From c1c69a05efe679b34eeb40de5d6bc9aed60cd6f5 Mon Sep 17 00:00:00 2001 From: UnicodingUnicorn <7555ic@gmail.com> Date: Sun, 10 Feb 2019 22:17:24 +0800 Subject: [PATCH] Authentication --- README.md | 4 ++- bite.pb.go | 24 ++++++++++----- client.pb.go | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++ main.go | 33 ++++++++++++++++++++- 4 files changed, 136 insertions(+), 9 deletions(-) create mode 100644 client.pb.go diff --git a/README.md b/README.md index e894f9f..79a1dd6 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # backend-publish -Beep backend accepts PUT requests and publishes a protobuf-ed version to a [NATS](htts://nats.io) queue, like some sort of weird HTTP/NATS converter. Needless to say, relies on a NATS instance being up. +Beep backend accepts PUT requests and publishes a protobuf-ed version to a [NATS](htts://nats.io) queue, like some sort of weird HTTP/NATS converter. Also handles authentication of said HTTP requests. Needless to say, relies on a NATS instance being up. ## Quickstart @@ -19,6 +19,8 @@ Flags are supplied to the compiled go program in the form ```-flag=stuff```. ## API +All requests require an ```Authorization: Bearer ``` header, with token being obtained from ```backend-login```. + ### Put Bite ``` diff --git a/bite.pb.go b/bite.pb.go index a477f45..2a884ce 100644 --- a/bite.pb.go +++ b/bite.pb.go @@ -24,6 +24,7 @@ type Bite struct { Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` Start uint64 `protobuf:"varint,2,opt,name=start,proto3" json:"start,omitempty"` Data []byte `protobuf:"bytes,3,opt,name=data,proto3" json:"data,omitempty"` + Client *Client `protobuf:"bytes,4,opt,name=client,proto3" json:"client,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -75,6 +76,13 @@ func (m *Bite) GetData() []byte { return nil } +func (m *Bite) GetClient() *Client { + if m != nil { + return m.Client + } + return nil +} + func init() { proto.RegisterType((*Bite)(nil), "main.Bite") } @@ -82,12 +90,14 @@ func init() { func init() { proto.RegisterFile("bite.proto", fileDescriptor_e1ec993646b17549) } var fileDescriptor_e1ec993646b17549 = []byte{ - // 105 bytes of a gzipped FileDescriptorProto + // 139 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x4a, 0xca, 0x2c, 0x49, - 0xd5, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0xc9, 0x4d, 0xcc, 0xcc, 0x53, 0x72, 0xe2, 0x62, - 0x71, 0xca, 0x2c, 0x49, 0x15, 0x12, 0xe0, 0x62, 0xce, 0x4e, 0xad, 0x94, 0x60, 0x54, 0x60, 0xd4, - 0xe0, 0x0c, 0x02, 0x31, 0x85, 0x44, 0xb8, 0x58, 0x8b, 0x4b, 0x12, 0x8b, 0x4a, 0x24, 0x98, 0x14, - 0x18, 0x35, 0x58, 0x82, 0x20, 0x1c, 0x21, 0x21, 0x2e, 0x96, 0x94, 0xc4, 0x92, 0x44, 0x09, 0x66, - 0x05, 0x46, 0x0d, 0x9e, 0x20, 0x30, 0x3b, 0x89, 0x0d, 0x6c, 0xa0, 0x31, 0x20, 0x00, 0x00, 0xff, - 0xff, 0x28, 0xbd, 0x24, 0x95, 0x5e, 0x00, 0x00, 0x00, + 0xd5, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0xc9, 0x4d, 0xcc, 0xcc, 0x93, 0xe2, 0x49, 0xce, + 0xc9, 0x4c, 0xcd, 0x2b, 0x81, 0x88, 0x29, 0x65, 0x70, 0xb1, 0x38, 0x65, 0x96, 0xa4, 0x0a, 0x09, + 0x70, 0x31, 0x67, 0xa7, 0x56, 0x4a, 0x30, 0x2a, 0x30, 0x6a, 0x70, 0x06, 0x81, 0x98, 0x42, 0x22, + 0x5c, 0xac, 0xc5, 0x25, 0x89, 0x45, 0x25, 0x12, 0x4c, 0x0a, 0x8c, 0x1a, 0x2c, 0x41, 0x10, 0x8e, + 0x90, 0x10, 0x17, 0x4b, 0x4a, 0x62, 0x49, 0xa2, 0x04, 0xb3, 0x02, 0xa3, 0x06, 0x4f, 0x10, 0x98, + 0x2d, 0xa4, 0xc2, 0xc5, 0x06, 0x31, 0x53, 0x82, 0x45, 0x81, 0x51, 0x83, 0xdb, 0x88, 0x47, 0x0f, + 0x64, 0x91, 0x9e, 0x33, 0x58, 0x2c, 0x08, 0x2a, 0x97, 0xc4, 0x06, 0xb6, 0xd0, 0x18, 0x10, 0x00, + 0x00, 0xff, 0xff, 0x0a, 0x85, 0x92, 0x1b, 0x92, 0x00, 0x00, 0x00, } diff --git a/client.pb.go b/client.pb.go new file mode 100644 index 0000000..b968e65 --- /dev/null +++ b/client.pb.go @@ -0,0 +1,84 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// source: client.proto + +package main + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +type Client struct { + Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` + Client string `protobuf:"bytes,2,opt,name=client,proto3" json:"client,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Client) Reset() { *m = Client{} } +func (m *Client) String() string { return proto.CompactTextString(m) } +func (*Client) ProtoMessage() {} +func (*Client) Descriptor() ([]byte, []int) { + return fileDescriptor_014de31d7ac8c57c, []int{0} +} + +func (m *Client) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_Client.Unmarshal(m, b) +} +func (m *Client) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_Client.Marshal(b, m, deterministic) +} +func (m *Client) XXX_Merge(src proto.Message) { + xxx_messageInfo_Client.Merge(m, src) +} +func (m *Client) XXX_Size() int { + return xxx_messageInfo_Client.Size(m) +} +func (m *Client) XXX_DiscardUnknown() { + xxx_messageInfo_Client.DiscardUnknown(m) +} + +var xxx_messageInfo_Client proto.InternalMessageInfo + +func (m *Client) GetKey() string { + if m != nil { + return m.Key + } + return "" +} + +func (m *Client) GetClient() string { + if m != nil { + return m.Client + } + return "" +} + +func init() { + proto.RegisterType((*Client)(nil), "main.Client") +} + +func init() { proto.RegisterFile("client.proto", fileDescriptor_014de31d7ac8c57c) } + +var fileDescriptor_014de31d7ac8c57c = []byte{ + // 83 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x49, 0xce, 0xc9, 0x4c, + 0xcd, 0x2b, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0xc9, 0x4d, 0xcc, 0xcc, 0x53, 0x32, + 0xe2, 0x62, 0x73, 0x06, 0x8b, 0x0a, 0x09, 0x70, 0x31, 0x67, 0xa7, 0x56, 0x4a, 0x30, 0x2a, 0x30, + 0x6a, 0x70, 0x06, 0x81, 0x98, 0x42, 0x62, 0x5c, 0x6c, 0x10, 0x1d, 0x12, 0x4c, 0x60, 0x41, 0x28, + 0x2f, 0x89, 0x0d, 0x6c, 0x80, 0x31, 0x20, 0x00, 0x00, 0xff, 0xff, 0x95, 0x71, 0x3f, 0xbd, 0x50, + 0x00, 0x00, 0x00, +} diff --git a/main.go b/main.go index 9860514..930c903 100644 --- a/main.go +++ b/main.go @@ -11,21 +11,28 @@ import ( "github.com/golang/protobuf/proto" "github.com/julienschmidt/httprouter" "github.com/nats-io/go-nats" + "github.com/dgrijalva/jwt-go" + "github.com/aiden0z/go-jwt-middleware" ) const MaxBiteSize = 1024 * 1024 * 10 var listen string var natsHost string +var secret []byte var nats_conn *nats.Conn func main() { // Parse flags + var s string flag.StringVar(&listen, "listen", ":8080", "host and port to listen on") flag.StringVar(&natsHost, "nats", "nats://localhost:4222", "host and port of NATS") + flag.StringVar(&s, "secret", "secret", "JWT secret") flag.Parse() + secret = []byte(s) + //NATS n, err := nats.Connect(natsHost) if err != nil { @@ -34,6 +41,14 @@ func main() { } nats_conn = n + // JWT Middleware + jwtMiddleware := jwtmiddleware.New(jwtmiddleware.Options { + ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) { + return secret, nil + }, + SigningMethod: jwt.SigningMethodHS256, + }) + // Routes router := httprouter.New() @@ -42,7 +57,7 @@ func main() { // Start server log.Printf("starting server on %s", listen) - log.Fatal(http.ListenAndServe(listen, router)) + log.Fatal(http.ListenAndServe(listen, jwtMiddleware.Handler(router))) } // TODO: ensure security of regexp @@ -58,6 +73,13 @@ func ParseStartString(start string) (uint64, error) { // Route handlers func PutBite(w http.ResponseWriter, r *http.Request, p httprouter.Params) { + user := r.Context().Value("user") + userClaims := user.(*jwt.Token).Claims.(jwt.MapClaims) + client := Client { + Key: userClaims["id"].(string), + Client: userClaims["client"].(string), + } + start, err := ParseStartString(p.ByName("start")) if err != nil { http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) @@ -81,6 +103,7 @@ func PutBite(w http.ResponseWriter, r *http.Request, p httprouter.Params) { Start: start, Key: key, Data: body, + Client: &client, } out, err := proto.Marshal(&b) if err != nil { @@ -94,6 +117,13 @@ func PutBite(w http.ResponseWriter, r *http.Request, p httprouter.Params) { } func PutBiteUser(w http.ResponseWriter, r *http.Request, p httprouter.Params) { + user := r.Context().Value("user") + userClaims := user.(*jwt.Token).Claims.(jwt.MapClaims) + client := Client { + Key: userClaims["id"].(string), + Client: userClaims["client"].(string), + } + start, err := ParseStartString(p.ByName("start")) if err != nil { http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) @@ -117,6 +147,7 @@ func PutBiteUser(w http.ResponseWriter, r *http.Request, p httprouter.Params) { Start: start, Key: key, Data: body, + Client: &client, } out, err := proto.Marshal(&b) if err != nil {