2021-08-07 13:51:17 +02:00
package http
2021-08-07 12:26:07 +02:00
import (
"context"
2021-09-25 19:22:49 +02:00
"crypto/tls"
2021-08-20 22:33:43 +02:00
"github.com/gorilla/mux"
2021-08-16 11:29:57 +02:00
"github.com/rs/cors"
2021-08-07 12:26:07 +02:00
log "github.com/sirupsen/logrus"
s "github.com/wiretrustee/wiretrustee/management/server"
2021-08-12 12:49:10 +02:00
"github.com/wiretrustee/wiretrustee/management/server/http/handler"
"github.com/wiretrustee/wiretrustee/management/server/http/middleware"
2021-08-07 12:26:07 +02:00
"golang.org/x/crypto/acme/autocert"
"net/http"
"time"
)
type Server struct {
2021-08-12 12:49:10 +02:00
server * http . Server
config * s . HttpServerConfig
certManager * autocert . Manager
2021-09-25 19:22:49 +02:00
tlsConfig * tls . Config
2021-08-12 12:49:10 +02:00
accountManager * s . AccountManager
2021-08-07 12:26:07 +02:00
}
2021-09-25 19:22:49 +02:00
// NewHttpsServer creates a new HTTPs server (with HTTPS support) and a certManager that is responsible for generating and renewing Let's Encrypt certificate
2021-08-07 12:26:07 +02:00
// The listening address will be :443 no matter what was specified in s.HttpServerConfig.Address
2021-08-12 12:49:10 +02:00
func NewHttpsServer ( config * s . HttpServerConfig , certManager * autocert . Manager , accountManager * s . AccountManager ) * Server {
2021-08-07 12:26:07 +02:00
server := & http . Server {
Addr : config . Address ,
WriteTimeout : time . Second * 15 ,
ReadTimeout : time . Second * 15 ,
IdleTimeout : time . Second * 60 ,
}
2021-08-12 12:49:10 +02:00
return & Server { server : server , config : config , certManager : certManager , accountManager : accountManager }
2021-08-07 12:26:07 +02:00
}
2021-09-25 19:22:49 +02:00
// NewHttpsServerWithTLSConfig creates a new HTTPs server with a provided tls.Config.
// Usually used when you already have a certificate
func NewHttpsServerWithTLSConfig ( config * s . HttpServerConfig , tlsConfig * tls . Config , accountManager * s . AccountManager ) * Server {
server := & http . Server {
Addr : config . Address ,
WriteTimeout : time . Second * 15 ,
ReadTimeout : time . Second * 15 ,
IdleTimeout : time . Second * 60 ,
}
return & Server { server : server , config : config , tlsConfig : tlsConfig , accountManager : accountManager }
}
2021-08-07 12:26:07 +02:00
// NewHttpServer creates a new HTTP server (without HTTPS)
2021-08-12 12:49:10 +02:00
func NewHttpServer ( config * s . HttpServerConfig , accountManager * s . AccountManager ) * Server {
return NewHttpsServer ( config , nil , accountManager )
2021-08-07 12:26:07 +02:00
}
// Stop stops the http server
func ( s * Server ) Stop ( ctx context . Context ) error {
err := s . server . Shutdown ( ctx )
if err != nil {
return err
}
return nil
}
// Start defines http handlers and starts the http server. Blocks until server is shutdown.
func ( s * Server ) Start ( ) error {
2021-08-12 12:49:10 +02:00
jwtMiddleware , err := middleware . NewJwtMiddleware ( s . config . AuthIssuer , s . config . AuthAudience , s . config . AuthKeysLocation )
2021-08-07 12:26:07 +02:00
if err != nil {
return err
}
2021-08-16 11:29:57 +02:00
corsMiddleware := cors . AllowAll ( )
2021-08-20 22:33:43 +02:00
r := mux . NewRouter ( )
r . Use ( jwtMiddleware . Handler , corsMiddleware . Handler )
2021-08-07 12:26:07 +02:00
2021-08-16 11:29:57 +02:00
peersHandler := handler . NewPeers ( s . accountManager )
keysHandler := handler . NewSetupKeysHandler ( s . accountManager )
2021-08-20 22:33:43 +02:00
r . HandleFunc ( "/api/peers" , peersHandler . GetPeers ) . Methods ( "GET" , "OPTIONS" )
2021-08-23 21:43:05 +02:00
r . HandleFunc ( "/api/peers/{id}" , peersHandler . HandlePeer ) . