github.com/cs3org/reva/v2@v2.27.7/internal/http/interceptors/auth/credential/strategy/ocmshares/ocmshares.go (about) 1 // Copyright 2018-2023 CERN 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 // In applying this license, CERN does not waive the privileges and immunities 16 // granted to it by virtue of its status as an Intergovernmental Organization 17 // or submit itself to any jurisdiction. 18 19 package ocmshares 20 21 import ( 22 "fmt" 23 "net/http" 24 25 "github.com/cs3org/reva/v2/internal/http/interceptors/auth/credential/registry" 26 "github.com/cs3org/reva/v2/pkg/auth" 27 ) 28 29 func init() { 30 registry.Register("ocmshares", New) 31 } 32 33 const ( 34 headerShareToken = "ocm-token" 35 ) 36 37 type strategy struct{} 38 39 // New returns a new auth strategy that handles public share verification. 40 func New(m map[string]interface{}) (auth.CredentialStrategy, error) { 41 return &strategy{}, nil 42 } 43 44 func (s *strategy) GetCredentials(w http.ResponseWriter, r *http.Request) (*auth.Credentials, error) { 45 token := r.Header.Get(headerShareToken) 46 if token == "" { 47 token = r.URL.Query().Get(headerShareToken) 48 } 49 if token == "" { 50 return nil, fmt.Errorf("no ocm token provided") 51 } 52 53 return &auth.Credentials{Type: "ocmshares", ClientID: token}, nil 54 } 55 56 func (s *strategy) AddWWWAuthenticate(w http.ResponseWriter, r *http.Request, realm string) { 57 // TODO read realm from forwarded header? 58 }