Merge branch 'master' into kd-live
This commit is contained in:
@ -37,9 +37,6 @@ func download(dir string, urlpath string, accessToken string) (target string, er
|
|||||||
}
|
}
|
||||||
|
|
||||||
req, _ := http.NewRequest("GET", urlpath, nil)
|
req, _ := http.NewRequest("GET", urlpath, nil)
|
||||||
if len(accessToken) > 0 {
|
|
||||||
req.Header.Add("Authorization", accessToken)
|
|
||||||
}
|
|
||||||
req.Header.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.51")
|
req.Header.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.51")
|
||||||
resp, err := http.DefaultClient.Do(req)
|
resp, err := http.DefaultClient.Do(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
package server
|
package server
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
@ -10,6 +11,7 @@ import (
|
|||||||
"runtime/debug"
|
"runtime/debug"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"repositories.action2quare.com/ayo/gocommon/flagx"
|
||||||
"repositories.action2quare.com/ayo/gocommon/logger"
|
"repositories.action2quare.com/ayo/gocommon/logger"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -104,6 +106,8 @@ func (h *houstonHandler) RegisterHandlers(serveMux *http.ServeMux, prefix string
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var noauth = flagx.Bool("noauth", false, "")
|
||||||
|
|
||||||
func (h *houstonHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
func (h *houstonHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
defer func() {
|
defer func() {
|
||||||
s := recover()
|
s := recover()
|
||||||
@ -118,13 +122,45 @@ func (h *houstonHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||||||
r.Body.Close()
|
r.Body.Close()
|
||||||
}()
|
}()
|
||||||
|
|
||||||
|
var userinfo map[string]any
|
||||||
|
if !*noauth {
|
||||||
|
authheader := r.Header.Get("Authorization")
|
||||||
|
if len(authheader) == 0 {
|
||||||
|
logger.Println("Authorization header is not valid :", authheader)
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
req, _ := http.NewRequest("GET", "https://graph.microsoft.com/oidc/userinfo", nil)
|
||||||
|
req.Header.Add("Authorization", authheader)
|
||||||
|
client := &http.Client{}
|
||||||
|
|
||||||
|
resp, err := client.Do(req)
|
||||||
|
if err != nil {
|
||||||
|
logger.Println("graph microsoft api call failed :", err)
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
raw, _ := io.ReadAll(resp.Body)
|
||||||
|
if err = json.Unmarshal(raw, &userinfo); err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, expired := userinfo["error"]; expired {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var operation string
|
var operation string
|
||||||
if r.Method == "POST" {
|
if r.Method == "POST" {
|
||||||
operation = r.FormValue("operation")
|
operation = r.FormValue("operation")
|
||||||
logger.Println("api called :", r.Form)
|
logger.Println("api called :", userinfo, r.Form)
|
||||||
} else {
|
} else {
|
||||||
operation = r.URL.Query().Get("operation")
|
operation = r.URL.Query().Get("operation")
|
||||||
logger.Println("api called :", r.URL.Query())
|
logger.Println("api called :", userinfo, r.URL.Query())
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(operation) == 0 {
|
if len(operation) == 0 {
|
||||||
|
|||||||
Reference in New Issue
Block a user