Refactor (#21)

* Drop unused

* Split logic into two files

* Remove context pkg. Move logic to castle

Fix tests.

Author: Nesze

castle.go client.go

@@ -8,7 +8,6 @@ import (
 	"net/http"
 
 	"github.com/pkg/errors"
-	"github.com/tomasen/realip"
 )
 
 // FilterEndpoint defines the filter URL castle.io side
@@ -17,80 +16,13 @@ var FilterEndpoint = "https://api.castle.io/v1/filter"
 // RiskEndpoint defines the risk URL castle.io side
 var RiskEndpoint = "https://api.castle.io/v1/risk"
 
-type Event struct {
-	EventType   EventType
-	EventStatus EventStatus
-}
-
-// EventType is an enum defining types of event castle tracks
-type EventType string
-
-// See https://docs.castle.io/docs/events
-const (
-	EventTypeLogin                EventType = "$login"
-	EventTypeRegistration         EventType = "$registration"
-	EventTypeProfileUpdate        EventType = "$profile_update"
-	EventTypeProfileReset         EventType = "$profile_reset"
-	EventTypePasswordResetRequest EventType = "$password_reset_request"
-	EventTypeChallenge            EventType = "$challenge"
-	EventTypeLogout               EventType = "&logout"
-)
-
-// EventStatus is an enum defining the statuses for a given event.
-type EventStatus string
-
-// See https://docs.castle.io/docs/events
-const (
-	EventStatusAttempted EventStatus = "$attempted"
-	EventStatusSucceeded EventStatus = "$succeeded"
-	EventStatusFailed    EventStatus = "$failed"
-	EventStatusRequested EventStatus = "$requested"
-)
-
-// RecommendedAction encapsulates the 3 possible responses from auth call (allow, challenge, deny)
-type RecommendedAction string
-
-// See https://castle.io/docs/authentication
-const (
-	RecommendedActionNone      RecommendedAction = ""
-	RecommendedActionAllow     RecommendedAction = "allow"
-	RecommendedActionChallenge RecommendedAction = "challenge"
-	RecommendedActionDeny      RecommendedAction = "deny"
-)
-
 // New creates a new castle client
 func New(secret string) (*Castle, error) {
 	client := &http.Client{}
 
 	return NewWithHTTPClient(secret, client)
 }
 
-// HeaderAllowList keeps a list of headers that will be forwarded to castle
-var HeaderAllowList = []string{
-	"Accept",
-	"Accept-Charset",
-	"Accept-Datetime",
-	"Accept-Encoding",
-	"Accept-Language",
-	"Cache-Control",
-	"Connection",
-	"Content-Length",
-	"Content-Type",
-	"Dnt",
-	"Host",
-	"Origin",
-	"Pragma",
-	"Referer",
-	"Sec-Fetch-Dest",
-	"Sec-Fetch-Mode",
-	"Sec-Fetch-Site",
-	"Sec-Fetch-User",
-	"Te",
-	"Upgrade-Insecure-Requests",
-	"User-Agent",
-	"X-Castle-Request-Token",
-}
-
 // NewWithHTTPClient same as New but allows passing of http.Client with custom config
 func NewWithHTTPClient(secret string, client *http.Client) (*Castle, error) {
 	return &Castle{client: client, apiSecret: secret}, nil
@@ -102,82 +34,6 @@ type Castle struct {
 	apiSecret string
 }
 
