本文整理汇总了Golang中github.com/go-errors/errors.New函数的典型用法代码示例。如果您正苦于以下问题:Golang New函数的具体用法?Golang New怎么用?Golang New使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了New函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: Get
func (s *Store) Get(id string) (Policy, error) {
var p DefaultPolicy
var conditions []byte
if err := s.db.QueryRow("SELECT id, description, effect, conditions FROM ladon_policy WHERE id=$1", id).Scan(&p.ID, &p.Description, &p.Effect, &conditions); err == sql.ErrNoRows {
return nil, pkg.ErrNotFound
} else if err != nil {
return nil, errors.New(err)
}
if err := json.Unmarshal(conditions, &p.Conditions); err != nil {
return nil, errors.New(err)
}
subjects, err := getLinked(s.db, "ladon_policy_subject", id)
if err != nil {
return nil, err
}
permissions, err := getLinked(s.db, "ladon_policy_permission", id)
if err != nil {
return nil, err
}
resources, err := getLinked(s.db, "ladon_policy_resource", id)
if err != nil {
return nil, err
}
p.Permissions = permissions
p.Subjects = subjects
p.Resources = resources
return &p, nil
}示例2: Generate
// Generate : Generates a new authorize code or returns an error. set secret
func (j *JWTEnigma) Generate(claims *jwthelper.ClaimsContext, headers map[string]interface{}) (string, string, error) {
// As per RFC, no overrides of header "alg"!
if _, ok := headers["alg"]; ok {
return "", "", errors.New("You may not override the alg header key.")
}
// As per RFC, no overrides of header "typ"!
if _, ok := headers["typ"]; ok {
return "", "", errors.New("You may not override the typ header key.")
}
token := jwt.New(jwt.SigningMethodRS256)
token.Claims = *claims
token.Header = merge(token.Header, headers)
rsaKey, err := jwt.ParseRSAPrivateKeyFromPEM(j.PrivateKey)
if err != nil {
return "", "", err
}
var sig, sstr string
if sstr, err = token.SigningString(); err != nil {
return "", "", err
}
if sig, err = token.Method.Sign(sstr, rsaKey); err != nil {
return "", "", err
}
return fmt.Sprintf("%s.%s", sstr, sig), sig, nil
}示例3: HandleTokenEndpointRequest
// HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-6
func (c *RefreshTokenGrantHandler) HandleTokenEndpointRequest(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder, session interface{}) error {
if requester.GetGrantType() != "refresh_token" {
return nil
}
access, err := c.Enigma.GenerateChallenge(requester.GetClient().GetHashedSecret())
if err != nil {
return errors.New(fosite.ErrServerError)
} else if err := c.Store.CreateAccessTokenSession(access.Signature, requester, &core.TokenSession{Extra: session}); err != nil {
return errors.New(fosite.ErrServerError)
}
refresh, err := c.Enigma.GenerateChallenge(requester.GetClient().GetHashedSecret())
if err != nil {
return errors.New(fosite.ErrServerError)
} else if err := c.Store.CreateRefreshTokenSession(refresh.Signature, requester, &core.TokenSession{Extra: session}); err != nil {
return errors.New(fosite.ErrServerError)
}
challenge := new(enigma.Challenge)
challenge.FromString(req.Form.Get("refresh_token"))
if err := c.Store.DeleteRefreshTokenSession(challenge.Signature); err != nil {
return errors.New(fosite.ErrServerError)
}
responder.SetAccessToken(access.String())
responder.SetTokenType("bearer")
responder.SetExtra("expires_in", strconv.Itoa(int(c.AccessTokenLifespan/time.Second)))
responder.SetExtra("scope", strings.Join(requester.GetGrantedScopes(), " "))
responder.SetExtra("refresh_token", refresh.String())
return nil
}示例4: isValidAuthorizeRequest
func isValidAuthorizeRequest(c *HTTPClient, ar *AuthorizeRequest, retry bool) (bool, error) {
request := gorequest.New()
resp, body, errs := request.Post(pkg.JoinURL(c.ep, "/guard/allowed")).SetBasicAuth(c.clientConfig.ClientID, c.clientConfig.ClientSecret).Set("Content-Type", "application/json").Send(*ar).End()
if len(errs) > 0 {
return false, errors.Errorf("Got errors: %v", errs)
} else if retry && resp.StatusCode == http.StatusUnauthorized {
var err error
if c.clientToken, err = c.clientConfig.Token(oauth2.NoContext); err != nil {
return false, errors.New(err)
} else if c.clientToken == nil {
return false, errors.New("Access token could not be retrieved")
}
return isValidAuthorizeRequest(c, ar, false)
} else if resp.StatusCode != http.StatusOK {
return false, errors.Errorf("Status code %d is not 200: %s", resp.StatusCode, body)
}
if err := json.Unmarshal([]byte(body), &isAllowed); err != nil {
return false, errors.Errorf("Could not unmarshall body because %s", err.Error())
}
if !isAllowed.Allowed {
return false, errors.New("Authroization denied")
}
return isAllowed.Allowed, nil
}示例5: ValidateChallenge
// ValidateAuthorizeCodeSignature returns an AuthorizeCode, if the code argument is a valid authorize code
// and the signature matches the key.
