mendersoftware / mender-server / 1863989307

func NewMiddlewareOptions() *MiddlewareOptions {

        return new(MiddlewareOptions)

}

func (opts *MiddlewareOptions) SetPathRegex(regex string) *MiddlewareOptions {

        opts.PathRegex = &regex

        return opts

}

func (opts *MiddlewareOptions) SetUpdateLogger(updateLogger bool) *MiddlewareOptions {

        opts.UpdateLogger = &updateLogger

        return opts

}

func middlewareWithLogger(c *gin.Context) {

        var (

                err    error

                jwt    string

                idty   Identity

                logCtx = log.Ctx{}

                key    = "sub"

                ctx    = c.Request.Context()

                l      = log.FromContext(ctx)

        )

        jwt, err = ExtractJWTFromHeader(c.Request)

        if err != nil {

                goto exitUnauthorized

        idty, err = ExtractIdentity(jwt)

        if err != nil {

        ctx = WithContext(ctx, &idty)

        if idty.IsDevice {

                key = "device_id"

        } else if idty.IsUser {

                key = "user_id"

        }

        logCtx[key] = idty.Subject

        if idty.Tenant != "" {

                logCtx["tenant_id"] = idty.Tenant

        }

        if idty.Plan != "" {

                logCtx["plan"] = idty.Plan

        }

        ctx = log.WithContext(ctx, l.F(logCtx))

        c.Request = c.Request.WithContext(ctx)

        return

exitUnauthorized:

        c.Header("WWW-Authenticate", `Bearer realm="ManagementJWT"`)

        urest.RenderError(c, http.StatusUnauthorized, err)

        c.Abort()

func Middleware(opts ...*MiddlewareOptions) gin.HandlerFunc {

        var middleware gin.HandlerFunc

        // Initialize default options

        opt := NewMiddlewareOptions().

                SetUpdateLogger(true)

        for _, o := range opts {

                if o == nil {

                if o.PathRegex != nil {

                        opt.PathRegex = o.PathRegex

                }

                if o.UpdateLogger != nil {

        if *opt.UpdateLogger {

                middleware = middlewareWithLogger

        } else {

        if opt.PathRegex != nil {

                pathRegex := regexp.MustCompile(*opt.PathRegex)

                return func(c *gin.Context) {

                        if !pathRegex.MatchString(c.FullPath()) {

                                return

                        }

                        middleware(c)

        return middleware

func (mw *IdentityMiddleware) MiddlewareFunc(h rest.HandlerFunc) rest.HandlerFunc {

        return func(w rest.ResponseWriter, r *rest.Request) {

                jwt, err := ExtractJWTFromHeader(r.Request)

                if err != nil {

                        h(w, r)

                        return

                }

                ctx := r.Context()

                l := log.FromContext(ctx)

                identity, err := ExtractIdentity(jwt)

                if err != nil {

                        l.Warnf("Failed to parse extracted JWT: %s",

                                err.Error(),

                        )

                } else {

                        if mw.UpdateLogger {

                                logCtx := log.Ctx{}

                                key := "sub"

                                if identity.IsDevice {

                                        key = "device_id"

                                } else if identity.IsUser {

                                        key = "user_id"

                                }

                                logCtx[key] = identity.Subject

                                if identity.Tenant != "" {

                                        logCtx["tenant_id"] = identity.Tenant

                                }

                                if identity.Plan != "" {

                                        logCtx["plan"] = identity.Plan

                                }

                                l = l.F(logCtx)

                                ctx = log.WithContext(ctx, l)

                        ctx = WithContext(ctx, &identity)

                        r.Request = r.WithContext(ctx)

                h(w, r)