From b5ef10dc2b82fc9a083fad594a00af055068b6e2 Mon Sep 17 00:00:00 2001 From: David Christofas Date: Tue, 16 Aug 2022 16:53:27 +0200 Subject: [PATCH] add missing comments and changelog --- changelog/unreleased/rewrite-authentication.md | 7 +++++++ services/proxy/pkg/middleware/public_share_auth.go | 2 ++ services/proxy/pkg/middleware/signed_url_auth.go | 1 + 3 files changed, 10 insertions(+) create mode 100644 changelog/unreleased/rewrite-authentication.md diff --git a/changelog/unreleased/rewrite-authentication.md b/changelog/unreleased/rewrite-authentication.md new file mode 100644 index 0000000000..c399074312 --- /dev/null +++ b/changelog/unreleased/rewrite-authentication.md @@ -0,0 +1,7 @@ +Enhancement: Rewrite of the request authentication middleware + +There were some flaws in the authentication middleware which were resolved by this rewrite. +This rewrite also introduced the need to manually mark certain paths as "unprotected" if +requests to these paths must not be authenticated. + +https://github.com/owncloud/ocis/pull/4374 diff --git a/services/proxy/pkg/middleware/public_share_auth.go b/services/proxy/pkg/middleware/public_share_auth.go index dabaa8a38c..cab9b6ebf3 100644 --- a/services/proxy/pkg/middleware/public_share_auth.go +++ b/services/proxy/pkg/middleware/public_share_auth.go @@ -18,6 +18,8 @@ const ( _paramExpiration = "expiration" ) +// PublicShareAuthenticator is the authenticator which can authenticate public share requests. +// It will add the share owner into the request context. type PublicShareAuthenticator struct { Logger log.Logger RevaGatewayClient gateway.GatewayAPIClient diff --git a/services/proxy/pkg/middleware/signed_url_auth.go b/services/proxy/pkg/middleware/signed_url_auth.go index 80a613aace..2455e8eecf 100644 --- a/services/proxy/pkg/middleware/signed_url_auth.go +++ b/services/proxy/pkg/middleware/signed_url_auth.go @@ -38,6 +38,7 @@ var ( } ) +// SignedURLAuthenticator is the authenticator responsible for authenticating signed URL requests. type SignedURLAuthenticator struct { Logger log.Logger PreSignedURLConfig config.PreSignedURL