devbennett7/goma-gateway
1
0
Fork 0
Code Pull Requests Activity

feat: add accessPolicy middleware to allow or deny a list of Ips

Browse Source
This commit is contained in:
Jonas Kaninda
2024-12-09 11:00:14 +01:00
parent 262d616e8e
commit f3c2bdcebc
9 changed files with 178 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
internal/helpers.go
View File

@@ -1,14 +1,22 @@
/*
* Copyright 2024 Jonas Kaninda
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package pkg
/*
Copyright 2024 Jonas Kaninda.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may get a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
*/
import (
"context"
"encoding/json"
@@ -16,6 +24,7 @@ import (
"github.com/jedib0t/go-pretty/v6/table"
"golang.org/x/oauth2"
"io"
"net"
"net/http"
)
@@ -45,6 +54,7 @@ func getRealIP(r *http.Request) string {
return r.RemoteAddr
}
// getUserInfo returns struct of UserInfo
func (oauth *OauthRulerMiddleware) getUserInfo(token *oauth2.Token) (UserInfo, error) {
oauthConfig := oauth2Config(oauth)
// Call the user info endpoint with the token
@@ -68,3 +78,30 @@ func (oauth *OauthRulerMiddleware) getUserInfo(token *oauth2.Token) (UserInfo, e
return userInfo, nil
}
// validateIPAddress checks if the input is a valid IP address (IPv4 or IPv6)
func validateIPAddress(ip string) bool {
return net.ParseIP(ip) != nil
}
// validateCIDR checks if the input is a valid CIDR notation
func validateCIDR(cidr string) bool {
_, _, err := net.ParseCIDR(cidr)
return err == nil
}
// isIPOrCIDR determines whether the input is an IP address or a CIDR
func isIPOrCIDR(input string) (isIP bool, isCIDR bool) {
// Check if it's a valid IP address
if net.ParseIP(input) != nil {
return true, false
}
// Check if it's a valid CIDR
if _, _, err := net.ParseCIDR(input); err == nil {
return false, true
}
// Neither IP nor CIDR
return false, false
}