added mw and test srv for kratos session

go.mod

@@ -0,0 +1,23 @@
+module ory-kratos-docker
+
+go 1.23.3
+
+require (
+	github.com/gofiber/fiber/v2 v2.52.5
+	github.com/ory/client-go v1.15.16
+)
+
+require (
+	github.com/andybalholm/brotli v1.0.5 // indirect
+	github.com/google/uuid v1.5.0 // indirect
+	github.com/klauspost/compress v1.17.0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/valyala/bytebufferpool v1.0.0 // indirect
+	github.com/valyala/fasthttp v1.51.0 // indirect
+	github.com/valyala/tcplisten v1.0.0 // indirect
+	golang.org/x/oauth2 v0.24.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+)

go.sum

@@ -0,0 +1,33 @@
+github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
+github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
+github.com/gofiber/fiber/v2 v2.52.5 h1:tWoP1MJQjGEe4GB5TUGOi7P2E0ZMMRx5ZTG4rT+yGMo=
+github.com/gofiber/fiber/v2 v2.52.5/go.mod h1:KEOE+cXMhXG0zHc9d8+E38hoX+ZN7bhOtgeF2oT6jrQ=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
+github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/klauspost/compress v1.17.0 h1:Rnbp4K9EjcDuVuHtd0dgA4qNuv9yKDYKK1ulpJwgrqM=
+github.com/klauspost/compress v1.17.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
+github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/ory/client-go v1.15.16 h1:g9oD3ZQNVVjd1yc2YHUGfdCXrMT1akXJRl4rnMmyfCM=
+github.com/ory/client-go v1.15.16/go.mod h1:eTjNBXE5wwL6UleLwGZTEdLg9VRZKsZjJ9HSr6X6aEE=
+github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
+github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
+github.com/valyala/fasthttp v1.51.0 h1:8b30A5JlZ6C7AS81RsWjYMQmrZG6feChmgAolCl1SqA=
+github.com/valyala/fasthttp v1.51.0/go.mod h1:oI2XroL+lI7vdXyYoQk03bXBThfFl2cVdIA3Xl7cH8g=
+github.com/valyala/tcplisten v1.0.0 h1:rBHj/Xf+E1tRGZyWIWwJDiRY0zc1Js+CV5DqwacVSA8=
+github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
+golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
+golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=

middleware/middleware.go

@@ -0,0 +1,39 @@
+package middleware
+
+import (
+	"fmt"
+	"github.com/gofiber/fiber/v2"
+	"github.com/ory/client-go"
+)
+
+func KratosMiddleware(ory *client.APIClient) fiber.Handler {
+	return func(ctx *fiber.Ctx) error {
+		if ory == nil {
+			return fiber.NewError(fiber.StatusInternalServerError, "empty ory client")
+		}
+
+		sessionToken := ctx.Get("Cookie")
+		if sessionToken == "" {
+			return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
+		}
+
+		session, err := getSessionFromToken(ctx, ory, sessionToken)
+		if err != nil || !*session.Active {
+			return ctx.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
+		}
+
+		fmt.Println("Active session:", session.Id)
+		fmt.Println("Active identity:", session.Identity.Id)
+
+		return ctx.Next()
+	}
+}
+
+func getSessionFromToken(ctx *fiber.Ctx, ory *client.APIClient, token string) (*client.Session, error) {
+	session, _, err := ory.FrontendAPI.ToSession(ctx.Context()).Cookie(token).Execute()
+	if err != nil {
+		return nil, fmt.Errorf("error retrieving session: %w", err)
+	}
+
+	return session, nil
+}

test/srv_test.go

@@ -0,0 +1,44 @@
+package test
+
+import (
+	"context"
+	"fmt"
+	"github.com/gofiber/fiber/v2"
+	"github.com/ory/client-go"
+	"ory-kratos-docker/middleware"
+	"os/signal"
+	"syscall"
+	"testing"
+)
+
+// for test
+// ory proxy http://localhost:3000 --project 'pj-id'
+
+func handler(c *fiber.Ctx) error {
+	return c.SendString("Hello, World!")
+}
+
+func Test_Srv(t *testing.T) {
+	ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
+	defer stop()
+
+	c := client.NewConfiguration()
+	c.Servers = client.ServerConfigurations{{URL: "http://localhost:4000/.ory"}}
+	ory := client.NewAPIClient(c)
+
+	app := fiber.New()
+
+	app.Use(middleware.KratosMiddleware(ory))
+
+	app.Get("/", handler)
+
+	go func() {
+		if err := app.Listen(":3000"); err != nil {
+			t.Fatalf("failed to start server: %v", err)
+		}
+	}()
+
+	<-ctx.Done()
+
+	fmt.Println("Shutting down server...")
+}