From 6f8f9a686ae26417f3e40e9b0a074a107c64663b Mon Sep 17 00:00:00 2001 From: CTFang Date: Tue, 6 Feb 2024 13:10:06 +0000 Subject: [PATCH] Fix: use models in serviceName when authorization --- internal/context/context.go | 10 +++++----- internal/sbi/eventexposure/routers.go | 6 ++---- internal/sbi/pdusession/routers.go | 6 ++---- internal/util/oauth/router_auth_check.go | 5 +++-- internal/util/oauth/router_auth_check_test.go | 5 +++-- 5 files changed, 15 insertions(+), 17 deletions(-) diff --git a/internal/context/context.go b/internal/context/context.go index d692d788..ce342f1b 100644 --- a/internal/context/context.go +++ b/internal/context/context.go @@ -25,7 +25,7 @@ func Init() { } type NFContext interface { - AuthorizationCheck(token, serviceName string) error + AuthorizationCheck(token string, serviceName models.ServiceName) error } var _ NFContext = &SMFContext{} @@ -294,19 +294,19 @@ func GetUEDefaultPathPool(groupName string) *UEDefaultPaths { return smfContext.UEDefaultPathPool[groupName] } -func (c *SMFContext) GetTokenCtx(scope string, targetNF models.NfType) ( +func (c *SMFContext) GetTokenCtx(serviceName models.ServiceName, targetNF models.NfType) ( context.Context, *models.ProblemDetails, error, ) { if !c.OAuth2Required { return context.TODO(), nil, nil } return oauth.GetTokenCtx(models.NfType_SMF, targetNF, - c.NfInstanceID, c.NrfUri, scope) + c.NfInstanceID, c.NrfUri, string(serviceName)) } -func (c *SMFContext) AuthorizationCheck(token, serviceName string) error { +func (c *SMFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error { if !c.OAuth2Required { return nil } - return oauth.VerifyOAuth(token, serviceName, c.NrfCertPem) + return oauth.VerifyOAuth(token, string(serviceName), c.NrfCertPem) } diff --git a/internal/sbi/eventexposure/routers.go b/internal/sbi/eventexposure/routers.go index 717c06d2..26e3319e 100644 --- a/internal/sbi/eventexposure/routers.go +++ b/internal/sbi/eventexposure/routers.go @@ -18,7 +18,7 @@ import ( "github.com/free5gc/openapi/models" smf_context "github.com/free5gc/smf/internal/context" "github.com/free5gc/smf/internal/logger" - "github.com/free5gc/smf/internal/util/oauth" + util_oauth "github.com/free5gc/smf/internal/util/oauth" "github.com/free5gc/smf/pkg/factory" logger_util "github.com/free5gc/util/logger" ) @@ -35,8 +35,6 @@ type Route struct { HandlerFunc gin.HandlerFunc } -const serviceName string = string(models.ServiceName_NSMF_EVENT_EXPOSURE) - // Routes is the list of the generated Route. type Routes []Route @@ -50,7 +48,7 @@ func NewRouter() *gin.Engine { func AddService(engine *gin.Engine) *gin.RouterGroup { group := engine.Group(factory.SmfEventExposureResUriPrefix) - routerAuthorizationCheck := util_oauth.NewRouterAuthorizationCheck(serviceName) + routerAuthorizationCheck := util_oauth.NewRouterAuthorizationCheck(models.ServiceName_NSMF_EVENT_EXPOSURE) group.Use(func(c *gin.Context) { routerAuthorizationCheck.Check(c, smf_context.GetSelf()) }) diff --git a/internal/sbi/pdusession/routers.go b/internal/sbi/pdusession/routers.go index 2e3a16f7..c9f753f0 100644 --- a/internal/sbi/pdusession/routers.go +++ b/internal/sbi/pdusession/routers.go @@ -18,7 +18,7 @@ import ( "github.com/free5gc/openapi/models" smf_context "github.com/free5gc/smf/internal/context" "github.com/free5gc/smf/internal/logger" - "github.com/free5gc/smf/internal/util/oauth" + util_oauth "github.com/free5gc/smf/internal/util/oauth" "github.com/free5gc/smf/pkg/factory" logger_util "github.com/free5gc/util/logger" ) @@ -35,8 +35,6 @@ type Route struct { HandlerFunc gin.HandlerFunc } -const serviceName string = string(models.ServiceName_NSMF_PDUSESSION) - // Routes is the list of the generated Route. type Routes []Route @@ -50,7 +48,7 @@ func NewRouter() *gin.Engine { func AddService(engine *gin.Engine) *gin.RouterGroup { group := engine.Group(factory.SmfPdusessionResUriPrefix) - routerAuthorizationCheck := util_oauth.NewRouterAuthorizationCheck(serviceName) + routerAuthorizationCheck := util_oauth.NewRouterAuthorizationCheck(models.ServiceName_NSMF_PDUSESSION) group.Use(func(c *gin.Context) { routerAuthorizationCheck.Check(c, smf_context.GetSelf()) }) diff --git a/internal/util/oauth/router_auth_check.go b/internal/util/oauth/router_auth_check.go index 37b111ac..d9db11f6 100644 --- a/internal/util/oauth/router_auth_check.go +++ b/internal/util/oauth/router_auth_check.go @@ -5,15 +5,16 @@ import ( "github.com/gin-gonic/gin" + "github.com/free5gc/openapi/models" smf_context "github.com/free5gc/smf/internal/context" "github.com/free5gc/smf/internal/logger" ) type RouterAuthorizationCheck struct { - serviceName string + serviceName models.ServiceName } -func NewRouterAuthorizationCheck(serviceName string) *RouterAuthorizationCheck { +func NewRouterAuthorizationCheck(serviceName models.ServiceName) *RouterAuthorizationCheck { return &RouterAuthorizationCheck{ serviceName: serviceName, } diff --git a/internal/util/oauth/router_auth_check_test.go b/internal/util/oauth/router_auth_check_test.go index cb225844..4af6a756 100644 --- a/internal/util/oauth/router_auth_check_test.go +++ b/internal/util/oauth/router_auth_check_test.go @@ -5,6 +5,7 @@ import ( "net/http/httptest" "testing" + "github.com/free5gc/openapi/models" "github.com/gin-gonic/gin" "github.com/pkg/errors" ) @@ -20,7 +21,7 @@ func newMockSMFContext() *mockSMFContext { return &mockSMFContext{} } -func (m *mockSMFContext) AuthorizationCheck(token string, serviceName string) error { +func (m *mockSMFContext) AuthorizationCheck(token string, serviceName models.ServiceName) error { if token == Valid { return nil } @@ -81,7 +82,7 @@ func TestRouterAuthorizationCheck_Check(t *testing.T) { } c.Request.Header.Set("Authorization", tt.args.token) - rac := NewRouterAuthorizationCheck("testService") + rac := NewRouterAuthorizationCheck(models.ServiceName("testService")) rac.Check(c, newMockSMFContext()) if w.Code != tt.want.statusCode { t.Errorf("StatusCode should be %d, but got %d", tt.want.statusCode, w.Code)