-// Context captures data from HTTP request
-type Context struct {
-	IP           string            `json:"ip"`
-	Headers      map[string]string `json:"headers"`
-	RequestToken string            `json:"request_token"`
-}
-
-func isHeaderAllowed(header string) bool {
-	for _, allowedHeader := range HeaderAllowList {
-		if header == http.CanonicalHeaderKey(allowedHeader) {
-			return true
-		}
-	}
-	return false
-}
-
-// ContextFromRequest builds castle context from current http.Request
-func ContextFromRequest(r *http.Request) *Context {
-	headers := make(map[string]string)
-
-	for requestHeader := range r.Header {
-		if isHeaderAllowed(requestHeader) {
-			headers[requestHeader] = r.Header.Get(requestHeader)
-		}
-	}
-
-	requestToken := getRequestToken(r)
-
-	return &Context{IP: realip.FromRequest(r), Headers: headers, RequestToken: requestToken}
-}
-
-func getRequestToken(r *http.Request) string {
-	// RequestToken is X-Castle-Request-Token
-	return r.Header.Get("HTTP_X_CASTLE_REQUEST_TOKEN")
-}
-
-type Request struct {
-	Context    *Context
-	Event      Event
-	User       User
-	Properties map[string]string
-}
-
-type User struct {
-	ID           string            `json:"id"`
-	Email        string            `json:"email,omitempty"`
-	Phone        string            `json:"phone,omitempty"`
-	Name         string            `json:"name,omitempty"`
-	RegisteredAt string            `json:"registered_at,omitempty"`
-	Traits       map[string]string `json:"traits,omitempty"`
-}
-
-type castleAPIRequest struct {
-	Type         EventType         `json:"type"`
-	Status       EventStatus       `json:"status"`
-	RequestToken string            `json:"request_token"`
-	User         User              `json:"user"`
-	Context      *Context          `json:"context"`
-	Properties   map[string]string `json:"properties,omitempty"`
-}
-
-type castleAPIResponse struct {
-	Type    string  `json:"type"`
-	Message string  `json:"message"`
-	Risk    float32 `json:"risk"`
-	Policy  struct {
-		Name       string `json:"name"`
-		ID         string `json:"id"`
-		RevisionID string `json:"revision_id"`
-		Action     string `json:"action"`
-	} `json:"policy"`
-	Device struct {
-		Token string `json:"token"`
-	} `json:"device"`
-}
-
 // Filter sends a filter request to castle.io
 // see https://reference.castle.io/#operation/filter for details
 func (c *Castle) Filter(ctx context.Context, req *Request) (RecommendedAction, error) {

castle_test.go client_test.go

@@ -25,7 +25,7 @@ func configureHTTPRequest() *http.Request {
 
 func configureRequest(httpReq *http.Request) *castle.Request {
 	return &castle.Request{
-		Context: castle.ContextFromRequest(httpReq),
+		Context: castle.FromHTTPRequest(httpReq),
 		Event: castle.Event{
 			EventType:   castle.EventTypeLogin,
 			EventStatus: castle.EventStatusSucceeded,
@@ -168,7 +168,7 @@ func TestCastle_Filter(t *testing.T) {
 			assert.Equal(t, "user-id", reqData.User.ID)
 			assert.Equal(t, map[string]string{"prop1": "propValue1"}, reqData.Properties)
 			assert.Equal(t, map[string]string{"trait1": "traitValue1"}, reqData.User.Traits)
-			assert.Equal(t, castle.ContextFromRequest(httpReq), reqData.Context)
+			assert.Equal(t, castle.FromHTTPRequest(httpReq), reqData.Context)
 
 			executed = true
 		}))
@@ -183,39 +183,6 @@ func TestCastle_Filter(t *testing.T) {
 	})
 }
 
-func TestContextFromRequest(t *testing.T) {
-	// grabs ClientID form cookie
-	req := httptest.NewRequest("GET", "/", nil)
-
-	req.Header.Set("HTTP_X_CASTLE_REQUEST_TOKEN", "some-token")
-
-	ctx := castle.ContextFromRequest(req)
-	assert.Equal(t, "some-token", ctx.RequestToken)
-
-	// grabs IP from request
-	req.Header.Set("X-REAL-IP", "9.9.9.9")
-	ctx = castle.ContextFromRequest(req)
-	assert.Equal(t, "9.9.9.9", ctx.IP)
-
-	// but prefers X-FORWARDED-FOR
-	req.Header.Set("X-FORWARDED-FOR", "6.6.6.6, 3.3.3.3, 8.8.8.8")
-	ctx = castle.ContextFromRequest(req)
-	assert.Equal(t, "6.6.6.6", ctx.IP)
-
-	// grabs whitelisted headers only
-
-	for _, whitelistedHeader := range castle.HeaderAllowList {
-		req.Header.Set(whitelistedHeader, whitelistedHeader)
-	}
-
-	ctx = castle.ContextFromRequest(req)
-	for _, whitelistedHeader := range castle.HeaderAllowList {
-		assert.Contains(t, ctx.Headers, http.CanonicalHeaderKey(whitelistedHeader))
-	}
-
-	assert.NotContains(t, ctx.Headers, "Cookie")
-}
-
 func TestCastle_Risk(t *testing.T) {
 	ctx := context.Background()
 