func (c *HMACSHAEnigma) ValidateChallenge(secret []byte, t *Challenge) (err error) {
if t.Key == "" || t.Signature == "" {
return errors.New("Key and signature must both be not empty")
}
signature, err := b64.DecodeString(t.Signature)
if err != nil {
return err
}
key, err := b64.DecodeString(t.Key)
if err != nil {
return err
}
useSecret := append([]byte{}, c.GlobalSecret...)
mac := hmac.New(sha256.New, append(useSecret, secret...))
_, err = mac.Write(key)
if err != nil {
return errors.New(err)
}
if !hmac.Equal(signature, mac.Sum([]byte{})) {
// Hash is invalid
return errors.New("Key and signature do not match")
}
return nil
}示例6: Watch
func (m *RethinkManager) Watch(ctx context.Context) {
go pkg.Retry(time.Second*15, time.Minute, func() error {
clients, err := m.Table.Changes().Run(m.Session)
if err != nil {
return errors.New(err)
}
defer clients.Close()
var update map[string]*fosite.DefaultClient
for clients.Next(&update) {
newVal := update["new_val"]
oldVal := update["old_val"]
m.Lock()
if newVal == nil && oldVal != nil {
delete(m.Clients, oldVal.GetID())
} else if newVal != nil && oldVal != nil {
delete(m.Clients, oldVal.GetID())
m.Clients[newVal.GetID()] = newVal
} else {
m.Clients[newVal.GetID()] = newVal
}
m.Unlock()
}
if clients.Err() != nil {
err = errors.New(clients.Err())
pkg.LogError(err)
return err
}
return nil
})
}示例7: HandleAuthorizeEndpointRequest
func (c *AuthorizeExplicitGrantTypeHandler) HandleAuthorizeEndpointRequest(_ context.Context, req *http.Request, ar AuthorizeRequester, resp AuthorizeResponder, session interface{}) error {
// This let's us define multiple response types, for example open id connect's id_token
if ar.GetResponseTypes().Has("code") {
// Generate the code
code, err := c.Enigma.GenerateChallenge(ar.GetClient().GetHashedSecret())
if err != nil {
return errors.New(ErrServerError)
}
if err := c.Store.CreateAuthorizeCodeSession(code.Signature, ar, &AuthorizeSession{
Extra: session,
RequestRedirectURI: req.Form.Get("redirect_uri"),
}); err != nil {
return errors.New(ErrServerError)
}
resp.AddQuery("code", code.String())
resp.AddQuery("state", ar.GetState())
resp.AddQuery("scope", strings.Join(ar.GetGrantedScopes(), " "))
ar.SetResponseTypeHandled("code")
return nil
}
return nil
}示例8: ValidateTokenEndpointRequest
// ValidateTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-6
func (c *RefreshTokenGrantHandler) ValidateTokenEndpointRequest(_ context.Context, req *http.Request, request fosite.AccessRequester, session interface{}) error {
// grant_type REQUIRED.
