s464900/gonito
1
0
Fork 0
forked from filipg/gonito
Code Issues Pull Requests Projects Releases Wiki Activity

Extract ident info from JWT tokens

Browse Source
This commit is contained in:
Filip Gralinski 2020-12-10 21:36:17 +01:00
parent ceef7ae5ac
commit 2009ad4504
1 changed files with 35 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
Handler/ShowChallenge.hs
View File

@ -656,22 +656,43 @@ submissionForm defaultUrl defBranch defaultGitAnnexRemote = renderBootstrap3 Boo
<*> areq textField (bfs MsgSubmissionBranch) defBranch <*> areq textField (bfs MsgSubmissionBranch) defBranch
<*> aopt textField (bfs MsgSubmissionGitAnnexRemote) (Just defaultGitAnnexRemote)) <*> aopt textField (bfs MsgSubmissionGitAnnexRemote) (Just defaultGitAnnexRemote))
data JwtAuthInfo = JwtAuthInfo Text
deriving (Show, Eq)
instance FromJSON JwtAuthInfo where
parseJSON (Object v) =
JwtAuthInfo <$> v .: "preferred_username"
parseJSON _ = mzero
jwtAuthInfoIdent :: JwtAuthInfo -> Text
jwtAuthInfoIdent (JwtAuthInfo ident) = ident
authorizationTokenAuth :: Handler (Maybe JwtAuthInfo)
authorizationTokenAuth = do
app <- getYesod
let mJwk = appJSONWebKey $ appSettings app
case mJwk of
Just jwk -> do
req <- waiRequest
case lookup "Authorization" (Network.Wai.requestHeaders req) of
Nothing -> return Nothing
Just authHead -> case BS.break isSpace authHead of
(strategy, token')
| BS.map Data.Word8.toLower strategy == "bearer" -> do
let token = BS.filter (/= 32) token'
einfo <- liftIO $ JWT.decode [jwk] (Just (JWT.JwsEncoding JWA.RS256)) token
return $ case einfo of
Right (JWT.Jws (_, info)) -> decode $ fromStrict info
_ -> Nothing
| otherwise -> return Nothing
Nothing -> return Nothing
getChallengeMySubmissionsJsonR :: Text -> Handler Value getChallengeMySubmissionsJsonR :: Text -> Handler Value
getChallengeMySubmissionsJsonR name = do getChallengeMySubmissionsJsonR name = do
req <- waiRequest info <- authorizationTokenAuth
let mToken = case lookup "Authorization" (Network.Wai.requestHeaders req) of return $ array [show info]
Nothing -> Nothing
Just authHead -> case BS.break isSpace authHead of
(strategy, token)
| BS.map Data.Word8.toLower strategy == "bearer" -> (Just $ BS.filter (/= 32) token)
| otherwise -> Nothing
mUserEnt <- maybeAuth
app <- getYesod
let jwk = fromJust $ appJSONWebKey $ appSettings app
dtoken <- liftIO $ JWT.decode [jwk] (Just (JWT.JwsEncoding JWA.RS256)) $ fromJust mToken
return $ array [show dtoken]
getChallengeMySubmissionsR :: Text -> Handler Html getChallengeMySubmissionsR :: Text -> Handler Html
getChallengeMySubmissionsR name = do getChallengeMySubmissionsR name = do