2020-06-05 07:50:04 +02:00
|
|
|
package http
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
2020-07-08 13:56:37 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
Authorization = "authorization"
|
|
|
|
Accept = "accept"
|
|
|
|
AcceptLanguage = "accept-language"
|
|
|
|
CacheControl = "cache-control"
|
|
|
|
ContentType = "content-type"
|
2020-08-24 10:06:55 +02:00
|
|
|
ContentLength = "content-length"
|
2020-07-08 13:56:37 +02:00
|
|
|
Expires = "expires"
|
|
|
|
Location = "location"
|
|
|
|
Origin = "origin"
|
|
|
|
Pragma = "pragma"
|
|
|
|
UserAgentHeader = "user-agent"
|
|
|
|
ForwardedFor = "x-forwarded-for"
|
2020-08-24 10:06:55 +02:00
|
|
|
XUserAgent = "x-user-agent"
|
|
|
|
XGrpcWeb = "x-grpc-web"
|
2023-01-09 13:37:10 +01:00
|
|
|
XRequestedWith = "x-requested-with"
|
2023-05-05 10:25:02 +02:00
|
|
|
XRobotsTag = "x-robots-tag"
|
2022-04-06 08:13:40 +02:00
|
|
|
IfNoneMatch = "If-None-Match"
|
|
|
|
LastModified = "Last-Modified"
|
|
|
|
Etag = "Etag"
|
2020-07-08 13:56:37 +02:00
|
|
|
|
|
|
|
ContentSecurityPolicy = "content-security-policy"
|
|
|
|
XXSSProtection = "x-xss-protection"
|
|
|
|
StrictTransportSecurity = "strict-transport-security"
|
|
|
|
XFrameOptions = "x-frame-options"
|
|
|
|
XContentTypeOptions = "x-content-type-options"
|
|
|
|
ReferrerPolicy = "referrer-policy"
|
|
|
|
FeaturePolicy = "feature-policy"
|
2020-12-07 09:00:31 +01:00
|
|
|
PermissionsPolicy = "permissions-policy"
|
2020-06-05 07:50:04 +02:00
|
|
|
|
2020-07-08 13:56:37 +02:00
|
|
|
ZitadelOrgID = "x-zitadel-orgid"
|
2020-06-05 07:50:04 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
type key int
|
|
|
|
|
2022-05-19 16:09:02 +02:00
|
|
|
const (
|
|
|
|
httpHeaders key = iota
|
|
|
|
remoteAddr
|
2023-10-10 15:20:53 +02:00
|
|
|
origin
|
2020-06-05 07:50:04 +02:00
|
|
|
)
|
|
|
|
|
2020-08-31 08:49:35 +02:00
|
|
|
func CopyHeadersToContext(h http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2020-06-05 07:50:04 +02:00
|
|
|
ctx := context.WithValue(r.Context(), httpHeaders, r.Header)
|
|
|
|
ctx = context.WithValue(ctx, remoteAddr, r.RemoteAddr)
|
|
|
|
r = r.WithContext(ctx)
|
2020-08-31 08:49:35 +02:00
|
|
|
h.ServeHTTP(w, r)
|
|
|
|
})
|
2020-06-05 07:50:04 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func HeadersFromCtx(ctx context.Context) (http.Header, bool) {
|
|
|
|
headers, ok := ctx.Value(httpHeaders).(http.Header)
|
|
|
|
return headers, ok
|
|
|
|
}
|
|
|
|
|
2023-10-10 15:20:53 +02:00
|
|
|
func OriginHeader(ctx context.Context) string {
|
2022-05-19 16:09:02 +02:00
|
|
|
headers, ok := ctx.Value(httpHeaders).(http.Header)
|
|
|
|
if !ok {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
return headers.Get(Origin)
|
|
|
|
}
|
|
|
|
|
2023-10-10 15:20:53 +02:00
|
|
|
func ComposedOrigin(ctx context.Context) string {
|
|
|
|
o, ok := ctx.Value(origin).(string)
|
|
|
|
if !ok {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
return o
|
|
|
|
}
|
|
|
|
|
|
|
|
func WithComposedOrigin(ctx context.Context, composed string) context.Context {
|
|
|
|
return context.WithValue(ctx, origin, composed)
|
|
|
|
}
|
|
|
|
|
2020-06-05 07:50:04 +02:00
|
|
|
func RemoteIPFromCtx(ctx context.Context) string {
|
|
|
|
ctxHeaders, ok := HeadersFromCtx(ctx)
|
|
|
|
if !ok {
|
|
|
|
return RemoteAddrFromCtx(ctx)
|
|
|
|
}
|
2020-07-08 13:56:37 +02:00
|
|
|
