From 370755329130978a8eed340b4126ec28e1bf1438 Mon Sep 17 00:00:00 2001 From: "CTFang@WireLab" Date: Tue, 7 Nov 2023 09:36:42 +0000 Subject: [PATCH 1/5] Feature: Service authorization check via OAuth token --- ...and_mobility_subscription_data_document.go | 5 + ...i_amf3_gpp_access_registration_document.go | 15 +++ ...f_non3_gpp_access_registration_document.go | 15 +++ .../api_amf_subscription_info_document.go | 5 + .../api_authentication_data_document.go | 10 ++ .../api_authentication_so_r_document.go | 10 ++ .../api_authentication_status_document.go | 10 ++ internal/sbi/datarepository/api_default.go | 123 ++++++++++++++++++ ...pi_event_amf_subscription_info_document.go | 9 ++ ...al_influence_data_subscription_document.go | 15 +++ .../sbi/datarepository/api_influence_data.go | 5 + .../api_provisioned_data_document.go | 5 + ...pi_query_amf_subscription_info_document.go | 5 + .../api_sdm_subscription_document.go | 10 ++ .../api_sdm_subscriptions_collection.go | 10 ++ ...pi_session_management_subscription_data.go | 5 + .../api_smf_registration_document.go | 15 +++ .../api_smf_registrations_collection.go | 5 + ...mf_selection_subscription_data_document.go | 5 + ...s_management_subscription_data_document.go | 5 + .../api_sms_subscription_data_document.go | 5 + .../api_smsf3_gpp_registration_document.go | 15 +++ ...api_smsf_non3_gpp_registration_document.go | 15 +++ .../datarepository/api_trace_data_document.go | 5 + internal/sbi/datarepository/routers.go | 50 +++++++ internal/util/nf_authorization.go | 22 ++++ 26 files changed, 399 insertions(+) create mode 100644 internal/util/nf_authorization.go diff --git a/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go b/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go index 243bad7..373c76d 100644 --- a/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go +++ b/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPQueryAmData - Retrieves the access and mobility subscription data of a UE func HTTPQueryAmData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go b/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go index 29ce877..c301099 100644 --- a/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go +++ b/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go @@ -23,6 +23,11 @@ import ( // HTTPAmfContext3gpp - To modify the AMF context data of a UE using 3gpp access in the UDR func HTTPAmfContext3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var patchItemArray []models.PatchItem requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPAmfContext3gpp(c *gin.Context) { // HTTPCreateAmfContext3gpp - To store the AMF context data of a UE using 3gpp access in the UDR func HTTPCreateAmfContext3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var amf3GppAccessRegistration models.Amf3GppAccessRegistration requestBody, err := c.GetRawData() @@ -121,6 +131,11 @@ func HTTPCreateAmfContext3gpp(c *gin.Context) { // HTTPQueryAmfContext3gpp - Retrieves the AMF context data of a UE using 3gpp access func HTTPQueryAmfContext3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go b/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go index 38d60c6..e365be2 100644 --- a/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go +++ b/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go @@ -23,6 +23,11 @@ import ( // HTTPAmfContextNon3gpp - To modify the AMF context data of a UE using non 3gpp access in the UDR func HTTPAmfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var patchItemArray []models.PatchItem requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPAmfContextNon3gpp(c *gin.Context) { // HTTPCreateAmfContextNon3gpp - To store the AMF context data of a UE using non-3gpp access in the UDR func HTTPCreateAmfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var amfNon3GppAccessRegistration models.AmfNon3GppAccessRegistration requestBody, err := c.GetRawData() @@ -121,6 +131,11 @@ func HTTPCreateAmfContextNon3gpp(c *gin.Context) { // HTTPQueryAmfContextNon3gpp - Retrieves the AMF context data of a UE using non-3gpp access func HTTPQueryAmfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_amf_subscription_info_document.go b/internal/sbi/datarepository/api_amf_subscription_info_document.go index 4cf986e..6f57285 100644 --- a/internal/sbi/datarepository/api_amf_subscription_info_document.go +++ b/internal/sbi/datarepository/api_amf_subscription_info_document.go @@ -23,6 +23,11 @@ import ( // HTTPModifyAmfSubscriptionInfo - modify the AMF Subscription Info func HTTPModifyAmfSubscriptionInfo(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var patchItemArray []models.PatchItem requestBody, err := c.GetRawData() diff --git a/internal/sbi/datarepository/api_authentication_data_document.go b/internal/sbi/datarepository/api_authentication_data_document.go index 4fca7b1..1786f19 100644 --- a/internal/sbi/datarepository/api_authentication_data_document.go +++ b/internal/sbi/datarepository/api_authentication_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPModifyAuthentication - modify the authentication subscription data of a UE func HTTPModifyAuthentication(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var patchItemArray []models.PatchItem requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPModifyAuthentication(c *gin.Context) { // HTTPQueryAuthSubsData - Retrieves the authentication subscription data of a UE func HTTPQueryAuthSubsData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_authentication_so_r_document.go b/internal/sbi/datarepository/api_authentication_so_r_document.go index 2467484..422dfba 100644 --- a/internal/sbi/datarepository/api_authentication_so_r_document.go +++ b/internal/sbi/datarepository/api_authentication_so_r_document.go @@ -23,6 +23,11 @@ import ( // HTTPCreateAuthenticationSoR - To store the SoR acknowledgement information of a UE func HTTPCreateAuthenticationSoR(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var sorData models.SorData requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPCreateAuthenticationSoR(c *gin.Context) { // HTTPQueryAuthSoR - Retrieves the SoR acknowledgement information of a UE func HTTPQueryAuthSoR(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_authentication_status_document.go b/internal/sbi/datarepository/api_authentication_status_document.go index 53d708e..bd5300a 100644 --- a/internal/sbi/datarepository/api_authentication_status_document.go +++ b/internal/sbi/datarepository/api_authentication_status_document.go @@ -23,6 +23,11 @@ import ( // HTTPCreateAuthenticationStatus - To store the Authentication Status data of a UE func HTTPCreateAuthenticationStatus(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var authEvent models.AuthEvent requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPCreateAuthenticationStatus(c *gin.Context) { // HTTPQueryAuthenticationStatus - Retrieves the Authentication Status of a UE func HTTPQueryAuthenticationStatus(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_default.go b/internal/sbi/datarepository/api_default.go index a187d67..e795866 100644 --- a/internal/sbi/datarepository/api_default.go +++ b/internal/sbi/datarepository/api_default.go @@ -58,18 +58,33 @@ func getDataFromRequestBody(c *gin.Context, data interface{}) error { // HTTPApplicationDataPfdsAppIdDelete - func HTTPApplicationDataPfdsAppIdDelete(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + rsp := producer.HandleApplicationDataPfdsAppIdDelete(c.Params.ByName("appId")) sendResponse(c, rsp) } // HTTPApplicationDataPfdsAppIdGet - func HTTPApplicationDataPfdsAppIdGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + rsp := producer.HandleApplicationDataPfdsAppIdGet(c.Params.ByName("appId")) sendResponse(c, rsp) } // HTTPApplicationDataPfdsAppIdPut - func HTTPApplicationDataPfdsAppIdPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var pfdDataforApp models.PfdDataForApp if err := getDataFromRequestBody(c, &pfdDataforApp); err != nil { @@ -83,6 +98,11 @@ func HTTPApplicationDataPfdsAppIdPut(c *gin.Context) { // HTTPApplicationDataPfdsGet - func HTTPApplicationDataPfdsGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + query := c.Request.URL.Query() rsp := producer.HandleApplicationDataPfdsGet(query["appId"]) sendResponse(c, rsp) @@ -105,6 +125,11 @@ func HTTPExposureDataSubsToNotifySubIdPut(c *gin.Context) { // HTTPPolicyDataBdtDataBdtReferenceIdDelete - func HTTPPolicyDataBdtDataBdtReferenceIdDelete(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["bdtReferenceId"] = c.Params.ByName("bdtReferenceId") @@ -115,6 +140,11 @@ func HTTPPolicyDataBdtDataBdtReferenceIdDelete(c *gin.Context) { // HTTPPolicyDataBdtDataBdtReferenceIdGet - func HTTPPolicyDataBdtDataBdtReferenceIdGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["bdtReferenceId"] = c.Params.ByName("bdtReferenceId") @@ -125,6 +155,11 @@ func HTTPPolicyDataBdtDataBdtReferenceIdGet(c *gin.Context) { // HTTPPolicyDataBdtDataBdtReferenceIdPut - func HTTPPolicyDataBdtDataBdtReferenceIdPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var bdtData models.BdtData if err := getDataFromRequestBody(c, &bdtData); err != nil { @@ -141,6 +176,11 @@ func HTTPPolicyDataBdtDataBdtReferenceIdPut(c *gin.Context) { // HTTPPolicyDataBdtDataGet - func HTTPPolicyDataBdtDataGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) rsp := producer.HandlePolicyDataBdtDataGet(req) @@ -150,6 +190,11 @@ func HTTPPolicyDataBdtDataGet(c *gin.Context) { // HTTPPolicyDataPlmnsPlmnIdUePolicySetGet - func HTTPPolicyDataPlmnsPlmnIdUePolicySetGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["plmnId"] = c.Params.ByName("plmnId") @@ -160,6 +205,11 @@ func HTTPPolicyDataPlmnsPlmnIdUePolicySetGet(c *gin.Context) { // HTTPPolicyDataSponsorConnectivityDataSponsorIdGet - func HTTPPolicyDataSponsorConnectivityDataSponsorIdGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["sponsorId"] = c.Params.ByName("sponsorId") @@ -170,6 +220,11 @@ func HTTPPolicyDataSponsorConnectivityDataSponsorIdGet(c *gin.Context) { // HTTPPolicyDataSubsToNotifyPost - func HTTPPolicyDataSubsToNotifyPost(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var policyDataSubscription models.PolicyDataSubscription if err := getDataFromRequestBody(c, &policyDataSubscription); err != nil { @@ -190,6 +245,11 @@ func HTTPPolicyDataSubsToNotifyPost(c *gin.Context) { // HTTPPolicyDataSubsToNotifySubsIdDelete - func HTTPPolicyDataSubsToNotifySubsIdDelete(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["subsId"] = c.Params.ByName("subsId") @@ -200,6 +260,11 @@ func HTTPPolicyDataSubsToNotifySubsIdDelete(c *gin.Context) { // HTTPPolicyDataSubsToNotifySubsIdPut - func HTTPPolicyDataSubsToNotifySubsIdPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var policyDataSubscription models.PolicyDataSubscription if err := getDataFromRequestBody(c, &policyDataSubscription); err != nil { @@ -216,6 +281,11 @@ func HTTPPolicyDataSubsToNotifySubsIdPut(c *gin.Context) { // HTTPPolicyDataUesUeIdAmDataGet - func HTTPPolicyDataUesUeIdAmDataGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") @@ -226,6 +296,11 @@ func HTTPPolicyDataUesUeIdAmDataGet(c *gin.Context) { // HTTPPolicyDataUesUeIdOperatorSpecificDataGet - func HTTPPolicyDataUesUeIdOperatorSpecificDataGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") @@ -236,6 +311,11 @@ func HTTPPolicyDataUesUeIdOperatorSpecificDataGet(c *gin.Context) { // HTTPPolicyDataUesUeIdOperatorSpecificDataPatch - Need to be fixed func HTTPPolicyDataUesUeIdOperatorSpecificDataPatch(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var patchItemArray []models.PatchItem if err := getDataFromRequestBody(c, &patchItemArray); err != nil { @@ -252,6 +332,11 @@ func HTTPPolicyDataUesUeIdOperatorSpecificDataPatch(c *gin.Context) { // HTTPPolicyDataUesUeIdOperatorSpecificDataPut - func HTTPPolicyDataUesUeIdOperatorSpecificDataPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var operatorSpecificDataContainerMap map[string]models.OperatorSpecificDataContainer if err := getDataFromRequestBody(c, &operatorSpecificDataContainerMap); err != nil { @@ -268,6 +353,11 @@ func HTTPPolicyDataUesUeIdOperatorSpecificDataPut(c *gin.Context) { // HTTPPolicyDataUesUeIdSmDataGet - func HTTPPolicyDataUesUeIdSmDataGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") @@ -278,6 +368,11 @@ func HTTPPolicyDataUesUeIdSmDataGet(c *gin.Context) { // HTTPPolicyDataUesUeIdSmDataPatch - Need to be fixed func HTTPPolicyDataUesUeIdSmDataPatch(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var usageMonDataMap map[string]models.UsageMonData if err := getDataFromRequestBody(c, &usageMonDataMap); err != nil { @@ -294,6 +389,11 @@ func HTTPPolicyDataUesUeIdSmDataPatch(c *gin.Context) { // HTTPPolicyDataUesUeIdSmDataUsageMonIdDelete - func HTTPPolicyDataUesUeIdSmDataUsageMonIdDelete(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["usageMonId"] = c.Params.ByName("usageMonId") @@ -305,6 +405,11 @@ func HTTPPolicyDataUesUeIdSmDataUsageMonIdDelete(c *gin.Context) { // HTTPPolicyDataUesUeIdSmDataUsageMonIdGet - func HTTPPolicyDataUesUeIdSmDataUsageMonIdGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["usageMonId"] = c.Params.ByName("usageMonId") @@ -316,6 +421,10 @@ func HTTPPolicyDataUesUeIdSmDataUsageMonIdGet(c *gin.Context) { // HTTPPolicyDataUesUeIdSmDataUsageMonIdPut - func HTTPPolicyDataUesUeIdSmDataUsageMonIdPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } var usageMonData models.UsageMonData if err := getDataFromRequestBody(c, &usageMonData); err != nil { @@ -333,6 +442,11 @@ func HTTPPolicyDataUesUeIdSmDataUsageMonIdPut(c *gin.Context) { // HTTPPolicyDataUesUeIdUePolicySetGet - func HTTPPolicyDataUesUeIdUePolicySetGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") @@ -343,6 +457,11 @@ func HTTPPolicyDataUesUeIdUePolicySetGet(c *gin.Context) { // HTTPPolicyDataUesUeIdUePolicySetPatch - func HTTPPolicyDataUesUeIdUePolicySetPatch(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var uePolicySet models.UePolicySet if err := getDataFromRequestBody(c, &uePolicySet); err != nil { @@ -359,6 +478,10 @@ func HTTPPolicyDataUesUeIdUePolicySetPatch(c *gin.Context) { // HTTPPolicyDataUesUeIdUePolicySetPut - func HTTPPolicyDataUesUeIdUePolicySetPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } var uePolicySet models.UePolicySet if err := getDataFromRequestBody(c, &uePolicySet); err != nil { diff --git a/internal/sbi/datarepository/api_event_amf_subscription_info_document.go b/internal/sbi/datarepository/api_event_amf_subscription_info_document.go index 75c1d2f..ea1f4f6 100644 --- a/internal/sbi/datarepository/api_event_amf_subscription_info_document.go +++ b/internal/sbi/datarepository/api_event_amf_subscription_info_document.go @@ -23,6 +23,10 @@ import ( // HTTPCreateAMFSubscriptions - Creates AMF Subscription Info for an eeSubscription func HTTPCreateAMFSubscriptions(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } var amfSubscriptionInfoArray []models.AmfSubscriptionInfo requestBody, err := c.GetRawData() @@ -73,6 +77,11 @@ func HTTPCreateAMFSubscriptions(c *gin.Context) { // HTTPRemoveAmfSubscriptionsInfo - Deletes AMF Subscription Info for an eeSubscription func HTTPRemoveAmfSubscriptionsInfo(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["subsId"] = c.Params.ByName("subsId") diff --git a/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go b/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go index 4235d61..432c4dd 100644 --- a/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go +++ b/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go @@ -23,6 +23,11 @@ import ( // HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdDelete - func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdDelete(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + // New HTTP request req := httpwrapper.NewRequest(c.Request, nil) req.Params["subscriptionId"] = c.Params.ByName("subscriptionId") @@ -51,6 +56,11 @@ func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdDelete(c *gin.Con // HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdGet - func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + // New HTTP request req := httpwrapper.NewRequest(c.Request, nil) req.Params["subscriptionId"] = c.Params.ByName("subscriptionId") @@ -75,6 +85,11 @@ func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdGet(c *gin.Contex // HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdPut - func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + // Get HTTP request body requestBody, err := c.GetRawData() if err != nil { diff --git a/internal/sbi/datarepository/api_influence_data.go b/internal/sbi/datarepository/api_influence_data.go index bc27e10..a56a9e0 100644 --- a/internal/sbi/datarepository/api_influence_data.go +++ b/internal/sbi/datarepository/api_influence_data.go @@ -23,6 +23,11 @@ import ( // HTTPApplicationDataInfluenceDataGet - func HTTPApplicationDataInfluenceDataGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Query["influence-Ids"] = c.QueryArray("influence-Ids") req.Query["dnns"] = c.QueryArray("dnns") diff --git a/internal/sbi/datarepository/api_provisioned_data_document.go b/internal/sbi/datarepository/api_provisioned_data_document.go index 881569b..8570acd 100644 --- a/internal/sbi/datarepository/api_provisioned_data_document.go +++ b/internal/sbi/datarepository/api_provisioned_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPQueryProvisionedData - Retrieve multiple provisioned data sets of a UE func HTTPQueryProvisionedData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/api_query_amf_subscription_info_document.go b/internal/sbi/datarepository/api_query_amf_subscription_info_document.go index cd81f4c..9282db5 100644 --- a/internal/sbi/datarepository/api_query_amf_subscription_info_document.go +++ b/internal/sbi/datarepository/api_query_amf_subscription_info_document.go @@ -23,6 +23,11 @@ import ( // HTTPGetAmfSubscriptionInfo - Retrieve AMF subscription Info func HTTPGetAmfSubscriptionInfo(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["subsId"] = c.Params.ByName("subsId") diff --git a/internal/sbi/datarepository/api_sdm_subscription_document.go b/internal/sbi/datarepository/api_sdm_subscription_document.go index 26347c6..fed5229 100644 --- a/internal/sbi/datarepository/api_sdm_subscription_document.go +++ b/internal/sbi/datarepository/api_sdm_subscription_document.go @@ -23,6 +23,11 @@ import ( // HTTPRemovesdmSubscriptions - Deletes a sdmsubscriptions func HTTPRemovesdmSubscriptions(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["subsId"] = c.Params.ByName("subsId") @@ -45,6 +50,11 @@ func HTTPRemovesdmSubscriptions(c *gin.Context) { // HTTPUpdatesdmsubscriptions - Stores an individual sdm subscriptions of a UE func HTTPUpdatesdmsubscriptions(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var sdmSubscription models.SdmSubscription requestBody, err := c.GetRawData() diff --git a/internal/sbi/datarepository/api_sdm_subscriptions_collection.go b/internal/sbi/datarepository/api_sdm_subscriptions_collection.go index 3196fe2..218ee4e 100644 --- a/internal/sbi/datarepository/api_sdm_subscriptions_collection.go +++ b/internal/sbi/datarepository/api_sdm_subscriptions_collection.go @@ -23,6 +23,11 @@ import ( // HTTPCreateSdmSubscriptions - Create individual sdm subscription func HTTPCreateSdmSubscriptions(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var sdmSubscription models.SdmSubscription requestBody, err := c.GetRawData() @@ -75,6 +80,11 @@ func HTTPCreateSdmSubscriptions(c *gin.Context) { // HTTPQuerysdmsubscriptions - Retrieves the sdm subscriptions of a UE func HTTPQuerysdmsubscriptions(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_session_management_subscription_data.go b/internal/sbi/datarepository/api_session_management_subscription_data.go index 624bfdf..208c5d6 100644 --- a/internal/sbi/datarepository/api_session_management_subscription_data.go +++ b/internal/sbi/datarepository/api_session_management_subscription_data.go @@ -23,6 +23,11 @@ import ( // HTTPQuerySmData - Retrieves the Session Management subscription data of a UE func HTTPQuerySmData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/api_smf_registration_document.go