Skip to content

Commit

Permalink
Merge pull request #51 from fraunhoferfokus/development
Browse files Browse the repository at this point in the history
* if no user & staff in env the authorized
  • Loading branch information
JGottschick authored Oct 11, 2024
2 parents 9b132ef + da58410 commit b4b1fb6
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 19 deletions.
2 changes: 1 addition & 1 deletion core/version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.3.8
0.3.9
22 changes: 11 additions & 11 deletions templates/ENVIRONMENT.md.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,21 @@
{{ upper ( snakecase .ModuleName ) }}_NAME set the name of the instance of the service
{{ upper ( snakecase .ModuleName ) }}_TITLE set the title in the web page
{{ upper ( snakecase .ModuleName ) }}_PORT_NB the local port of the web service (default=8080)
{{ upper ( snakecase .ModuleName ) }}_APIKEYS space separated list of valid API keys
{{ upper ( snakecase .ModuleName ) }}_SESSIONKEY
{{ upper ( snakecase .ModuleName ) }}_API_KEYS space separated list of valid API keys
{{ upper ( snakecase .ModuleName ) }}_SESSION_KEY
{{ upper ( snakecase .ModuleName ) }}_POLICY OPA policy for access control
{{ upper ( snakecase .ModuleName ) }}_OPASVC OPA service port to get the OPA policy for access control
{{ upper ( snakecase .ModuleName ) }}_REALM Basic authentication realm
{{ upper ( snakecase .ModuleName ) }}_STAFFUSER username of the administrator
{{ upper ( snakecase .ModuleName ) }}_STAFFPASSWORD password of the administrator
{{ upper ( snakecase .ModuleName ) }}_PARTICIPANTUSER username of the user
{{ upper ( snakecase .ModuleName ) }}_PARTICIPANTPASSWORD password of the user
{{ upper ( snakecase .ModuleName ) }}_CERTPEM certificate for TLS (HTTPS) communication
{{ upper ( snakecase .ModuleName ) }}_KEYPEM key for TLS (HTTPS) communication
{{ upper ( snakecase .ModuleName ) }}_STAFF_USER username of the administrator
{{ upper ( snakecase .ModuleName ) }}_STAFF_PASSWORD password of the administrator
{{ upper ( snakecase .ModuleName ) }}_PARTICIPANT_USER username of the user
{{ upper ( snakecase .ModuleName ) }}_PARTICIPANT_PASSWORD password of the user
{{ upper ( snakecase .ModuleName ) }}_CERT_PEM certificate for TLS (HTTPS) communication
{{ upper ( snakecase .ModuleName ) }}_KEY_PEM key for TLS (HTTPS) communication
{{ upper ( snakecase .ModuleName ) }}_LOGFILE filename of the logging file
{{ upper ( snakecase .ModuleName ) }}_LANGUAGE
{{ upper ( snakecase .ModuleName ) }}_LANGUAGES
{{ upper ( snakecase .ModuleName ) }}_USESSE enable support for _server side event_ communication (default=false)
{{ upper ( snakecase .ModuleName ) }}_PROGRESSDURATION default duration of the progress bar (default=100ms)
{{ upper ( snakecase .ModuleName ) }}_RAPIDOCDOC enable Rapidoc for the OpenAPI viewer (default=false)
{{ upper ( snakecase .ModuleName ) }}_ELEMENTSDOC enable Elements for the OpenAPI viewer (default=false)
{{ upper ( snakecase .ModuleName ) }}_PROGRESS_DURATION default duration of the progress bar (default=100ms)
{{ upper ( snakecase .ModuleName ) }}_RAPIDOC_DOC enable Rapidoc for the OpenAPI viewer (default=false)
{{ upper ( snakecase .ModuleName ) }}_ELEMENTS_DOC enable Elements for the OpenAPI viewer (default=false)
18 changes: 11 additions & 7 deletions templates/core/app.env.tmpl
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
{{ lcfirst ( camelcase .ModuleName ) }}_PORT={{.Port}}
{{ lcfirst ( camelcase .ModuleName ) }}_API_KEYS=
{{ lcfirst ( camelcase .ModuleName ) }}_POLICY=
{{ lcfirst ( camelcase .ModuleName ) }}_OPA_SRV=
{{ lcfirst ( camelcase .ModuleName ) }}_REALM=
{{ lcfirst ( camelcase .ModuleName ) }}_CERT_PEM=
{{ lcfirst ( camelcase .ModuleName ) }}_KEY_PEM=
{{ upper ( snakecase .ModuleName ) }}_PORT={{.Port}}
{{ upper ( snakecase .ModuleName ) }}_API_KEYS=
{{ upper ( snakecase .ModuleName ) }}_POLICY=
{{ upper ( snakecase .ModuleName ) }}_OPA_SRV=
{{ upper ( snakecase .ModuleName ) }}_REALM=
{{ upper ( snakecase .ModuleName ) }}_CERT_PEM=
{{ upper ( snakecase .ModuleName ) }}_KEY_PEM=
{{ upper ( snakecase .ModuleName ) }}_STAFF_USER=
{{ upper ( snakecase .ModuleName ) }}_STAFF_PASSWORD=
{{ upper ( snakecase .ModuleName ) }}_PARTICIPANT_USER=
{{ upper ( snakecase .ModuleName ) }}_PARTICIPANT_PASSWORD=
7 changes: 7 additions & 0 deletions templates/middleware/policy.go.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,13 @@ type Input map[string]interface{}

func checkAuthorization(authorizationHeader string) (string, bool) {
log.Debug().Msg("Check authorization")

// If no user and no staff is configured, the role user is authorized by default
if core.AppConfig.ParticipantUser == "" && core.AppConfig.StaffUser == "" {
log.Debug().Msg("assign user")
return "user", true
}

parts := strings.Split(authorizationHeader, " ")
if len(parts) < 2 {
log.Debug().Msg("No authorizationHeader")
Expand Down

0 comments on commit b4b1fb6

Please sign in to comment.