forwarded, ok := GetForwardedFor(ctxHeaders)
|
2020-06-05 07:50:04 +02:00
|
|
|
if ok {
|
|
|
|
return forwarded
|
|
|
|
}
|
|
|
|
return RemoteAddrFromCtx(ctx)
|
|
|
|
}
|
|
|
|
|
|
|
|
func RemoteIPFromRequest(r *http.Request) net.IP {
|
|
|
|
return net.ParseIP(RemoteIPStringFromRequest(r))
|
|
|
|
}
|
|
|
|
|
|
|
|
func RemoteIPStringFromRequest(r *http.Request) string {
|
2020-07-08 13:56:37 +02:00
|
|
|
ip, ok := GetForwardedFor(r.Header)
|
2020-06-05 07:50:04 +02:00
|
|
|
if ok {
|
|
|
|
return ip
|
|
|
|
}
|
2021-07-20 10:10:48 +02:00
|
|
|
host, _, _ := net.SplitHostPort(r.RemoteAddr)
|
|
|
|
return host
|
2020-06-05 07:50:04 +02:00
|
|
|
}
|
|
|
|
|
feat: label policy (#1708)
* feat: label policy proto extension
* feat: label policy and activate event
* feat: label policy asset events
* feat: label policy asset commands
* feat: add storage key
* feat: storage key validation
* feat: label policy asset tests
* feat: label policy query side
* feat: avatar
* feat: avatar event
* feat: human avatar
* feat: avatar read side
* feat: font on iam label policy
* feat: label policy font
* feat: possiblity to create bucket on put file
* uplaoder
* login policy logo
* set bucket prefix
* feat: avatar upload
* feat: avatar upload
* feat: use assets on command side
* feat: fix human avatar removed event
* feat: remove human avatar
* feat: mock asset storage
* feat: remove human avatar
* fix(operator): add configuration of asset storage to zitadel operator
* feat(console): private labeling policy (#1697)
* private labeling component, routing, preview
* font, colors, upload, i18n
* show logo
* fix: uniqueness (#1710)
* fix: uniqueconstraint to lower
* feat: change org
* feat: org change test
* feat: change org
* fix: tests
* fix: handle domain claims correctly
* feat: update org
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: handle domain claimed event correctly for service users (#1711)
* fix: handle domain claimed event correctly on user view
* fix: ignore domain claimed events for email notifications
* fix: change org
* handle org changed in read models correctly
* fix: change org in user grant handler
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: correct value (#1695)
* docs(api): correct link (#1712)
* upload service
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: fix tests,
* feat: remove assets from label policy
* fix npm, set environment
* lint ts
* remove stylelinting
* fix(operator): add mapping for console with changed unit tests
* fix(operator): add secrets as env variables to pod
* feat: remove human avatar
* fix(operator): add secrets as env variables to pod
* feat: map label policy
* feat: labelpolicy, admin, mgmt, adv settings (#1715)
* fetch label policy, mgmt, admin service
* feat: advanced beh, links, add, update
* lint ts
* feat: watermark
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: custom css
* css
* css
* css
* css
* css
* getobject
* feat: dynamic handler
* feat: varibale css
* content info
* css overwrite
* feat: variablen css
* feat: generate css file
* feat: dark mode
* feat: dark mode
* fix logo css
* feat: upload logos
* dark mode with cookie
* feat: handle images in login
* avatar css and begin font
* feat: avatar
* feat: user avatar
* caching of static assets in login
* add avatar.js to main.html
* feat: header dont show logo if no url