b/internal/sbi/datarepository/api_smf_registration_document.go index 5bb269d..a5fa7ad 100644 --- a/internal/sbi/datarepository/api_smf_registration_document.go +++ b/internal/sbi/datarepository/api_smf_registration_document.go @@ -23,6 +23,11 @@ import ( // HTTPCreateSmfContextNon3gpp - To create an individual SMF context data of a UE in the UDR func HTTPCreateSmfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var smfRegistration models.SmfRegistration requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPCreateSmfContextNon3gpp(c *gin.Context) { // HTTPDeleteSmfContext - To remove an individual SMF context data of a UE the UDR func HTTPDeleteSmfContext(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["pduSessionId"] = c.Params.ByName("pduSessionId") @@ -94,6 +104,11 @@ func HTTPDeleteSmfContext(c *gin.Context) { // HTTPQuerySmfRegistration - Retrieves the individual SMF registration of a UE func HTTPQuerySmfRegistration(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["pduSessionId"] = c.Params.ByName("pduSessionId") diff --git a/internal/sbi/datarepository/api_smf_registrations_collection.go b/internal/sbi/datarepository/api_smf_registrations_collection.go index ca2cec6..878dc44 100644 --- a/internal/sbi/datarepository/api_smf_registrations_collection.go +++ b/internal/sbi/datarepository/api_smf_registrations_collection.go @@ -23,6 +23,11 @@ import ( // HTTPQuerySmfRegList - Retrieves the SMF registration list of a UE func HTTPQuerySmfRegList(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go b/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go index f643ca1..1fe086d 100644 --- a/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go +++ b/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPQuerySmfSelectData - Retrieves the SMF selection subscription data of a UE func HTTPQuerySmfSelectData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/api_sms_management_subscription_data_document.go b/internal/sbi/datarepository/api_sms_management_subscription_data_document.go index 8476038..55c2b1d 100644 --- a/internal/sbi/datarepository/api_sms_management_subscription_data_document.go +++ b/internal/sbi/datarepository/api_sms_management_subscription_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPQuerySmsMngData - Retrieves the SMS management subscription data of a UE func HTTPQuerySmsMngData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/api_sms_subscription_data_document.go b/internal/sbi/datarepository/api_sms_subscription_data_document.go index 9355c05..4bd3410 100644 --- a/internal/sbi/datarepository/api_sms_subscription_data_document.go +++ b/internal/sbi/datarepository/api_sms_subscription_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPQuerySmsData - Retrieves the SMS subscription data of a UE func HTTPQuerySmsData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go b/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go index 52356b1..f6ab34e 100644 --- a/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go +++ b/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go @@ -23,6 +23,11 @@ import ( // HTTPCreateSmsfContext3gpp - Create the SMSF context data of a UE via 3GPP access func HTTPCreateSmsfContext3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var smsfRegistration models.SmsfRegistration requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPCreateSmsfContext3gpp(c *gin.Context) { // HTTPDeleteSmsfContext3gpp - To remove the SMSF context data of a UE via 3GPP access func HTTPDeleteSmsfContext3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") @@ -93,6 +103,11 @@ func HTTPDeleteSmsfContext3gpp(c *gin.Context) { // HTTPQuerySmsfContext3gpp - Retrieves the SMSF context data of a UE using 3gpp access func HTTPQuerySmsfContext3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go b/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go index 76b5df2..7380c2d 100644 --- a/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go +++ b/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go @@ -23,6 +23,11 @@ import ( // HTTPCreateSmsfContextNon3gpp - Create the SMSF context data of a UE via non-3GPP access func HTTPCreateSmsfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + var smsfRegistration models.SmsfRegistration requestBody, err := c.GetRawData() @@ -72,6 +77,11 @@ func HTTPCreateSmsfContextNon3gpp(c *gin.Context) { // HTTPDeleteSmsfContextNon3gpp - To remove the SMSF context data of a UE via non-3GPP access func HTTPDeleteSmsfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") @@ -93,6 +103,11 @@ func HTTPDeleteSmsfContextNon3gpp(c *gin.Context) { // HTTPQuerySmsfContextNon3gpp - Retrieves the SMSF context data of a UE using non-3gpp access func HTTPQuerySmsfContextNon3gpp(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") diff --git a/internal/sbi/datarepository/api_trace_data_document.go b/internal/sbi/datarepository/api_trace_data_document.go index 5eb2174..a98724d 100644 --- a/internal/sbi/datarepository/api_trace_data_document.go +++ b/internal/sbi/datarepository/api_trace_data_document.go @@ -23,6 +23,11 @@ import ( // HTTPQueryTraceData - Retrieves the trace configuration data of a UE func HTTPQueryTraceData(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + req := httpwrapper.NewRequest(c.Request, nil) req.Params["ueId"] = c.Params.ByName("ueId") req.Params["servingPlmnId"] = c.Params.ByName("servingPlmnId") diff --git a/internal/sbi/datarepository/routers.go b/internal/sbi/datarepository/routers.go index 645e601..7c92bcd 100644 --- a/internal/sbi/datarepository/routers.go +++ b/internal/sbi/datarepository/routers.go @@ -16,6 +16,7 @@ import ( "github.com/gin-gonic/gin" "github.com/free5gc/udr/internal/logger" + "github.com/free5gc/udr/internal/util" "github.com/free5gc/udr/pkg/factory" logger_util "github.com/free5gc/util/logger" ) @@ -43,6 +44,11 @@ func NewRouter() *gin.Engine { } func subMsgShortDispatchHandlerFunc(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + op := c.Param("ueId") for _, route := range subShortRoutes { if strings.Contains(route.Pattern, op) && route.Method == c.Request.Method { @@ -54,6 +60,11 @@ func subMsgShortDispatchHandlerFunc(c *gin.Context) { } func subMsgDispatchHandlerFunc(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + op := c.Param("servingPlmnId") subsToNotify := c.Param("ueId") for _, route := range subRoutes { @@ -74,6 +85,11 @@ func subMsgDispatchHandlerFunc(c *gin.Context) { } func eeMsgShortDispatchHandlerFunc(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + groupData := c.Param("ueId") contextData := c.Param("servingPlmnId") for _, route := range eeShortRoutes { @@ -91,6 +107,11 @@ func eeMsgShortDispatchHandlerFunc(c *gin.Context) { } func eeMsgDispatchHandlerFunc(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + groupData := c.Param("ueId") contextData := c.Param("servingPlmnId") for _, route := range eeRoutes { @@ -108,6 +129,11 @@ func eeMsgDispatchHandlerFunc(c *gin.Context) { } func appMsgDispatchHandlerFunc(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + subsToNotify := c.Param("influenceId") for _, route := range appRoutes { if subsToNotify == "subs-to-notify" && @@ -127,6 +153,11 @@ func appMsgDispatchHandlerFunc(c *gin.Context) { } func expoMsgDispatchHandlerFunc(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + subsToNotify := c.Param("ueId") op := c.Param("subId") for _, route := range expoRoutes { @@ -199,6 +230,11 @@ func Index(c *gin.Context) { // HandleAppDataInfluDataSubsToNotifyConflictDelete filters invalid requested resource on subs-to-notify DELETE func HandleAppDataInfluDataSubsToNotifyConflictDelete(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + influenceId := c.Param("influenceId") if influenceId == "subs-to-notify" { HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdDelete(c) @@ -209,6 +245,11 @@ func HandleAppDataInfluDataSubsToNotifyConflictDelete(c *gin.Context) { // HandleAppDataInfluDataSubsToNotifyConflictGet filters invalid requested resource on subs-to-notify GET func HandleAppDataInfluDataSubsToNotifyConflictGet(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + influenceId := c.Param("influenceId") if influenceId == "subs-to-notify" { HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdGet(c) @@ -219,6 +260,11 @@ func HandleAppDataInfluDataSubsToNotifyConflictGet(c *gin.Context) { // HandleAppDataInfluDataSubsToNotifyConflictPut filters invalid requested resource on subs-to-notify PUT func HandleAppDataInfluDataSubsToNotifyConflictPut(c *gin.Context) { + auth_err := authorizationCheck(c) + if auth_err != nil { + return + } + influenceId := c.Param("influenceId") if influenceId == "subs-to-notify" { HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdPut(c) @@ -227,6 +273,10 @@ func HandleAppDataInfluDataSubsToNotifyConflictPut(c *gin.Context) { c.String(http.StatusNotFound, "404 page not found") } +func authorizationCheck(c *gin.Context) error { + return util.AuthorizationCheck(c, "nudr-dr") +} + var routes = Routes{ { "Index", diff --git a/internal/util/nf_authorization.go b/internal/util/nf_authorization.go new file mode 100644 index 0000000..25ee83b --- /dev/null +++ b/internal/util/nf_authorization.go @@ -0,0 +1,22 @@ +package util + +import ( + "net/http" + + "github.com/free5gc/openapi/oauth" + "github.com/gin-gonic/gin" + + udr_context "github.com/free5gc/udr/internal/context" +) + +func AuthorizationCheck(c *gin.Context, serviceName string) error { + if udr_context.GetSelf().OAuth2Required { + oauth_err := oauth.VerifyOAuth(c.Request.Header.Get("Authorization"), serviceName, + udr_context.GetSelf().NrfCertPem) + if oauth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": oauth_err.Error()}) + return oauth_err + } + } + return nil +} From 82a4028c8986b4d14dfdc640a1f65e49f6e36849 Mon Sep 17 00:00:00 2001 From: "CTFang@WireLab" Date: Wed, 20 Dec 2023 03:24:20 +0000 Subject: [PATCH 2/5] Fix: fix linter error --- internal/util/nf_authorization.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/util/nf_authorization.go b/internal/util/nf_authorization.go index 25ee83b..48fe6af 100644 --- a/internal/util/nf_authorization.go +++ b/internal/util/nf_authorization.go @@ -3,9 +3,9 @@ package util import ( "net/http" - "github.com/free5gc/openapi/oauth" "github.com/gin-gonic/gin" + "github.com/free5gc/openapi/oauth" udr_context "github.com/free5gc/udr/internal/context" ) From 7ae12a0e3b9fa4afc8814a7f653eda5243f61fa3 Mon Sep 17 00:00:00 2001 From: "CTFang@WireLab" Date: Sun, 24 Dec 2023 11:45:29 +0000 Subject: [PATCH 3/5] Refactor: Move authorization return context logic --- ...and_mobility_subscription_data_document.go | 1 + ...i_amf3_gpp_access_registration_document.go | 3 +++ ...f_non3_gpp_access_registration_document.go | 3 +++ .../api_amf_subscription_info_document.go | 1 + .../api_authentication_data_document.go | 2 ++ .../api_authentication_so_r_document.go | 2 ++ .../api_authentication_status_document.go | 2 ++ internal/sbi/datarepository/api_default.go | 27 +++++++++++++++++++ ...pi_event_amf_subscription_info_document.go | 3 +++ ...al_influence_data_subscription_document.go | 3 +++ .../sbi/datarepository/api_influence_data.go | 1 + .../api_provisioned_data_document.go | 1 + ...pi_query_amf_subscription_info_document.go | 1 + .../api_sdm_subscription_document.go | 2 ++ .../api_sdm_subscriptions_collection.go | 2 ++ ...pi_session_management_subscription_data.go | 1 + .../api_smf_registration_document.go | 3 +++ .../api_smf_registrations_collection.go | 1 + ...mf_selection_subscription_data_document.go | 1 + ...s_management_subscription_data_document.go | 1 + .../api_sms_subscription_data_document.go | 1 + .../api_smsf3_gpp_registration_document.go | 3 +++ ...api_smsf_non3_gpp_registration_document.go | 3 +++ .../datarepository/api_trace_data_document.go | 1 + internal/sbi/datarepository/routers.go | 9 +++++++ internal/util/nf_authorization.go | 8 +----- 26 files changed, 79 insertions(+), 7 deletions(-) diff --git a/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go b/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go index 373c76d..eac4cf4 100644 --- a/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go +++ b/internal/sbi/datarepository/api_access_and_mobility_subscription_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPQueryAmData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go b/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go index c301099..368d294 100644 --- a/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go +++ b/internal/sbi/datarepository/api_amf3_gpp_access_registration_document.go @@ -25,6 +25,7 @@ import ( func HTTPAmfContext3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPAmfContext3gpp(c *gin.Context) { func HTTPCreateAmfContext3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -133,6 +135,7 @@ func HTTPCreateAmfContext3gpp(c *gin.Context) { func HTTPQueryAmfContext3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go b/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go index e365be2..12c2326 100644 --- a/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go +++ b/internal/sbi/datarepository/api_amf_non3_gpp_access_registration_document.go @@ -25,6 +25,7 @@ import ( func HTTPAmfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPAmfContextNon3gpp(c *gin.Context) { func HTTPCreateAmfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -133,6 +135,7 @@ func HTTPCreateAmfContextNon3gpp(c *gin.Context) { func HTTPQueryAmfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_amf_subscription_info_document.go b/internal/sbi/datarepository/api_amf_subscription_info_document.go index 6f57285..e5933c9 100644 --- a/internal/sbi/datarepository/api_amf_subscription_info_document.go +++ b/internal/sbi/datarepository/api_amf_subscription_info_document.go @@ -25,6 +25,7 @@ import ( func HTTPModifyAmfSubscriptionInfo(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_authentication_data_document.go b/internal/sbi/datarepository/api_authentication_data_document.go index 1786f19..04c2a2f 100644 --- a/internal/sbi/datarepository/api_authentication_data_document.go +++ b/internal/sbi/datarepository/api_authentication_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPModifyAuthentication(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPModifyAuthentication(c *gin.Context) { func HTTPQueryAuthSubsData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_authentication_so_r_document.go b/internal/sbi/datarepository/api_authentication_so_r_document.go index 422dfba..0d771e8 100644 --- a/internal/sbi/datarepository/api_authentication_so_r_document.go +++ b/internal/sbi/datarepository/api_authentication_so_r_document.go @@ -25,6 +25,7 @@ import ( func HTTPCreateAuthenticationSoR(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPCreateAuthenticationSoR(c *gin.Context) { func HTTPQueryAuthSoR(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_authentication_status_document.go b/internal/sbi/datarepository/api_authentication_status_document.go index bd5300a..c15fc69 100644 --- a/internal/sbi/datarepository/api_authentication_status_document.go +++ b/internal/sbi/datarepository/api_authentication_status_document.go @@ -25,6 +25,7 @@ import ( func HTTPCreateAuthenticationStatus(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPCreateAuthenticationStatus(c *gin.Context) { func HTTPQueryAuthenticationStatus(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_default.go b/internal/sbi/datarepository/api_default.go index e795866..a536667 100644 --- a/internal/sbi/datarepository/api_default.go +++ b/internal/sbi/datarepository/api_default.go @@ -60,6 +60,7 @@ func getDataFromRequestBody(c *gin.Context, data interface{}) error { func HTTPApplicationDataPfdsAppIdDelete(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -71,6 +72,7 @@ func HTTPApplicationDataPfdsAppIdDelete(c *gin.Context) { func HTTPApplicationDataPfdsAppIdGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -82,6 +84,7 @@ func HTTPApplicationDataPfdsAppIdGet(c *gin.Context) { func HTTPApplicationDataPfdsAppIdPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -100,6 +103,7 @@ func HTTPApplicationDataPfdsAppIdPut(c *gin.Context) { func HTTPApplicationDataPfdsGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -127,6 +131,7 @@ func HTTPExposureDataSubsToNotifySubIdPut(c *gin.Context) { func HTTPPolicyDataBdtDataBdtReferenceIdDelete(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -142,6 +147,7 @@ func HTTPPolicyDataBdtDataBdtReferenceIdDelete(c *gin.Context) { func HTTPPolicyDataBdtDataBdtReferenceIdGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -157,6 +163,7 @@ func HTTPPolicyDataBdtDataBdtReferenceIdGet(c *gin.Context) { func HTTPPolicyDataBdtDataBdtReferenceIdPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -178,6 +185,7 @@ func HTTPPolicyDataBdtDataBdtReferenceIdPut(c *gin.Context) { func HTTPPolicyDataBdtDataGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -192,6 +200,7 @@ func HTTPPolicyDataBdtDataGet(c *gin.Context) { func HTTPPolicyDataPlmnsPlmnIdUePolicySetGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -207,6 +216,7 @@ func HTTPPolicyDataPlmnsPlmnIdUePolicySetGet(c *gin.Context) { func HTTPPolicyDataSponsorConnectivityDataSponsorIdGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -222,6 +232,7 @@ func HTTPPolicyDataSponsorConnectivityDataSponsorIdGet(c *gin.Context) { func HTTPPolicyDataSubsToNotifyPost(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -247,6 +258,7 @@ func HTTPPolicyDataSubsToNotifyPost(c *gin.Context) { func HTTPPolicyDataSubsToNotifySubsIdDelete(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -262,6 +274,7 @@ func HTTPPolicyDataSubsToNotifySubsIdDelete(c *gin.Context) { func HTTPPolicyDataSubsToNotifySubsIdPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -283,6 +296,7 @@ func HTTPPolicyDataSubsToNotifySubsIdPut(c *gin.Context) { func HTTPPolicyDataUesUeIdAmDataGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -298,6 +312,7 @@ func HTTPPolicyDataUesUeIdAmDataGet(c *gin.Context) { func HTTPPolicyDataUesUeIdOperatorSpecificDataGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -313,6 +328,7 @@ func HTTPPolicyDataUesUeIdOperatorSpecificDataGet(c *gin.Context) { func HTTPPolicyDataUesUeIdOperatorSpecificDataPatch(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -334,6 +350,7 @@ func HTTPPolicyDataUesUeIdOperatorSpecificDataPatch(c *gin.Context) { func HTTPPolicyDataUesUeIdOperatorSpecificDataPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -355,6 +372,7 @@ func HTTPPolicyDataUesUeIdOperatorSpecificDataPut(c *gin.Context) { func HTTPPolicyDataUesUeIdSmDataGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -370,6 +388,7 @@ func HTTPPolicyDataUesUeIdSmDataGet(c *gin.Context) { func HTTPPolicyDataUesUeIdSmDataPatch(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -391,6 +410,7 @@ func HTTPPolicyDataUesUeIdSmDataPatch(c *gin.Context) { func HTTPPolicyDataUesUeIdSmDataUsageMonIdDelete(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -407,6 +427,7 @@ func HTTPPolicyDataUesUeIdSmDataUsageMonIdDelete(c *gin.Context) { func HTTPPolicyDataUesUeIdSmDataUsageMonIdGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -423,8 +444,10 @@ func HTTPPolicyDataUesUeIdSmDataUsageMonIdGet(c *gin.Context) { func HTTPPolicyDataUesUeIdSmDataUsageMonIdPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } + var usageMonData models.UsageMonData if err := getDataFromRequestBody(c, &usageMonData); err != nil { @@ -444,6 +467,7 @@ func HTTPPolicyDataUesUeIdSmDataUsageMonIdPut(c *gin.Context) { func HTTPPolicyDataUesUeIdUePolicySetGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -459,6 +483,7 @@ func HTTPPolicyDataUesUeIdUePolicySetGet(c *gin.Context) { func HTTPPolicyDataUesUeIdUePolicySetPatch(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -480,8 +505,10 @@ func HTTPPolicyDataUesUeIdUePolicySetPatch(c *gin.Context) { func HTTPPolicyDataUesUeIdUePolicySetPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } + var uePolicySet models.UePolicySet if err := getDataFromRequestBody(c, &uePolicySet); err != nil { diff --git a/internal/sbi/datarepository/api_event_amf_subscription_info_document.go