commit eeba7b9890a3fae2aebac4d7ca9423af8acd7e7d
parent 2d4f778e4c143020e5ada9876134e54df9bd4f47
Author: Antoine A <>
Date: Mon, 29 Apr 2024 18:13:58 +0900
nexus: wire gateway improve auth config
Diffstat:
4 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/contrib/nexus.conf b/contrib/nexus.conf
@@ -61,10 +61,10 @@ SERVE = tcp
[nexus-httpd-wire-gateway-api]
ENABLED = NO
-AUTH_METHOD = token
-AUTH_TOKEN =
+AUTH_METHOD = bearer-token
+AUTH_BEARER_TOKEN =
[nexus-httpd-revenue-api]
ENABLED = NO
-AUTH_METHOD = token
-AUTH_TOKEN =
+AUTH_METHOD = bearer-token
+AUTH_BEARER_TOKEN =
diff --git a/nexus/conf/test.conf b/nexus/conf/test.conf
@@ -19,5 +19,5 @@ IGNORE_TRANSACTIONS_BEFORE = 2024-04-04
[nexus-httpd-wire-gateway-api]
ENABLED = YES
-AUTH_METHOD = token
-AUTH_TOKEN = secret-token
-\ No newline at end of file
+AUTH_METHOD = bearer-token
+AUTH_BEARER_TOKEN = secret-token
+\ No newline at end of file
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/Config.kt
@@ -84,11 +84,11 @@ fun NexusConfig.checkCurrency(amount: TalerAmount) {
fun TalerConfig.requireAuthMethod(section: String): AuthMethod {
return when (val method = requireString(section, "auth_method", "auth method")) {
"none" -> AuthMethod.None
- "token" -> {
- val token = requireString(section, "auth_token")
- AuthMethod.Basic(token)
+ "bearer-token" -> {
+ val token = requireString(section, "auth_bearer_token")
+ AuthMethod.Bearer(token)
}
- else -> throw TalerConfigError.invalid("auth method target type", section, "auth_method", "expected 'token' or 'none' got '$method'")
+ else -> throw TalerConfigError.invalid("auth method target type", section, "auth_method", "expected 'bearer-token' or 'none' got '$method'")
}
}
@@ -103,5 +103,5 @@ fun TalerConfig.apiConf(section: String): ApiConfig? {
sealed interface AuthMethod {
data object None: AuthMethod
- data class Basic(val token: String): AuthMethod
+ data class Bearer(val token: String): AuthMethod
}
\ No newline at end of file
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/api/helpers.kt
@@ -39,9 +39,9 @@ fun Route.authApi(cfg: ApiConfig?, callback: Route.() -> Unit): Route =
// Basic auth challenge
when (cfg.authMethod) {
AuthMethod.None -> {}
- is AuthMethod.Basic -> {
+ is AuthMethod.Bearer -> {
if (header == null) {
- //response.header(HttpHeaders.WWWAuthenticate, "Basic") ?
+ context.response.header(HttpHeaders.WWWAuthenticate, "Bearer")
throw unauthorized(
"Authorization header not found",
TalerErrorCode.GENERIC_PARAMETER_MISSING
@@ -52,7 +52,7 @@ fun Route.authApi(cfg: ApiConfig?, callback: Route.() -> Unit): Route =
TalerErrorCode.GENERIC_HTTP_HEADERS_MALFORMED
)
when (scheme) {
- "Basic", "Bearer" -> {
+ "Bearer" -> {
// TODO choose between one of those
if (content != cfg.authMethod.token) {
throw unauthorized("Unknown token")