// Value MUST be set to "client_credentials".
if request.GetGrantType() != "refresh_token" {
return nil
}
// The authorization server MUST ... validate the refresh token.
challenge := new(enigma.Challenge)
challenge.FromString(req.Form.Get("refresh_token"))
if err := c.Enigma.ValidateChallenge(request.GetClient().GetHashedSecret(), challenge); err != nil {
return errors.New(fosite.ErrInvalidRequest)
}
ar, err := c.Store.GetRefreshTokenSession(challenge.Signature, &core.TokenSession{Extra: session})
if err == pkg.ErrNotFound {
return errors.New(fosite.ErrInvalidRequest)
} else if err != nil {
return errors.New(fosite.ErrServerError)
}
// The authorization server MUST ... and ensure that the refresh token was issued to the authenticated client
if ar.GetClient().GetID() != request.GetClient().GetID() {
return errors.New(fosite.ErrInvalidRequest)
}
request.SetGrantTypeHandled("refresh_token")
return nil
}示例9: CursorInt64
// CursorInt64 parses this query's Cursor string as an int64
func (p PageQuery) CursorInt64() (int64, error) {
if p.Cursor == "" {
switch p.Order {
case OrderAscending:
return 0, nil
case OrderDescending:
return math.MaxInt64, nil
default:
return 0, errors.New(ErrInvalidOrder)
}
}
i, err := strconv.ParseInt(p.Cursor, 10, 64)
if err != nil {
return 0, errors.New(ErrInvalidCursor)
}
if i < 0 {
return 0, errors.New(ErrInvalidCursor)
}
return i, nil
}示例10: isValidAuthenticationRequest
func isValidAuthenticationRequest(c *HTTPClient, token string, retry bool) (bool, error) {
data := url.Values{}
data.Set("token", token)
request := gorequest.New()
resp, body, errs := request.Post(pkg.JoinURL(c.ep, "/oauth2/introspect")).Type("form").SetBasicAuth(c.clientConfig.ClientID, c.clientConfig.ClientSecret).SendString(data.Encode()).End()
if len(errs) > 0 {
return false, errors.Errorf("Got errors: %v", errs)
} else if resp.StatusCode != http.StatusOK {
return false, errors.Errorf("Status code %d is not 200: %s", resp.StatusCode, body)
}
if retry && resp.StatusCode == http.StatusUnauthorized {
var err error
if c.clientToken, err = c.clientConfig.Token(oauth2.NoContext); err != nil {
return false, errors.New(err)
} else if c.clientToken == nil {
return false, errors.New("Access token could not be retrieved")
}
return isValidAuthenticationRequest(c, token, false)
} else if resp.StatusCode != http.StatusOK {
return false, fmt.Errorf("Status code %d is not 200", resp.StatusCode)
}
var introspect struct {
Active bool `json:"active"`
}
if err := json.Unmarshal([]byte(body), &introspect); err != nil {
return false, err
} else if !introspect.Active {
return false, errors.New("Authentication denied")
}
return introspect.Active, nil
}示例11: HandleAuthorizeEndpointRequest
func (c *AuthorizeImplicitGrantTypeHandler) HandleAuthorizeEndpointRequest(_ context.Context, req *http.Request, ar AuthorizeRequester, resp AuthorizeResponder, session interface{}) error {
// This let's us define multiple response types, for example open id connect's id_token
if ar.GetResponseTypes().Has("token") {
// Generate the code
access, err := c.Enigma.GenerateChallenge(ar.GetClient().GetHashedSecret())
if err != nil {
return errors.New(ErrServerError)
} else if err := c.Store.CreateImplicitAccessTokenSession(access.Signature, ar, &core.AuthorizeSession{
Extra: session,
RequestRedirectURI: req.Form.Get("redirect_uri"),
}); err != nil {
return errors.New(ErrServerError)
}
resp.AddFragment("access_token", access.String())
resp.AddFragment("expires_in", strconv.Itoa(int(c.AccessTokenLifespan/time.Second)))
resp.AddFragment("token_type", "bearer")
resp.AddFragment("state", ar.GetState())
resp.AddFragment("scope", strings.Join(ar.GetGrantedScopes(), "+"))
ar.SetResponseTypeHandled("token")
return nil
}
return nil
}示例12: ValidateTokenEndpointRequest
// ValidateTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-6
func (c *RefreshTokenGrantHandler) ValidateTokenEndpointRequest(ctx context.Context, req *http.Request, request fosite.AccessRequester) error {
// grant_type REQUIRED.
