port)
|
||||
log.Fatal(http.ListenAndServe(fmt.Sprintf(":%d", port), nil))
|
||||
|
||||
67
apiGo/api/oauth/Oauth.go
Normal file
67
apiGo/api/oauth/Oauth.go
Normal file
@ -0,0 +1,67 @@
|
||||
package oauth
|
||||
|
||||
import (
|
||||
"gopkg.in/oauth2.v3/errors"
|
||||
"gopkg.in/oauth2.v3/manage"
|
||||
"gopkg.in/oauth2.v3/models"
|
||||
"gopkg.in/oauth2.v3/server"
|
||||
"gopkg.in/oauth2.v3/store"
|
||||
"log"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
var srv *server.Server
|
||||
|
||||
func InitOAuth() {
|
||||
manager := manage.NewDefaultManager()
|
||||
// token store
|
||||
manager.MustTokenStorage(store.NewMemoryTokenStore())
|
||||
|
||||
clientStore := store.NewClientStore()
|
||||
// todo we need to check here if a password is enabled in db -- when yes set it here!
|
||||
clientStore.Set("openmediacenter", &models.Client{
|
||||
ID: "openmediacenter",
|
||||
Secret: "openmediacenter",
|
||||
Domain: "http://localhost:8081",
|
||||
})
|
||||
|
||||
manager.MapClientStorage(clientStore)
|
||||
srv = server.NewServer(server.NewConfig(), manager)
|
||||
srv.SetClientInfoHandler(server.ClientFormHandler)
|
||||
manager.SetRefreshTokenCfg(manage.DefaultRefreshTokenCfg)
|
||||
|
||||
srv.SetInternalErrorHandler(func(err error) (re *errors.Response) {
|
||||
log.Println("Internal Error:", err.Error())
|
||||
return
|
||||
})
|
||||
|
||||
srv.SetResponseErrorHandler(func(re *errors.Response) {
|
||||
log.Println("Response Error:", re.Error.Error())
|
||||
})
|
||||
|
||||
http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
|
||||
err := srv.HandleAuthorizeRequest(w, r)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||
}
|
||||
})
|
||||
|
||||
http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
|
||||
err := srv.HandleTokenRequest(w, r)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
func ValidateToken(f http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
_, err := srv.ValidationBearerToken(r)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
f.ServeHTTP(w, r)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user