Merge branch 'v2-alpha'

Author: ant0ine

README.md

@@ -8,4 +8,4 @@ Copyright (c) 2013-2014 Antoine Imbert
 
 [MIT License](https://github.com/ant0ine/go-json-rest-examples/blob/master/LICENSE)
 
-[![Analytics](https://ga-beacon.appspot.com/UA-309210-4/go-json-rest-examples/readme)](https://github.com/igrigorik/ga-beacon)
+[![Analytics](https://ga-beacon.appspot.com/UA-309210-4/go-json-rest-examples/v2-alpha/readme)](https://github.com/igrigorik/ga-beacon)

auth-basic-custom/main.go

@@ -0,0 +1,111 @@
+/* Demonstrate how to implement a custom AuthBasic middleware, used to protect all endpoints.
+
+This is a very simple version supporting only one user.
+
+The curl demo:
+
+        curl -i http://127.0.0.1:8080/countries
+
+*/
+package main
+
+import (
+	"encoding/base64"
+	"errors"
+	"github.com/ant0ine/go-json-rest/rest"
+	"net/http"
+	"strings"
+)
+
+type MyAuthBasicMiddleware struct {
+	Realm    string
+	UserId   string
+	Password string
+}
+
+func (mw *MyAuthBasicMiddleware) MiddlewareFunc(handler rest.HandlerFunc) rest.HandlerFunc {
+	return func(writer rest.ResponseWriter, request *rest.Request) {
+
+		authHeader := request.Header.Get("Authorization")
+		if authHeader == "" {
+			mw.unauthorized(writer)
+			return
+		}
+
+		providedUserId, providedPassword, err := mw.decodeBasicAuthHeader(authHeader)
+
+		if err != nil {
+			rest.Error(writer, "Invalid authentication", http.StatusBadRequest)
+			return
+		}
+
+		if !(providedUserId == mw.UserId && providedPassword == mw.Password) {
+			mw.unauthorized(writer)
+			return
+		}
+
+		handler(writer, request)
+	}
+}
+
+func (mw *MyAuthBasicMiddleware) unauthorized(writer rest.ResponseWriter) {
+	writer.Header().Set("WWW-Authenticate", "Basic realm="+mw.Realm)
+	rest.Error(writer, "Not Authorized", http.StatusUnauthorized)
+}
+
+func (mw *MyAuthBasicMiddleware) decodeBasicAuthHeader(header string) (user string, password string, err error) {
+
+	parts := strings.SplitN(header, " ", 2)
+	if !(len(parts) == 2 && parts[0] == "Basic") {
+		return "", "", errors.New("Invalid authentication")
+	}
+
+	decoded, err := base64.StdEncoding.DecodeString(parts[1])
+	if err != nil {
+		return "", "", errors.New("Invalid base64")
+	}
+
+	creds := strings.SplitN(string(decoded), ":", 2)
+	if len(creds) != 2 {
+		return "", "", errors.New("Invalid authentication")
+	}
+
+	return creds[0], creds[1], nil
+}
+
+func main() {
+
+	handler := rest.ResourceHandler{
+		PreRoutingMiddlewares: []rest.Middleware{
+			&MyAuthBasicMiddleware{
+				Realm:    "Administration",
+				UserId:   "admin",
+				Password: "admin",
+			},
+		},
+	}
+	handler.SetRoutes(
+		&rest.Route{"GET", "/countries", GetAllCountries},
+	)
+	http.ListenAndServe(":8080", &handler)
+}
+
+type Country struct {
+	Code string
+	Name string
+}
+
+func GetAllCountries(w rest.ResponseWriter, r *rest.Request) {
+	w.WriteJson(
+		[]Country{
+			Country{
+				Code: "FR",
+				Name: "France",
+			},
+			Country{
+				Code: "US",
+				Name: "United States",
+			},
+		},
+	)
+}

auth-basic/main.go

@@ -1,90 +1,45 @@
-/* Demonstrate a possible global Basic Auth implementation
+/* Demonstrate how to setup AuthBasicMiddleware as a pre-routing middleware.
 
-The Curl Demo:
+The curl demo:
 
         curl -i http://127.0.0.1:8080/countries
+        curl -i -u admin:admin http://127.0.0.1:8080/countries
 
 */
 package main
 
 import (
-	"encoding/base64"
-	"errors"
-	"github.com/ant0ine/go-json-rest"
+	"github.com/ant0ine/go-json-rest/rest"
 	"net/http"
-	"strings"
 )
 
 func main() {
 
 	handler := rest.ResourceHandler{
-		PreRoutingMiddleware: func(handler rest.HandlerFunc) rest.HandlerFunc {
-
-			realm := "Administration"
-			userId := "admin"
-			password := "admin"
-
-			return func(writer *rest.ResponseWriter, request *rest.Request) {
-
-				authHeader := request.Header.Get("Authorization")
-				if authHeader == "" {
-					Unauthorized(writer, realm)
-					return
-				}
-
-				providedUserId, providedPassword, err := DecodeBasicAuthHeader(authHeader)
-
-				if err != nil {
-					rest.Error(writer, "Invalid authentication", http.StatusBadRequest)
-					return
-				}
-
-				if !(providedUserId == userId && providedPassword == password) {
-					Unauthorized(writer, realm)
-					return
-				}
-
-				handler(writer, request)
-			}
+		PreRoutingMiddlewares: []rest.Middleware{
+			&rest.AuthBasicMiddleware{
+				Realm: "test zone",
+				Authenticator: func(userId string, password string) bool {
+					if userId == "admin" && password == "admin" {
+						return true
+					}
+					return false
+				},
+			},
 		},
 	}
 	handler.SetRoutes(
-		rest.Route{"GET", "/countries", GetAllCountries},
+		&rest.Route{"GET", "/countries", GetAllCountries},
 	)
 	http.ListenAndServe(":8080", &handler)
 }
 
