ayo/houston
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

인증 일단 막음

Browse Source
This commit is contained in:
mountain
2024-08-13 17:30:33 +09:00
parent 71e80d2908
commit 3ab055008c
1 changed files with 27 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
server/http_handler.go
View File

@ -3,7 +3,6 @@ package server
import ( import (
"crypto/md5" "crypto/md5"
"encoding/hex" "encoding/hex"
"encoding/json"
"fmt" "fmt"
"io" "io"
"net/http" "net/http"
@ -173,37 +172,37 @@ func (h *houstonHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
r.Body.Close() r.Body.Close()
}() }()
var userinfo map[string]any // var userinfo map[string]any
if !*noauth && (*authtype == "on" || *authtype == "both") { // if !*noauth && (*authtype == "on" || *authtype == "both") {
authheader := r.Header.Get("Authorization") // authheader := r.Header.Get("Authorization")
if len(authheader) == 0 { // if len(authheader) == 0 {
logger.Println("Authorization header is not valid :", authheader) // logger.Println("Authorization header is not valid :", authheader)
w.WriteHeader(http.StatusBadRequest) // w.WriteHeader(http.StatusBadRequest)
return // return
} // }
req, _ := http.NewRequest("GET", "https://graph.microsoft.com/oidc/userinfo", nil) // req, _ := http.NewRequest("GET", "https://graph.microsoft.com/oidc/userinfo", nil)
req.Header.Add("Authorization", authheader) // req.Header.Add("Authorization", authheader)
client := &http.Client{} // client := &http.Client{}
resp, err := client.Do(req) // resp, err := client.Do(req)
if err != nil { // if err != nil {
logger.Println("graph microsoft api call failed :", err) // logger.Println("graph microsoft api call failed :", err)
w.WriteHeader(http.StatusBadRequest) // w.WriteHeader(http.StatusBadRequest)
return // return
} // }
defer resp.Body.Close() // defer resp.Body.Close()
raw, _ := io.ReadAll(resp.Body) // raw, _ := io.ReadAll(resp.Body)
if err = json.Unmarshal(raw, &userinfo); err != nil { // if err = json.Unmarshal(raw, &userinfo); err != nil {
return // return
} // }
if _, expired := userinfo["error"]; expired { // if _, expired := userinfo["error"]; expired {
w.WriteHeader(http.StatusUnauthorized) // w.WriteHeader(http.StatusUnauthorized)
return // return
} // }
} // }
var operation string var operation string
if r.Method == "POST" { if r.Method == "POST" {