JustAnotherArchivist
/
transfer.sh
forked from kiska/transfer.sh
1
0
Fork 1
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
301 Commits
17 Branches
34 MiB
 
 
 
Tree: c4dbd39527
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c4dbd39527'
${ noResults }
transfer.sh/vendor/github.com/google/martian/ipauth/ipauth.go

100 lines
2.4 KiB
Raw Blame History 

  1. // Copyright 2015 Google Inc. All rights reserved.

  2. //

  3. // Licensed under the Apache License, Version 2.0 (the "License");

  4. // you may not use this file except in compliance with the License.

  5. // You may obtain a copy of the License at

  6. //

  7. //     http://www.apache.org/licenses/LICENSE-2.0

  8. //

  9. // Unless required by applicable law or agreed to in writing, software

  10. // distributed under the License is distributed on an "AS IS" BASIS,

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. // See the License for the specific language governing permissions and

  13. // limitations under the License.

  14. 

  15. // Package ipauth provides a martian.Modifier that sets auth based on IP.

  16. package ipauth

  17. 

  18. import (

  19. 	"net"

  20. 	"net/http"

  21. 

  22. 	"github.com/google/martian"

  23. 	"github.com/google/martian/auth"

  24. )

  25. 

  26. var noop = martian.Noop("ipauth.Modifier")

  27. 

  28. // Modifier is the IP authentication modifier.

  29. type Modifier struct {

  30. 	reqmod martian.RequestModifier

  31. 	resmod martian.ResponseModifier

  32. }

  33. 

  34. // NewModifier returns a new IP authentication modifier.

  35. func NewModifier() *Modifier {

  36. 	return &Modifier{

  37. 		reqmod: noop,

  38. 		resmod: noop,

  39. 	}

  40. }

  41. 

  42. // SetRequestModifier sets the request modifier.

  43. func (m *Modifier) SetRequestModifier(reqmod martian.RequestModifier) {

  44. 	if reqmod == nil {

  45. 		reqmod = noop

  46. 	}

  47. 

  48. 	m.reqmod = reqmod

  49. }

  50. 

  51. // SetResponseModifier sets the response modifier.

  52. func (m *Modifier) SetResponseModifier(resmod martian.ResponseModifier) {

  53. 	if resmod == nil {

  54. 		resmod = noop

  55. 	}

  56. 

  57. 	m.resmod = resmod

  58. }

  59. 

  60. // ModifyRequest sets the auth ID in the context from the request iff it has

  61. // not already been set and runs reqmod.ModifyRequest. If the underlying

  62. // modifier has indicated via auth error that no valid auth credentials

  63. // have been found we set ctx.SkipRoundTrip.

  64. func (m *Modifier) ModifyRequest(req *http.Request) error {

  65. 	ctx := martian.NewContext(req)

  66. 	actx := auth.FromContext(ctx)

  67. 

  68. 	ip, _, err := net.SplitHostPort(req.RemoteAddr)

  69. 	if err != nil {

  70. 		ip = req.RemoteAddr

  71. 	}

  72. 

  73. 	actx.SetID(ip)

  74. 

  75. 	err = m.reqmod.ModifyRequest(req)

  76. 

  77. 	if actx.Error() != nil {

  78. 		ctx.SkipRoundTrip()

  79. 	}

  80. 

  81. 	return err

  82. }

  83. 

  84. // ModifyResponse runs resmod.ModifyResponse.

  85. //

  86. // If an error is returned from resmod.ModifyResponse it is returned.

  87. func (m *Modifier) ModifyResponse(res *http.Response) error {

  88. 	ctx := martian.NewContext(res.Request)

  89. 	actx := auth.FromContext(ctx)

  90. 

  91. 	err := m.resmod.ModifyResponse(res)

  92. 

  93. 	if actx.Error() != nil {

  94. 		res.StatusCode = 403

  95. 		res.Status = http.StatusText(403)

  96. 	}

  97. 

  98. 	return err

  99. }