httpmw

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 26, 2022 License: AGPL-3.0 Imports: 30 Imported by: 0

Documentation

Index

Constants

View Source 
const DevURLSessionTokenCookie = "coder_devurl_session_token"

The special cookie name used for subdomain-based application proxying. TODO: this will make dogfooding harder so come up with a more unique solution

Variables

This section is empty.

Functions

func APIKey 

func APIKey(r *http.Request) database.APIKey

APIKey returns the API key from the ExtractAPIKey handler.

func APIKeyOptional added in v0.9.0 

func APIKeyOptional(r *http.Request) (database.APIKey, bool)

APIKeyOptional may return an API key from the ExtractAPIKey handler.

func AttachRequestID added in v0.8.12 

func AttachRequestID(next http.Handler) http.Handler

AttachRequestID adds a request ID to each HTTP request.

func CSRF added in v0.8.15 

func CSRF(secureCookie bool) func(next http.Handler) http.Handler

CSRF is a middleware that verifies that a CSRF token is present in the request for non-GET requests.

func ExtractAPIKey 

func ExtractAPIKey(cfg ExtractAPIKeyConfig) func(http.Handler) http.Handler

ExtractAPIKey requires authentication using a valid API key. It handles extending an API key if it comes close to expiry, updating the last used time in the database. nolint:revive

func ExtractOAuth2 added in v0.4.4 

func ExtractOAuth2(config OAuth2Config) func(http.Handler) http.Handler

ExtractOAuth2 is a middleware for automatically redirecting to OAuth URLs, and handling the exchange inbound. Any route that does not have a "code" URL parameter will be redirected.

func ExtractOrganizationMemberParam added in v0.6.0 

func ExtractOrganizationMemberParam(db database.Store) func(http.Handler) http.Handler

ExtractOrganizationMemberParam grabs a user membership from the "organization" and "user" URL parameter. This middleware requires the ExtractUser and ExtractOrganization middleware higher in the stack

func ExtractOrganizationParam 

func ExtractOrganizationParam(db database.Store) func(http.Handler) http.Handler

ExtractOrganizationParam grabs an organization from the "organization" URL parameter. This middleware requires the API key middleware higher in the call stack for authentication.

func ExtractTemplateParam added in v0.4.0 

func ExtractTemplateParam(db database.Store) func(http.Handler) http.Handler

ExtractTemplateParam grabs a template from the "template" URL parameter.

func ExtractTemplateVersionParam added in v0.4.0 

func ExtractTemplateVersionParam(db database.Store) func(http.Handler) http.Handler

ExtractTemplateVersionParam grabs template version from the "templateversion" URL parameter.

func ExtractUserParam 

func ExtractUserParam(db database.Store) func(http.Handler) http.Handler

ExtractUserParam extracts a user from an ID/username in the {user} URL parameter.

func ExtractWorkspaceAgent 

func ExtractWorkspaceAgent(db database.Store) func(http.Handler) http.Handler

ExtractWorkspaceAgent requires authentication using a valid agent token.

func ExtractWorkspaceAgentParam added in v0.4.1 

func ExtractWorkspaceAgentParam(db database.Store) func(http.Handler) http.Handler

ExtractWorkspaceAgentParam grabs a workspace agent from the "workspaceagent" URL parameter.

func ExtractWorkspaceAndAgentParam added in v0.8.9 

func ExtractWorkspaceAndAgentParam(db database.Store) func(http.Handler) http.Handler

ExtractWorkspaceAndAgentParam grabs a workspace and an agent from the "workspace_and_agent" URL parameter. `ExtractUserParam` must be called before this. This can be in the form of:

  • "<workspace-name>.[workspace-agent]" : If multiple agents exist
  • "<workspace-name>" : If one agent exists

func ExtractWorkspaceBuildParam 

func ExtractWorkspaceBuildParam(db database.Store) func(http.Handler) http.Handler

ExtractWorkspaceBuildParam grabs workspace build from the "workspacebuild" URL parameter.

func ExtractWorkspaceParam 

func ExtractWorkspaceParam(db database.Store) func(http.Handler) http.Handler

ExtractWorkspaceParam grabs a workspace from the "workspace" URL parameter.

func ExtractWorkspaceResourceParam 

func ExtractWorkspaceResourceParam(db database.Store) func(http.Handler) http.Handler

ExtractWorkspaceResourceParam grabs a workspace resource from the "provisionerjob" URL parameter.

func Logger added in v0.8.10 

func Logger(log slog.Logger) func(next http.Handler) http.Handler

func OrganizationMemberParam 

func OrganizationMemberParam(r *http.Request) database.OrganizationMember

OrganizationMemberParam returns the organization membership that allowed the query from the ExtractOrganizationParam handler.

