sonr/internal/swtkn/middleware.go

package swt

import (
	"net/http"

	"github.com/labstack/echo/v4"
	"gopkg.in/macaroon.v2"
)

func MacaroonMiddleware(secretKeyStr string, location string) echo.MiddlewareFunc {
	secretKey := []byte(secretKeyStr)
	return func(next echo.HandlerFunc) echo.HandlerFunc {
		return func(c echo.Context) error {
			// Extract the macaroon from the Authorization header
			auth := c.Request().Header.Get("Authorization")
			if auth == "" {
				return c.JSON(http.StatusUnauthorized, map[string]string{"error": "Missing Authorization header"})
			}

			// Decode the macaroon
			mac, err := macaroon.Base64Decode([]byte(auth))
			if err != nil {
				return c.JSON(http.StatusBadRequest, map[string]string{"error": "Invalid macaroon encoding"})
			}

			token, err := macaroon.New(secretKey, mac, location, macaroon.LatestVersion)
			if err != nil {
				return c.JSON(http.StatusBadRequest, map[string]string{"error": "Invalid macaroon"})
			}

			// Verify the macaroon
			err = token.Verify(secretKey, func(caveat string) error {
				for _, c := range MacroonCaveats {
					if c.String() == caveat {
						return nil
					}
				}
				return nil // Return nil if the caveat is valid
			}, nil)
			if err != nil {
				return c.JSON(http.StatusUnauthorized, map[string]string{"error": "Invalid macaroon"})
			}

			// Macaroon is valid, proceed to the next handler
			return next(c)
		}
	}
}
feat: integrate nebula UI with worker-assets-gen 2024-10-07 21:15:25 -04:00			`package swt`
feature/refactor did state (#10) * feat(did): remove account types * feat: Refactor Property to Proof in zkprop.go * feat: add ZKP proof mechanism for verifications * fix: return bool and error from pinInitialVault * feat: implement KeyshareSet for managing user and validator keyshares * feat: Update Credential type in protobuf * feat: update credential schema with sign count * feat: migrate and modules to middleware * refactor: rename vault module to ORM * chore(dwn): add service worker registration to index template * feat: integrate service worker for offline functionality * refactor(did): use DIDNamespace enum for verification method in proto reflection * refactor: update protobuf definitions to support Keyshare * feat: expose did keeper in app keepers * Add Motr Web App * refactor: rename motr/handlers/discovery.go to motr/handlers/openid.go * refactor: move session related code to middleware * feat: add database operations for managing assets, chains, and credentials * feat: add htmx support for UI updates * refactor: extract common helper scripts * chore: remove unused storage GUI components * refactor: Move frontend rendering to dedicated handlers * refactor: rename to * refactor: move alert implementation to templ * feat: add alert component with icon, title, and message * feat: add new RequestHeaders struct to store request headers * Feature/create home view (#9) * refactor: move view logic to new htmx handler * refactor: remove unnecessary dependencies * refactor: remove unused dependencies * feat(devbox): integrate air for local development * feat: implement openid connect discovery document * refactor: rename to * refactor(did): update service handling to support DNS discovery * feat: add support for user and validator keyshares * refactor: move keyshare signing logic to signer 2024-09-11 15:10:54 -04:00
			`import (`
			`"net/http"`

			`"github.com/labstack/echo/v4"`
			`"gopkg.in/macaroon.v2"`
			`)`

feature/implement vault allocation (#11) * feat: add authentication middleware * feat: add REST API endpoints for database interactions * refactor: move DiscoveryDocument Pkl schema to oidc module * fix: replace sonrd with test_node.sh * feat: use NFT keeper to mint DID namespace NFT * refactor: move NFT class configuration to types * feat: add GlobalIntegrity genesis state * fix: ensure GlobalIntegrity is initialized in genesis * refactor: update all references to transactions module * refactor: improve genesis state struct * chore(did): update discovery endpoint to reflect base url * feat: remove unused context cache and client code * refactor: remove middleware dependency from keeper * feat: Add new query handlers for DID module * feat: Implement unimplemented params queries * feat: add support for first-party caveats * refactor: move motr command to cmd directory * feat: add support for GitHub releases * fix(motr): build app.wasm for motr package * feat: add card component * feat: add IndexedDB support for persistent storage * feat: Add Row and Column components * feat: add and components * refactor: improve button component * refactor: remove unnecessary button parameter in renderButton * feat: add vault service endpoint * feat: add input component 2024-09-14 12:47:25 -04:00			`func MacaroonMiddleware(secretKeyStr string, location string) echo.MiddlewareFunc {`
			`secretKey := []byte(secretKeyStr)`
feature/refactor did state (#10) * feat(did): remove account types * feat: Refactor Property to Proof in zkprop.go * feat: add ZKP proof mechanism for verifications * fix: return bool and error from pinInitialVault * feat: implement KeyshareSet for managing user and validator keyshares * feat: Update Credential type in protobuf * feat: update credential schema with sign count * feat: migrate and modules to middleware * refactor: rename vault module to ORM * chore(dwn): add service worker registration to index template * feat: integrate service worker for offline functionality * refactor(did): use DIDNamespace enum for verification method in proto reflection * refactor: update protobuf definitions to support Keyshare * feat: expose did keeper in app keepers * Add Motr Web App * refactor: rename motr/handlers/discovery.go to motr/handlers/openid.go * refactor: move session related code to middleware * feat: add database operations for managing assets, chains, and credentials * feat: add htmx support for UI updates * refactor: extract common helper scripts * chore: remove unused storage GUI components * refactor: Move frontend rendering to dedicated handlers * refactor: rename to * refactor: move alert implementation to templ * feat: add alert component with icon, title, and message * feat: add new RequestHeaders struct to store request headers * Feature/create home view (#9) * refactor: move view logic to new htmx handler * refactor: remove unnecessary dependencies * refactor: remove unused dependencies * feat(devbox): integrate air for local development * feat: implement openid connect discovery document * refactor: rename to * refactor(did): update service handling to support DNS discovery * feat: add support for user and validator keyshares * refactor: move keyshare signing logic to signer 2024-09-11 15:10:54 -04:00			`return func(next echo.HandlerFunc) echo.HandlerFunc {`
			`return func(c echo.Context) error {`
			`// Extract the macaroon from the Authorization header`
			`auth := c.Request().Header.Get("Authorization")`
			`if auth == "" {`
			`return c.JSON(http.StatusUnauthorized, map[string]string{"error": "Missing Authorization header"})`
			`}`

