diff options
| -rw-r--r-- | app/middleware/user.go | 32 | ||||
| -rw-r--r-- | app/middleware/user_parser.go | 36 |
2 files changed, 41 insertions, 27 deletions
diff --git a/app/middleware/user.go b/app/middleware/user.go index 2a6bf71..0916cfa 100644 --- a/app/middleware/user.go +++ b/app/middleware/user.go @@ -3,42 +3,20 @@ package middleware import ( "net/http" - "github.com/coreos/go-oidc/v3/oidc" - "github.com/xlgmokha/x/pkg/log" - "github.com/xlgmokha/x/pkg/mapper" "github.com/xlgmokha/x/pkg/x" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain" - "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls" ) func User(db domain.Repository[*domain.User]) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - subject := r.Header.Get("x-jwt-claim-sub") - log.WithFields(r.Context(), log.Fields{"sub": subject}) - user := db.Find(r.Context(), domain.ID(subject)) - - if !x.IsPresent(user) { - idToken := cfg.IDToken.From(r.Context()) - - if x.IsZero(idToken) { - next.ServeHTTP(w, r) - return - } - - user = db.Find(r.Context(), domain.ID(idToken.Subject)) - if !x.IsPresent(user) { - user = mapper.MapFrom[*oidc.IDToken, *domain.User](idToken) - if err := db.Save(r.Context(), user); err != nil { - pls.LogError(r.Context(), err) - next.ServeHTTP(w, r) - return - } - } + user := UserParser(db)(r) + if x.IsPresent(user) { + next.ServeHTTP(w, r.WithContext(cfg.CurrentUser.With(r.Context(), user))) + } else { + next.ServeHTTP(w, r) } - - next.ServeHTTP(w, r.WithContext(cfg.CurrentUser.With(r.Context(), user))) }) } } diff --git a/app/middleware/user_parser.go b/app/middleware/user_parser.go new file mode 100644 index 0000000..cd6f36f --- /dev/null +++ b/app/middleware/user_parser.go @@ -0,0 +1,36 @@ +package middleware + +import ( + "net/http" + + "github.com/coreos/go-oidc/v3/oidc" + "github.com/xlgmokha/x/pkg/mapper" + "github.com/xlgmokha/x/pkg/x" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls" +) + +func UserParser(db domain.Repository[*domain.User]) RequestParser[*domain.User] { + return func(r *http.Request) *domain.User { + subject := r.Header.Get("x-jwt-claim-sub") + user := db.Find(r.Context(), domain.ID(subject)) + + if !x.IsPresent(user) { + idToken := cfg.IDToken.From(r.Context()) + + if x.IsZero(idToken) { + return nil + } + + user = db.Find(r.Context(), domain.ID(idToken.Subject)) + if !x.IsPresent(user) { + user = mapper.MapFrom[*oidc.IDToken, *domain.User](idToken) + if err := db.Save(r.Context(), user); err != nil { + pls.LogError(r.Context(), err) + } + } + } + return user + } +} |