Revision 413a52d0eed8582e4c1511e210d7e3f36fe2fe3a authored by Jorropo on 14 December 2023, 14:31:42 UTC, committed by GitHub on 14 December 2023, 14:31:42 UTC
Release: v0.25.0 [skip changelog]
api.go
package config
import (
"encoding/base64"
"strings"
)
const (
APITag = "API"
AuthorizationTag = "Authorizations"
)
type RPCAuthScope struct {
// AuthSecret is the secret that will be compared to the HTTP "Authorization".
// header. A secret is in the format "type:value". Check the documentation for
// supported types.
AuthSecret string
// AllowedPaths is an explicit list of RPC path prefixes to allow.
// By default, none are allowed. ["/api/v0"] exposes all RPCs.
AllowedPaths []string
}
type API struct {
// HTTPHeaders are the HTTP headers to return with the API.
HTTPHeaders map[string][]string
// Authorization is a map of authorizations used to authenticate in the API.
// If the map is empty, then the RPC API is exposed to everyone. Check the
// documentation for more details.
Authorizations map[string]*RPCAuthScope `json:",omitempty"`
}
// ConvertAuthSecret converts the given secret in the format "type:value" into an
// HTTP Authorization header value. It can handle 'bearer' and 'basic' as type.
// If type exists and is not known, an empty string is returned. If type does not
// exist, 'bearer' type is assumed.
func ConvertAuthSecret(secret string) string {
if secret == "" {
return secret
}
split := strings.SplitN(secret, ":", 2)
if len(split) < 2 {
// No prefix: assume bearer token.
return "Bearer " + secret
}
if strings.HasPrefix(secret, "basic:") {
if strings.Contains(split[1], ":") {
// Assume basic:user:password
return "Basic " + base64.StdEncoding.EncodeToString([]byte(split[1]))
} else {
// Assume already base64 encoded.
return "Basic " + split[1]
}
} else if strings.HasPrefix(secret, "bearer:") {
return "Bearer " + split[1]
}
// Unknown. Type is present, but we can't handle it.
return ""
}
Computing file changes ...
