-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathhttp_challenge_patch.go
121 lines (99 loc) · 3.42 KB
/
http_challenge_patch.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
package main
import (
"errors"
"github.com/gofiber/fiber/v2"
)
func httpChallengePatch(c *fiber.Ctx, config *config) error {
ip := c.Locals(localVarIP).(string)
requestID := c.Locals(localVarRequestID).(string)
temporaryChecksum := c.Locals(localVarClientTemporaryChecksum).(string)
var chReq challengeRequest
if parseError := c.BodyParser(&chReq); parseError != nil {
errorMessage := "invalid request"
defer config.getLogger().
Warn().
Str(logType, logTypeChallengeFailed).
Str(logPropertyIP, ip).
Str(logPropertyError, parseError.Error()).
Str(logPropertyRequestID, requestID).
Msg(errorMessage)
return errors.New(errorMessage)
}
challenge, challengeParseErr := newChallengeFromString(chReq.ChallengeToken, config.clientSecret)
if challengeParseErr != nil {
errorMessage := "invalid challenge token for parse"
defer config.getLogger().
Warn().
Str(logType, logTypeChallengeFailed).
Str(logPropertyChallengeType, challenge.ChallengeType).
Str(logPropertyIP, ip).
Str(logPropertyError, challengeParseErr.Error()).
Str(logPropertyRequestID, requestID).
Msg(errorMessage)
return errors.New(errorMessage)
}
if !challenge.verify(temporaryChecksum) {
errorMessage := "token invalid, timeout or expired"
defer config.getLogger().
Info().
Str(logPropertyChallengeType, challenge.ChallengeType).
Str(logType, logTypeChallengeFailed).
Str(logPropertyIP, ip).
Str(logPropertyRequestID, requestID).
Msg(errorMessage)
return errors.New(errorMessage)
}
chResp := challengeResponse{}
switch challenge.ChallengeType {
case challengeTypeJS:
chResp.JSProblem = challenge.setJSValue()
case challengeTypeCaptcha:
image, err := challenge.setCaptchaValue(config.restCaptchaURL, c.Get(httpRequestHeaderConfigCaptchaDifficulty, "hard"))
if err != nil {
errorMessage := "cannot get image from captcha server"
defer config.getLogger().
Error().
Str(logPropertyChallengeType, challenge.ChallengeType).
Str(logType, logTypeChallengeFailed).
Str(logPropertyIP, ip).
Str(logPropertyRequestID, requestID).
Msg(errorMessage)
return errors.New(errorMessage)
}
chResp.JSProblem = challenge.setJSValue()
chResp.CaptchaProblem = image
case challengeTypeLDAP:
image, err := challenge.setCaptchaValue(config.restCaptchaURL, c.Get(httpRequestHeaderConfigCaptchaDifficulty, "hard"))
if err != nil {
errorMessage := "cannot get image from captcha server"
defer config.getLogger().
Error().
Str(logPropertyChallengeType, challenge.ChallengeType).
Str(logType, logTypeChallengeFailed).
Str(logPropertyIP, ip).
Str(logPropertyRequestID, requestID).
Msg(errorMessage)
return errors.New(errorMessage)
}
chResp.JSProblem = challenge.setJSValue()
chResp.CaptchaProblem = image
case challengeTypeTOTP:
chResp.JSProblem = challenge.setJSValue()
}
var challengeErr error
chResp.ChallengeToken, challengeErr = challenge.getChallengeToken(config.clientSecret)
if challengeErr != nil {
errorMessage := "cannot generate updated challenge"
defer config.getLogger().
Warn().
Str(logPropertyChallengeType, challenge.ChallengeType).
Str(logType, logTypeChallengeFailed).
Str(logPropertyIP, ip).
Str(logPropertyError, challengeErr.Error()).
Str(logPropertyRequestID, requestID).
Msg(errorMessage)
return errors.New(errorMessage)
}
c.Set(httpResponseChallengeTemporary, chResp.ChallengeToken)
return c.JSON(chResp)
}