Skip to content

GitLab

Commit 009e6615 authored by ale's avatar ale
Browse files
Options

Refactor Server.Handler method for readability 

Should make the subdivision between apps (idp, sso) more obvious.
parent f0382112
Pipeline #811 passed with stages
          in 1 minute and 9 seconds
          Hide whitespace changes
          Inline Side-by-side
          Showing with 33 additions and 16 deletions
          server/http.go
          View file @ 009e6615
          ......@@ -295,30 +295,47 @@ func (h *Server) handleExchange(w http.ResponseWriter, req *http.Request) {
          // Handler returns the http.Handler for the SSO server application.
          func (h *Server) Handler() http.Handler {
          m := mux.NewRouter()
          // The root HTTP handler. This must be a gorilla/mux.Router since
          // sessions depend on it.
          root := mux.NewRouter()
          var lih, loh http.Handler
          lih = h.loginHandler
          loh = h.withAuth(h.handleLogout)
          if h.csrfSecret != nil {
          csrfW := csrf.Protect(h.csrfSecret)
          lih = csrfW(lih)
          loh = csrfW(loh)
          }
          m.Handle("/login", withDynamicHeaders(lih))
          m.Handle("/logout", withDynamicHeaders(loh))
          m.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(&assetfs.AssetFS{
          // Serve static content to anyone.
          root.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(&assetfs.AssetFS{
          Asset: Asset,
          AssetDir: AssetDir,
          AssetInfo: AssetInfo,
          Prefix: "static",
          })))
          m.Handle("/exchange", withDynamicHeaders(http.HandlerFunc(h.handleExchange)))
          m.Handle("/", withDynamicHeaders(h.withAuth(h.handleHomepage)))
          // Build the main IDP application router, with optional CSRF
          // protection.
          m := http.NewServeMux()
          m.Handle("/login", h.loginHandler)
          m.Handle("/logout", h.withAuth(h.handleLogout))
          idph := http.Handler(m)
          if h.csrfSecret != nil {
          idph = csrf.Protect(h.csrfSecret)(idph)
          }
          // Add the SSO provider endpoints (root path and /exchange),
          // which do not need CSRF. We use a HandlerFunc to bypass the
          // '/' dispatch semantics of the standard http.ServeMux.
          ssoh := h.withAuth(h.handleHomepage)
          userh := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
          switch {
          case r.Method == "GET" && r.URL.Path == "/":
          ssoh.ServeHTTP(w, r)
          case r.URL.Path == "/exchange":
          h.handleExchange(w, r)
          default:
          idph.ServeHTTP(w, r)
          }
          })
          return m
          // User-facing routes require cache-busting and CSP headers.
          root.PathPrefix("/").Handler(withDynamicHeaders(userh))
          return root
          }
          // A relatively strict CSP.
          ......
          Markdown is supported
          0% or .
          You are about to add 0 people to the discussion. Proceed with caution.
          Finish editing this message first!
          Please register or to comment