github.com/cs3org/reva/v2@v2.27.7/internal/http/interceptors/auth/token/strategy/bearer/bearer.go

github.com/cs3org/reva/v2@v2.27.7/internal/http/interceptors/auth/token/strategy/bearer/bearer.go (about)

     1  // Copyright 2018-2023 CERN
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  //
    15  // In applying this license, CERN does not waive the privileges and immunities
    16  // granted to it by virtue of its status as an Intergovernmental Organization
    17  // or submit itself to any jurisdiction.
    18  
    19  package header
    20  
    21  import (
    22  	"mime"
    23  	"net/http"
    24  	"strings"
    25  
    26  	"github.com/cs3org/reva/v2/internal/http/interceptors/auth/token/registry"
    27  	"github.com/cs3org/reva/v2/pkg/auth"
    28  )
    29  
    30  func init() {
    31  	registry.Register("bearer", New)
    32  }
    33  
    34  type b struct{}
    35  
    36  // New returns a new auth strategy that checks for bearer auth.
    37  func New(m map[string]interface{}) (auth.TokenStrategy, error) {
    38  	return b{}, nil
    39  }
    40  
    41  func (b) GetToken(r *http.Request) string {
    42  	// Authorization Request Header Field: https://www.rfc-editor.org/rfc/rfc6750#section-2.1
    43  	if tkn, ok := getFromAuthorizationHeader(r); ok {
    44  		return tkn
    45  	}
    46  
    47  	// Form-Encoded Body Parameter: https://www.rfc-editor.org/rfc/rfc6750#section-2.2
    48  	if tkn, ok := getFromBody(r); ok {
    49  		return tkn
    50  	}
    51  
    52  	// URI Query Parameter: https://www.rfc-editor.org/rfc/rfc6750#section-2.3
    53  	if tkn, ok := getFromQueryParam(r); ok {
    54  		return tkn
    55  	}
    56  
    57  	return ""
    58  }
    59  
    60  func getFromAuthorizationHeader(r *http.Request) (string, bool) {
    61  	auth := r.Header.Get("Authorization")
    62  	tkn := strings.TrimPrefix(auth, "Bearer ")
    63  	return tkn, tkn != ""
    64  }
    65  
    66  func getFromBody(r *http.Request) (string, bool) {
    67  	mediatype, _, err := mime.ParseMediaType(r.Header.Get("content-type"))
    68  	if err != nil {
    69  		return "", false
    70  	}
    71  	if mediatype != "application/x-www-form-urlencoded" {
    72  		return "", false
    73  	}
    74  	if err = r.ParseForm(); err != nil {
    75  		return "", false
    76  	}
    77  	tkn := r.Form.Get("access-token")
    78  	return tkn, tkn != ""
    79  }
    80  
    81  func getFromQueryParam(r *http.Request) (string, bool) {
    82  	tkn := r.URL.Query().Get("access_token")
    83  	return tkn, tkn != ""
    84  }