|
|
@ -5,17 +5,16 @@ import ( |
|
|
|
"net/http" |
|
|
|
"net/http" |
|
|
|
"time" |
|
|
|
"time" |
|
|
|
|
|
|
|
|
|
|
|
"github.com/dgrijalva/jwt-go" |
|
|
|
jwtgo "github.com/dgrijalva/jwt-go" |
|
|
|
"github.com/minio/minio-go" |
|
|
|
|
|
|
|
) |
|
|
|
) |
|
|
|
|
|
|
|
|
|
|
|
func isAuthenticated(req *http.Request) bool { |
|
|
|
func isAuthenticated(req *http.Request) bool { |
|
|
|
authBackend := InitJWT() |
|
|
|
jwt := InitJWT() |
|
|
|
tokenRequest, err := jwt.ParseFromRequest(req, func(token *jwt.Token) (interface{}, error) { |
|
|
|
tokenRequest, err := jwtgo.ParseFromRequest(req, func(token *jwtgo.Token) (interface{}, error) { |
|
|
|
if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { |
|
|
|
if _, ok := token.Method.(*jwtgo.SigningMethodRSA); !ok { |
|
|
|
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) |
|
|
|
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) |
|
|
|
} |
|
|
|
} |
|
|
|
return authBackend.PublicKey, nil |
|
|
|
return jwt.PublicKey, nil |
|
|
|
}) |
|
|
|
}) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
return false |
|
|
|
return false |
|
|
@ -23,43 +22,50 @@ func isAuthenticated(req *http.Request) bool { |
|
|
|
return tokenRequest.Valid |
|
|
|
return tokenRequest.Valid |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// MakeBucket - make a bucket.
|
|
|
|
|
|
|
|
func (web *WebAPI) MakeBucket(r *http.Request, args *MakeBucketArgs, reply *string) error { |
|
|
|
|
|
|
|
if !isAuthenticated(r) { |
|
|
|
|
|
|
|
return errUnAuthorizedRequest |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
return web.Client.MakeBucket(args.BucketName, "", "") |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// ListBuckets - list buckets api.
|
|
|
|
// ListBuckets - list buckets api.
|
|
|
|
func (web *WebAPI) ListBuckets(r *http.Request, args *ListBucketsArgs, reply *[]minio.BucketInfo) error { |
|
|
|
func (web *WebAPI) ListBuckets(r *http.Request, args *ListBucketsArgs, reply *[]BucketInfo) error { |
|
|
|
if !isAuthenticated(r) { |
|
|
|
if !isAuthenticated(r) { |
|
|
|
return errUnAuthorizedRequest |
|
|
|
return errUnAuthorizedRequest |
|
|
|
} |
|
|
|
} |
|
|
|
client, err := minio.New("localhost:9000", web.AccessKeyID, web.SecretAccessKey, true) |
|
|
|
buckets, err := web.Client.ListBuckets() |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
return err |
|
|
|
return err |
|
|
|
} |
|
|
|
} |
|
|
|
buckets, err := client.ListBuckets() |
|
|
|
for _, bucket := range buckets { |
|
|
|
if err != nil { |
|
|
|
*reply = append(*reply, BucketInfo{ |
|
|
|
return err |
|
|
|
Name: bucket.Name, |
|
|
|
|
|
|
|
CreationDate: bucket.CreationDate, |
|
|
|
|
|
|
|
}) |
|
|
|
} |
|
|
|
} |
|
|
|
*reply = buckets |
|
|
|
|
|
|
|
return nil |
|
|
|
return nil |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// ListObjects - list objects api.
|
|
|
|
// ListObjects - list objects api.
