all: refactor handler logic

- all: prefer `FormValues` to `ParseForm` with subsequent `Form.Get`s - all: refactor authentication stack to be checked by middleware, and accessible via request context. - all: replace http.ServeMux with gorilla/mux’s router - all: replace custom CSRF checks with gorilla/csrf middleware - authenticate: extract callback path as constant. - internal/config: implement stringer interface for policy - internal/cryptutil: add helper func `NewBase64Key` - internal/cryptutil: rename `GenerateKey` to `NewKey` - internal/cryptutil: rename `GenerateRandomString` to `NewRandomStringN` - internal/middleware: removed alice in favor of gorilla/mux - internal/sessions: remove unused `ValidateRedirectURI` and `ValidateClientSecret` - internal/sessions: replace custom CSRF with gorilla/csrf fork that supports custom handler protection - internal/urlutil: add `SignedRedirectURL` to create hmac'd URLs - internal/urlutil: add `ValidateURL` helper to parse URL options - internal/urlutil: add `GetAbsoluteURL` which takes a request and returns its absolute URL. - proxy: remove holdover state verification checks; we no longer are setting sessions in any proxy routes so we don’t need them. - proxy: replace un-named http.ServeMux with named domain routes. Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
2025-05-16 18:47:10 +02:00 · 2019-09-12 13:54:30 -07:00 · 2019-09-12 13:54:30 -07:00 · dc12947241
commit dc12947241
parent a793249386
37 changed files with 1132 additions and 1384 deletions
--- a/internal/sessions/middleware.go
+++ b/internal/sessions/middleware.go
@ -0,0 +1,130 @@
+package sessions // import "github.com/pomerium/pomerium/internal/sessions"
+
+import (
+	"context"
+	"errors"
+	"net/http"
+	"strings"
+)
+
+// Context keys
+var (
+	SessionCtxKey = &contextKey{"Session"}
+	ErrorCtxKey   = &contextKey{"Error"}
+)
+
+// Library errors
+var (
+	ErrExpired        = errors.New("internal/sessions: session is expired")
+	ErrNoSessionFound = errors.New("internal/sessions: session is not found")
+	ErrMalformed      = errors.New("internal/sessions: session is malformed")
+)
+
+// RetrieveSession http middleware handler will verify a auth session from a http request.
+//
+// RetrieveSession will search for a auth session in a http request, in the order:
+//   1. `pomerium_session` URI query parameter
+//   2. `Authorization: BEARER` request header
+//   3. Cookie `_pomerium` value
+func RetrieveSession(s SessionStore) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return retrieve(s, TokenFromQuery, TokenFromHeader, TokenFromCookie)(next)
+	}
+}
+
+func retrieve(s SessionStore, findTokenFns ...func(r *http.Request) string) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		hfn := func(w http.ResponseWriter, r *http.Request) {
+			ctx := r.Context()
+			token, err := retrieveFromRequest(s, r, findTokenFns...)
+			ctx = NewContext(ctx, token, err)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		}
+		return http.HandlerFunc(hfn)
+	}
+}
+
+func retrieveFromRequest(s SessionStore, r *http.Request, findTokenFns ...func(r *http.Request) string) (*State, error) {
+	var tokenStr string
+	var err error
+
+	// Extract token string from the request by calling token find functions in
+	// the order they where provided. Further extraction stops if a function
+	// returns a non-empty string.
+	for _, fn := range findTokenFns {
+		tokenStr = fn(r)
+		if tokenStr != "" {
+			break
+		}
+	}
+	if tokenStr == "" {
+		return nil, ErrNoSessionFound
+	}
+
+	state, err := s.LoadSession(r)
+	if err != nil {
+		return nil, ErrMalformed
+	}
+	err = state.Valid()
+	if err != nil {
+		// a little unusual but we want to return the expired state too
+		return state, err
+	}
+
+	// Valid!
+	return state, nil
+}
+
+// NewContext sets context values for the user session state and error.
+func NewContext(ctx context.Context, t *State, err error) context.Context {
+	ctx = context.WithValue(ctx, SessionCtxKey, t)
+	ctx = context.WithValue(ctx, ErrorCtxKey, err)
+	return ctx
+}
+
+// FromContext retrieves context values for the user session state and error.
+func FromContext(ctx context.Context) (*State, error) {
+	state, _ := ctx.Value(SessionCtxKey).(*State)
+	err, _ := ctx.Value(ErrorCtxKey).(error)
+	return state, err
+}
+
+// TokenFromCookie tries to retrieve the token string from a cookie named
+// "_pomerium".
+func TokenFromCookie(r *http.Request) string {
+	cookie, err := r.Cookie("_pomerium")
+	if err != nil {
+		return ""
+	}
+	return cookie.Value
+}
+
+// TokenFromHeader tries to retrieve the token string from the
+// "Authorization" request header: "Authorization: BEARER T".
+func TokenFromHeader(r *http.Request) string {
+	// Get token from authorization header.
+	bearer := r.Header.Get("Authorization")
+	if len(bearer) > 7 && strings.EqualFold(bearer[0:6], "BEARER") {
+		return bearer[7:]
+	}
+	return ""
+}
+
+// TokenFromQuery tries to retrieve the token string from the "pomerium_session" URI
+// query parameter.
+// todo(bdd) : document setting session code as queryparam
+func TokenFromQuery(r *http.Request) string {
+	// Get token from query param named "pomerium_session".
+	return r.URL.Query().Get("pomerium_session")
+}
+
+// contextKey is a value for use with context.WithValue. It's used as
+// a pointer so it fits in an interface{} without allocation. This technique
+// for defining context keys was copied from Go 1.7's new use of context in net/http.
+type contextKey struct {
+	name string
+}
+
+func (k *contextKey) String() string {
+	return "SessionStore context value " + k.name
+}