How about something like this? Unsure about concurrent access to global variables, but if you want to access srv and clientstore from package sw, It'd make sense to me to move srv and clientstore out of main and into a package.
howToApplyMiddleware main.go - server server.go - sw handler.go router.go middleware.go //main.go package main import ( "log" "net/http" "howToApplyMiddleware/sw" ) func main() { log.Printf("Server started") log.Fatal(http.ListenAndServe(":8000", sw.Router)) } //server.go package server import ( "gopkg.in/oauth2.v3/errors" "gopkg.in/oauth2.v3/manage" "gopkg.in/oauth2.v3/server" "gopkg.in/oauth2.v3/store" "log" ) var ClientStore *store.ClientStore var SRV *server.Server func init() { ClientStore = store.NewClientStore() manager := manage.NewDefaultManager() manager.SetAuthorizeCodeTokenCfg(manage.DefaultAuthorizeCodeTokenCfg) manager.MapClientStorage(ClientStore) manager.SetRefreshTokenCfg(manage.DefaultRefreshTokenCfg) manager.MustTokenStorage(store.NewMemoryTokenStore()) SRV = server.NewDefaultServer(manager) SRV.SetAllowGetAccessRequest(true) SRV.SetClientInfoHandler(server.ClientFormHandler) SRV.SetInternalErrorHandler(func(err error) (re *errors.Response) { log.Println("Internal Error:", err.Error()) return }) SRV.SetResponseErrorHandler(func(re *errors.Response) { log.Println("Response Error:", re.Error.Error()) }) } //handler.go package sw import ( "net/http" ) //Funtion in handler.go in subdir func protecteduri(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello, I'm protected")) } //middleware.go package sw import ( "net/http" "howToApplyMiddleware/server" ) //This function in middleware.go in subdir func validateToken(f func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) { return func(w http.ResponseWriter, r *http.Request) { _, err := server.SRV.ValidationBearerToken(r) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } f(w, r) } } //router.go package sw import ( "encoding/json" "fmt" "github.com/google/uuid" "github.com/gorilla/mux" "gopkg.in/oauth2.v3/models" "net/http" "howToApplyMiddleware/server" "strings" ) var Router *mux.Router func init() { Router = NewRouter() Router.HandleFunc("/oauth2/token", func(w http.ResponseWriter, r *http.Request) { server.SRV.HandleTokenRequest(w, r) }) Router.HandleFunc("/credentials", func(w http.ResponseWriter, r *http.Request) { clientId := uuid.New().String()[:8] clientSecret := uuid.New().String()[:8] err := server.ClientStore.Set(clientId, &models.Client{ ID: clientId, Secret: clientSecret, Domain: "http://localhost:9094", }) if err != nil { fmt.Println(err.Error()) } w.Header().Set("Content-Type", "application/json") json.NewEncoder(w).Encode(map[string]string{"CLIENT_ID": clientId, "CLIENT_SECRET": clientSecret}) }) } type Route struct { Name string Method string Pattern string HandlerFunc http.HandlerFunc } type Routes []Route func NewRouter() *mux.Router { router := mux.NewRouter().StrictSlash(true) for _, route := range routes { var handler http.Handler handler = route.HandlerFunc //handler = Logger(handler, route.Name) router. Methods(route.Method). Path(route.Pattern). Name(route.Name). Handler(handler) } return router } func Index(w http.ResponseWriter, r *http.Request) { fmt.Fprintf(w, "Hello World!") } var routes = Routes{ { "Index", "GET", "/", Index, }, { "protecteduri", strings.ToUpper("Get"), "/protected", validateToken(protecteduri), }, } On Thursday, April 4, 2019 at 4:44:14 AM UTC-4, afriyie...@gmail.com wrote: > > I have modify the middleware to the below but it only work if the handler > function "/protected" is in the main function. > I have many handlers and do not want to put all of them in the main.go. > You suggest i define a struct and use member function of the struct, can > you elaborate more about for me or the format. > > func ValidateToken(srv *server.Server) func(http.Handler) http.Handler { > return func(next http.Handler) http.Handler { > return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { > notAuth := []string{"/oauth2/token", "/credentials"} //List of endpoints > that doesn't require auth > requestPath := r.URL.Path //current request path > > //check if request does not need authentication, serve the request if it > doesn't need it > for _, value := range notAuth { > > if value == requestPath { > next.ServeHTTP(w, r) > return > } > } > _, err := srv.ValidationBearerToken(r) > if err != nil { > http.Error(w, err.Error(), http.StatusBadRequest) > return > } > > next.ServeHTTP(w, r) > }) > } > } > > > On Thursday, April 4, 2019 at 10:46:08 AM UTC+3, afriyie...@gmail.com > wrote: >> >> changing and using "router.Use(getTokenMW(server))" is validating all the >> routes. How can i exclude routes >> /oauth2/token and /credentials. I read that populate but i dont get the >> idea. >> Any clew about how to go about this? >> >> On Wednesday, April 3, 2019 at 6:47:12 PM UTC+3, Burak Serdar wrote: >>> >>> On Wed, Apr 3, 2019 at 8:35 AM <afriyie...@gmail.com> wrote: >>> >>> > type Route struct { >>> > Name string >>> > Method string >>> > Pattern string >>> > HandlerFunc http.HandlerFunc >>> > } >>> > >>> > type Routes []Route >>> > >>> > func NewRouter() *mux.Router { >>> > router := mux.NewRouter().StrictSlash(true) >>> > for _, route := range routes { >>> > var handler http.Handler >>> > handler = route.HandlerFunc >>> > handler = Logger(handler, route.Name) >>> > >>> > router. >>> > Methods(route.Method). >>> > Path(route.Pattern). >>> > Name(route.Name). >>> > Handler(handler) >>> > } >>> > >>> > return router >>> > } >>> > >>> > func Index(w http.ResponseWriter, r *http.Request) { >>> > fmt.Fprintf(w, "Hello World!") >>> > } >>> > >>> > var routes = Routes{ >>> > { >>> > "Index", >>> > "GET", >>> > "/", >>> > Index, >>> > }, >>> > >>> > { >>> > "protecteduri", >>> > strings.ToUpper("Get"), >>> > "/protected", >>> > protecteduri, >>> > }, >>> > } >>> > >>> > My question is how do i apply the "validateToken" function >>> (middleware) to the routes in the router.go? >>> > The function is to validate the access token in the request message >>> before calling the handler functions. >>> > >>> Have you looked at the gorilla/mux documentation about middlewares? >>> There are examples there: https://godoc.org/github.com/gorilla/mux >>> >>> You need to change the validateToken func: >>> >>> func getTokenMW(srv *server.Server) func(http.Handler) http.Handler { >>> return func(next http.Handler) http.Handler { >>> return http.HandlerFunc(func(w http.ResponseWriter, r >>> *http.Request) { >>> } >>> } >>> } >>> >>> Then: >>> router.Use(getTokenMW(server)) >>> >>> Or, you can define a struct, put the server pointer in it, and use a >>> member function of that struct as the middleware. >>> >> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.