You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

98 lines
2.4 KiB

  1. package main
  2. import (
  3. "encoding/json"
  4. "errors"
  5. "net/http"
  6. "strings"
  7. )
  8. type ContentType int
  9. const (
  10. WwwForm ContentType = iota
  11. Json
  12. Multipart
  13. UnsupportedType
  14. )
  15. const (
  16. indieAuthTokenUrl = "https://tokens.indieauth.com/token"
  17. )
  18. type IndieAuthRes struct {
  19. Me string `json:"me"`
  20. ClientId string `json:"client_id"`
  21. Scope string `json:"scope"`
  22. Issue int `json:"issued_at"`
  23. Nonce int `json:"nonce"`
  24. }
  25. func checkAccess(token string) (bool, error) {
  26. if token == "" {
  27. return false, errors.New("token string is empty")
  28. }
  29. // form the request to check the token
  30. client := http.DefaultClient
  31. req, err := http.NewRequest("GET", indieAuthTokenUrl, nil)
  32. if err != nil {
  33. return false, errors.New("error making the request for checking token access")
  34. }
  35. req.Header.Set("Accept", "application/json")
  36. req.Header.Set("Authorization", token)
  37. // send the request
  38. res, err := client.Do(req)
  39. if err != nil {
  40. return false, errors.New("error sending the request for checking token access")
  41. }
  42. // parse the response
  43. indieAuthRes := &IndieAuthRes{}
  44. err = json.NewDecoder(res.Body).Decode(&indieAuthRes)
  45. res.Body.Close()
  46. if err != nil {
  47. return false, errors.New("Error parsing the response into json for checking token access " + err.Error())
  48. }
  49. // verify results of the response
  50. if indieAuthRes.Me != BlogUrl {
  51. return false, errors.New("me does not match")
  52. }
  53. scopes := strings.Fields(indieAuthRes.Scope)
  54. postPresent := false
  55. for _, scope := range scopes {
  56. if scope == "post" || scope == "create" || scope == "update" {
  57. postPresent = true
  58. break
  59. }
  60. }
  61. if !postPresent {
  62. return false, errors.New("post is not present in the scope")
  63. }
  64. return true, nil
  65. }
  66. func CheckAuthorization(token string) bool {
  67. if ok, err := checkAccess(token); ok {
  68. return true
  69. } else if err != nil {
  70. return false
  71. } else {
  72. return false
  73. }
  74. }
  75. func GetContentType(contentType string) (ContentType, error) {
  76. if contentType != "" {
  77. if strings.Contains(contentType, "application/x-www-form-urlencoded") {
  78. return WwwForm, nil
  79. }
  80. if strings.Contains(contentType, "application/json") {
  81. return Json, nil
  82. }
  83. if strings.Contains(contentType, "multipart/form-data") {
  84. return Multipart, nil
  85. }
  86. return UnsupportedType, errors.New("content-type " + contentType + " is not supported, use application/x-www-form-urlencoded or multipart/form-data")
  87. }
  88. return UnsupportedType, errors.New("content-type is not provided in the request")
  89. }