Loading go-apps/meep-platform-ctrl/main.go +23 −2 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ import ( server "github.com/InterDigitalInc/AdvantEDGE/go-apps/meep-platform-ctrl/server" log "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger" ss "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-sessions" "github.com/gorilla/handlers" ) Loading Loading @@ -92,7 +93,8 @@ func main() { go func() { log.Info("Starting Alt-server on port " + altServ) log.Info("Alt-serving [fe:" + altFe + ", sw:" + altSw) secRouter := server.NewRouter(altFe, altSw) secAccessMap := map[string]string{} secRouter := server.NewRouter(altFe, altSw, secAccessMap) methods := handlers.AllowedMethods([]string{"OPTIONS", "DELETE", "GET", "HEAD", "POST", "PUT"}) header := handlers.AllowedHeaders([]string{"content-type"}) log.Fatal(http.ListenAndServe(":"+altServ, handlers.CORS(methods, header)(secRouter))) Loading @@ -103,7 +105,26 @@ func main() { // Start primary REST API Server log.Info("Starting Primary-server on port 80") log.Info("Primary-serving [fe:" + priFe + ", sw:" + priSw) priRouter := server.NewRouter(priFe, priSw) priAccessMap := map[string]string{} if altServ != "" { priAccessMap = map[string]string{ "Index": ss.AccessGrant, "CreateSandbox": ss.AccessBlock, "DeleteSandbox": ss.AccessBlock, "DeleteSandboxList": ss.AccessBlock, "GetSandbox": ss.AccessVerify, "GetSandboxList": ss.AccessBlock, "CreateScenario": ss.AccessBlock, "DeleteScenario": ss.AccessBlock, "DeleteScenarioList": ss.AccessBlock, "GetScenario": ss.AccessBlock, "GetScenarioList": ss.AccessVerify, "SetScenario": ss.AccessBlock, "LoginUser": ss.AccessGrant, "LogoutUser": ss.AccessVerify, } } priRouter := server.NewRouter(priFe, priSw, priAccessMap) methods := handlers.AllowedMethods([]string{"OPTIONS", "DELETE", "GET", "HEAD", "POST", "PUT"}) header := handlers.AllowedHeaders([]string{"content-type"}) log.Fatal(http.ListenAndServe(":80", handlers.CORS(methods, header)(priRouter))) Loading go-apps/meep-platform-ctrl/server/routers.go +31 −1 Original line number Diff line number Diff line Loading @@ -30,6 +30,8 @@ import ( "strings" "github.com/gorilla/mux" ss "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-sessions" ) type Route struct { Loading @@ -37,15 +39,28 @@ type Route struct { Method string Pattern string HandlerFunc http.HandlerFunc AccessType string } type Routes []Route func NewRouter(feDir string, swDir string) *mux.Router { func NewRouter(feDir string, swDir string, accessMap map[string]string) *mux.Router { router := mux.NewRouter().StrictSlash(true) for _, route := range routes { var handler http.Handler = Logger(route.HandlerFunc, route.Name) // Authorization accessType, found := accessMap[route.Name] if !found { accessType = route.AccessType } if accessType == ss.AccessBlock { handler = pfmCtrl.sessionStore.AccessBlocker(handler) } else if accessType == ss.AccessVerify { handler = pfmCtrl.sessionStore.AccessVerifier(handler) } router. Methods(route.Method). Path(route.Pattern). Loading Loading @@ -74,6 +89,7 @@ var routes = Routes{ "GET", "/platform-ctrl/v1/", Index, ss.AccessGrant, }, Route{ Loading @@ -81,6 +97,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/sandboxes", CreateSandbox, ss.AccessGrant, }, Route{ Loading @@ -88,6 +105,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/sandboxes/{name}", CreateSandboxWithName, ss.AccessGrant, }, Route{ Loading @@ -95,6 +113,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/sandboxes/{name}", DeleteSandbox, ss.AccessGrant, }, Route{ Loading @@ -102,6 +121,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/sandboxes", DeleteSandboxList, ss.AccessGrant, }, Route{ Loading @@ -109,6 +129,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/sandboxes/{name}", GetSandbox, ss.AccessGrant, }, Route{ Loading @@ -116,6 +137,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/sandboxes", GetSandboxList, ss.AccessGrant, }, Route{ Loading @@ -123,6 +145,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/scenarios/{name}", CreateScenario, ss.AccessGrant, }, Route{ Loading @@ -130,6 +153,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/scenarios/{name}", DeleteScenario, ss.AccessGrant, }, Route{ Loading @@ -137,6 +161,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/scenarios", DeleteScenarioList, ss.AccessGrant, }, Route{ Loading @@ -144,6 +169,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/scenarios/{name}", GetScenario, ss.AccessGrant, }, Route{ Loading @@ -151,6 +177,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/scenarios", GetScenarioList, ss.AccessGrant, }, Route{ Loading @@ -158,6 +185,7 @@ var routes = Routes{ strings.ToUpper("Put"), "/platform-ctrl/v1/scenarios/{name}", SetScenario, ss.AccessGrant, }, Route{ Loading @@ -165,6 +193,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/login", LoginUser, ss.AccessGrant, }, Route{ Loading @@ -172,5 +201,6 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/logout", LogoutUser, ss.AccessGrant, }, } go-packages/meep-sessions/sessions.go +32 −2 Original line number Diff line number Diff line Loading @@ -14,7 +14,7 @@ * limitations under the License. */ package sessions package sessionstore import ( "errors" Loading @@ -40,6 +40,12 @@ const ( ValSandbox = "sbox" ) const ( AccessBlock = "block" AccessVerify = "verify" AccessGrant = "grant" ) type Session struct { ID string Username string Loading Loading @@ -107,7 +113,10 @@ func (ss *SessionStore) Get(r *http.Request) (s *Session, err error) { sessionId := sessionCookie.Values[ValSessionID].(string) session, err := ss.rc.GetEntry(ss.baseKey + sessionId) if err != nil { log.Error("Failed to set entry: ", err) return nil, err } if len(session) == 0 { err = errors.New("Session not found") return nil, err } Loading Loading @@ -220,3 +229,24 @@ func (ss *SessionStore) Del(w http.ResponseWriter, r *http.Request) error { } return nil } // AccessVerifier - Access verification handler func (ss *SessionStore) AccessVerifier(inner http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Verify session exists & user permissions _, err := ss.Get(r) if err != nil { http.Error(w, "Unauthorized", http.StatusUnauthorized) return } inner.ServeHTTP(w, r) }) } // AccessBlocker - Access blocking handler func (ss *SessionStore) AccessBlocker(inner http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { http.Error(w, "Unauthorized", http.StatusUnauthorized) }) } Loading
go-apps/meep-platform-ctrl/main.go +23 −2 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ import ( server "github.com/InterDigitalInc/AdvantEDGE/go-apps/meep-platform-ctrl/server" log "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-logger" ss "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-sessions" "github.com/gorilla/handlers" ) Loading Loading @@ -92,7 +93,8 @@ func main() { go func() { log.Info("Starting Alt-server on port " + altServ) log.Info("Alt-serving [fe:" + altFe + ", sw:" + altSw) secRouter := server.NewRouter(altFe, altSw) secAccessMap := map[string]string{} secRouter := server.NewRouter(altFe, altSw, secAccessMap) methods := handlers.AllowedMethods([]string{"OPTIONS", "DELETE", "GET", "HEAD", "POST", "PUT"}) header := handlers.AllowedHeaders([]string{"content-type"}) log.Fatal(http.ListenAndServe(":"+altServ, handlers.CORS(methods, header)(secRouter))) Loading @@ -103,7 +105,26 @@ func main() { // Start primary REST API Server log.Info("Starting Primary-server on port 80") log.Info("Primary-serving [fe:" + priFe + ", sw:" + priSw) priRouter := server.NewRouter(priFe, priSw) priAccessMap := map[string]string{} if altServ != "" { priAccessMap = map[string]string{ "Index": ss.AccessGrant, "CreateSandbox": ss.AccessBlock, "DeleteSandbox": ss.AccessBlock, "DeleteSandboxList": ss.AccessBlock, "GetSandbox": ss.AccessVerify, "GetSandboxList": ss.AccessBlock, "CreateScenario": ss.AccessBlock, "DeleteScenario": ss.AccessBlock, "DeleteScenarioList": ss.AccessBlock, "GetScenario": ss.AccessBlock, "GetScenarioList": ss.AccessVerify, "SetScenario": ss.AccessBlock, "LoginUser": ss.AccessGrant, "LogoutUser": ss.AccessVerify, } } priRouter := server.NewRouter(priFe, priSw, priAccessMap) methods := handlers.AllowedMethods([]string{"OPTIONS", "DELETE", "GET", "HEAD", "POST", "PUT"}) header := handlers.AllowedHeaders([]string{"content-type"}) log.Fatal(http.ListenAndServe(":80", handlers.CORS(methods, header)(priRouter))) Loading
go-apps/meep-platform-ctrl/server/routers.go +31 −1 Original line number Diff line number Diff line Loading @@ -30,6 +30,8 @@ import ( "strings" "github.com/gorilla/mux" ss "github.com/InterDigitalInc/AdvantEDGE/go-packages/meep-sessions" ) type Route struct { Loading @@ -37,15 +39,28 @@ type Route struct { Method string Pattern string HandlerFunc http.HandlerFunc AccessType string } type Routes []Route func NewRouter(feDir string, swDir string) *mux.Router { func NewRouter(feDir string, swDir string, accessMap map[string]string) *mux.Router { router := mux.NewRouter().StrictSlash(true) for _, route := range routes { var handler http.Handler = Logger(route.HandlerFunc, route.Name) // Authorization accessType, found := accessMap[route.Name] if !found { accessType = route.AccessType } if accessType == ss.AccessBlock { handler = pfmCtrl.sessionStore.AccessBlocker(handler) } else if accessType == ss.AccessVerify { handler = pfmCtrl.sessionStore.AccessVerifier(handler) } router. Methods(route.Method). Path(route.Pattern). Loading Loading @@ -74,6 +89,7 @@ var routes = Routes{ "GET", "/platform-ctrl/v1/", Index, ss.AccessGrant, }, Route{ Loading @@ -81,6 +97,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/sandboxes", CreateSandbox, ss.AccessGrant, }, Route{ Loading @@ -88,6 +105,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/sandboxes/{name}", CreateSandboxWithName, ss.AccessGrant, }, Route{ Loading @@ -95,6 +113,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/sandboxes/{name}", DeleteSandbox, ss.AccessGrant, }, Route{ Loading @@ -102,6 +121,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/sandboxes", DeleteSandboxList, ss.AccessGrant, }, Route{ Loading @@ -109,6 +129,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/sandboxes/{name}", GetSandbox, ss.AccessGrant, }, Route{ Loading @@ -116,6 +137,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/sandboxes", GetSandboxList, ss.AccessGrant, }, Route{ Loading @@ -123,6 +145,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/scenarios/{name}", CreateScenario, ss.AccessGrant, }, Route{ Loading @@ -130,6 +153,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/scenarios/{name}", DeleteScenario, ss.AccessGrant, }, Route{ Loading @@ -137,6 +161,7 @@ var routes = Routes{ strings.ToUpper("Delete"), "/platform-ctrl/v1/scenarios", DeleteScenarioList, ss.AccessGrant, }, Route{ Loading @@ -144,6 +169,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/scenarios/{name}", GetScenario, ss.AccessGrant, }, Route{ Loading @@ -151,6 +177,7 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/scenarios", GetScenarioList, ss.AccessGrant, }, Route{ Loading @@ -158,6 +185,7 @@ var routes = Routes{ strings.ToUpper("Put"), "/platform-ctrl/v1/scenarios/{name}", SetScenario, ss.AccessGrant, }, Route{ Loading @@ -165,6 +193,7 @@ var routes = Routes{ strings.ToUpper("Post"), "/platform-ctrl/v1/login", LoginUser, ss.AccessGrant, }, Route{ Loading @@ -172,5 +201,6 @@ var routes = Routes{ strings.ToUpper("Get"), "/platform-ctrl/v1/logout", LogoutUser, ss.AccessGrant, }, }
go-packages/meep-sessions/sessions.go +32 −2 Original line number Diff line number Diff line Loading @@ -14,7 +14,7 @@ * limitations under the License. */ package sessions package sessionstore import ( "errors" Loading @@ -40,6 +40,12 @@ const ( ValSandbox = "sbox" ) const ( AccessBlock = "block" AccessVerify = "verify" AccessGrant = "grant" ) type Session struct { ID string Username string Loading Loading @@ -107,7 +113,10 @@ func (ss *SessionStore) Get(r *http.Request) (s *Session, err error) { sessionId := sessionCookie.Values[ValSessionID].(string) session, err := ss.rc.GetEntry(ss.baseKey + sessionId) if err != nil { log.Error("Failed to set entry: ", err) return nil, err } if len(session) == 0 { err = errors.New("Session not found") return nil, err } Loading Loading @@ -220,3 +229,24 @@ func (ss *SessionStore) Del(w http.ResponseWriter, r *http.Request) error { } return nil } // AccessVerifier - Access verification handler func (ss *SessionStore) AccessVerifier(inner http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Verify session exists & user permissions _, err := ss.Get(r) if err != nil { http.Error(w, "Unauthorized", http.StatusUnauthorized) return } inner.ServeHTTP(w, r) }) } // AccessBlocker - Access blocking handler func (ss *SessionStore) AccessBlocker(inner http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { http.Error(w, "Unauthorized", http.StatusUnauthorized) }) }