@@ -296,7 +263,7 @@ func TestCastle_Risk(t *testing.T) {
 			assert.Equal(t, "user-id", reqData.User.ID)
 			assert.Equal(t, map[string]string{"prop1": "propValue1"}, reqData.Properties)
 			assert.Equal(t, map[string]string{"trait1": "traitValue1"}, reqData.User.Traits)
-			assert.Equal(t, castle.ContextFromRequest(httpReq), reqData.Context)
+			assert.Equal(t, castle.FromHTTPRequest(httpReq), reqData.Context)
 
 			executed = true
 		}))

context/context.go context.go

@@ -1,11 +1,10 @@
-package context
+package castle
 
 import (
 	"context"
 	"net/http"
 	"strings"
 
-	"github.com/utilitywarehouse/castle-go"
 	http_internal "github.com/utilitywarehouse/castle-go/http"
 )
 
@@ -17,9 +16,27 @@ func (c contextKey) String() string {
 
 var castleCtxKey = contextKey("castle_context")
 
-// ToCtxFromRequest adds the token and other request information (i.e. castle context) to the context.
-func ToCtxFromRequest(ctx context.Context, r *http.Request) context.Context {
-	castleCtx := castle.Context{
+// ToCtx adds the Castle context to the context.Context.
+func ToCtx(ctx context.Context, castleCtx *Context) context.Context {
+	return context.WithValue(ctx, castleCtxKey, castleCtx)
+}
+
+// FromCtx returns the Castle context from the context.Context.
+func FromCtx(ctx context.Context) *Context {
+	castleCtx, ok := ctx.Value(castleCtxKey).(*Context)
+	if ok {
+		return castleCtx
+	}
+	return nil
+}
+
+// ToCtxFromHTTPRequest adds the token and other request information (i.e. castle context) to the context.
+func ToCtxFromHTTPRequest(ctx context.Context, r *http.Request) context.Context {
+	return context.WithValue(ctx, castleCtxKey, FromHTTPRequest(r))
+}
+
+func FromHTTPRequest(r *http.Request) *Context {
+	return &Context{
 		RequestToken: func() string {
 			// grab the token from header if it exists
 			if tkn := tokenFromHTTPHeader(r.Header); tkn != "" {
@@ -32,15 +49,6 @@ func ToCtxFromRequest(ctx context.Context, r *http.Request) context.Context {
 		IP:      http_internal.IPFromRequest(r),
 		Headers: FilterHeaders(r.Header), // pass in as much context as possible
 	}
-	return context.WithValue(ctx, castleCtxKey, castleCtx)
-}
-
-func FromCtx(ctx context.Context) *castle.Context {
-	castleCtx, ok := ctx.Value(castleCtxKey).(castle.Context)
-	if ok {
-		return &castleCtx
-	}
-	return nil
 }
 
 func tokenFromHTTPHeader(header http.Header) string {

context/context_test.go context_test.go

@@ -1,4 +1,4 @@
-package context
+package castle_test
 
 import (
 	"context"
@@ -61,8 +61,8 @@ func TestToCtxFromRequest(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			ctx := context.Background()
 
-			gotCtx := ToCtxFromRequest(ctx, &test.input)
-			got := FromCtx(gotCtx)
+			gotCtx := castle.ToCtxFromHTTPRequest(ctx, &test.input)
+			got := castle.FromCtx(gotCtx)
 			assert.Equal(t, test.expected, *got)
 		})
 	}

go.mod

@@ -6,7 +6,6 @@ require (
 	github.com/daixiang0/gci v0.10.1
 	github.com/pkg/errors v0.9.1
 	github.com/stretchr/testify v1.8.3
-	github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce
 	gotest.tools/gotestsum v1.10.0
 	mvdan.cc/gofumpt v0.5.0
 )

go.sum

@@ -45,8 +45,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce h1:fb190+cK2Xz/dvi9Hv8eCYJYvIGUTN2/KLq1pT6CjEc=
-github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce/go.mod h1:o8v6yHRoik09Xen7gje4m9ERNah1d1PPsVq1VEx9vE4=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=