* feat: label policy colors
* feat: mock asset storage
* feat: mock asset storage
* feat: fix tests
* feat: user avatar
* feat: header logo
* avatar
* avatar
* make it compatible with go 1.15
* feat: remove unused logos
* fix handler
* fix: styling error handling
* fonts
* fix: download func
* switch to mux
* fix: change upload api to assets
* fix build
* fix: download avatar
* fix: download logos
* fix: my avatar
* font
* fix: remove error msg popup possibility
* fix: docs
* fix: svalidate colors
* rem msg popup from frontend
* fix: email with private labeling
* fix: tests
* fix: email templates
* fix: change migration version
* fix: fix duplicate imports
* fix(console): assets, service url, upload, policy current and preview (#1781)
* upload endpoint, layout
* fetch current, preview, fix upload
* cleanup private labeling
* fix linting
* begin generated asset handler
* generate asset api in dockerfile
* features for label policy
* features for label policy
* features
* flag for asset generator
* change asset generator flag
* fix label policy view in grpc
* fix: layout, activate policy (#1786)
* theme switcher up on top
* change layout
* activate policy
* feat(console): label policy back color, layout (#1788)
* theme switcher up on top
* change layout
* activate policy
* fix overwrite value fc
* reset policy, reset service
* autosave policy, preview desc, layout impv
* layout, i18n
* background colors, inject material styles
* load images
* clean, lint
* fix layout
* set custom hex
* fix content size conversion
* remove font format in generated css
* fix features for assets
* fix(console): label policy colors, image downloads, preview (#1804)
* load images
* colors, images binding
* lint
* refresh emitter
* lint
* propagate font colors
* upload error handling
* label policy feature check
* add blob in csp for console
* log
* fix: feature edits for label policy, refresh state on upload (#1807)
* show error on load image, stop spinner
* fix merge
* fix migration versions
* fix assets
* fix csp
* fix background color
* scss
* fix build
* lint scss
* fix statik for console
* fix features check for label policy
* cleanup
* lint
* public links
* fix notifications
* public links
* feat: merge main
* feat: fix translation files
* fix migration
* set api domain
* fix logo in email
* font face in email
* font face in email
* validate assets on upload
* cleanup
* add missing translations
* add missing translations
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2021-06-04 14:53:51 +02:00
|
|
|
func GetAuthorization(r *http.Request) string {
|
|
|
|
return r.Header.Get(Authorization)
|
|
|
|
}
|
|
|
|
|
|
|
|
func GetOrgID(r *http.Request) string {
|
|
|
|
return r.Header.Get(ZitadelOrgID)
|
|
|
|
}
|
|
|
|
|
2020-07-08 13:56:37 +02:00
|
|
|
func GetForwardedFor(headers http.Header) (string, bool) {
|
|
|
|
forwarded, ok := headers[ForwardedFor]
|
2020-06-05 07:50:04 +02:00
|
|
|
if ok {
|
2021-07-20 10:10:48 +02:00
|
|
|
ip := strings.TrimSpace(strings.Split(forwarded[0], ",")[0])
|
2020-06-05 07:50:04 +02:00
|
|
|
if ip != "" {
|
|
|
|
return ip, true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return "", false
|
|
|
|
}
|
|
|
|
|
|
|
|
func RemoteAddrFromCtx(ctx context.Context) string {
|
|
|
|
ctxRemoteAddr, _ := ctx.Value(remoteAddr).(string)
|
|
|
|
return ctxRemoteAddr
|
|
|
|
}
|