Spaces:
Running
Running
File size: 1,599 Bytes
b110593 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
// _ _
// __ _____ __ ___ ___ __ _| |_ ___
// \ \ /\ / / _ \/ _` \ \ / / |/ _` | __/ _ \
// \ V V / __/ (_| |\ V /| | (_| | || __/
// \_/\_/ \___|\__,_| \_/ |_|\__,_|\__\___|
//
// Copyright © 2016 - 2024 Weaviate B.V. All rights reserved.
//
// CONTACT: [email protected]
//
package v1
import (
"context"
"strings"
"github.com/weaviate/weaviate/entities/models"
"google.golang.org/grpc/metadata"
)
// This should probably be run as part of a middleware. In the initial gRPC
// implementation there is only a single endpoint, so it's fine to run this
// straight from the endpoint. But the moment we add a second endpoint, this
// should be called from a central place. This way we can make sure it's
// impossible to forget to add it to a new endpoint.
func (s *Service) principalFromContext(ctx context.Context) (*models.Principal, error) {
md, ok := metadata.FromIncomingContext(ctx)
if !ok {
return s.tryAnonymous()
}
// the grpc library will lowercase all md keys, so we need to make sure to
// check a lowercase key
authValue, ok := md["authorization"]
if !ok {
return s.tryAnonymous()
}
if len(authValue) == 0 {
return s.tryAnonymous()
}
if !strings.HasPrefix(authValue[0], "Bearer ") {
return s.tryAnonymous()
}
token := strings.TrimPrefix(authValue[0], "Bearer ")
return s.authComposer(token, nil)
}
func (s *Service) tryAnonymous() (*models.Principal, error) {
if s.allowAnonymousAccess {
return nil, nil
}
return s.authComposer("", nil)
}
|