3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-02 03:46:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/authorize/grpc.go
Caleb Doxsey 5ad0e0ebdc authorize: build full URL from gRPC request
2020-04-20 18:24:26 -06:00

55 lines
1.5 KiB
Go
Raw Blame History

//go:generate protoc -I ../internal/grpc/authorize/ --go_out=plugins=grpc:../internal/grpc/authorize/ ../internal/grpc/authorize/authorize.proto
package authorize
import (
"context"
"net/url"
"github.com/pomerium/pomerium/authorize/evaluator"
"github.com/pomerium/pomerium/internal/grpc/authorize"
"github.com/pomerium/pomerium/internal/telemetry/trace"
)
// IsAuthorized checks to see if a given user is authorized to make a request.
func (a *Authorize) IsAuthorized(ctx context.Context, in *authorize.IsAuthorizedRequest) (*authorize.IsAuthorizedReply, error) {
ctx, span := trace.StartSpan(ctx, "authorize.grpc.IsAuthorized")
defer span.End()
req := &evaluator.Request{
User: in.GetUserToken(),
Header: cloneHeaders(in.GetRequestHeaders()),
Host: in.GetRequestHost(),
Method: in.GetRequestMethod(),
RequestURI: in.GetRequestRequestUri(),
RemoteAddr: in.GetRequestRemoteAddr(),
URL: getFullURL(in.GetRequestUrl(), in.GetRequestHost()),
}
return a.pe.IsAuthorized(ctx, req)
}
type protoHeader map[string]*authorize.IsAuthorizedRequest_Headers
func cloneHeaders(in protoHeader) map[string][]string {
out := make(map[string][]string, len(in))
for key, values := range in {
newValues := make([]string, len(values.Value))
copy(newValues, values.Value)
out[key] = newValues
}
return out
}
func getFullURL(rawurl, host string) string {
u, err := url.Parse(rawurl)
if err != nil {
u = &url.URL{Path: rawurl}
}
if u.Host == "" {
u.Host = host
}
if u.Scheme == "" {
u.Scheme = "http"
}
return u.String()
}
Reference in a new issue View git blame Copy permalink