mirror of
https://github.com/bitechdev/ResolveSpec.git
synced 2026-05-21 11:35:26 +00:00
42 lines
1.2 KiB
Go
42 lines
1.2 KiB
Go
package security
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
)
|
|
|
|
// ChainAuthenticator tries each authenticator in order, returning the first success.
|
|
// Login and Logout are delegated to the primary authenticator.
|
|
type ChainAuthenticator struct {
|
|
authenticators []Authenticator
|
|
}
|
|
|
|
// NewChainAuthenticator creates a ChainAuthenticator from the given authenticators.
|
|
// At least one authenticator is required; the first is treated as primary for Login/Logout.
|
|
func NewChainAuthenticator(primary Authenticator, rest ...Authenticator) *ChainAuthenticator {
|
|
return &ChainAuthenticator{
|
|
authenticators: append([]Authenticator{primary}, rest...),
|
|
}
|
|
}
|
|
|
|
func (c *ChainAuthenticator) Authenticate(r *http.Request) (*UserContext, error) {
|
|
var lastErr error
|
|
for _, a := range c.authenticators {
|
|
if uc, err := a.Authenticate(r); err == nil {
|
|
return uc, nil
|
|
} else {
|
|
lastErr = err
|
|
}
|
|
}
|
|
return nil, fmt.Errorf("all authenticators failed; last error: %w", lastErr)
|
|
}
|
|
|
|
func (c *ChainAuthenticator) Login(ctx context.Context, req LoginRequest) (*LoginResponse, error) {
|
|
return c.authenticators[0].Login(ctx, req)
|
|
}
|
|
|
|
func (c *ChainAuthenticator) Logout(ctx context.Context, req LogoutRequest) error {
|
|
return c.authenticators[0].Logout(ctx, req)
|
|
}
|