-
Notifications
You must be signed in to change notification settings - Fork 496
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Allow Athens to Propagate Authentication to Mod Download (#1650)
* Allow Athens to Propagate Authentication to Mod Download * update readme * add pattern matching to auth propagation * Propagate authentication to pre declared static host * quote redis test * fix flaky redis error message * fix config tests * fix config tests * Update config.dev.toml Co-authored-by: Ted Wexler <ted@stuckinacan.com> * gofmt Co-authored-by: Ted Wexler <ted@stuckinacan.com>
- Loading branch information
1 parent
81906b9
commit dfb7887
Showing
19 changed files
with
546 additions
and
135 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
package auth | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"io/ioutil" | ||
"path/filepath" | ||
"runtime" | ||
|
||
"github.com/gomods/athens/pkg/errors" | ||
) | ||
|
||
type authkey struct{} | ||
|
||
// BasicAuth is the embedded credentials in a context | ||
type BasicAuth struct { | ||
User, Password string | ||
} | ||
|
||
// SetAuthInContext sets the auth value in context | ||
func SetAuthInContext(ctx context.Context, auth BasicAuth) context.Context { | ||
return context.WithValue(ctx, authkey{}, auth) | ||
} | ||
|
||
// FromContext retrieves the auth value | ||
func FromContext(ctx context.Context) (BasicAuth, bool) { | ||
auth, ok := ctx.Value(authkey{}).(BasicAuth) | ||
return auth, ok | ||
} | ||
|
||
// WriteNETRC writes the netrc file to the specified directory | ||
func WriteNETRC(path, host, user, password string) error { | ||
const op errors.Op = "auth.WriteNETRC" | ||
fileContent := fmt.Sprintf("machine %s login %s password %s\n", host, user, password) | ||
if err := ioutil.WriteFile(path, []byte(fileContent), 0600); err != nil { | ||
return errors.E(op, fmt.Errorf("netrcFromToken: could not write to file: %v", err)) | ||
} | ||
return nil | ||
} | ||
|
||
// WriteTemporaryNETRC writes a netrc file to a temporary directory, returning | ||
// the directory it was written to. | ||
func WriteTemporaryNETRC(host, user, password string) (string, error) { | ||
const op errors.Op = "auth.WriteTemporaryNETRC" | ||
dir, err := ioutil.TempDir("", "netrcp") | ||
if err != nil { | ||
return "", errors.E(op, err) | ||
} | ||
rcp := filepath.Join(dir, GetNETRCFilename()) | ||
err = WriteNETRC(rcp, host, user, password) | ||
if err != nil { | ||
return "", errors.E(op, err) | ||
} | ||
return dir, nil | ||
} | ||
|
||
// GetNETRCFilename returns the name of the netrc file | ||
// according to the contextual platform | ||
func GetNETRCFilename() string { | ||
if runtime.GOOS == "windows" { | ||
return "_netrc" | ||
} | ||
return ".netrc" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package middleware | ||
|
||
import ( | ||
"net/http" | ||
|
||
"github.com/gomods/athens/pkg/auth" | ||
) | ||
|
||
type authkey struct{} | ||
|
||
// WithAuth inserts the Authorization header | ||
// into the request context | ||
func WithAuth(h http.Handler) http.Handler { | ||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | ||
user, password, ok := r.BasicAuth() | ||
if ok { | ||
ctx := auth.SetAuthInContext(r.Context(), auth.BasicAuth{User: user, Password: password}) | ||
r = r.WithContext(ctx) | ||
} | ||
h.ServeHTTP(w, r) | ||
}) | ||
} |
Oops, something went wrong.