x

package
v0.0.0-...-81cd3a7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 21, 2020 License: Apache-2.0 Imports: 35 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidCSRFToken = herodot.ErrForbidden.WithReasonf("A request failed due to a missing or invalid csrf_token value.")
	ErrGone             = herodot.DefaultError{
		CodeField:    http.StatusGone,
		StatusField:  http.StatusText(http.StatusGone),
		ReasonField:  "",
		DebugField:   "",
		DetailsField: nil,
		ErrorField:   "The requested resource is no longer available because it has expired or is otherwise invalid.",
	}
)
View Source
var EmptyUUID db.UUID
View Source
var FakeCSRFToken = base64.StdEncoding.EncodeToString([]byte(randx.MustString(32, randx.AlphaLowerNum)))
View Source
var PseudoPanic = herodot.DefaultError{
	StatusField: http.StatusText(http.StatusInternalServerError),
	ErrorField:  "Code Bug Detected",
	ReasonField: "The code ended up at a place where it should not have. Please report this as an issue at https://github.com/zzpu/ums",
	CodeField:   http.StatusConflict,
}

Functions

func AssertEqualTime

func AssertEqualTime(t *testing.T, expected, actual time.Time)

func DefaultCSRFToken

func DefaultCSRFToken(r *http.Request) string

func DerefUUID

func DerefUUID(id *uuid.UUID) uuid.UUID

func EasyCookieJar

func EasyCookieJar(t *testing.T, o *cookiejar.Options) *cookiejar.Jar

func EasyGet

func EasyGet(t *testing.T, c *http.Client, url string) (*http.Response, []byte)

func EasyGetBody

func EasyGetBody(t *testing.T, c *http.Client, url string) []byte

func FakeCSRFTokenGenerator

func FakeCSRFTokenGenerator(r *http.Request) string

func FakeCSRFTokenGeneratorWithToken

func FakeCSRFTokenGeneratorWithToken(token string) func(r *http.Request) string

func IsBrowserRequest

func IsBrowserRequest(r *http.Request) bool

func IsJSONRequest

func IsJSONRequest(r *http.Request) bool

func IsValidNumber

func IsValidNumber(s string) bool

IsValidNumber reports whether s is a valid JSON number literal.

Taken from encoding/json

func IsZeroUUID

func IsZeroUUID(id db.UUID) bool

func MaxItemsPerPage

func MaxItemsPerPage(is int) int

MaxItemsPerPage is used to prevent DoS attacks against large lists by limiting the items per page to 500.

func MustEncodeJSON

func MustEncodeJSON(t *testing.T, in interface{}) string

func MustPkgerRead

func MustPkgerRead(f pkging.File, err error) []byte

func MustReadAll

func MustReadAll(r io.Reader) []byte

func NewCSRFHandler

func NewCSRFHandler(router http.Handler, writer herodot.Writer, logger *logrusx.Logger, path string, domain string, secure bool) *nosurf.CSRFHandler

func NewTestCSRFHandler

func NewTestCSRFHandler(router http.Handler, reg interface {
	WithCSRFHandler(CSRFHandler)
	WithCSRFTokenGenerator(CSRFToken)
	WriterProvider
	LoggingProvider
}) *nosurf.CSRFHandler

func NewTestHTTPRequest

func NewTestHTTPRequest(t *testing.T, method, url string, body io.Reader) *http.Request

func NewUUID

func NewUUID() db.UUID

func NoCache

func NoCache(w http.ResponseWriter)

NoCache adds `Cache-Control: 0` to the response header.

func NoCacheHandler

func NoCacheHandler(handle httprouter.Handle) httprouter.Handle

NoCacheHandler wraps httprouter.Handle with `Cache-Control: 0` headers.

func PaginationHeader

func PaginationHeader(w http.ResponseWriter, u *url.URL, total int64, page, itemsPerPage int)

func ParsePagination

func ParsePagination(r *http.Request) (page, itemsPerPage int)

ParsePagination parses limit and page from *http.Request with given limits and defaults.

func ParseUUID

func ParseUUID(in string) db.UUID

func PkgerRead

func PkgerRead(f pkging.File, err error) ([]byte, error)

func PointToUUID

func PointToUUID(id uuid.UUID) *uuid.UUID

func RecoverStatusCode

func RecoverStatusCode(err error, fallback int) int

func RequestURL

func RequestURL(r *http.Request) *url.URL

func RequireEqualTime

func RequireEqualTime(t *testing.T, expected, actual time.Time)

func RequireJSONMarshal

func RequireJSONMarshal(t *testing.T, in interface{}) []byte

func SecureContentNegotiationRedirection

func SecureContentNegotiationRedirection(
	w http.ResponseWriter, r *http.Request, out interface{},
	requestURL string, writer herodot.Writer, c configuration.Provider,
	opts ...SecureRedirectOption,
) error

func SecureRedirectTo

func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)

SecureRedirectTo implements a HTTP redirector who mitigates open redirect vulnerabilities by working with whitelisting.

func SessionGetString

func SessionGetString(r *http.Request, s sessions.Store, id string, key interface{}) (string, error)

SessionGetString returns a string for the given id and key or an error if the session is invalid, the key does not exist, or the key value is not a string.

func SessionGetStringOr

func SessionGetStringOr(r *http.Request, s sessions.Store, id, key, fallback string) string

