auth

Paddy 2015-07-18 Parent:0a2c3d677161 Child:b7e685839a1b

auth/authd/server.go

Update client to detect errors. The client doesn't treat non-200 responses as errors automatically, so we need to detect when the response.Errors property is set, and use that to return an error. To avoid the boilerplate and an extensive error system, I just wrapped them in an httpErrors type that implements the error interface. That way the errors can be returned, and callers can type-cast and interrogate them. I also updated the GetLogin function to return an auth.ErrLoginNotFound error when the httpErrors response indicates that's the reason the request failed.

Download raw file

View source Diff to previous Annotate

paddy@100	1 package main
paddy@100	2
paddy@100	3 import (
paddy@174	4 "encoding/base64"
paddy@100	5 "html/template"
paddy@100	6 "log"
paddy@100	7 "net/http"
paddy@157	8 "os"
paddy@100	9
paddy@107	10 "code.secondbit.org/auth.hg"
paddy@178	11 "code.secondbit.org/events.hg"
paddy@100	12 "github.com/gorilla/mux"
paddy@100	13 )
paddy@100	14
paddy@100	15 func main() {
paddy@151	16 log.SetFlags(log.LstdFlags \| log.Llongfile)
paddy@170	17 log.Printf("Running version '%s'\n", auth.Version)
paddy@157	18 var config auth.Config
paddy@174	19 var jwtSecret string
paddy@174	20 var err error
paddy@174	21 if os.Getenv("JWT_SECRET") == "" {
paddy@174	22 log.Fatal("JWT_SECRET must be set.")
paddy@174	23 } else {
paddy@174	24 jwtSecret = os.Getenv("JWT_SECRET")
paddy@174	25 }
paddy@174	26 if os.Getenv("JWT_SECRET_IS_BASE64_ENCODED") == "true" {
paddy@174	27 config.JWTPrivateKey, err = base64.StdEncoding.DecodeString(jwtSecret)
paddy@174	28 if err != nil {
paddy@174	29 panic(err)
paddy@174	30 }
paddy@174	31 } else {
paddy@174	32 config.JWTPrivateKey = []byte(jwtSecret)
paddy@174	33 }
paddy@157	34 if os.Getenv("AUTH_PG_DB") != "" {
paddy@157	35 p, err := auth.NewPostgres(os.Getenv("AUTH_PG_DB"))
paddy@157	36 if err != nil {
paddy@157	37 panic(err)
paddy@157	38 }
paddy@157	39 config.ClientStore = &p
paddy@157	40 config.AuthCodeStore = &p
paddy@157	41 config.ProfileStore = &p
paddy@157	42 config.TokenStore = &p
paddy@157	43 config.SessionStore = &p
paddy@157	44 config.ScopeStore = &p
paddy@157	45 } else {
paddy@157	46 store := auth.NewMemstore()
paddy@157	47 config.ClientStore = store
paddy@157	48 config.AuthCodeStore = store
paddy@157	49 config.ProfileStore = store
paddy@157	50 config.TokenStore = store
paddy@157	51 config.SessionStore = store
paddy@157	52 config.ScopeStore = store
paddy@149	53 }
paddy@157	54 config.Template = template.Must(template.New("base").ParseGlob("./templates/*.gotmpl"))
paddy@157	55 config.LoginURI = "/login"
paddy@170	56 if os.Getenv("AUTH_NSQD_ADDR") != "" {
paddy@178	57 publisher, err := events.NewNSQPublisher("code.secondbit.org/auth/authd-"+auth.Version, os.Getenv("AUTH_NSQD_ADDR"))
paddy@170	58 if err != nil {
paddy@170	59 log.Fatal(err)
paddy@170	60 }
paddy@178	61 config.EventsPublisher = publisher
paddy@170	62 } else {
paddy@178	63 config.EventsPublisher = events.NewStdoutPublisher()
paddy@170	64 }
paddy@174	65 err = config.Init()
paddy@106	66 if err != nil {
paddy@106	67 log.Fatal(err)
paddy@106	68 }
paddy@100	69 context, err := auth.NewContext(config)
paddy@100	70 if err != nil {
paddy@100	71 panic(err)
paddy@100	72 }
paddy@149	73 err = context.CreateScopes([]auth.Scope{
paddy@173	74 auth.ScopeLoginAdmin,
paddy@174	75 {ID: "subscriptions", Name: "Manage subscriptions", Description: "Create, view, edit, and cancel your subscriptions."},
paddy@149	76 })
paddy@157	77 if err != nil && err != auth.ErrScopeAlreadyExists {
paddy@157	78 log.Fatal(err)
paddy@152	79 }
paddy@100	80
paddy@100	81 router := mux.NewRouter()
paddy@100	82 auth.RegisterOAuth2(router, context)
paddy@100	83 auth.RegisterSessionHandlers(router, context)
paddy@106	84 auth.RegisterProfileHandlers(router, context)
paddy@108	85 auth.RegisterClientHandlers(router, context)
paddy@100	86 http.Handle("/", router)
paddy@174	87 log.Println("Listening on port 9000")
paddy@174	88 log.Fatal(http.ListenAndServe("0.0.0.0:9000", nil))
paddy@100	89 }