github.com/chenbh/concourse/v6@v6.4.2/skymarshal/token/middleware.go

github.com/chenbh/concourse/v6@v6.4.2/skymarshal/token/middleware.go (about)

     1  package token
     2  
     3  import (
     4  	"net/http"
     5  	"time"
     6  )
     7  
     8  //go:generate counterfeiter . Middleware
     9  type Middleware interface {
    10  	SetAuthToken(http.ResponseWriter, string, time.Time) error
    11  	UnsetAuthToken(http.ResponseWriter)
    12  	GetAuthToken(*http.Request) string
    13  
    14  	SetCSRFToken(http.ResponseWriter, string, time.Time) error
    15  	UnsetCSRFToken(http.ResponseWriter)
    16  	GetCSRFToken(*http.Request) string
    17  
    18  	SetStateToken(http.ResponseWriter, string, time.Time) error
    19  	UnsetStateToken(http.ResponseWriter)
    20  	GetStateToken(*http.Request) string
    21  }
    22  
    23  type middleware struct {
    24  	secureCookies bool
    25  }
    26  
    27  func NewMiddleware(secureCookies bool) Middleware {
    28  	return &middleware{secureCookies: secureCookies}
    29  }
    30  
    31  const stateCookieName = "skymarshal_state"
    32  const authCookieName = "skymarshal_auth"
    33  const csrfCookieName = "skymarshal_csrf"
    34  
    35  func (m *middleware) UnsetAuthToken(w http.ResponseWriter) {
    36  	http.SetCookie(w, &http.Cookie{
    37  		Name:     authCookieName,
    38  		Path:     "/",
    39  		MaxAge:   -1,
    40  		Secure:   m.secureCookies,
    41  		HttpOnly: true,
    42  	})
    43  }
    44  
    45  func (m *middleware) SetAuthToken(w http.ResponseWriter, tokenStr string, expiry time.Time) error {
    46  	http.SetCookie(w, &http.Cookie{
    47  		Name:     authCookieName,
    48  		Value:    tokenStr,
    49  		Path:     "/",
    50  		Expires:  expiry,
    51  		HttpOnly: true,
    52  		Secure:   m.secureCookies,
    53  	})
    54  
    55  	return nil
    56  }
    57  
    58  func (m *middleware) GetAuthToken(r *http.Request) string {
    59  	cookie, err := r.Cookie(authCookieName)
    60  	if err != nil {
    61  		return ""
    62  	}
    63  	return cookie.Value
    64  }
    65  
    66  func (m *middleware) UnsetCSRFToken(w http.ResponseWriter) {
    67  	http.SetCookie(w, &http.Cookie{
    68  		Name:     csrfCookieName,
    69  		Path:     "/",
    70  		MaxAge:   -1,
    71  		Secure:   m.secureCookies,
    72  		HttpOnly: true,
    73  	})
    74  }
    75  
    76  func (m *middleware) SetCSRFToken(w http.ResponseWriter, csrfToken string, expiry time.Time) error {
    77  	http.SetCookie(w, &http.Cookie{
    78  		Name:     csrfCookieName,
    79  		Value:    csrfToken,
    80  		Path:     "/",
    81  		Expires:  expiry,
    82  		Secure:   m.secureCookies,
    83  		HttpOnly: true,
    84  	})
    85  
    86  	return nil
    87  }
    88  
    89  func (m *middleware) GetCSRFToken(r *http.Request) string {
    90  	cookie, err := r.Cookie(csrfCookieName)
    91  	if err != nil {
    92  		return ""
    93  	}
    94  	return cookie.Value
    95  }
    96  
    97  func (m *middleware) UnsetStateToken(w http.ResponseWriter) {
    98  	http.SetCookie(w, &http.Cookie{
    99  		Name:     stateCookieName,
   100  		Path:     "/",
   101  		MaxAge:   -1,
   102  		Secure:   m.secureCookies,
   103  		HttpOnly: true,
   104  	})
   105  }
   106  
   107  func (m *middleware) SetStateToken(w http.ResponseWriter, stateToken string, expiry time.Time) error {
   108  	http.SetCookie(w, &http.Cookie{
   109  		Name:     stateCookieName,
   110  		Value:    stateToken,
   111  		Path:     "/",
   112  		Expires:  expiry,
   113  		Secure:   m.secureCookies,
   114  		HttpOnly: true,
   115  	})
   116  
   117  	return nil
   118  }
   119  
   120  func (m *middleware) GetStateToken(r *http.Request) string {
   121  	cookie, err := r.Cookie(stateCookieName)
   122  	if err != nil {
   123  		return ""
   124  	}
   125  	return cookie.Value
   126  }