toolkit/server/exectx/middleware.go

package exectx

import (
	"errors"
	"net/http"

	"github.com/INFURA/go-ucan-toolkit/server/bearer"
)

// Middleware returns an HTTP middleware tasked with:
// - extracting UCAN credentials from the `Authorization: Bearer <data>` HTTP header
// - performing basic checks, and returning HTTP errors if necessary
// - exposing those credentials in the go context as a UcanCtx for further usage
func Middleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		ctn, err := bearer.ExtractBearerContainer(r.Header)
		if errors.Is(err, bearer.ErrNoUcan) {
			http.Error(w, "no UCAN auth", http.StatusBadRequest)
			return
		}
		if errors.Is(err, bearer.ErrContainerMalformed) {
			http.Error(w, "malformed token", http.StatusBadRequest)
			return
		}
		if err != nil {
			// should not happen, defensive programming
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		// prepare a UcanCtx from the container, for further evaluation in the server pipeline
		ucanCtx, err := FromContainer(ctn)
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		// insert into the go context
		r = r.WithContext(AddUcanCtxToContext(r.Context(), ucanCtx))

		next.ServeHTTP(w, r)
	})
}
exectx: add a minimal middleware to extract the HTTP bearer, and make the UCAN ctx 2025-01-23 14:40:09 +01:00			`package exectx`

			`import (`
			`"errors"`
			`"net/http"`

			`"github.com/INFURA/go-ucan-toolkit/server/bearer"`
			`)`

			`// Middleware returns an HTTP middleware tasked with:`
			// - extracting UCAN credentials from the `Authorization: Bearer <data>` HTTP header
			`// - performing basic checks, and returning HTTP errors if necessary`
			`// - exposing those credentials in the go context as a UcanCtx for further usage`
			`func Middleware(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`ctn, err := bearer.ExtractBearerContainer(r.Header)`
			`if errors.Is(err, bearer.ErrNoUcan) {`
			`http.Error(w, "no UCAN auth", http.StatusBadRequest)`
			`return`
			`}`
			`if errors.Is(err, bearer.ErrContainerMalformed) {`
			`http.Error(w, "malformed token", http.StatusBadRequest)`
			`return`
			`}`
			`if err != nil {`
			`// should not happen, defensive programming`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

			`// prepare a UcanCtx from the container, for further evaluation in the server pipeline`
			`ucanCtx, err := FromContainer(ctn)`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

			`// insert into the go context`
			`r = r.WithContext(AddUcanCtxToContext(r.Context(), ucanCtx))`

			`next.ServeHTTP(w, r)`
			`})`
			`}`