SessionGetStringOr returns a string for the given id and key or the fallback value if the session is invalid, the key does not exist, or the key value is not a string.

func SessionPersistValues

func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.Store, id string, values map[string]interface{}) error

SessionPersistValues adds values to the session store and persists the changes.

func SessionUnset

func SessionUnset(w http.ResponseWriter, r *http.Request, s sessions.Store, id string) error

func SessionUnsetKey

func SessionUnsetKey(w http.ResponseWriter, r *http.Request, s sessions.Store, id, key string) error

func TypeMap

func TypeMap(m map[string]string) (map[string]interface{}, error)

func UntypedMapToJSON

func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)

func WatchAndValidateViper

func WatchAndValidateViper(log *logrusx.Logger)

Types

type CSRFHandler

type CSRFHandler interface {
	http.Handler
	RegenerateToken(w http.ResponseWriter, r *http.Request) string
	ExemptPath(string)
}

type CSRFProvider

type CSRFProvider interface {
	CSRFHandler() CSRFHandler
}

type CSRFToken

type CSRFToken func(r *http.Request) string

type CSRFTokenGeneratorProvider

type CSRFTokenGeneratorProvider interface {
	GenerateCSRFToken(r *http.Request) string
}

type CookieProvider

type CookieProvider interface {
	CookieManager() sessions.Store
	ContinuityCookieManager() sessions.Store
}

type FakeCSRFHandler

type FakeCSRFHandler struct {
	// contains filtered or unexported fields
}

func NewFakeCSRFHandler

func NewFakeCSRFHandler(name string) *FakeCSRFHandler

func (*FakeCSRFHandler) ExemptPath

func (f *FakeCSRFHandler) ExemptPath(s string)

func (*FakeCSRFHandler) RegenerateToken

func (f *FakeCSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string

func (*FakeCSRFHandler) ServeHTTP

func (f *FakeCSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type Ider

type Ider interface {
	RequestID() string
}

type LoggingProvider

type LoggingProvider interface {
	Logger() *logrusx.Logger
	Audit() *logrusx.Logger
}

type MigrationPkger

type MigrationPkger struct {
	pop.Migrator
	Dir pkger.Dir
}

MigrationPkger is a wrapper around pkger.Dir and Migrator. This will allow you to run migrations from migrations packed inside of a compiled binary.

func NewPkgerMigration

func NewPkgerMigration(dir pkger.Dir, c *pop.Connection) (MigrationPkger, error)

NewPkgerMigration from a packr.Box and a Connection.

migrations, err := NewPkgerMigration(pkger.Dir("/migrations"))

type RouterAdmin

type RouterAdmin struct {
	*httprouter.Router
}

func NewRouterAdmin

func NewRouterAdmin() *RouterAdmin

type RouterPublic

type RouterPublic struct {
	*httprouter.Router
}

func NewRouterPublic

func NewRouterPublic() *RouterPublic

func (*RouterPublic) DELETE

func (r *RouterPublic) DELETE(path string, handle httprouter.Handle)

DELETE is a shortcut for router.Handle("DELETE", path, handle)

func (*RouterPublic) GET

func (r *RouterPublic) GET(path string, handle httprouter.Handle)

GET is a shortcut for router.Handle("GET", path, handle)

func (*RouterPublic) HEAD

func (r *RouterPublic) HEAD(path string, handle httprouter.Handle)

HEAD is a shortcut for router.Handle("HEAD", path, handle)

func (*RouterPublic) PATCH

func (r *RouterPublic) PATCH(path string, handle httprouter.Handle)

PATCH is a shortcut for router.Handle("PATCH", path, handle)

func (*RouterPublic) POST

func (r *RouterPublic) POST(path string, handle httprouter.Handle)

POST is a shortcut for router.Handle("POST", path, handle)

func (*RouterPublic) PUT

func (r *RouterPublic) PUT(path string, handle httprouter.Handle)

PUT is a shortcut for router.Handle("PUT", path, handle)

type SecureRedirectOption

type SecureRedirectOption func(*secureRedirectOptions)

func SecureRedirectAllowSelfServiceURLs

func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption

SecureRedirectAllowSelfServiceURLs allows the caller to define `?return_to=` values which contain the server's URL and `/self-service` path prefix. Useful for redirecting to the login endpoint, for example.

func SecureRedirectAllowURLs

func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption

SecureRedirectAllowURLs whitelists the given URLs for redirects.

func SecureRedirectOverrideDefaultReturnTo

func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption

SecureRedirectOverrideDefaultReturnTo overrides the defaultReturnTo address specified as the second arg.

func SecureRedirectUseSourceURL

func SecureRedirectUseSourceURL(source string) SecureRedirectOption

SecureRedirectUseSourceURL uses the given source URL (checks the `?return_to` value) instead of r.URL.

type StatusCodeCarrier

type StatusCodeCarrier interface {
	StatusCode() int
}

type TransportWithHeader

type TransportWithHeader struct {
	http.RoundTripper
	// contains filtered or unexported fields
}

func NewTransportWithHeader

func NewTransportWithHeader(h http.Header) *TransportWithHeader

func (*TransportWithHeader) RoundTrip

func (ct *TransportWithHeader) RoundTrip(req *http.Request) (*http.Response, error)

type WriterProvider

type WriterProvider interface {
	Writer() herodot.Writer
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL