-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.go
47 lines (38 loc) · 1.23 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package auth
import (
"encoding/base64"
"errors"
"net/http"
"strings"
)
// ErrUnauthorized means that the requester is not authorized
var ErrUnauthorized = errors.New("unauthorized")
// Authorizer is the interface that wraps the basic Authrorize method.
type Authorizer interface {
Authorize(r *http.Request) error
}
// BasicAuthorizer authorize using Basic HTTP authentication scheme
type BasicAuthorizer struct {
username string
password string
}
// NewBasicAuthorizer returns a BasicAuthorizer with specific username and password
func NewBasicAuthorizer(username string, password string) *BasicAuthorizer {
return &BasicAuthorizer{username: username, password: password}
}
// Authorize returns error if authorization header is not match with authorizer credentials
func (a *BasicAuthorizer) Authorize(r *http.Request) error {
auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2)
if len(auth) != 2 || auth[0] != "Basic" {
return ErrUnauthorized
}
decoded, err := base64.StdEncoding.DecodeString(auth[1])
if err != nil {
return err
}
credentials := strings.SplitN(string(decoded), ":", 2)
if len(credentials) != 2 || a.username != credentials[0] || a.password != credentials[1] {
return ErrUnauthorized
}
return nil
}