diff options
| author | ᴜɴᴋɴᴡᴏɴ <u@gogs.io> | 2020-04-04 21:14:15 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-04 21:14:15 +0800 |
| commit | 34145c990d4fd9f278f29cdf9c61378a75e9b934 (patch) | |
| tree | 7b151bbd5aef9e487759953e3a775a82244d268d /internal/authutil | |
| parent | 2bd9d0b9c8238ded727cd98a3ace20b53c10a44f (diff) | |
lfs: implement HTTP routes (#6035)
* Bootstrap with GORM
* Fix lint error
* Set conn max lifetime to one minute
* Fallback to use gorm v1
* Define HTTP routes
* Finish authentication
* Save token updated
* Add docstring
* Finish authorization
* serveBatch rundown
* Define types in lfsutil
* Finish Batch
* authutil
* Finish basic
* Formalize response error
* Fix lint errors
* authutil: add tests
* dbutil: add tests
* lfsutil: add tests
* strutil: add tests
* Formalize 401 response
Diffstat (limited to 'internal/authutil')
| -rw-r--r-- | internal/authutil/basic.go | 35 | ||||
| -rw-r--r-- | internal/authutil/basic_test.go | 72 |
2 files changed, 107 insertions, 0 deletions
diff --git a/internal/authutil/basic.go b/internal/authutil/basic.go new file mode 100644 index 00000000..891cf762 --- /dev/null +++ b/internal/authutil/basic.go @@ -0,0 +1,35 @@ +// Copyright 2020 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package authutil + +import ( + "encoding/base64" + "net/http" + "strings" +) + +// DecodeBasic extracts username and password from given header using HTTP Basic Auth. +// It returns empty strings if values are not presented or not valid. +func DecodeBasic(header http.Header) (username, password string) { + if len(header) == 0 { + return "", "" + } + + fields := strings.Fields(header.Get("Authorization")) + if len(fields) != 2 || fields[0] != "Basic" { + return "", "" + } + + p, err := base64.StdEncoding.DecodeString(fields[1]) + if err != nil { + return "", "" + } + + creds := strings.SplitN(string(p), ":", 2) + if len(creds) == 1 { + return creds[0], "" + } + return creds[0], creds[1] +} diff --git a/internal/authutil/basic_test.go b/internal/authutil/basic_test.go new file mode 100644 index 00000000..6e744e55 --- /dev/null +++ b/internal/authutil/basic_test.go @@ -0,0 +1,72 @@ +// Copyright 2020 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package authutil + +import ( + "net/http" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestDecodeBasic(t *testing.T) { + tests := []struct { + name string + header http.Header + expUsername string + expPassword string + }{ + { + name: "no header", + }, + { + name: "no authorization", + header: http.Header{ + "Content-Type": []string{"text/plain"}, + }, + }, + { + name: "malformed value", + header: http.Header{ + "Authorization": []string{"Basic"}, + }, + }, + { + name: "not basic", + header: http.Header{ + "Authorization": []string{"Digest dummy"}, + }, + }, + { + name: "bad encoding", + header: http.Header{ + "Authorization": []string{"Basic not_base64"}, + }, + }, + + { + name: "only has username", + header: http.Header{ + "Authorization": []string{"Basic dXNlcm5hbWU="}, + }, + expUsername: "username", + }, + { + name: "has username and password", + header: http.Header{ + "Authorization": []string{"Basic dXNlcm5hbWU6cGFzc3dvcmQ="}, + }, + expUsername: "username", + expPassword: "password", + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + username, password := DecodeBasic(test.header) + assert.Equal(t, test.expUsername, username) + assert.Equal(t, test.expPassword, password) + }) + } +} |