towk/configurator
1
0
Fork 0
mirror of https://github.com/davidallendj/configurator.git synced 2025-12-20 03:27:02 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Changed server handlers to use public and protected routes correctly with auth

Browse source
This commit is contained in:
David Allen 2024-07-03 11:42:27 -06:00
parent 7836aef5c3
commit bf937bf4d4
No known key found for this signature in database
GPG key ID: 717C593FF60A2ACC
2 changed files with 69 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

3
cmd/serve.go
View file

@ -51,6 +51,7 @@ var serveCmd = &cobra.Command{
// set up the routes and start the server // set up the routes and start the server
server := server.Server{ server := server.Server{
Config: &config,
Server: &http.Server{ Server: &http.Server{
Addr: fmt.Sprintf("%s:%d", config.Server.Host, config.Server.Port), Addr: fmt.Sprintf("%s:%d", config.Server.Host, config.Server.Port),
}, },
@ -65,7 +66,7 @@ var serveCmd = &cobra.Command{
Verbose: verbose, Verbose: verbose,
}, },
} }
err := server.Serve(&config) err := server.Serve()
if errors.Is(err, http.ErrServerClosed) { if errors.Is(err, http.ErrServerClosed) {
fmt.Printf("Server closed.") fmt.Printf("Server closed.")
} else if err != nil { } else if err != nil {

73
internal/server/server.go
View file

@ -27,6 +27,7 @@ type Jwks struct {
} }
type Server struct { type Server struct {
*http.Server *http.Server
Config *configurator.Config
Jwks Jwks `yaml:"jwks"` Jwks Jwks `yaml:"jwks"`
GeneratorParams generator.Params GeneratorParams generator.Params
TokenAuth *jwtauth.JWTAuth TokenAuth *jwtauth.JWTAuth
@ -44,21 +45,21 @@ func New() *Server {
} }
} }
func (s *Server) Serve(config *configurator.Config) error { func (s *Server) Serve() error {
// create client just for the server to use to fetch data from SMD // create client just for the server to use to fetch data from SMD
_ = &configurator.SmdClient{ _ = &configurator.SmdClient{
Host: config.SmdClient.Host, Host: s.Config.SmdClient.Host,
Port: config.SmdClient.Port, Port: s.Config.SmdClient.Port,
} }
// set the server address with config values // set the server address with config values
s.Server.Addr = fmt.Sprintf("%s:%d", config.Server.Host, config.Server.Port) s.Server.Addr = fmt.Sprintf("%s:%d", s.Config.Server.Host, s.Config.Server.Port)
// fetch JWKS public key from authorization server // fetch JWKS public key from authorization server
if config.Server.Jwks.Uri != "" && tokenAuth == nil { if s.Config.Server.Jwks.Uri != "" && tokenAuth == nil {
for i := 0; i < config.Server.Jwks.Retries; i++ { for i := 0; i < s.Config.Server.Jwks.Retries; i++ {
var err error var err error
tokenAuth, err = configurator.FetchPublicKeyFromURL(config.Server.Jwks.Uri) tokenAuth, err = configurator.FetchPublicKeyFromURL(s.Config.Server.Jwks.Uri)
if err != nil { if err != nil {
logrus.Errorf("failed to fetch JWKS: %w", err) logrus.Errorf("failed to fetch JWKS: %w", err)
continue continue
@ -67,26 +68,46 @@ func (s *Server) Serve(config *configurator.Config) error {
} }
} }
var WriteError = func(w http.ResponseWriter, format string, a ...any) {
errmsg := fmt.Sprintf(format, a...)
fmt.Printf(errmsg)
w.Write([]byte(errmsg))
}
// create new go-chi router with its routes // create new go-chi router with its routes
router := chi.NewRouter() router := chi.NewRouter()
router.Use(middleware.RedirectSlashes) router.Use(middleware.RequestID)
router.Use(middleware.RealIP)
router.Use(middleware.Logger)
router.Use(middleware.Recoverer)
router.Use(middleware.StripSlashes)
router.Use(middleware.Timeout(60 * time.Second)) router.Use(middleware.Timeout(60 * time.Second))
if s.Config.Server.Jwks.Uri != "" {
router.Group(func(r chi.Router) { router.Group(func(r chi.Router) {
if config.Server.Jwks.Uri != "" {
r.Use( r.Use(
jwtauth.Verifier(tokenAuth), jwtauth.Verifier(tokenAuth),
jwtauth.Authenticator(tokenAuth), jwtauth.Authenticator(tokenAuth),
) )
// protected routes if using auth
r.HandleFunc("/generate", s.Generate)
r.HandleFunc("/templates", s.ManageTemplates)
})
} else {
// public routes without auth
router.HandleFunc("/generate", s.Generate)
router.HandleFunc("/templates", s.ManageTemplates)
} }
r.HandleFunc("/generate", func(w http.ResponseWriter, r *http.Request) {
// always public routes go here (none at the moment)
s.Handler = router
return s.ListenAndServe()
}
func WriteError(w http.ResponseWriter, format string, a ...any) {
errmsg := fmt.Sprintf(format, a...)
fmt.Printf(errmsg)
w.Write([]byte(errmsg))
}
func (s *Server) Generate(w http.ResponseWriter, r *http.Request) {
s.GeneratorParams.Target = r.URL.Query().Get("target") s.GeneratorParams.Target = r.URL.Query().Get("target")
outputs, err := generator.Generate(config, s.GeneratorParams) outputs, err := generator.Generate(s.Config, s.GeneratorParams)
if err != nil { if err != nil {
WriteError(w, "failed to generate config: %v", err) WriteError(w, "failed to generate config: %v", err)
return return
@ -109,13 +130,13 @@ func (s *Server) Serve(config *configurator.Config) error {
WriteError(w, "failed to write response: %v", err) WriteError(w, "failed to write response: %v", err)
return return
} }
}) }
r.HandleFunc("/templates", func(w http.ResponseWriter, r *http.Request) {
// TODO: handle GET request func (s *Server) ManageTemplates(w http.ResponseWriter, r *http.Request) {
// TODO: handle POST request // TODO: need to implement template managing API first in "internal/generator/templates" or something
_, err := w.Write([]byte("this is not implemented yet"))
}) if err != nil {
}) WriteError(w, "failed to write response: %v", err)
s.Handler = router return
return s.ListenAndServe() }
} }