Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
anis
anis-server
Commits
fccc53dc
Commit
fccc53dc
authored
Nov 30, 2020
by
François Agneray
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Protected read (GET) for admin routes
parent
41c8352b
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
20 additions
and
20 deletions
+20
-20
app/routes.php
app/routes.php
+4
-1
src/Middleware/AdminMiddleware.php
src/Middleware/AdminMiddleware.php
+16
-6
src/Middleware/AuthorizationMiddleware.php
src/Middleware/AuthorizationMiddleware.php
+0
-13
No files found.
app/routes.php
View file @
fccc53dc
...
...
@@ -22,6 +22,9 @@ $app->group('', function (RouteCollectorProxy $group) {
$group
->
map
([
OPTIONS
,
GET
,
POST
],
'/database'
,
App\Action\DatabaseListAction
::
class
);
$group
->
map
([
OPTIONS
,
GET
,
PUT
,
DELETE
],
'/database/{id}'
,
App\Action\DatabaseAction
::
class
);
$group
->
map
([
OPTIONS
,
GET
],
'/database/{id}/table'
,
App\Action\TableListAction
::
class
);
})
->
add
(
new
App\Middleware\AdminMiddleware
(
$container
->
get
(
SETTINGS
)[
'token'
],
false
));
$app
->
group
(
''
,
function
(
RouteCollectorProxy
$group
)
{
$group
->
map
([
OPTIONS
,
GET
,
POST
],
'/project'
,
App\Action\ProjectListAction
::
class
);
$group
->
map
([
OPTIONS
,
GET
,
PUT
,
DELETE
],
'/project/{name}'
,
App\Action\ProjectAction
::
class
);
$group
->
map
([
OPTIONS
,
GET
,
POST
],
'/instance'
,
App\Action\InstanceListAction
::
class
);
...
...
@@ -51,7 +54,7 @@ $app->group('', function (RouteCollectorProxy $group) {
'/dataset/{name}/attribute/{id}/distinct'
,
App\Action\AttributeDistinctAction
::
class
);
})
->
add
(
new
App\Middleware\AdminMiddleware
(
$container
->
get
(
SETTINGS
)[
'token'
]));
})
->
add
(
new
App\Middleware\AdminMiddleware
(
$container
->
get
(
SETTINGS
)[
'token'
]
,
true
));
$app
->
get
(
'/search/{dname}'
,
App\Action\SearchAction
::
class
);
$app
->
get
(
'/download-file/{dname}/[{fpath:.*}]'
,
App\Action\DownloadFileAction
::
class
);
src/Middleware/AdminMiddleware.php
View file @
fccc53dc
...
...
@@ -27,23 +27,33 @@ final class AdminMiddleware implements MiddlewareInterface
*/
private
$settings
;
/**
* If read === true method GET is authorized without permission
* If read === false method GET need token and permission
*
* @var bool
*/
private
$read
;
/**
* Create the classe before call process to execute this middleware
*
* @param array $settings Settings about token
* @param bool $read If true GET is authorized without token
*/
public
function
__construct
(
array
$settings
)
public
function
__construct
(
array
$settings
,
bool
$read
)
{
$this
->
settings
=
$settings
;
$this
->
read
=
$read
;
}
public
function
process
(
Request
$request
,
RequestHandler
$handler
):
Response
{
if
(
$
re
quest
->
getMethod
()
===
OPTIONS
||
$request
->
getMethod
()
===
GET
||
$this
->
settings
[
'enabled'
]
===
0
)
{
if
(
$request
->
getMethod
()
===
OPTIONS
||
$this
->
settings
[
'enabled'
]
===
0
)
{
re
turn
$handler
->
handle
(
$request
);
}
if
(
$this
->
read
===
true
&&
$request
->
getMethod
()
===
GET
)
{
return
$handler
->
handle
(
$request
);
}
...
...
src/Middleware/AuthorizationMiddleware.php
View file @
fccc53dc
...
...
@@ -94,19 +94,6 @@ final class AuthorizationMiddleware implements MiddlewareInterface
return
$handler
->
handle
(
$request
->
withAttribute
(
'token'
,
$token
));
}
// private function getPublicKey(string $issuer, string $kid): string
// {
// $urlOpenIdConfiguration = $issuer . '/.well-known/openid-configuration';
// $openIdConfiguration = json_decode(file_get_contents($urlOpenIdConfiguration), true);
// $jwksUri = $openIdConfiguration['jwks_uri'];
// $jwks = json_decode(file_get_contents($jwksUri), true);
// foreach ($jwks['keys'] as $jwk) {
// if ($jwk['kid'] === $kid) {
// return $jwk['x5c'];
// }
// }
// }
private
function
getUnauthorizedResponse
(
string
$message
)
{
$resonse
=
new
NyholmResponse
();
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment