From f5e12d2cae94ca3e79db09204d7297dec42740cc Mon Sep 17 00:00:00 2001 From: Francesco Minnocci Date: Sun, 1 Oct 2023 17:29:56 +0200 Subject: [PATCH] Initial commit --- README.md | 35 ++++++++++++++++++++++++ main.go | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+) create mode 100644 README.md create mode 100644 main.go diff --git a/README.md b/README.md new file mode 100644 index 0000000..b863e0a --- /dev/null +++ b/README.md @@ -0,0 +1,35 @@ +# API to check for Maths students + +## Server Prerequisites + +- Having `go` installed +- An environment variable `AUTHPDS_TOKEN` containing the authentication token for the external API. +- An environment variable named `SECRET` containing the secret token for authorization. + +## Server Setup + +- Clone the repository: + ``` + git clone https://git.phc.dm.unipi.it/phc/go-maths-api + ``` +- Change directory and build the project: + ``` + cd go-maths-api + go build + ``` +- Run with `./go-maths-api` + +## Client Usage + +An example request (with `SECRET` defined in your environment): +``` +curl -X GET "http://localhost:8080/check-maths-user?SANITIZED_USER=f.minnocci" -H "Authorization: Bearer $SECRET" +``` + +Successful JSON response: + +``` +{ + "result": true +} +``` diff --git a/main.go b/main.go new file mode 100644 index 0000000..a885173 --- /dev/null +++ b/main.go @@ -0,0 +1,80 @@ +package main + +import ( + "encoding/json" + "fmt" + "net/http" + "os" + "strings" +) + +func main() { + http.HandleFunc("/check-maths-user", CheckMathsUserHandler) + port := ":8080" + + fmt.Printf("Listening on port %s...\n", port) + http.ListenAndServe(port, nil) +} + +func CheckMathsUserHandler(w http.ResponseWriter, r *http.Request) { + // Get the SANITIZED_USER from the query parameters + sanitizedUser := r.URL.Query().Get("SANITIZED_USER") + + // Get the AUTHORIZATION header value, which should include the secret token + authHeader := r.Header.Get("Authorization") + expectedAuthHeader := "Bearer " + os.Getenv("SECRET") + + // Check if the provided authorization header matches the expected secret token + if authHeader != expectedAuthHeader { + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } + + // Get the AUTHPDS_TOKEN from an environment variable + authPdsToken := os.Getenv("AUTHPDS_TOKEN") + + // Make a GET request to the external API + apiURL := fmt.Sprintf("https://api.unipi.it/authPds/api/Carriera/studente/uid/%s/", sanitizedUser) + req, err := http.NewRequest("GET", apiURL, nil) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + req.Header.Add("accept", "*/*") + req.Header.Add("Authorization", "Bearer "+authPdsToken) + + // Execute the request + client := &http.Client{} + resp, err := client.Do(req) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + defer resp.Body.Close() + + // Check if the response contains the desired keywords + body := make([]byte, 0) + _, err = resp.Body.Read(body) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + containsKeywords := false + keywords := []string{"MATEMATICA", "Mobilit", "Transizione"} + for _, keyword := range keywords { + if strings.Contains(string(body), keyword) { + containsKeywords = true + break + } + } + + // Create a JSON response + response := map[string]bool{ + "result": containsKeywords, + } + + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(response) +}