Switch from access_token in URL to token in header

This commit is contained in:
Paul Tötterman 2020-10-01 12:09:39 +03:00
parent 7dd5e2a05b
commit ee30ee9640
3 changed files with 23 additions and 9 deletions

View File

@ -53,13 +53,13 @@ func (e HTTPError) Error() string {
return fmt.Sprintf("contents=%v msg=%s code=%d wrapped=%s", e.Contents, e.Message, e.Code, wrappedErrMsg)
}
// BuildURL builds a URL with the Client's homserver/prefix/access_token set already.
// BuildURL builds a URL with the Client's homeserver/prefix set already.
func (cli *Client) BuildURL(urlPath ...string) string {
ps := append([]string{cli.Prefix}, urlPath...)
return cli.BuildBaseURL(ps...)
}
// BuildBaseURL builds a URL with the Client's homeserver/access_token set already. You must
// BuildBaseURL builds a URL with the Client's homeserver set already. You must
// supply the prefix in the path.
func (cli *Client) BuildBaseURL(urlPath ...string) string {
// copy the URL. Purposefully ignore error as the input is from a valid URL already
@ -72,9 +72,6 @@ func (cli *Client) BuildBaseURL(urlPath ...string) string {
hsURL.Path = hsURL.Path + "/"
}
query := hsURL.Query()
if cli.AccessToken != "" {
query.Set("access_token", cli.AccessToken)
}
if cli.AppServiceUserID != "" {
query.Set("user_id", cli.AppServiceUserID)
}
@ -82,7 +79,7 @@ func (cli *Client) BuildBaseURL(urlPath ...string) string {
return hsURL.String()
}
// BuildURLWithQuery builds a URL with query parameters in addition to the Client's homeserver/prefix/access_token set already.
// BuildURLWithQuery builds a URL with query parameters in addition to the Client's homeserver/prefix set already.
func (cli *Client) BuildURLWithQuery(urlPath []string, urlQuery map[string]string) string {
u, _ := url.Parse(cli.BuildURL(urlPath...))
q := u.Query()
@ -203,7 +200,13 @@ func (cli *Client) MakeRequest(method string, httpURL string, reqBody interface{
if err != nil {
return err
}
req.Header.Set("Content-Type", "application/json")
if cli.AccessToken != "" {
req.Header.Set("Authorization", "Bearer "+cli.AccessToken)
}
res, err := cli.Client.Do(req)
if res != nil {
defer res.Body.Close()
@ -687,15 +690,21 @@ func (cli *Client) UploadToContentRepo(content io.Reader, contentType string, co
if err != nil {
return nil, err
}
req.Header.Set("Content-Type", contentType)
req.Header.Set("Authorization", "Bearer "+cli.AccessToken)
req.ContentLength = contentLength
res, err := cli.Client.Do(req)
if res != nil {
defer res.Body.Close()
}
if err != nil {
return nil, err
}
if res.StatusCode != 200 {
contents, err := ioutil.ReadAll(res.Body)
if err != nil {
@ -710,10 +719,12 @@ func (cli *Client) UploadToContentRepo(content io.Reader, contentType string, co
Code: res.StatusCode,
}
}
var m RespMediaUpload
if err := json.NewDecoder(res.Body).Decode(&m); err != nil {
return nil, err
}
return &m, nil
}

View File

@ -55,7 +55,7 @@ func ExampleClient_BuildURLWithQuery() {
"filter_id": "5",
})
fmt.Println(out)
// Output: https://matrix.org/_matrix/client/r0/sync?access_token=abcdef123456&filter_id=5
// Output: https://matrix.org/_matrix/client/r0/sync?filter_id=5
}
func ExampleClient_BuildURL() {
@ -63,7 +63,7 @@ func ExampleClient_BuildURL() {
cli, _ := NewClient("https://matrix.org", userID, "abcdef123456")
out := cli.BuildURL("user", userID, "filter")
fmt.Println(out)
// Output: https://matrix.org/_matrix/client/r0/user/@example:matrix.org/filter?access_token=abcdef123456
// Output: https://matrix.org/_matrix/client/r0/user/@example:matrix.org/filter
}
func ExampleClient_BuildBaseURL() {
@ -71,7 +71,7 @@ func ExampleClient_BuildBaseURL() {
cli, _ := NewClient("https://matrix.org", userID, "abcdef123456")
out := cli.BuildBaseURL("_matrix", "client", "r0", "directory", "room", "#matrix:matrix.org")
fmt.Println(out)
// Output: https://matrix.org/_matrix/client/r0/directory/room/%23matrix:matrix.org?access_token=abcdef123456
// Output: https://matrix.org/_matrix/client/r0/directory/room/%23matrix:matrix.org
}
// Retrieve the content of a m.room.name state event.

View File

@ -150,5 +150,8 @@ type MockRoundTripper struct {
}
func (t MockRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
if req.Header.Get("Authorization") == "" {
panic("no auth")
}
return t.RT(req)
}