-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinit.go
113 lines (91 loc) · 3.05 KB
/
init.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package cipherPayload
import (
"encoding/json"
"strings"
"github.com/gofiber/fiber/v2"
)
var (
serviceName = "[Middleware] cipherPayload"
)
func New(config ...Config) fiber.Handler {
// set default config
cfg := configDefault(config...)
panicResponseHeader := serviceName + ": Some configuration is missing: "
// config is required
if len(cfg.KeyPairs.AESKeyForEncrypt) == 0 {
panic(panicResponseHeader + "`AESKeyForEncrypt` is required.")
}
// config is required
if len(cfg.KeyPairs.AESIVForEncrypt) == 0 {
panic(panicResponseHeader + "`AESIVForEncrypt` is required.")
}
// config is required
if len(cfg.KeyPairs.AESKeyForDecrypt) == 0 {
panic(panicResponseHeader + "`AESKeyForDecrypt` is required.")
}
// config is required
if len(cfg.KeyPairs.AESIVForDecrypt) == 0 {
panic(panicResponseHeader + "`AESIVForDecrypt` is required.")
}
return func(c *fiber.Ctx) error {
// Don't execute middleware if Next returns true
if cfg.Next != nil && cfg.Next(c) {
return c.Next()
}
// Don't execute when url is contains "health"
if strings.Contains(c.OriginalURL(), "health") {
return c.Next()
}
// Don't execute when the method is not matched a list
if !isExist(cfg.AllowMethod, c.Method()) {
return c.Next()
}
logger := newLogger(cfg.DebugMode)
var reqBody PayloadBody
err := c.BodyParser(&reqBody)
if err != nil || reqBody.Payload == "" {
errMsg := "BodyParser error or Empty Payload"
if cfg.StrictMode {
errMsg := "Invalid Payload"
logger.printf("error", errMsg, string(c.Request().Body()))
return cfg.FailResponse(c, errMsg)
}
logger.printf("info", errMsg, string(c.Request().Body()))
}
logger.printf("debug", "Request:", reqBody.Payload)
// Payload Decrypting
encrypterDecrypter := NewAESEncryption(cfg.KeyPairs, cfg.DebugMode)
decryptedPayload, err := encrypterDecrypter.Decrypt(reqBody.Payload)
logger.printf("debug", "Decrypted:", decryptedPayload)
if err != nil || decryptedPayload == "" {
errMsg := "Payload decrypt fail or Empty payload"
if cfg.StrictMode {
logger.printf("error", serviceName, err)
return cfg.FailResponse(c, errMsg)
}
logger.printf("info", errMsg)
}
jsonRaw := json.RawMessage(decryptedPayload)
jsonBytes, _ := json.Marshal(jsonRaw)
// Set plaintext back into request body
logger.printf("debug", "jsonBytes:", string(jsonBytes))
c.Request().SetBodyRaw(jsonBytes)
// Let request to continue execute
c.Next()
// Intercept the response body
interceptBody := string(c.Response().Body())
logger.printf("debug", "Intercept Body:", interceptBody)
// Payload Encrypting
encryptedPayload, err := encrypterDecrypter.Encrypt(interceptBody)
logger.printf("debug", "Encrypted:", encryptedPayload)
if err != nil || encryptedPayload == "" {
logger.printf("error", serviceName, err)
errMsg := "InternalServerError: Cannot encrypt payload or invalid payload"
return cfg.ErrorResponse(c, errMsg)
}
// Set ciphertext back into response body
var resBody PayloadBody
resBody.Payload = encryptedPayload
return c.JSON(resBody)
}
}