Update file main.go

2023-08-20 00:39:33 +00:00
parent 2fb2baa299
commit 89d474795d
1 changed files with 1 additions and 132 deletions
--- a/main.go
+++ b/main.go
@@ -19,8 +19,6 @@ import (
 	"gitlab.com/DeveloperDurp/DurpAPI/docs"
 )

-// var groupsenv = os.Getenv("groups")
-
 //	@title			DurpAPI
 //	@description	API for Durp's needs
 //	@termsOfService	http://swagger.io/terms/
@@ -53,14 +51,11 @@ func main() {
 		jokes := v1.Group("/jokes")
 		{
 			jokes.GET("dadjoke", c.GetDadJoke)
-
-			//jokes.Use(authMiddleware([]string{"rw-jokes"}))
 			jokes.POST("dadjoke", c.PostDadJoke)
 			jokes.DELETE("dadjoke", c.DeleteDadJoke)
 		}
 		openai := v1.Group("/openai")
 		{
-			//openai.Use(authMiddleware([]string{"openai"}))
 			openai.GET("general", c.GeneralOpenAI)
 			openai.GET("travelagent", c.TravelAgentOpenAI)
 		}
@@ -77,129 +72,3 @@ func main() {
 		fmt.Println("Failed to start server")
 	}
 }
-
-func authMiddleware(allowedGroups []string) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		var groups []string
-		JwksURL := os.Getenv("jwksurl")
-		tokenString := c.GetHeader("Authorization")
-		if tokenString != "" {
-			tokenString = strings.TrimPrefix(tokenString, "Bearer ")
-
-			ctx, cancel := context.WithCancel(context.Background())
-
-			options := keyfunc.Options{
-				Ctx: ctx,
-				RefreshErrorHandler: func(err error) {
-					log.Printf("There was an error with the jwt.Keyfunc\nError: %s", err.Error())
-				},
-				RefreshInterval:   time.Hour,
-				RefreshRateLimit:  time.Minute * 5,
-				RefreshTimeout:    time.Second * 10,
-				RefreshUnknownKID: true,
-			}
-
-			jwks, err := keyfunc.Get(JwksURL, options)
-			if err != nil {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"message": "Failed to create JWKS: " + err.Error(),
-				})
-				cancel()
-				jwks.EndBackground()
-				return
-			}
-
-			token, err := jwt.Parse(tokenString, jwks.Keyfunc)
-			if err != nil {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"message": err.Error(),
-				})
-				cancel()
-				jwks.EndBackground()
-				return
-			}
-
-			if !token.Valid {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"message": "Invalid Token: " + err.Error(),
-				})
-				cancel()
-				jwks.EndBackground()
-				return
-			}
-
-			cancel()
-			jwks.EndBackground()
-
-			claims, ok := token.Claims.(jwt.MapClaims)
-			if !ok {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"message": "Invalid authorization token claims",
-				})
-				return
-			}
-
-			groupsClaim, ok := claims["groups"].([]interface{})
-			if !ok {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"message": "Missing or invalid groups claim in the authorization token",
-				})
-				return
-			}
-
-			for _, group := range groupsClaim {
-				if groupName, ok := group.(string); ok {
-					groups = append(groups, groupName)
-				}
-			}
-		} else {
-			groupsHeader := c.GetHeader("X-Authentik-Groups")
-
-			if groupsHeader == "" {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"message": "No token or groups detected",
-				})
-				return
-			}
-
-			requestHeaders := c.Request.Header
-			for key, values := range requestHeaders {
-				for _, value := range values {
-					println(key + ": " + value)
-				}
-			}
-
-			// Dump response headers
-			responseHeaders := c.Writer.Header()
-			for key, values := range responseHeaders {
-				for _, value := range values {
-					println(key + ": " + value)
-				}
-			}
-			groups = strings.Split(groupsHeader, "|")
-		}
-
-		isAllowed := false
-		for _, allowedGroup := range allowedGroups {
-			for _, group := range groups {
-				if group == allowedGroup {
-					isAllowed = true
-					break
-				}
-			}
-			if isAllowed {
-				break
-			}
-		}
-
-		if !isAllowed {
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-				"message": "Unauthorized access",
-				"groups":  groups,
-			})
-			return
-		}
-
-		c.Next()
-	}
-}