2016-06-07 01:27:44 +03:00
|
|
|
package request
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"strings"
|
|
|
|
|
)
|
|
|
|
|
|
2016-06-07 02:55:41 +03:00
|
|
|
// Extract bearer token from Authorization header
|
|
|
|
|
// Uses PostExtractionFilter to strip "Bearer " prefix from header
|
2016-06-07 01:27:44 +03:00
|
|
|
var AuthorizationHeaderExtractor = &PostExtractionFilter{
|
|
|
|
|
HeaderExtractor{"Authorization"},
|
|
|
|
|
func(tok string) (string, error) {
|
|
|
|
|
// Should be a bearer token
|
|
|
|
|
if len(tok) > 6 && strings.ToUpper(tok[0:7]) == "BEARER " {
|
|
|
|
|
return tok[7:], nil
|
|
|
|
|
}
|
|
|
|
|
return tok, nil
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-07 02:55:41 +03:00
|
|
|
// Extractor for OAuth2 access tokens. Looks in 'Authorization'
|
|
|
|
|
// header then 'access_token' argument for a token.
|
2016-06-07 01:27:44 +03:00
|
|
|
var OAuth2Extractor = &MultiExtractor{
|
|
|
|
|
// Look for authorization token first
|
|
|
|
|
AuthorizationHeaderExtractor,
|
|
|
|
|
// Extract access_token from form or GET argument
|
2016-06-07 03:18:24 +03:00
|
|
|
ArgumentExtractor{"access_token"},
|
2016-06-07 01:27:44 +03:00
|
|
|
}
|
