From 95f28baa5260fdfeb19c58a212480c694b3b7519 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Tue, 29 Apr 2025 11:36:05 +0200 Subject: [PATCH] Use constant instead of repeating the "x-access-token" string over and over --- pkg/middleware/account.go | 2 +- services/activitylog/pkg/service/http.go | 2 +- services/auth-app/pkg/service/service.go | 2 +- services/graph/pkg/middleware/auth.go | 2 +- services/proxy/pkg/middleware/authentication_test.go | 6 +++--- services/proxy/pkg/middleware/create_home.go | 4 ++-- services/proxy/pkg/middleware/public_share_auth.go | 5 +++-- services/proxy/pkg/middleware/public_share_auth_test.go | 6 +++--- 8 files changed, 15 insertions(+), 14 deletions(-) diff --git a/pkg/middleware/account.go b/pkg/middleware/account.go index 6f869a0de8..a27adda308 100644 --- a/pkg/middleware/account.go +++ b/pkg/middleware/account.go @@ -42,7 +42,7 @@ func ExtractAccountUUID(opts ...account.Option) func(http.Handler) http.Handler } return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - token := r.Header.Get("x-access-token") + token := r.Header.Get(revactx.TokenHeader) if len(token) == 0 { roleIDsJSON, _ := json.Marshal([]string{}) ctx := metadata.Set(r.Context(), RoleIDs, string(roleIDsJSON)) diff --git a/services/activitylog/pkg/service/http.go b/services/activitylog/pkg/service/http.go index 5e423b460f..d8e2386e25 100644 --- a/services/activitylog/pkg/service/http.go +++ b/services/activitylog/pkg/service/http.go @@ -45,7 +45,7 @@ func (s *ActivitylogService) ServeHTTP(w http.ResponseWriter, r *http.Request) { // HandleGetItemActivities handles the request to get the activities of an item. func (s *ActivitylogService) HandleGetItemActivities(w http.ResponseWriter, r *http.Request) { ctx := r.Context() - ctx = metadata.AppendToOutgoingContext(ctx, revactx.TokenHeader, r.Header.Get("X-Access-Token")) + ctx = metadata.AppendToOutgoingContext(ctx, revactx.TokenHeader, r.Header.Get(revactx.TokenHeader)) activeUser, ok := revactx.ContextGetUser(ctx) if !ok { diff --git a/services/auth-app/pkg/service/service.go b/services/auth-app/pkg/service/service.go index 753d65f6f2..15b464f035 100644 --- a/services/auth-app/pkg/service/service.go +++ b/services/auth-app/pkg/service/service.go @@ -278,7 +278,7 @@ func (a *AuthAppService) authenticateUser(userID, userName string, gwc gateway.G func getContext(r *http.Request) context.Context { ctx := r.Context() - return metadata.AppendToOutgoingContext(ctx, ctxpkg.TokenHeader, r.Header.Get("X-Access-Token")) + return metadata.AppendToOutgoingContext(ctx, ctxpkg.TokenHeader, r.Header.Get(ctxpkg.TokenHeader)) } func buildClientID(userID, userName string) string { diff --git a/services/graph/pkg/middleware/auth.go b/services/graph/pkg/middleware/auth.go index 1d9e9feabc..9cf942cf77 100644 --- a/services/graph/pkg/middleware/auth.go +++ b/services/graph/pkg/middleware/auth.go @@ -42,7 +42,7 @@ func Auth(opts ...account.Option) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ctx := r.Context() - t := r.Header.Get("x-access-token") + t := r.Header.Get(revactx.TokenHeader) if t == "" { errorcode.InvalidAuthenticationToken.Render(w, r, http.StatusUnauthorized, "Access token is empty.") /* msgraph error for GET https://graph.microsoft.com/v1.0/me diff --git a/services/proxy/pkg/middleware/authentication_test.go b/services/proxy/pkg/middleware/authentication_test.go index 9426b370f8..3b8ad31fd1 100644 --- a/services/proxy/pkg/middleware/authentication_test.go +++ b/services/proxy/pkg/middleware/authentication_test.go @@ -163,7 +163,7 @@ var _ = Describe("Authenticating requests", Label("Authentication"), func() { EnableBasicAuth(true), ) testHandler := handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - Expect(r.Header.Get(_headerRevaAccessToken)).To(Equal("otherexampletoken")) + Expect(r.Header.Get(headerRevaAccessToken)).To(Equal("otherexampletoken")) })) rr := httptest.NewRecorder() testHandler.ServeHTTP(rr, req) @@ -178,7 +178,7 @@ var _ = Describe("Authenticating requests", Label("Authentication"), func() { EnableBasicAuth(true), ) testHandler := handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - Expect(r.Header.Get(_headerRevaAccessToken)).To(Equal("exampletoken")) + Expect(r.Header.Get(headerRevaAccessToken)).To(Equal("exampletoken")) })) rr := httptest.NewRecorder() testHandler.ServeHTTP(rr, req) @@ -193,7 +193,7 @@ var _ = Describe("Authenticating requests", Label("Authentication"), func() { EnableBasicAuth(true), ) testHandler := handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - Expect(r.Header.Get(_headerRevaAccessToken)).To(Equal("otherexampletoken")) + Expect(r.Header.Get(headerRevaAccessToken)).To(Equal("otherexampletoken")) })) rr := httptest.NewRecorder() testHandler.ServeHTTP(rr, req) diff --git a/services/proxy/pkg/middleware/create_home.go b/services/proxy/pkg/middleware/create_home.go index c548c79331..b24904aedf 100644 --- a/services/proxy/pkg/middleware/create_home.go +++ b/services/proxy/pkg/middleware/create_home.go @@ -45,7 +45,7 @@ func (m createHome) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } - token := req.Header.Get("x-access-token") + token := req.Header.Get(revactx.TokenHeader) // we need to pass the token to authenticate the CreateHome request. //ctx := tokenpkg.ContextSetToken(r.Context(), token) @@ -84,7 +84,7 @@ func (m createHome) ServeHTTP(w http.ResponseWriter, req *http.Request) { } func (m createHome) shouldServe(req *http.Request) bool { - return req.Header.Get("x-access-token") != "" + return req.Header.Get(revactx.TokenHeader) != "" } func (m createHome) getUserRoles(user *userv1beta1.User) ([]string, error) { diff --git a/services/proxy/pkg/middleware/public_share_auth.go b/services/proxy/pkg/middleware/public_share_auth.go index e62fa8123d..562958e4d5 100644 --- a/services/proxy/pkg/middleware/public_share_auth.go +++ b/services/proxy/pkg/middleware/public_share_auth.go @@ -6,11 +6,12 @@ import ( gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1" "github.com/opencloud-eu/opencloud/pkg/log" + revactx "github.com/opencloud-eu/reva/v2/pkg/ctx" "github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool" ) const ( - _headerRevaAccessToken = "x-access-token" + headerRevaAccessToken = revactx.TokenHeader headerShareToken = "public-token" basicAuthPasswordPrefix = "password|" authenticationType = "publicshares" @@ -118,7 +119,7 @@ func (a PublicShareAuthenticator) Authenticate(r *http.Request) (*http.Request, return nil, false } - r.Header.Add(_headerRevaAccessToken, authResp.Token) + r.Header.Add(headerRevaAccessToken, authResp.Token) a.Logger.Debug(). Str("authenticator", "public_share"). diff --git a/services/proxy/pkg/middleware/public_share_auth_test.go b/services/proxy/pkg/middleware/public_share_auth_test.go index 3eb82e377a..442a4c2fcb 100644 --- a/services/proxy/pkg/middleware/public_share_auth_test.go +++ b/services/proxy/pkg/middleware/public_share_auth_test.go @@ -58,7 +58,7 @@ var _ = Describe("Authenticating requests", Label("PublicShareAuthenticator"), f Expect(req2).ToNot(BeNil()) h := req2.Header - Expect(h.Get(_headerRevaAccessToken)).To(Equal("exampletoken")) + Expect(h.Get(headerRevaAccessToken)).To(Equal("exampletoken")) }) }) Context("using signature authentication", func() { @@ -71,7 +71,7 @@ var _ = Describe("Authenticating requests", Label("PublicShareAuthenticator"), f Expect(req2).ToNot(BeNil()) h := req2.Header - Expect(h.Get(_headerRevaAccessToken)).To(Equal("exampletoken")) + Expect(h.Get(headerRevaAccessToken)).To(Equal("exampletoken")) }) }) }) @@ -85,7 +85,7 @@ var _ = Describe("Authenticating requests", Label("PublicShareAuthenticator"), f Expect(req2).ToNot(BeNil()) h := req2.Header - Expect(h.Get(_headerRevaAccessToken)).To(Equal("otherexampletoken")) + Expect(h.Get(headerRevaAccessToken)).To(Equal("otherexampletoken")) }) }) Context("not using a public-token", func() {