			`// Decode the macaroon`
			`mac, err := macaroon.Base64Decode([]byte(auth))`
			`if err != nil {`
			`return c.JSON(http.StatusBadRequest, map[string]string{"error": "Invalid macaroon encoding"})`
			`}`

			`token, err := macaroon.New(secretKey, mac, location, macaroon.LatestVersion)`
			`if err != nil {`
			`return c.JSON(http.StatusBadRequest, map[string]string{"error": "Invalid macaroon"})`
			`}`

			`// Verify the macaroon`
			`err = token.Verify(secretKey, func(caveat string) error {`
feature/migrate models (#16) * feat: add new supported attestation formats to genesis * feat: refactor keyType to keytype enum * refactor: remove unused imports and code * refactor: update main.go to use src package * refactor: move web-related structs from to * refactor: move client middleware package to root * refactor: remove unused IndexedDB dependency * feat: update worker implementation to use * feat: add Caddyfile and Caddy configuration for vault service * refactor(config): move keyshare and address to Motr config * fix: validate service origin in AllocateVault * chore: remove IndexedDB configuration * feat: add support for IPNS-based vault access 2024-09-19 02:04:22 -04:00			`for _, c := range MacroonCaveats {`
feature/implement vault allocation (#11) * feat: add authentication middleware * feat: add REST API endpoints for database interactions * refactor: move DiscoveryDocument Pkl schema to oidc module * fix: replace sonrd with test_node.sh * feat: use NFT keeper to mint DID namespace NFT * refactor: move NFT class configuration to types * feat: add GlobalIntegrity genesis state * fix: ensure GlobalIntegrity is initialized in genesis * refactor: update all references to transactions module * refactor: improve genesis state struct * chore(did): update discovery endpoint to reflect base url * feat: remove unused context cache and client code * refactor: remove middleware dependency from keeper * feat: Add new query handlers for DID module * feat: Implement unimplemented params queries * feat: add support for first-party caveats * refactor: move motr command to cmd directory * feat: add support for GitHub releases * fix(motr): build app.wasm for motr package * feat: add card component * feat: add IndexedDB support for persistent storage * feat: Add Row and Column components * feat: add and components * refactor: improve button component * refactor: remove unnecessary button parameter in renderButton * feat: add vault service endpoint * feat: add input component 2024-09-14 12:47:25 -04:00			`if c.String() == caveat {`
			`return nil`
			`}`
			`}`
feature/refactor did state (#10) * feat(did): remove account types * feat: Refactor Property to Proof in zkprop.go * feat: add ZKP proof mechanism for verifications * fix: return bool and error from pinInitialVault * feat: implement KeyshareSet for managing user and validator keyshares * feat: Update Credential type in protobuf * feat: update credential schema with sign count * feat: migrate and modules to middleware * refactor: rename vault module to ORM * chore(dwn): add service worker registration to index template * feat: integrate service worker for offline functionality * refactor(did): use DIDNamespace enum for verification method in proto reflection * refactor: update protobuf definitions to support Keyshare * feat: expose did keeper in app keepers * Add Motr Web App * refactor: rename motr/handlers/discovery.go to motr/handlers/openid.go * refactor: move session related code to middleware * feat: add database operations for managing assets, chains, and credentials * feat: add htmx support for UI updates * refactor: extract common helper scripts * chore: remove unused storage GUI components * refactor: Move frontend rendering to dedicated handlers * refactor: rename to * refactor: move alert implementation to templ * feat: add alert component with icon, title, and message * feat: add new RequestHeaders struct to store request headers * Feature/create home view (#9) * refactor: move view logic to new htmx handler * refactor: remove unnecessary dependencies * refactor: remove unused dependencies * feat(devbox): integrate air for local development * feat: implement openid connect discovery document * refactor: rename to * refactor(did): update service handling to support DNS discovery * feat: add support for user and validator keyshares * refactor: move keyshare signing logic to signer 2024-09-11 15:10:54 -04:00			`return nil // Return nil if the caveat is valid`
			`}, nil)`
			`if err != nil {`
			`return c.JSON(http.StatusUnauthorized, map[string]string{"error": "Invalid macaroon"})`
			`}`

			`// Macaroon is valid, proceed to the next handler`
			`return next(c)`
			`}`
			`}`
			`}`