Extracts authorization credentials from an HTTP request. Returns authentication method and secret.
(req *http.Request)
| 328 | // Extracts authorization credentials from an HTTP request. |
| 329 | // Returns authentication method and secret. |
| 330 | func getHttpAuth(req *http.Request) (method, secret string) { |
| 331 | // Check X-Tinode-Auth header. |
| 332 | if parts := strings.Split(req.Header.Get("X-Tinode-Auth"), " "); len(parts) == 2 { |
| 333 | method, secret = parts[0], parts[1] |
| 334 | return |
| 335 | } |
| 336 | |
| 337 | // Check canonical Authorization header. |
| 338 | if parts := strings.Split(req.Header.Get("Authorization"), " "); len(parts) == 2 { |
| 339 | method, secret = parts[0], parts[1] |
| 340 | return |
| 341 | } |
| 342 | |
| 343 | // Check URL query parameters. |
| 344 | if method = req.URL.Query().Get("auth"); method != "" { |
| 345 | // Get the auth secret. |
| 346 | secret = req.URL.Query().Get("secret") |
| 347 | // Convert base64 URL-encoding to standard encoding. |
| 348 | secret = strings.NewReplacer("-", "+", "_", "/").Replace(secret) |
| 349 | return |
| 350 | } |
| 351 | |
| 352 | // Check form values. |
| 353 | if method = req.FormValue("auth"); method != "" { |
| 354 | return method, req.FormValue("secret") |
| 355 | } |
| 356 | |
| 357 | // Check cookies as the last resort. |
| 358 | if mcookie, err := req.Cookie("auth"); err == nil { |
| 359 | if scookie, err := req.Cookie("secret"); err == nil { |
| 360 | method, secret = mcookie.Value, scookie.Value |
| 361 | } |
| 362 | } |
| 363 | |
| 364 | return |
| 365 | } |
| 366 | |
| 367 | // Obtain IP address of the client. |
| 368 | func getRemoteAddr(req *http.Request) string { |
no test coverage detected
searching dependent graphs…