github.com/dbernstein1/tyk@v2.9.0-beta9-dl-apic+incompatible/gateway/mw_key_expired_check.go (about) 1 package gateway 2 3 import ( 4 "errors" 5 "net/http" 6 7 "github.com/TykTechnologies/tyk/request" 8 ) 9 10 // KeyExpired middleware will check if the requesting key is expired or not. It makes use of the authManager to do so. 11 type KeyExpired struct { 12 BaseMiddleware 13 } 14 15 func (k *KeyExpired) Name() string { 16 return "KeyExpired" 17 } 18 19 // ProcessRequest will run any checks on the request on the way through the system, return an error to have the chain fail 20 func (k *KeyExpired) ProcessRequest(w http.ResponseWriter, r *http.Request, _ interface{}) (error, int) { 21 logger := k.Logger() 22 session := ctxGetSession(r) 23 if session == nil { 24 return errors.New("Session state is missing or unset! Please make sure that auth headers are properly applied"), http.StatusBadRequest 25 } 26 27 token := ctxGetAuthToken(r) 28 if session.IsInactive { 29 logger.Info("Attempted access from inactive key.") 30 // Fire a key expired event 31 k.FireEvent(EventKeyExpired, EventKeyFailureMeta{ 32 EventMetaDefault: EventMetaDefault{Message: "Attempted access from inactive key.", OriginatingRequest: EncodeRequestToEvent(r)}, 33 Path: r.URL.Path, 34 Origin: request.RealIP(r), 35 Key: token, 36 }) 37 38 // Report in health check 39 reportHealthValue(k.Spec, KeyFailure, "-1") 40 41 return errors.New("Key is inactive, please renew"), http.StatusForbidden 42 } 43 44 if !k.Spec.AuthManager.KeyExpired(session) { 45 return nil, http.StatusOK 46 } 47 logger.Info("Attempted access from expired key.") 48 49 k.FireEvent(EventKeyExpired, EventKeyFailureMeta{ 50 EventMetaDefault: EventMetaDefault{Message: "Attempted access from expired key.", OriginatingRequest: EncodeRequestToEvent(r)}, 51 Path: r.URL.Path, 52 Origin: request.RealIP(r), 53 Key: token, 54 }) 55 // Report in health check 56 reportHealthValue(k.Spec, KeyFailure, "-1") 57 58 return errors.New("Key has expired, please renew"), http.StatusUnauthorized 59 }