From e183a880356e09ce6dc72d0c76924cff5e8bbeac Mon Sep 17 00:00:00 2001
From: Anil Ambati <aambati@us.ibm.com>
Date: Sun, 12 Mar 2017 12:38:08 -0400
Subject: [PATCH] Changes to make auth type an enum

Replaced booleans for basic and token based authentication in
the fcaAuthHandler struct with an enum type since they are
mutually exclusive.

https://jira.hyperledger.org/browse/FAB-2598

Change-Id: Ica5dca233e6ea6c22055605a19a3cc927faa142a
Signed-off-by: Anil Ambati <aambati@us.ibm.com>
---
 lib/server.go     | 22 ++++++++++------------
 lib/serverauth.go | 22 +++++++++++++++-------
 2 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/lib/server.go b/lib/server.go
index 35e59836c..d8c2f9e0f 100644
--- a/lib/server.go
+++ b/lib/server.go
@@ -499,20 +499,19 @@ func (s *Server) initEnrollmentSigner() (err error) {
 // Register all endpoint handlers
 func (s *Server) registerHandlers() {
 	s.mux = http.NewServeMux()
-	s.registerHandler("info", newInfoHandler, false, false)
-	s.registerHandler("register", newRegisterHandler, false, true)
-	s.registerHandler("enroll", newEnrollHandler, true, false)
-	s.registerHandler("reenroll", newReenrollHandler, true, false)
-	s.registerHandler("revoke", newRevokeHandler, true, false)
-	s.registerHandler("tcert", newTCertHandler, true, false)
+	s.registerHandler("info", newInfoHandler, noAuth)
+	s.registerHandler("register", newRegisterHandler, token)
+	s.registerHandler("enroll", newEnrollHandler, basic)
+	s.registerHandler("reenroll", newReenrollHandler, token)
+	s.registerHandler("revoke", newRevokeHandler, token)
+	s.registerHandler("tcert", newTCertHandler, token)
 }
 
 // Register an endpoint handler
 func (s *Server) registerHandler(
 	path string,
 	getHandler func(server *Server) (http.Handler, error),
-	basic bool,
-	token bool) {
+	at authType) {
 
 	var handler http.Handler
 
@@ -522,10 +521,9 @@ func (s *Server) registerHandler(
 		return
 	}
 	handler = &fcaAuthHandler{
-		server: s,
-		basic:  basic,
-		token:  token,
-		next:   handler,
+		server:   s,
+		authType: at,
+		next:     handler,
 	}
 	s.mux.Handle("/"+path, handler)
 	// TODO: Remove the following line once all SDKs stop using the prefixed paths
diff --git a/lib/serverauth.go b/lib/serverauth.go
index 03771efc2..2452bfa68 100644
--- a/lib/serverauth.go
+++ b/lib/serverauth.go
@@ -33,12 +33,20 @@ const (
 	enrollmentIDHdrName = "__eid__"
 )
 
+// AuthType is the enum for authentication types: basic and token
+type authType int
+
+const (
+	noAuth authType = iota
+	basic           // basic = 1
+	token           // token = 2
+)
+
 // Fabric CA authentication handler
 type fcaAuthHandler struct {
-	server *Server
-	basic  bool
-	token  bool
-	next   http.Handler
+	server   *Server
+	authType authType
+	next     http.Handler
 }
 
 var authError = cerr.NewBadRequest(errors.New("Authorization failure"))
@@ -55,7 +63,7 @@ func (ah *fcaAuthHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 // Handle performs authentication
 func (ah *fcaAuthHandler) serveHTTP(w http.ResponseWriter, r *http.Request) error {
 	log.Debugf("Received request\n%s", util.HTTPRequestToString(r))
-	if !ah.basic && !ah.token {
+	if ah.authType == noAuth {
 		// No authentication required
 		return nil
 	}
@@ -66,7 +74,7 @@ func (ah *fcaAuthHandler) serveHTTP(w http.ResponseWriter, r *http.Request) erro
 	}
 	user, pwd, ok := r.BasicAuth()
 	if ok {
-		if !ah.basic {
+		if ah.authType != basic {
 			log.Debugf("Basic auth is not allowed; found %s", authHdr)
 			return errBasicAuthNotAllowed
 		}
@@ -85,7 +93,7 @@ func (ah *fcaAuthHandler) serveHTTP(w http.ResponseWriter, r *http.Request) erro
 		return nil
 	}
 	// Perform token verification
-	if ah.token {
+	if ah.authType == token {
 		// read body
 		body, err := ioutil.ReadAll(r.Body)
 		if err != nil {