diff options
| author | Antoine A <> | 2024-04-29 18:13:58 +0900 |
|---|---|---|
| committer | Antoine A <> | 2024-04-29 18:13:58 +0900 |
| commit | eeba7b9890a3fae2aebac4d7ca9423af8acd7e7d (patch) | |
| tree | 533666cc4a7e7aadebbdcd7ca6a4c0915f73167f /nexus | |
| parent | 2d4f778e4c143020e5ada9876134e54df9bd4f47 (diff) | |
| download | libeufin-eeba7b9890a3fae2aebac4d7ca9423af8acd7e7d.tar.gz libeufin-eeba7b9890a3fae2aebac4d7ca9423af8acd7e7d.tar.bz2 libeufin-eeba7b9890a3fae2aebac4d7ca9423af8acd7e7d.zip | |
nexus: wire gateway improve auth config
Diffstat (limited to 'nexus')
| -rw-r--r-- | nexus/conf/test.conf | 4 | ||||
| -rw-r--r-- | nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt | 10 | ||||
| -rw-r--r-- | nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt | 6 |
3 files changed, 10 insertions, 10 deletions
diff --git a/nexus/conf/test.conf b/nexus/conf/test.conf index dd7f3196..f4edd11a 100644 --- a/nexus/conf/test.conf +++ b/nexus/conf/test.conf @@ -19,5 +19,5 @@ IGNORE_TRANSACTIONS_BEFORE = 2024-04-04 [nexus-httpd-wire-gateway-api] ENABLED = YES -AUTH_METHOD = token -AUTH_TOKEN = secret-token
\ No newline at end of file +AUTH_METHOD = bearer-token +AUTH_BEARER_TOKEN = secret-token
\ No newline at end of file diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt index 95cc17af..ac2d86ca 100644 --- a/nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt +++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt @@ -84,11 +84,11 @@ fun NexusConfig.checkCurrency(amount: TalerAmount) { fun TalerConfig.requireAuthMethod(section: String): AuthMethod { return when (val method = requireString(section, "auth_method", "auth method")) { "none" -> AuthMethod.None - "token" -> { - val token = requireString(section, "auth_token") - AuthMethod.Basic(token) + "bearer-token" -> { + val token = requireString(section, "auth_bearer_token") + AuthMethod.Bearer(token) } - else -> throw TalerConfigError.invalid("auth method target type", section, "auth_method", "expected 'token' or 'none' got '$method'") + else -> throw TalerConfigError.invalid("auth method target type", section, "auth_method", "expected 'bearer-token' or 'none' got '$method'") } } @@ -103,5 +103,5 @@ fun TalerConfig.apiConf(section: String): ApiConfig? { sealed interface AuthMethod { data object None: AuthMethod - data class Basic(val token: String): AuthMethod + data class Bearer(val token: String): AuthMethod }
\ No newline at end of file diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt index f7de32eb..df5acb83 100644 --- a/nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt +++ b/nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt @@ -39,9 +39,9 @@ fun Route.authApi(cfg: ApiConfig?, callback: Route.() -> Unit): Route = // Basic auth challenge when (cfg.authMethod) { AuthMethod.None -> {} - is AuthMethod.Basic -> { + is AuthMethod.Bearer -> { if (header == null) { - //response.header(HttpHeaders.WWWAuthenticate, "Basic") ? + context.response.header(HttpHeaders.WWWAuthenticate, "Bearer") throw unauthorized( "Authorization header not found", TalerErrorCode.GENERIC_PARAMETER_MISSING @@ -52,7 +52,7 @@ fun Route.authApi(cfg: ApiConfig?, callback: Route.() -> Unit): Route = TalerErrorCode.GENERIC_HTTP_HEADERS_MALFORMED ) when (scheme) { - "Basic", "Bearer" -> { + "Bearer" -> { // TODO choose between one of those if (content != cfg.authMethod.token) { throw unauthorized("Unknown token") |