#205: Start working on adding support for IODC

2021-12-14 23:20:43 -05:00
parent 1777d69495
commit 45a47940ad
7 changed files with 171 additions and 15 deletions
--- a/security/handler.go
+++ b/security/handler.go
@@ -7,14 +7,24 @@ import (

 // Handler takes care of security for a given handler with the given security configuration
 func Handler(handler http.HandlerFunc, security *Config) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		usernameEntered, passwordEntered, ok := r.BasicAuth()
-		if !ok || usernameEntered != security.Basic.Username || Sha512(passwordEntered) != strings.ToLower(security.Basic.PasswordSha512Hash) {
-			w.Header().Set("WWW-Authenticate", "Basic")
-			w.WriteHeader(http.StatusUnauthorized)
-			_, _ = w.Write([]byte("Unauthorized"))
-			return
+	if security == nil {
+		return handler
+	} else if security.Basic != nil {
+		return func(w http.ResponseWriter, r *http.Request) {
+			usernameEntered, passwordEntered, ok := r.BasicAuth()
+			if !ok || usernameEntered != security.Basic.Username || Sha512(passwordEntered) != strings.ToLower(security.Basic.PasswordSha512Hash) {
+				w.Header().Set("WWW-Authenticate", "Basic")
+				w.WriteHeader(http.StatusUnauthorized)
+				_, _ = w.Write([]byte("Unauthorized"))
+				return
+			}
+			handler(w, r)
+		}
+	} else if security.OIDC != nil {
+		return func(w http.ResponseWriter, r *http.Request) {
+			// TODO: Check if the user is authenticated, and redirect to /login if they're not?
+			handler(w, r)
 		}
-		handler(w, r)
 	}
+	return handler
 }