refactor(token): move HTTP OAuth middleware into token pkg

Asmir mentioned in review that we use this in a number of places,
move it down & add a "add to request" method for populating the client
side of request construction

Author: b5

api/api.go

@@ -15,6 +15,7 @@ import (
 	"github.com/gorilla/schema"
 	golog "github.com/ipfs/go-log"
 	apiutil "github.com/qri-io/qri/api/util"
+	"github.com/qri-io/qri/auth/token"
 	"github.com/qri-io/qri/lib"
 	"github.com/qri-io/qri/version"
 )
@@ -244,7 +245,7 @@ func NewServerRoutes(s Server) *mux.Router {
 	}
 
 	m.Use(refStringMiddleware)
-	m.Use(OAuthTokenMiddleware)
+	m.Use(token.OAuthTokenMiddleware)
 
 	return m
 }

api/middleware.go

@@ -3,12 +3,10 @@ package api
 import (
 	"fmt"
 	"net/http"
-	"strings"
 	"time"
 
 	"github.com/gorilla/mux"
 	"github.com/qri-io/qri/api/util"
-	"github.com/qri-io/qri/auth/token"
 	"github.com/qri-io/qri/dsref"
 )
 
@@ -98,33 +96,3 @@ func stripServerSideQueryParams(r *http.Request) {
 	q.Del("refstr")
 	r.URL.RawQuery = q.Encode()
 }
-
-const (
-	bearerPrefix        = "Bearer "
-	authorizationHeader = "authorization"
-)
-
-// OAuthTokenMiddleware parses any "authorization" header containing a Bearer
-// token & adds it to the request context
-func OAuthTokenMiddleware(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		reqToken := r.Header.Get(authorizationHeader)
-		if reqToken == "" && r.FormValue(authorizationHeader) != "" {
-			reqToken = r.FormValue(authorizationHeader)
-		}
-		if reqToken == "" {
-			next.ServeHTTP(w, r)
-			return
-		}
-
-		if !strings.HasPrefix(reqToken, bearerPrefix) {
-			util.WriteErrResponse(w, http.StatusBadRequest, fmt.Errorf("bad token"))
-			return
-		}
-		tokenStr := strings.TrimPrefix(reqToken, bearerPrefix)
-		ctx := token.AddToContext(r.Context(), tokenStr)
-
-		r = r.WithContext(ctx)
-		next.ServeHTTP(w, r)
-	})
-}

auth/token/context.go

@@ -2,6 +2,11 @@ package token
 
 import (
 	"context"
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/qri-io/qri/api/util"
 )
 
 // CtxKey defines a distinct type for context keys used by the access
@@ -25,3 +30,48 @@ func FromCtx(ctx context.Context) string {
 	}
 	return ""
 }
+
+const (
+	// httpAuthorizationHeader is the http header field to check for tokens,
+	// follows OAuth 2.0 spec
+	httpAuthorizationHeader = "authorization"
+	// httpAuthorizationBearerPrefix is a prefix before a token in the
+	// Authorization header field. Follows OAuth 2.0 spec
+	httpAuthorizationBearerPrefix = "Bearer "
+)
+
+// OAuthTokenMiddleware parses any "authorization" header containing a Bearer
+// token & adds it to the request context
+func OAuthTokenMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		reqToken := r.Header.Get(httpAuthorizationHeader)
+		if reqToken == "" && r.FormValue(httpAuthorizationHeader) != "" {
+			reqToken = r.FormValue(httpAuthorizationHeader)
+		}
+		if reqToken == "" {
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		if !strings.HasPrefix(reqToken, httpAuthorizationBearerPrefix) {
+			util.WriteErrResponse(w, http.StatusBadRequest, fmt.Errorf("bad token"))
+			return
+		}
+
+		tokenStr := strings.TrimPrefix(reqToken, httpAuthorizationBearerPrefix)
+		ctx := AddToContext(r.Context(), tokenStr)
+
+		r = r.WithContext(ctx)
+		next.ServeHTTP(w, r)
+	})
+}
+
+// AddContextTokenToRequest checks the supplied context for an auth token and
+// adds it to an http request, returns true if a token is added
+func AddContextTokenToRequest(ctx context.Context, r *http.Request) (*http.Request, bool) {
+	if s := FromCtx(ctx); s != "" {
+		r.Header.Set(httpAuthorizationHeader, strings.Join([]string{httpAuthorizationBearerPrefix, s}, ""))
+		return r, true
+	}
+	return r, false
+}

lib/http.go

@@ -112,8 +112,9 @@ func (c HTTPClient) do(ctx context.Context, addr string, httpMethod string, mime
 	req.Header.Set("Content-Type", mimeType)
 	req.Header.Set("Accept", mimeType)
 
-	if s := token.FromCtx(ctx); s != "" {
-		req.Header.Set("authorization", fmt.Sprintf("Bearer %s", s))
+	req, added := token.AddContextTokenToRequest(ctx, req)
+	if !added {
+		log.Debugw("No token was set on an http client request. Unauthenticated requests may fail", "httpMethod", httpMethod, "addr", addr)
 	}
 
 	res, err := http.DefaultClient.Do(req)

lib/logbook.qfb

@@ -126,7 +126,7 @@ func TestResolveRef(t *testing.T) {
 
 	dsrefspec.AssertResolverSpec(t, p2pRefResolver, func(r dsref.Ref, author profile.Author, _ *oplog.Log) error {
 		builder := dscache.NewBuilder()
-		pid, err := key.IDFromPub(author.AuthorPubKey())
+		pid, err := key.IDFromPubKey(author.AuthorPubKey())
 		builder.AddUser(r.Username, pid)
 		if err != nil {
 			return err