-func Unauthorized(writer *rest.ResponseWriter, realm string) {
-	writer.Header().Set("WWW-Authenticate", "Basic realm="+realm)
-	rest.Error(writer, "Not Authorized", http.StatusUnauthorized)
-}
-
-func DecodeBasicAuthHeader(header string) (user string, password string, err error) {
-
-	parts := strings.SplitN(header, " ", 2)
-	if !(len(parts) == 2 && parts[0] == "Basic") {
-		return "", "", errors.New("Invalid authentication")
-	}
-
-	decoded, err := base64.StdEncoding.DecodeString(parts[1])
-	if err != nil {
-		return "", "", errors.New("Invalid base64")
-	}
-
-	creds := strings.SplitN(string(decoded), ":", 2)
-	if len(creds) != 2 {
-		return "", "", errors.New("Invalid authentication")
-	}
-
-	return creds[0], creds[1], nil
-}
-
 type Country struct {
 	Code string
 	Name string
 }
 
-func GetAllCountries(w *rest.ResponseWriter, r *rest.Request) {
+func GetAllCountries(w rest.ResponseWriter, r *rest.Request) {
 	w.WriteJson(
 		[]Country{
 			Country{

cors-custom/main.go

@@ -0,0 +1,115 @@
+/* Demonstrate how to implement a custom CORS middleware, used to on all endpoints.
+
+The curl demo:
+
+        curl -i http://127.0.0.1:8080/countries
+
+*/
+package main
+
+import (
+	"github.com/ant0ine/go-json-rest/rest"
+	"net/http"
+)
+
+type MyCorsMiddleware struct{}
+
+func (mw *MyCorsMiddleware) MiddlewareFunc(handler rest.HandlerFunc) rest.HandlerFunc {
+	return func(writer rest.ResponseWriter, request *rest.Request) {
+
+		corsInfo := request.GetCorsInfo()
+
+		// Be nice with non CORS requests, continue
+		// Alternatively, you may also chose to only allow CORS requests, and return an error.
+		if !corsInfo.IsCors {
+			// continure, execute the wrapped middleware
+			handler(writer, request)
+			return
+		}
+
+		// Validate the Origin
+		// More sophisticated validations can be implemented, regexps, DB lookups, ...
+		if corsInfo.Origin != "http://my.other.host" {
+			rest.Error(writer, "Invalid Origin", http.StatusForbidden)
+			return
+		}
+
+		if corsInfo.IsPreflight {
+			// check the request methods
+			allowedMethods := map[string]bool{
+				"GET":  true,
+				"POST": true,
+				"PUT":  true,
+				// don't allow DELETE, for instance
+			}
+			if !allowedMethods[corsInfo.AccessControlRequestMethod] {
+				rest.Error(writer, "Invalid Preflight Request", http.StatusForbidden)
+				return
+			}
+			// check the request headers
+			allowedHeaders := map[string]bool{
+				"Accept":          true,
+				"Content-Type":    true,
+				"X-Custom-Header": true,
+			}
+			for _, requestedHeader := range corsInfo.AccessControlRequestHeaders {
+				if !allowedHeaders[requestedHeader] {
+					rest.Error(writer, "Invalid Preflight Request", http.StatusForbidden)
+					return
+				}
+			}
+
+			for allowedMethod, _ := range allowedMethods {
+				writer.Header().Add("Access-Control-Allow-Methods", allowedMethod)
+			}
+			for allowedHeader, _ := range allowedHeaders {
+				writer.Header().Add("Access-Control-Allow-Headers", allowedHeader)
+			}
+			writer.Header().Set("Access-Control-Allow-Origin", corsInfo.Origin)
+			writer.Header().Set("Access-Control-Allow-Credentials", "true")
+			writer.Header().Set("Access-Control-Max-Age", "3600")
+			writer.WriteHeader(http.StatusOK)
+			return
+		} else {
+			writer.Header().Set("Access-Control-Expose-Headers", "X-Powered-By")
+			writer.Header().Set("Access-Control-Allow-Origin", corsInfo.Origin)
+			writer.Header().Set("Access-Control-Allow-Credentials", "true")
+			// continure, execute the wrapped middleware
+			handler(writer, request)
+			return
+		}
+	}
+}
+
+func main() {
+
+	handler := rest.ResourceHandler{
+		PreRoutingMiddlewares: []rest.Middleware{
+			&MyCorsMiddleware{},
+		},
+	}
+	handler.SetRoutes(
+		&rest.Route{"GET", "/countries", GetAllCountries},
+	)
+	http.ListenAndServe(":8080", &handler)
+}
+
+type Country struct {
+	Code string
+	Name string
+}
+
+func GetAllCountries(w rest.ResponseWriter, r *rest.Request) {
+	w.WriteJson(
+		[]Country{
+			Country{
+				Code: "FR",
+				Name: "France",
+			},
+			Country{
+				Code: "US",
+				Name: "United States",
+			},
+		},
+	)
+}