func OrganizationParam 

func OrganizationParam(r *http.Request) database.Organization

OrganizationParam returns the organization from the ExtractOrganizationParam handler.

func Prometheus added in v0.5.4 

func Prometheus(register prometheus.Registerer) func(http.Handler) http.Handler

func RateLimitPerMinute 

func RateLimitPerMinute(count int) func(http.Handler) http.Handler

RateLimitPerMinute returns a handler that limits requests per-minute based on IP, endpoint, and user ID (if available).

func Recover added in v0.8.10 

func Recover(log slog.Logger) func(h http.Handler) http.Handler

func RequestID added in v0.8.12 

func RequestID(r *http.Request) uuid.UUID

RequestID returns the ID of the request.

func SplitAPIToken added in v0.9.0 

func SplitAPIToken(token string) (id string, secret string, err error)

SplitAPIToken verifies the format of an API key and returns the split ID and secret.

APIKeys are formatted: ${ID}-${SECRET}

func TemplateParam added in v0.4.0 

func TemplateParam(r *http.Request) database.Template

TemplateParam returns the template from the ExtractTemplateParam handler.

func TemplateVersionParam added in v0.4.0 

func TemplateVersionParam(r *http.Request) database.TemplateVersion

TemplateVersionParam returns the template version from the ExtractTemplateVersionParam handler.

func UserParam 

func UserParam(r *http.Request) database.User

UserParam returns the user from the ExtractUserParam handler.

func WorkspaceAgent 

func WorkspaceAgent(r *http.Request) database.WorkspaceAgent

WorkspaceAgent returns the workspace agent from the ExtractAgent handler.

func WorkspaceAgentParam added in v0.4.1 

func WorkspaceAgentParam(r *http.Request) database.WorkspaceAgent

WorkspaceAgentParam returns the workspace agent from the ExtractWorkspaceAgentParam handler.

func WorkspaceBuildParam 

func WorkspaceBuildParam(r *http.Request) database.WorkspaceBuild

WorkspaceBuildParam returns the workspace build from the ExtractWorkspaceBuildParam handler.

func WorkspaceParam 

func WorkspaceParam(r *http.Request) database.Workspace

WorkspaceParam returns the workspace from the ExtractWorkspaceParam handler.

func WorkspaceResourceParam 

func WorkspaceResourceParam(r *http.Request) database.WorkspaceResource

ProvisionerJobParam returns the template from the ExtractTemplateParam handler.

Types

type Authorization added in v0.9.0 

type Authorization struct {
	ID       uuid.UUID
	Username string
	Roles    []string
	Scope    database.APIKeyScope
}

func UserAuthorization added in v0.9.0 

func UserAuthorization(r *http.Request) Authorization

UserAuthorization returns the roles and scope used for authorization. Depends on the ExtractAPIKey handler.

func UserAuthorizationOptional added in v0.9.0 

func UserAuthorizationOptional(r *http.Request) (Authorization, bool)

UserAuthorizationOptional may return the roles and scope used for authorization. Depends on the ExtractAPIKey handler.

type ExtractAPIKeyConfig added in v0.9.0 

type ExtractAPIKeyConfig struct {
	DB              database.Store
	OAuth2Configs   *OAuth2Configs
	RedirectToLogin bool

	// Optional governs whether the API key is optional. Use this if you want to
	// allow unauthenticated requests.
	//
	// If true and no session token is provided, nothing will be written to the
	// request context. Use the APIKeyOptional and UserAuthorizationOptional
	// functions to retrieve the API key and authorization instead of the
	// regular ones.
	//
	// If true and the API key is invalid (i.e. deleted, expired), the cookie
	// will be deleted and the request will continue. If the request is not a
	// cookie-based request, the request will be rejected with a 401.
	Optional bool
}

type OAuth2Config 

type OAuth2Config interface {
	AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string
	Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error)
	TokenSource(context.Context, *oauth2.Token) oauth2.TokenSource
}

OAuth2Config exposes a subset of *oauth2.Config functions for easier testing. *oauth2.Config should be used instead of implementing this in production.

type OAuth2Configs added in v0.4.4 

type OAuth2Configs struct {
	Github OAuth2Config
	OIDC   OAuth2Config
}

OAuth2Configs is a collection of configurations for OAuth-based authentication. This should be extended to support other authentication types in the future.

type OAuth2State added in v0.4.4 

type OAuth2State struct {
	Token    *oauth2.Token
	Redirect string
}

func OAuth2 added in v0.4.4 

func OAuth2(r *http.Request) OAuth2State

OAuth2 returns the state from an oauth request.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.