-
Notifications
You must be signed in to change notification settings - Fork 8
/
validation.go
119 lines (108 loc) · 2.86 KB
/
validation.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package main
import (
"encoding/json"
"errors"
"io/ioutil"
"net/http"
"strings"
)
type ContentType int
const (
WWW_FORM ContentType = iota
JSON
MULTIPART
UNSUPPORTED_TYPE
)
const (
indieAuthTokenUrl = "https://tokens.indieauth.com/token"
indieAuthMe = "http://colelyman.com/"
)
type IndieAuthRes struct {
Me string `json:"me"`
ClientId string `json:"client_id"`
Scope string `json:"scope"`
Issue int `json:"issued_at"`
Nonce int `json:"nonce"`
}
func checkAccess(token string) (bool, error) {
if token == "" {
return false,
errors.New("Token string is empty")
}
// form the request to check the token
client := &http.Client{}
req, err := http.NewRequest("GET", indieAuthTokenUrl, nil)
if err != nil {
return false,
errors.New("Error making the request for checking token access")
}
req.Header.Set("Accept", "application/json")
req.Header.Set("Authorization", token)
// send the request
res, err := client.Do(req)
if err != nil {
return false,
errors.New("Error sending the request for checking token access")
}
defer res.Body.Close()
// parse the response
body, err := ioutil.ReadAll(res.Body)
if err != nil {
return false,
errors.New("Error parsing the response for checking token access")
}
var indieAuthRes = new(IndieAuthRes)
err = json.Unmarshal(body, &indieAuthRes)
if err != nil {
return false,
errors.New("Error parsing the response into json for checking token access " + err.Error())
}
// verify results of the response
if indieAuthRes.Me != indieAuthMe {
return false,
errors.New("Me does not match")
}
scopes := strings.Fields(indieAuthRes.Scope)
postPresent := false
for _, scope := range scopes {
if scope == "post" || scope == "create" || scope == "update" {
postPresent = true
break
}
}
if !postPresent {
return false,
errors.New("Post is not present in the scope")
}
return true, nil
}
func CheckAuthorization(entry *Entry, headers map[string]string) bool {
token, ok := headers["authorization"]
if !ok && len(entry.token) == 0 { // there is no token provided
return false
} else if ok {
entry.token = token
}
if ok, err := checkAccess(entry.token); ok {
return true
} else if err != nil {
return false
} else {
return false
}
}
func GetContentType(headers map[string]string) (ContentType, error) {
if contentType, ok := headers["content-type"]; ok {
if strings.Contains(contentType, "application/x-www-form-urlencoded") {
return WWW_FORM, nil
}
if strings.Contains(contentType, "application/json") {
return JSON, nil
}
if strings.Contains(contentType, "multipart/form-data") {
return MULTIPART, nil
}
return UNSUPPORTED_TYPE, errors.New("Content-type " + contentType + " is not supported, use application/x-www-form-urlencoded or application/json")
}
return UNSUPPORTED_TYPE, errors.New("Content-type is not provided in the request")
}