b/internal/sbi/datarepository/api_event_amf_subscription_info_document.go index ea1f4f6..cafc881 100644 --- a/internal/sbi/datarepository/api_event_amf_subscription_info_document.go +++ b/internal/sbi/datarepository/api_event_amf_subscription_info_document.go @@ -25,8 +25,10 @@ import ( func HTTPCreateAMFSubscriptions(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } + var amfSubscriptionInfoArray []models.AmfSubscriptionInfo requestBody, err := c.GetRawData() @@ -79,6 +81,7 @@ func HTTPCreateAMFSubscriptions(c *gin.Context) { func HTTPRemoveAmfSubscriptionsInfo(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go b/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go index 432c4dd..2e25950 100644 --- a/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go +++ b/internal/sbi/datarepository/api_individual_influence_data_subscription_document.go @@ -25,6 +25,7 @@ import ( func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdDelete(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -58,6 +59,7 @@ func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdDelete(c *gin.Con func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -87,6 +89,7 @@ func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdGet(c *gin.Contex func HTTPApplicationDataInfluenceDataSubsToNotifySubscriptionIdPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_influence_data.go b/internal/sbi/datarepository/api_influence_data.go index a56a9e0..40e2b66 100644 --- a/internal/sbi/datarepository/api_influence_data.go +++ b/internal/sbi/datarepository/api_influence_data.go @@ -25,6 +25,7 @@ import ( func HTTPApplicationDataInfluenceDataGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_provisioned_data_document.go b/internal/sbi/datarepository/api_provisioned_data_document.go index 8570acd..19f666a 100644 --- a/internal/sbi/datarepository/api_provisioned_data_document.go +++ b/internal/sbi/datarepository/api_provisioned_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPQueryProvisionedData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_query_amf_subscription_info_document.go b/internal/sbi/datarepository/api_query_amf_subscription_info_document.go index 9282db5..d03b854 100644 --- a/internal/sbi/datarepository/api_query_amf_subscription_info_document.go +++ b/internal/sbi/datarepository/api_query_amf_subscription_info_document.go @@ -25,6 +25,7 @@ import ( func HTTPGetAmfSubscriptionInfo(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_sdm_subscription_document.go b/internal/sbi/datarepository/api_sdm_subscription_document.go index fed5229..147db1e 100644 --- a/internal/sbi/datarepository/api_sdm_subscription_document.go +++ b/internal/sbi/datarepository/api_sdm_subscription_document.go @@ -25,6 +25,7 @@ import ( func HTTPRemovesdmSubscriptions(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -52,6 +53,7 @@ func HTTPRemovesdmSubscriptions(c *gin.Context) { func HTTPUpdatesdmsubscriptions(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_sdm_subscriptions_collection.go b/internal/sbi/datarepository/api_sdm_subscriptions_collection.go index 218ee4e..d6fa03b 100644 --- a/internal/sbi/datarepository/api_sdm_subscriptions_collection.go +++ b/internal/sbi/datarepository/api_sdm_subscriptions_collection.go @@ -25,6 +25,7 @@ import ( func HTTPCreateSdmSubscriptions(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -82,6 +83,7 @@ func HTTPCreateSdmSubscriptions(c *gin.Context) { func HTTPQuerysdmsubscriptions(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_session_management_subscription_data.go b/internal/sbi/datarepository/api_session_management_subscription_data.go index 208c5d6..5bef2a7 100644 --- a/internal/sbi/datarepository/api_session_management_subscription_data.go +++ b/internal/sbi/datarepository/api_session_management_subscription_data.go @@ -25,6 +25,7 @@ import ( func HTTPQuerySmData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_smf_registration_document.go b/internal/sbi/datarepository/api_smf_registration_document.go index a5fa7ad..7187986 100644 --- a/internal/sbi/datarepository/api_smf_registration_document.go +++ b/internal/sbi/datarepository/api_smf_registration_document.go @@ -25,6 +25,7 @@ import ( func HTTPCreateSmfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPCreateSmfContextNon3gpp(c *gin.Context) { func HTTPDeleteSmfContext(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -106,6 +108,7 @@ func HTTPDeleteSmfContext(c *gin.Context) { func HTTPQuerySmfRegistration(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_smf_registrations_collection.go b/internal/sbi/datarepository/api_smf_registrations_collection.go index 878dc44..6d7b8e2 100644 --- a/internal/sbi/datarepository/api_smf_registrations_collection.go +++ b/internal/sbi/datarepository/api_smf_registrations_collection.go @@ -25,6 +25,7 @@ import ( func HTTPQuerySmfRegList(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go b/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go index 1fe086d..5fd29f2 100644 --- a/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go +++ b/internal/sbi/datarepository/api_smf_selection_subscription_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPQuerySmfSelectData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_sms_management_subscription_data_document.go b/internal/sbi/datarepository/api_sms_management_subscription_data_document.go index 55c2b1d..d210c24 100644 --- a/internal/sbi/datarepository/api_sms_management_subscription_data_document.go +++ b/internal/sbi/datarepository/api_sms_management_subscription_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPQuerySmsMngData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_sms_subscription_data_document.go b/internal/sbi/datarepository/api_sms_subscription_data_document.go index 4bd3410..644bc06 100644 --- a/internal/sbi/datarepository/api_sms_subscription_data_document.go +++ b/internal/sbi/datarepository/api_sms_subscription_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPQuerySmsData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go b/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go index f6ab34e..761f38a 100644 --- a/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go +++ b/internal/sbi/datarepository/api_smsf3_gpp_registration_document.go @@ -25,6 +25,7 @@ import ( func HTTPCreateSmsfContext3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPCreateSmsfContext3gpp(c *gin.Context) { func HTTPDeleteSmsfContext3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -105,6 +107,7 @@ func HTTPDeleteSmsfContext3gpp(c *gin.Context) { func HTTPQuerySmsfContext3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go b/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go index 7380c2d..d874dc6 100644 --- a/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go +++ b/internal/sbi/datarepository/api_smsf_non3_gpp_registration_document.go @@ -25,6 +25,7 @@ import ( func HTTPCreateSmsfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -79,6 +80,7 @@ func HTTPCreateSmsfContextNon3gpp(c *gin.Context) { func HTTPDeleteSmsfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -105,6 +107,7 @@ func HTTPDeleteSmsfContextNon3gpp(c *gin.Context) { func HTTPQuerySmsfContextNon3gpp(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/api_trace_data_document.go b/internal/sbi/datarepository/api_trace_data_document.go index a98724d..513c140 100644 --- a/internal/sbi/datarepository/api_trace_data_document.go +++ b/internal/sbi/datarepository/api_trace_data_document.go @@ -25,6 +25,7 @@ import ( func HTTPQueryTraceData(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/sbi/datarepository/routers.go b/internal/sbi/datarepository/routers.go index 7c92bcd..d5405fc 100644 --- a/internal/sbi/datarepository/routers.go +++ b/internal/sbi/datarepository/routers.go @@ -46,6 +46,7 @@ func NewRouter() *gin.Engine { func subMsgShortDispatchHandlerFunc(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -62,6 +63,7 @@ func subMsgShortDispatchHandlerFunc(c *gin.Context) { func subMsgDispatchHandlerFunc(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -87,6 +89,7 @@ func subMsgDispatchHandlerFunc(c *gin.Context) { func eeMsgShortDispatchHandlerFunc(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -109,6 +112,7 @@ func eeMsgShortDispatchHandlerFunc(c *gin.Context) { func eeMsgDispatchHandlerFunc(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -131,6 +135,7 @@ func eeMsgDispatchHandlerFunc(c *gin.Context) { func appMsgDispatchHandlerFunc(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -155,6 +160,7 @@ func appMsgDispatchHandlerFunc(c *gin.Context) { func expoMsgDispatchHandlerFunc(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -232,6 +238,7 @@ func Index(c *gin.Context) { func HandleAppDataInfluDataSubsToNotifyConflictDelete(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -247,6 +254,7 @@ func HandleAppDataInfluDataSubsToNotifyConflictDelete(c *gin.Context) { func HandleAppDataInfluDataSubsToNotifyConflictGet(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } @@ -262,6 +270,7 @@ func HandleAppDataInfluDataSubsToNotifyConflictGet(c *gin.Context) { func HandleAppDataInfluDataSubsToNotifyConflictPut(c *gin.Context) { auth_err := authorizationCheck(c) if auth_err != nil { + c.JSON(http.StatusUnauthorized, gin.H{"error": auth_err.Error()}) return } diff --git a/internal/util/nf_authorization.go b/internal/util/nf_authorization.go index 48fe6af..1b38ad5 100644 --- a/internal/util/nf_authorization.go +++ b/internal/util/nf_authorization.go @@ -1,8 +1,6 @@ package util import ( - "net/http" - "github.com/gin-gonic/gin" "github.com/free5gc/openapi/oauth" @@ -11,12 +9,8 @@ import ( func AuthorizationCheck(c *gin.Context, serviceName string) error { if udr_context.GetSelf().OAuth2Required { - oauth_err := oauth.VerifyOAuth(c.Request.Header.Get("Authorization"), serviceName, + return oauth.VerifyOAuth(c.Request.Header.Get("Authorization"), serviceName, udr_context.GetSelf().NrfCertPem) - if oauth_err != nil { - c.JSON(http.StatusUnauthorized, gin.H{"error": oauth_err.Error()}) - return oauth_err - } } return nil } From cfe0d103b4c97839ff6f34d4f0e6a37b676082de Mon Sep 17 00:00:00 2001 From: "CTFang@WireLab" Date: Sun, 24 Dec 2023 11:52:09 +0000 Subject: [PATCH 4/5] Refactor: Move AuthorizationCheck() to udr_context --- internal/context/context.go | 11 +++++++++++ internal/sbi/datarepository/routers.go | 5 +++-- internal/util/nf_authorization.go | 16 ---------------- 3 files changed, 14 insertions(+), 18 deletions(-) delete mode 100644 internal/util/nf_authorization.go diff --git a/internal/context/context.go b/internal/context/context.go index b098043..d8d2a64 100644 --- a/internal/context/context.go +++ b/internal/context/context.go @@ -186,3 +186,14 @@ func (c *UDRContext) GetTokenCtx(scope, targetNF string) ( return oauth.GetTokenCtx(models.NfType_UDR, c.NfId, c.NrfUri, scope, targetNF) } + +func (context *UDRContext) AuthorizationCheck(authHdr string, serviceName string) error { + if !context.OAuth2Required { + return nil + } + err := oauth.VerifyOAuth(authHdr, serviceName, context.NrfCertPem) + if err != nil { + return err + } + return nil +} diff --git a/internal/sbi/datarepository/routers.go b/internal/sbi/datarepository/routers.go index d5405fc..febc7aa 100644 --- a/internal/sbi/datarepository/routers.go +++ b/internal/sbi/datarepository/routers.go @@ -15,8 +15,8 @@ import ( "github.com/gin-gonic/gin" + udr_context "github.com/free5gc/udr/internal/context" "github.com/free5gc/udr/internal/logger" - "github.com/free5gc/udr/internal/util" "github.com/free5gc/udr/pkg/factory" logger_util "github.com/free5gc/util/logger" ) @@ -283,7 +283,8 @@ func HandleAppDataInfluDataSubsToNotifyConflictPut(c *gin.Context) { } func authorizationCheck(c *gin.Context) error { - return util.AuthorizationCheck(c, "nudr-dr") + token := c.Request.Header.Get("Authorization") + return udr_context.GetSelf().AuthorizationCheck(token, "nudr-dr") } var routes = Routes{ diff --git a/internal/util/nf_authorization.go b/internal/util/nf_authorization.go deleted file mode 100644 index 1b38ad5..0000000 --- a/internal/util/nf_authorization.go +++ /dev/null @@ -1,16 +0,0 @@ -package util - -import ( - "github.com/gin-gonic/gin" - - "github.com/free5gc/openapi/oauth" - udr_context "github.com/free5gc/udr/internal/context" -) - -func AuthorizationCheck(c *gin.Context, serviceName string) error { - if udr_context.GetSelf().OAuth2Required { - return oauth.VerifyOAuth(c.Request.Header.Get("Authorization"), serviceName, - udr_context.GetSelf().NrfCertPem) - } - return nil -} From cd0f8e0ce8b0facb7fcf282e8881627af245183b Mon Sep 17 00:00:00 2001 From: "CTFang@WireLab" Date: Mon, 25 Dec 2023 04:11:17 +0000 Subject: [PATCH 5/5] Fix: rename parameter name --- internal/context/context.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/context/context.go b/internal/context/context.go index d8d2a64..3b1763b 100644 --- a/internal/context/context.go +++ b/internal/context/context.go @@ -187,11 +187,11 @@ func (c *UDRContext) GetTokenCtx(scope, targetNF string) ( c.NfId, c.NrfUri, scope, targetNF) } -func (context *UDRContext) AuthorizationCheck(authHdr string, serviceName string) error { +func (context *UDRContext) AuthorizationCheck(token, serviceName string) error { if !context.OAuth2Required { return nil } - err := oauth.VerifyOAuth(authHdr, serviceName, context.NrfCertPem) + err := oauth.VerifyOAuth(token, serviceName, context.NrfCertPem) if err != nil { return err }