// /*! libresignin */ // Copyright 2022, Jesús Pérez Lorenzo // use axum::{ // response::Html, // routing::get, // routing::post, // Router, // extract::{self,Extension,Path,Query}, // extract::{Extension,Path}, http::{ header::{HeaderMap,HeaderName,HeaderValue}, // Request, StatusCode, }, // body::{Bytes, Body}, response::{IntoResponse, Headers}, }; // use crate::defs::{DataDBs}; // use crate::utils::reqenv::ReqEnv; const CHECK_HEADER: &'static str = "x-ext-authz"; const ALLOWED_VALUE: &'static str = "allow"; const RESULT_HEADER: &'static str = "x-ext-authz-check-result"; const RECEIVED_HEADER: &'static str = "x-ext-authz-check-received"; const OVERRIDE_HEADER: &'static str = "x-ext-authz-additional-header-override"; // const OVERRIDE_GRPC_VALUE: &'static str = "grpc-additional-header-override-value"; const RESULT_ALLOWED: &'static str = "allowed"; const RESULT_DENIED: &'static str = "denied"; // pub fn create_headers(is_allowed: bool, str_head: &str, id: &str,token: &str,csrf_token: &str, cookie: &str) -> HeaderMap { // let mut headers = HeaderMap::new(); // if is_allowed { // headers.insert(RESULT_HEADER, // HeaderValue::from_str(RESULT_ALLOWED).unwrap_or(HeaderValue::from_static("")) // ); // } else { // headers.insert(RESULT_HEADER, // HeaderValue::from_str(RESULT_DENIED).unwrap_or(HeaderValue::from_static("")) // ); // } // headers.insert(OVERRIDE_HEADER, // HeaderValue::from_str(OVERRIDE_HEADER).unwrap_or(HeaderValue::from_static("")) // ); // headers.insert(RECEIVED_HEADER, // HeaderValue::from_str(str_head).unwrap_or(HeaderValue::from_static("")) // ); // headers.insert(CONTENT_TYPE, HeaderValue::from_static("application/json")); // headers.insert(ACCEPT, HeaderValue::from_static("application/json")); // if cookie != "" { // headers.insert(COOKIE, HeaderValue::from_str(cookie) // .unwrap_or(HeaderValue::from_static("")) // ); // // headers.insert(SET_COOKIE, HeaderValue::from_str(cookie) // // .unwrap_or(HeaderValue::from_static("")) // // ); // } // if token != "" { // headers.insert(AUTHORIZATION, HeaderValue::from_str(&format!("Bearer {}",token)) // .unwrap_or(HeaderValue::from_static("")) // ); // } // if csrf_token != "" { // headers.insert("X-CSRF-Token", // HeaderValue::from_str(csrf_token).unwrap_or(HeaderValue::from_static("")) // ); // } // if id != "" { // headers.insert("x-kratos-authenticated-identity-id", // HeaderValue::from_str(id).unwrap_or(HeaderValue::from_static("")) // ); // } // dbg!("{:#?}",&headers); // dbg!("{:#?}",&headers); // headers // } // pub async fn authz_handler(header: HeaderMap, req: Request<()> ) -> impl IntoResponse { pub async fn authz_handler(header: HeaderMap) -> impl IntoResponse { dbg!("{:#?}",&header); let result: &str; if let Some(check) = &header.get(CHECK_HEADER) { match check.to_str() { Ok(check_val) => if ALLOWED_VALUE == check_val { result = RESULT_ALLOWED; } else { result = RESULT_DENIED; }, Err(_) => result = RESULT_DENIED, } } else { result = RESULT_DENIED; } //let headers = create_headers("",token,csrf_token,cookie); // body, err := io.ReadAll(request.Body) // if err != nil { // log.Printf("[HTTP] read body failed: %v", err) // } // format!("%s %s%s, headers: %v, body: [%s]\n", request.Method, request.Host, request.URL, request.Header, body); let str_head = format!("head"); // let headers = create_headers(is_allowed,&str_head,"","","",""); let res_headers: Vec<(HeaderName, HeaderValue)> = vec![ (HeaderName::from_static(RESULT_HEADER), HeaderValue::from_static(result)), (HeaderName::from_static(OVERRIDE_HEADER), HeaderValue::from_static(OVERRIDE_HEADER)), (HeaderName::from_static(RECEIVED_HEADER), HeaderValue::from_str(&str_head).unwrap_or(HeaderValue::from_static(""))), ]; // if is_allowed { // response.WriteHeader(StatusCode::OK) // } else { // response.WriteHeader(http.StatusForbidden) // response.Write([]byte(denyBody)) // } dbg!("{:#?}",&res_headers); Headers(res_headers) // let html = format!( // r#" //
Done: {}
// "#,RESULT_ALLOWED); // Html(html) } // pub async fn alive_handler() -> Html<&'static str> { // Html("ok") // } // pub async fn ready_handler() -> Html<&'static str> { // Html("ok") // } // pub fn router_handlers(web_router: Router) -> Router { // web_router // .route("/authz", get(authz_handler)) // }