// Value MUST be set to "client_credentials".
if request.GetGrantType() != "refresh_token" {
return nil
}
// The authorization server MUST ... validate the refresh token.
signature, err := c.RefreshTokenStrategy.ValidateRefreshToken(req.Form.Get("refresh_token"), ctx, req, request)
if err != nil {
return errors.New(fosite.ErrInvalidRequest)
}
accessRequest, err := c.Store.GetRefreshTokenSession(signature, nil)
if err == pkg.ErrNotFound {
return errors.New(fosite.ErrInvalidRequest)
} else if err != nil {
return errors.New(fosite.ErrServerError)
}
// The authorization server MUST ... and ensure that the refresh token was issued to the authenticated client
if accessRequest.GetClient().GetID() != request.GetClient().GetID() {
return errors.New(fosite.ErrInvalidRequest)
}
request.SetGrantTypeHandled("refresh_token")
return nil
}示例13: GetContinuations
// GetContinuations returns two new PageQuery structs, a next and previous
// query.
func (p PageQuery) GetContinuations(records interface{}) (next PageQuery, prev PageQuery, err error) {
next = p
prev = p.Invert()
rv := reflect.ValueOf(records)
l := rv.Len()
if l <= 0 {
return
}
first, ok := rv.Index(0).Interface().(Pageable)
if !ok {
err = errors.New(ErrNotPageable)
}
last, ok := rv.Index(l - 1).Interface().(Pageable)
if !ok {
err = errors.New(ErrNotPageable)
}
next.Cursor = last.PagingToken()
prev.Cursor = first.PagingToken()
return
}示例14: NewPageQuery
// NewPageQuery creates a new PageQuery struct, ensuring the order, limit, and
// cursor are set to the appropriate defaults and are valid.
func NewPageQuery(
cursor string,
order string,
limit uint64,
) (result PageQuery, err error) {
// Set order
switch order {
case "":
result.Order = OrderAscending
case OrderAscending, OrderDescending:
result.Order = order
default:
err = errors.New(ErrInvalidOrder)
return
}
result.Cursor = cursor
// Set limit
switch {
case limit == 0:
result.Limit = DefaultPageSize
case limit < 0:
err = errors.New(ErrInvalidLimit)
return
case limit > MaxPageSize:
err = errors.New(ErrInvalidLimit)
return
default:
result.Limit = limit
}
return
}示例15: IntrospectHandler
func (h *Handler) IntrospectHandler(w http.ResponseWriter, r *http.Request) {
auth, err := osin.CheckBasicAuth(r)
if _, err := h.OAuthStore.GetClient(auth.Username); err != nil {
pkg.HttpError(w, errors.New("Unauthorized"), http.StatusUnauthorized)
return
} else if auth == nil {
pkg.HttpError(w, errors.New("Unauthorized"), http.StatusUnauthorized)
return
}
client, err := h.OAuthStore.GetClient(auth.Username)
if err != nil {
pkg.HttpError(w, errors.New("Unauthorized"), http.StatusUnauthorized)
return
} else if client.GetSecret() != auth.Password {
pkg.HttpError(w, errors.New("Unauthorized"), http.StatusUnauthorized)
return
}
result := make(map[string]interface{})
result["active"] = false
r.ParseForm()
if r.Form.Get("token") == "" {
log.WithField("introspect", "fail").Warn("No token given.")
result["error"] = "No token given."
pkg.WriteJSON(w, result)
return
}
token, err := h.JWT.VerifyToken([]byte(r.Form.Get("token")))
if err != nil {
log.WithField("introspect", "fail").Warn("Token is invalid.")
pkg.WriteJSON(w, result)
return
}
claims := jwt.ClaimsCarrier(token.Claims)
if claims.GetAudience() != auth.Username {
log.WithFields(log.Fields{
"introspect": "fail",
"actualAudience": auth.Username,
"expectedAudience": claims.GetAudience(),
}).Warn(`Token audience mismatch.`)
pkg.WriteJSON(w, result)
return
}
if claims.GetSubject() == "" {
log.WithFields(log.Fields{
"introspect": "fail",
}).Warn(`Token claims no subject.`)
pkg.WriteJSON(w, result)
return
}
result = token.Claims
result["active"] = token.Valid
pkg.WriteJSON(w, result)
}