|
|
|
|
func (web *WebAPI) ListObjects(r *http.Request, args *ListObjectsArgs, reply *[]minio.ObjectInfo) error { |
|
|
|
func (web *WebAPI) ListObjects(r *http.Request, args *ListObjectsArgs, reply *[]ObjectInfo) error { |
|
|
|
if !isAuthenticated(r) { |
|
|
|
if !isAuthenticated(r) { |
|
|
|
return errUnAuthorizedRequest |
|
|
|
return errUnAuthorizedRequest |
|
|
|
} |
|
|
|
} |
|
|
|
client, err := minio.New("localhost:9000", web.AccessKeyID, web.SecretAccessKey, true) |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
|
|
|
|
return err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
doneCh := make(chan struct{}) |
|
|
|
doneCh := make(chan struct{}) |
|
|
|
defer close(doneCh) |
|
|
|
defer close(doneCh) |
|
|
|
|
|
|
|
|
|
|
|
var objects []minio.ObjectInfo |
|
|
|
for object := range web.Client.ListObjects(args.BucketName, args.Prefix, false, doneCh) { |
|
|
|
for object := range client.ListObjects(args.BucketName, args.Prefix, false, doneCh) { |
|
|
|
|
|
|
|
if object.Err != nil { |
|
|
|
if object.Err != nil { |
|
|
|
return object.Err |
|
|
|
return object.Err |
|
|
|
} |
|
|
|
} |
|
|
|
objects = append(objects, object) |
|
|
|
*reply = append(*reply, ObjectInfo{ |
|
|
|
|
|
|
|
Key: object.Key, |
|
|
|
|
|
|
|
LastModified: object.LastModified, |
|
|
|
|
|
|
|
Size: object.Size, |
|
|
|
|
|
|
|
}) |
|
|
|
} |
|
|
|
} |
|
|
|
*reply = objects |
|
|
|
|
|
|
|
return nil |
|
|
|
return nil |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -68,11 +74,7 @@ func (web *WebAPI) GetObjectURL(r *http.Request, args *GetObjectURLArgs, reply * |
|
|
|
if !isAuthenticated(r) { |
|
|
|
if !isAuthenticated(r) { |
|
|
|
return errUnAuthorizedRequest |
|
|
|
return errUnAuthorizedRequest |
|
|
|
} |
|
|
|
} |
|
|
|
client, err := minio.New("localhost:9000", web.AccessKeyID, web.SecretAccessKey, true) |
|
|
|
urlStr, err := web.Client.PresignedGetObject(args.BucketName, args.ObjectName, time.Duration(60*60)*time.Second) |
|
|
|
if err != nil { |
|
|
|
|
|
|
|
return err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
urlStr, err := client.PresignedGetObject(args.BucketName, args.ObjectName, time.Duration(60*60)*time.Second) |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
return err |
|
|
|
return err |
|
|
|
} |
|
|
|
} |
|
|
@ -82,9 +84,9 @@ func (web *WebAPI) GetObjectURL(r *http.Request, args *GetObjectURLArgs, reply * |
|
|
|
|
|
|
|
|
|
|
|
// Login - user login handler.
|
|
|
|
// Login - user login handler.
|
|
|
|
func (web *WebAPI) Login(r *http.Request, args *LoginArgs, reply *AuthToken) error { |
|
|
|
func (web *WebAPI) Login(r *http.Request, args *LoginArgs, reply *AuthToken) error { |
|
|
|
authBackend := InitJWT() |
|
|
|
jwt := InitJWT() |
|
|
|
if authBackend.Authenticate(args, web.AccessKeyID, web.SecretAccessKey) { |
|
|
|
if jwt.Authenticate(args) { |
|
|
|
token, err := authBackend.GenerateToken(args.Username) |
|
|
|
token, err := jwt.GenerateToken(args.Username) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
return err |
|
|
|
return err |
|
|
|
} |
|
|
|
} |
|
|
@ -97,8 +99,8 @@ func (web *WebAPI) Login(r *http.Request, args *LoginArgs, reply *AuthToken) err |
|
|
|
// RefreshToken - refresh token handler.
|
|
|
|
// RefreshToken - refresh token handler.
|
|
|
|
func (web *WebAPI) RefreshToken(r *http.Request, args *LoginArgs, reply *AuthToken) error { |
|
|
|
func (web *WebAPI) RefreshToken(r *http.Request, args *LoginArgs, reply *AuthToken) error { |
|
|
|
if isAuthenticated(r) { |
|
|
|
if isAuthenticated(r) { |
|
|
|
authBackend := InitJWT() |
|
|
|
jwt := InitJWT() |
|
|
|
token, err := authBackend.GenerateToken(args.Username) |
|
|
|
token, err := jwt.GenerateToken(args.Username) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
return err |
|
|
|
return err |
|
|
|
} |
|
|
|
} |
|
|
@ -111,9 +113,9 @@ func (web *WebAPI) RefreshToken(r *http.Request, args *LoginArgs, reply *AuthTok |
|
|
|
// Logout - user logout.
|
|
|
|
// Logout - user logout.
|
|
|
|
func (web *WebAPI) Logout(r *http.Request, arg *string, reply *string) error { |
|
|
|
func (web *WebAPI) Logout(r *http.Request, arg *string, reply *string) error { |
|
|
|
if isAuthenticated(r) { |
|
|
|
if isAuthenticated(r) { |
|
|
|
authBackend := InitJWT() |
|
|
|
jwt := InitJWT() |
|
|
|
tokenString := r.Header.Get("Authorization") |
|
|
|
tokenString := r.Header.Get("Authorization") |
|
|
|
if err := authBackend.Logout(tokenString); err != nil { |
|
|
|
if err := jwt.Logout(tokenString); err != nil { |
|
|
|
return err |
|
|
|
return err |
|
|
|
} |
|
|
|
} |
|
|
|
return nil |
|
|
|
return nil |
|
|
|