Commit 481c1c5b authored by SlevinWasAlreadyTaken's avatar SlevinWasAlreadyTaken
Browse files

feat: add strict option to acr midlw

parent 5a349929
package echo
import (
"errors"
"github.com/labstack/echo"
"gitlab.com/Misakey/msk-sdk-go/ajwt"
)
// NewACRMidlw to handle ACR requirements for given routes
func NewACRMidlw(requiredACR ajwt.ACRSecLvl) echo.MiddlewareFunc {
func NewACRMidlw(requiredACR ajwt.ACRSecLvl, strict bool) echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
// get accesses, use strict boolean to consider raising an error or not
claims := ajwt.GetAccesses(c.Request().Context())
// continue if nil but not strict...
if claims == nil && !strict {
return next(c)
}
// ...otherwise, raise an error
if claims == nil {
c.Error(errors.New("missing accesses from context"))
return nil
}
// check minimal required sec level
if err := claims.ACRIsGTE(requiredACR); err != nil {
// service doesn't require any notion of acr today
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment