2019-04-24 21:52:08 +00:00
|
|
|
package middlewares
|
|
|
|
|
2021-12-02 02:21:46 +00:00
|
|
|
import (
|
2022-04-03 00:48:26 +00:00
|
|
|
"errors"
|
|
|
|
|
2021-12-02 02:21:46 +00:00
|
|
|
"github.com/valyala/fasthttp"
|
2021-07-22 03:52:37 +00:00
|
|
|
)
|
2019-04-24 21:52:08 +00:00
|
|
|
|
2023-04-23 10:59:15 +00:00
|
|
|
const (
|
|
|
|
responseAPIStatusOK = "OK"
|
|
|
|
responseAPIStatusKO = "KO"
|
|
|
|
)
|
|
|
|
|
2021-12-02 02:21:46 +00:00
|
|
|
var (
|
2022-10-01 11:47:09 +00:00
|
|
|
headerXAutheliaURL = []byte("X-Authelia-URL")
|
|
|
|
|
2022-04-07 00:58:51 +00:00
|
|
|
headerAccept = []byte(fasthttp.HeaderAccept)
|
|
|
|
headerContentLength = []byte(fasthttp.HeaderContentLength)
|
2022-07-08 12:18:52 +00:00
|
|
|
headerLocation = []byte(fasthttp.HeaderLocation)
|
2022-04-07 00:58:51 +00:00
|
|
|
|
2021-12-02 02:21:46 +00:00
|
|
|
headerXForwardedProto = []byte(fasthttp.HeaderXForwardedProto)
|
|
|
|
headerXForwardedHost = []byte(fasthttp.HeaderXForwardedHost)
|
|
|
|
headerXForwardedFor = []byte(fasthttp.HeaderXForwardedFor)
|
|
|
|
headerXRequestedWith = []byte(fasthttp.HeaderXRequestedWith)
|
|
|
|
|
|
|
|
headerXForwardedURI = []byte("X-Forwarded-URI")
|
|
|
|
headerXOriginalURL = []byte("X-Original-URL")
|
2022-12-17 00:49:05 +00:00
|
|
|
headerXOriginalMethod = []byte("X-Original-Method")
|
2021-12-02 02:21:46 +00:00
|
|
|
headerXForwardedMethod = []byte("X-Forwarded-Method")
|
2022-02-06 13:37:28 +00:00
|
|
|
|
2022-04-07 00:58:51 +00:00
|
|
|
headerVary = []byte(fasthttp.HeaderVary)
|
|
|
|
headerAllow = []byte(fasthttp.HeaderAllow)
|
|
|
|
headerOrigin = []byte(fasthttp.HeaderOrigin)
|
|
|
|
|
2022-03-04 04:46:12 +00:00
|
|
|
headerAccessControlAllowCredentials = []byte(fasthttp.HeaderAccessControlAllowCredentials)
|
|
|
|
headerAccessControlAllowHeaders = []byte(fasthttp.HeaderAccessControlAllowHeaders)
|
|
|
|
headerAccessControlAllowMethods = []byte(fasthttp.HeaderAccessControlAllowMethods)
|
|
|
|
headerAccessControlAllowOrigin = []byte(fasthttp.HeaderAccessControlAllowOrigin)
|
|
|
|
headerAccessControlMaxAge = []byte(fasthttp.HeaderAccessControlMaxAge)
|
|
|
|
headerAccessControlRequestHeaders = []byte(fasthttp.HeaderAccessControlRequestHeaders)
|
|
|
|
headerAccessControlRequestMethod = []byte(fasthttp.HeaderAccessControlRequestMethod)
|
2022-05-03 02:19:30 +00:00
|
|
|
|
2022-05-04 04:47:23 +00:00
|
|
|
headerXContentTypeOptions = []byte(fasthttp.HeaderXContentTypeOptions)
|
|
|
|
headerReferrerPolicy = []byte(fasthttp.HeaderReferrerPolicy)
|
|
|
|
headerXFrameOptions = []byte(fasthttp.HeaderXFrameOptions)
|
|
|
|
headerPragma = []byte(fasthttp.HeaderPragma)
|
|
|
|
headerCacheControl = []byte(fasthttp.HeaderCacheControl)
|
|
|
|
headerXXSSProtection = []byte(fasthttp.HeaderXXSSProtection)
|
|
|
|
headerContentSecurityPolicy = []byte(fasthttp.HeaderContentSecurityPolicy)
|
|
|
|
|
|
|
|
headerPermissionsPolicy = []byte("Permissions-Policy")
|
2022-03-04 04:46:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2023-01-07 20:04:06 +00:00
|
|
|
headerValueFalse = []byte("false")
|
|
|
|
headerValueTrue = []byte("true")
|
|
|
|
headerValueMaxAge = []byte("100")
|
|
|
|
headerValueVary = []byte("Accept-Encoding, Origin")
|
|
|
|
headerValueVaryWildcard = []byte("Accept-Encoding")
|
|
|
|
headerValueOriginWildcard = []byte("*")
|
|
|
|
headerValueZero = []byte("0")
|
|
|
|
headerValueCSPNone = []byte("default-src 'none'")
|
|
|
|
headerValueCSPNoneFormPost = []byte("default-src 'none'; script-src 'sha256-skflBqA90WuHvoczvimLdj49ExKdizFjX2Itd6xKZdU='")
|
2022-05-03 02:19:30 +00:00
|
|
|
|
|
|
|
headerValueNoSniff = []byte("nosniff")
|
|
|
|
headerValueStrictOriginCrossOrigin = []byte("strict-origin-when-cross-origin")
|
2022-05-04 04:47:23 +00:00
|
|
|
headerValueSameOrigin = []byte("SAMEORIGIN")
|
|
|
|
headerValueNoCache = []byte("no-cache")
|
|
|
|
headerValueNoStore = []byte("no-store")
|
|
|
|
headerValueXSSModeBlock = []byte("1; mode=block")
|
2022-05-03 02:19:30 +00:00
|
|
|
headerValueCohort = []byte("interest-cohort=()")
|
2022-03-04 04:46:12 +00:00
|
|
|
)
|
|
|
|
|
2022-09-03 01:51:02 +00:00
|
|
|
const (
|
|
|
|
strProtoHTTPS = "https"
|
|
|
|
strProtoHTTP = "http"
|
2022-12-17 00:49:05 +00:00
|
|
|
strSlash = "/"
|
|
|
|
|
2023-01-25 09:36:40 +00:00
|
|
|
queryArgRedirect = "rd"
|
|
|
|
queryArgAutheliaURL = "authelia_url"
|
|
|
|
queryArgToken = "token"
|
2022-09-03 01:51:02 +00:00
|
|
|
)
|
|
|
|
|
2022-03-04 04:46:12 +00:00
|
|
|
var (
|
2022-09-03 01:51:02 +00:00
|
|
|
protoHTTPS = []byte(strProtoHTTPS)
|
|
|
|
protoHTTP = []byte(strProtoHTTP)
|
2022-02-06 13:37:28 +00:00
|
|
|
|
2023-01-25 09:36:40 +00:00
|
|
|
qryArgRedirect = []byte(queryArgRedirect)
|
|
|
|
qryArgAutheliaURL = []byte(queryArgAutheliaURL)
|
2022-10-01 11:47:09 +00:00
|
|
|
|
2023-01-25 09:36:40 +00:00
|
|
|
keyUserValueBaseURL = []byte("base_url")
|
|
|
|
keyUserValueAuthzPath = []byte("authz_path")
|
2022-04-07 00:58:51 +00:00
|
|
|
|
2023-01-07 20:04:06 +00:00
|
|
|
// UserValueKeyFormPost is the User Value key where we indicate the form_post response mode.
|
|
|
|
UserValueKeyFormPost = []byte("form_post")
|
|
|
|
|
2022-04-07 00:58:51 +00:00
|
|
|
headerSeparator = []byte(", ")
|
2022-07-08 12:18:52 +00:00
|
|
|
|
|
|
|
contentTypeTextPlain = []byte("text/plain; charset=utf-8")
|
|
|
|
contentTypeTextHTML = []byte("text/html; charset=utf-8")
|
|
|
|
contentTypeApplicationJSON = []byte("application/json; charset=utf-8")
|
2023-01-03 03:49:02 +00:00
|
|
|
contentTypeApplicationYAML = []byte("application/yaml; charset=utf-8")
|
2021-07-22 03:52:37 +00:00
|
|
|
)
|
2019-04-24 21:52:08 +00:00
|
|
|
|
2021-07-22 03:52:37 +00:00
|
|
|
const (
|
2021-12-02 02:21:46 +00:00
|
|
|
headerValueXRequestedWithXHR = "XMLHttpRequest"
|
2021-07-22 03:52:37 +00:00
|
|
|
)
|
2019-04-24 21:52:08 +00:00
|
|
|
|
|
|
|
var okMessageBytes = []byte("{\"status\":\"OK\"}")
|
|
|
|
|
2021-07-22 03:52:37 +00:00
|
|
|
const (
|
|
|
|
messageOperationFailed = "Operation failed"
|
|
|
|
messageIdentityVerificationTokenAlreadyUsed = "The identity verification token has already been used"
|
|
|
|
messageIdentityVerificationTokenHasExpired = "The identity verification token has expired"
|
|
|
|
)
|
2021-05-04 22:06:05 +00:00
|
|
|
|
|
|
|
var protoHostSeparator = []byte("://")
|
2022-04-03 00:48:26 +00:00
|
|
|
|
|
|
|
var errPasswordPolicyNoMet = errors.New("the supplied password does not met the security policy")
|