github.com/Tyktechnologies/tyk@v2.9.5+incompatible/gateway/mw_key_expired_check.go

github.com/Tyktechnologies/tyk@v2.9.5+incompatible/gateway/mw_key_expired_check.go (about)

     1  package gateway
     2  
     3  import (
     4  	"errors"
     5  	"net/http"
     6  	"sync"
     7  
     8  	"github.com/TykTechnologies/tyk/request"
     9  )
    10  
    11  // KeyExpired middleware will check if the requesting key is expired or not. It makes use of the authManager to do so.
    12  type KeyExpired struct {
    13  	BaseMiddleware
    14  }
    15  
    16  func (k *KeyExpired) Name() string {
    17  	return "KeyExpired"
    18  }
    19  
    20  // ProcessRequest will run any checks on the request on the way through the system, return an error to have the chain fail
    21  func (k *KeyExpired) ProcessRequest(w http.ResponseWriter, r *http.Request, _ interface{}) (error, int) {
    22  	if ctxGetRequestStatus(r) == StatusOkAndIgnore {
    23  		return nil, http.StatusOK
    24  	}
    25  
    26  	logger := k.Logger()
    27  	session := ctxGetSession(r)
    28  	if session == nil {
    29  		return errors.New("Session state is missing or unset! Please make sure that auth headers are properly applied"), http.StatusBadRequest
    30  	}
    31  
    32  	if session.Mutex == nil {
    33  		session.Mutex = &sync.RWMutex{}
    34  	}
    35  
    36  	token := ctxGetAuthToken(r)
    37  	if session.IsInactive {
    38  		logger.Info("Attempted access from inactive key.")
    39  		// Fire a key expired event
    40  		k.FireEvent(EventKeyExpired, EventKeyFailureMeta{
    41  			EventMetaDefault: EventMetaDefault{Message: "Attempted access from inactive key.", OriginatingRequest: EncodeRequestToEvent(r)},
    42  			Path:             r.URL.Path,
    43  			Origin:           request.RealIP(r),
    44  			Key:              token,
    45  		})
    46  
    47  		// Report in health check
    48  		reportHealthValue(k.Spec, KeyFailure, "-1")
    49  
    50  		return errors.New("Key is inactive, please renew"), http.StatusForbidden
    51  	}
    52  
    53  	if !k.Spec.AuthManager.KeyExpired(session) {
    54  		return nil, http.StatusOK
    55  	}
    56  	logger.Info("Attempted access from expired key.")
    57  
    58  	k.FireEvent(EventKeyExpired, EventKeyFailureMeta{
    59  		EventMetaDefault: EventMetaDefault{Message: "Attempted access from expired key.", OriginatingRequest: EncodeRequestToEvent(r)},
    60  		Path:             r.URL.Path,
    61  		Origin:           request.RealIP(r),
    62  		Key:              token,
    63  	})
    64  	// Report in health check
    65  	reportHealthValue(k.Spec, KeyFailure, "-1")
    66  
    67  	return errors.New("Key has expired, please renew"), http.StatusUnauthorized
    68  }