From edb5a600f2ce16c0847ee5ef399fa5a41b1e736a Mon Sep 17 00:00:00 2001 From: arekkas Date: Tue, 29 May 2018 12:26:09 +0200 Subject: [PATCH] cmd: Properly parses cors options --- Gopkg.lock | 15 ++++++++++++--- Gopkg.toml | 6 +++++- cmd/client/handler_warden.go | 1 + cmd/server/serve.go | 19 ++----------------- 4 files changed, 20 insertions(+), 21 deletions(-) diff --git a/Gopkg.lock b/Gopkg.lock index 521f446bd..dd4b9fc83 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -271,6 +271,15 @@ revision = "0fcdf33fb52551e02798b4e6733110024b7d24d9" version = "v0.17.1" +[[projects]] + name = "github.com/ory/go-convenience" + packages = [ + "corsx", + "stringsx" + ] + revision = "42cb17c3e4dc0d7d7672cfaffbdfe8f5deb494db" + version = "v0.0.2" + [[projects]] name = "github.com/ory/graceful" packages = ["."] @@ -321,8 +330,8 @@ ".", "dockertest" ] - revision = "2e99584773f66ac91fcf23af73d90a28df2709c9" - version = "v0.0.1" + revision = "08e1c6762dd59c776a735acc134889f757574f66" + version = "v0.0.2" [[projects]] name = "github.com/pborman/uuid" @@ -543,6 +552,6 @@ [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "fdbd61e137e00f2c5ce0ec202a41e8db0970836d201e57df1543a05e1d6a7aa5" + inputs-digest = "994b70f0ae1554b715f5f4edc95ff57b4fc1ce7f82cea19b0b82e0984096b057" solver-name = "gps-cdcl" solver-version = 1 diff --git a/Gopkg.toml b/Gopkg.toml index b96173e0a..9c43c6249 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -86,7 +86,7 @@ version = "0.0.1" [[constraint]] - version = "0.0.1" + version = "0.0.2" name = "github.com/ory/sqlcon" [[constraint]] @@ -101,6 +101,10 @@ name = "github.com/pkg/profile" version = "1.2.1" +[[constraint]] + name = "github.com/ory/go-convenience" + version = "0.0.2" + [[constraint]] name = "github.com/rs/cors" version = "1.3.0" diff --git a/cmd/client/handler_warden.go b/cmd/client/handler_warden.go index 08fc4f866..d80aade92 100644 --- a/cmd/client/handler_warden.go +++ b/cmd/client/handler_warden.go @@ -64,6 +64,7 @@ func (h *WardenHandler) IsOAuth2AccessTokenAuthorized(cmd *cobra.Command, args [ checkResponse(response, err, http.StatusOK) fmt.Printf("%s\n", response.Payload) } + func (h *WardenHandler) IsSubjectAuthorized(cmd *cobra.Command, args []string) { subject, _ := cmd.Flags().GetString("subject") action, _ := cmd.Flags().GetString("action") diff --git a/cmd/server/serve.go b/cmd/server/serve.go index 6469d620c..e6876b6bb 100644 --- a/cmd/server/serve.go +++ b/cmd/server/serve.go @@ -24,13 +24,13 @@ package server import ( "fmt" "net/http" - "strconv" "strings" "github.com/gorilla/context" "github.com/julienschmidt/httprouter" "github.com/meatballhat/negroni-logrus" "github.com/ory/fosite" + "github.com/ory/go-convenience/corsx" "github.com/ory/graceful" "github.com/ory/herodot" "github.com/ory/keto/authentication" @@ -46,21 +46,6 @@ import ( "github.com/urfave/negroni" ) -func parseCorsOptions() cors.Options { - allowCredentials, _ := strconv.ParseBool(viper.GetString("CORS_ALLOWED_CREDENTIALS")) - debug, _ := strconv.ParseBool(viper.GetString("CORS_DEBUG")) - maxAge, _ := strconv.Atoi(viper.GetString("CORS_MAX_AGE")) - return cors.Options{ - AllowedOrigins: strings.Split(viper.GetString("CORS_ALLOWED_ORIGINS"), ","), - AllowedMethods: strings.Split(viper.GetString("CORS_ALLOWED_METHODS"), ","), - AllowedHeaders: strings.Split(viper.GetString("CORS_ALLOWED_HEADERS"), ","), - ExposedHeaders: strings.Split(viper.GetString("CORS_EXPOSED_HEADERS"), ","), - AllowCredentials: allowCredentials, - MaxAge: maxAge, - Debug: debug, - } -} - func RunServe( logger *logrus.Logger, buildVersion, buildHash string, buildTime string, @@ -122,7 +107,7 @@ func RunServe( n := negroni.New() n.Use(negronilogrus.NewMiddlewareFromLogger(logger, "keto")) n.UseHandler(router) - corsHandler := cors.New(parseCorsOptions()).Handler(n) + corsHandler := cors.New(corsx.ParseOptions()).Handler(n) if ok, _ := cmd.Flags().GetBool("disable-telemetry"); !ok { m := metrics.NewMetricsManager(