From 9bd9c6652e790c844755b2112a223bdd0e4baa35 Mon Sep 17 00:00:00 2001 From: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com> Date: Fri, 31 Jan 2020 17:15:03 -0600 Subject: [PATCH] add option to use empty namespace --- authorization.go | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/authorization.go b/authorization.go index 4c0cd26..4288f8d 100644 --- a/authorization.go +++ b/authorization.go @@ -47,18 +47,21 @@ type ( TokenDecoder *TokenDecoder AnonymousActions []string AccessEntryType string + DefaultNamespace string } // BasicAuthAuthorizerOptions is TODO AuthorizerOptions struct { - Realm string - Service string - Username string - Password string - PublicKey []byte - PublicKeyPath string - AnonymousActions []string - AccessEntryType string + Realm string + Service string + Username string + Password string + PublicKey []byte + PublicKeyPath string + AnonymousActions []string + AccessEntryType string + DefaultNamespace string + EmptyDefaultNamespace bool } // Permission is TODO @@ -81,6 +84,20 @@ func NewAuthorizer(opts *AuthorizerOptions) (*Authorizer, error) { authorizer.AccessEntryType = opts.AccessEntryType } + if opts.EmptyDefaultNamespace { + authorizer.DefaultNamespace = "" + } else if opts.DefaultNamespace != "" { + authorizer.DefaultNamespace = opts.DefaultNamespace + } else { + authorizer.DefaultNamespace = DefaultNamespace + } + + if opts.AccessEntryType == "" { + authorizer.AccessEntryType = AccessEntryType + } else { + authorizer.AccessEntryType = opts.AccessEntryType + } + if opts.Username != "" && opts.Password != "" { // Basic @@ -178,7 +195,7 @@ func (authorizer *Authorizer) authorizeBearerAuth(authHeader string, action stri if !allowed { if namespace == "" { - namespace = DefaultNamespace + namespace = authorizer.DefaultNamespace } wwwAuthenticateHeader = fmt.Sprintf("Bearer realm=\"%s\",service=\"%s\",scope=\"%s:%s:%s\"", authorizer.Realm, authorizer.Service, authorizer.AccessEntryType, namespace, action)