...

Source file src/edge-infra.dev/pkg/sds/emergencyaccess/eagateway/server/endsession.go

Documentation: edge-infra.dev/pkg/sds/emergencyaccess/eagateway/server 

     1  package server
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"net/http"
     7  
     8  	"edge-infra.dev/pkg/lib/fog"
     9  	"edge-infra.dev/pkg/sds/emergencyaccess/apierror"
    10  	errorhandler "edge-infra.dev/pkg/sds/emergencyaccess/apierror/handler"
    11  	"edge-infra.dev/pkg/sds/emergencyaccess/types"
    12  
    13  	"github.com/gin-gonic/gin"
    14  )
    15  
    16  func (server *GatewayServer) EndSession(c *gin.Context) {
    17  	log := fog.FromContext(c)
    18  
    19  	var payload types.EndSessionPayload
    20  	if err := c.ShouldBindJSON(&payload); err != nil {
    21  		errorhandler.ErrorHandler(c, apierror.E(apierror.ErrPayloadStructure, err))
    22  		return
    23  	}
    24  
    25  	if err := payload.Validate(); err != nil {
    26  		errorhandler.ErrorHandler(c, apierror.E(apierror.ErrPayloadProperties, err))
    27  		return
    28  	}
    29  	log = log.WithValues("sessionID", payload.SessionID)
    30  	c.Request = c.Request.Clone(fog.IntoContext(c.Request.Context(), log))
    31  
    32  	// Validate user roles for *any* authorized privileges before ending session
    33  	if err := server.authorizeUser(c); err != nil {
    34  		errorhandler.ErrorHandler(c, apierror.E(
    35  			apierror.ErrEndSessionFailure,
    36  			err,
    37  		))
    38  		return
    39  	}
    40  
    41  	user, ok := types.UserFromContext(c)
    42  	if !ok {
    43  		errorhandler.ErrorHandler(c, apierror.E(apierror.ErrEndSessionFailure, fmt.Errorf("error retrieving user details")))
    44  		return
    45  	}
    46  
    47  	log.Info("Ending Session",
    48  		"userID", user.Username,
    49  	)
    50  
    51  	err := server.rcli.EndSession(c, payload.SessionID)
    52  	if err != nil {
    53  		errorhandler.ErrorHandler(c, apierror.E(apierror.ErrEndSessionFailure, err))
    54  		return
    55  	}
    56  	c.Status(http.StatusOK)
    57  }
    58  
    59  func (server *GatewayServer) authorizeUser(ctx context.Context) error {
    60  	log := fog.FromContext(ctx)
    61  
    62  	url := server.authorizeUserURL.String()
    63  	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, nil)
    64  	if err != nil {
    65  		return fmt.Errorf("creating http request: %w", err)
    66  	}
    67  
    68  	log.Info("Invoking auth service", "url", url)
    69  	resp, err := server.client.Do(req)
    70  	if err != nil {
    71  		return fmt.Errorf("request error: %w", err)
    72  	}
    73  	defer resp.Body.Close()
    74  
    75  	log.Info("Auth service response received", "url", url)
    76  	if resp.StatusCode != http.StatusOK {
    77  		return apierror.E(
    78  			apierror.ErrEndSessionFailure,
    79  			errorhandler.ParseJSONAPIError(resp.Body),
    80  			fmt.Errorf("non-ok status from auth service authorizeUser(%d)", resp.StatusCode),
    81  		)
    82  	}
    83  
    84  	return nil
    85  }
    86  

View as plain text