Merge pull request #7 from Stratoscale/authoizer

support authorizer api
Stratoscale · May 8, 2018 · c946f8f · c946f8f
2 parents 726d6b5 + b05c455
commit c946f8f
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 6 deletions.
diff --git a/auth/auth.go b/auth/auth.go
@@ -1,12 +1,17 @@
 package auth
 
-import "context"
+import (
+	"context"
+	"net/http"
+)
 
 // Auth functions
 type Auth interface {
 	APIKey(token string) (interface{}, error)
 	Basic(user, password string) (interface{}, error)
 	OAuth2(token string, scopes []string) (interface{}, error)
+	// Authorize gets a request and return error if it is not authorized
+	Authorize(r *http.Request) error
 	// AuthStore is a function that stores authentication in the context object
 	Store(context.Context, interface{}) context.Context
 }
diff --git a/templates/server/configureapi.gotmpl b/templates/server/configureapi.gotmpl
@@ -116,11 +116,7 @@ func Handler(c Config) (http.Handler, error) {
 	{{ end -}}
 
 	{{ if .SecurityDefinitions -}}
-	// Set your custom authorizer if needed. Default one is security.Authorized()
-	// Expected interface runtime.Authorizer
-	//
-	// Example:
-	// api.APIAuthorizer = security.Authorized()
+	api.APIAuthorizer = &authorizer{Auth: c.Auth}
 	{{ end -}}
 
 	{{ range .Operations -}}
@@ -156,3 +152,13 @@ func swaggerCopy(orig json.RawMessage) json.RawMessage {
 	return c
 }
 
+// authorizer is a helper struct to implement the runtime.Authorizer interface.
+type authorizer struct {
+	auth.Auth
+}
+
+func (a *authorizer) Authorize(req *http.Request, principal interface{}) error {
+	ctx := req.Context()
+	ctx = a.Store(ctx, principal)
+	return a.Auth.Authorize(req.WithContext(ctx))
+}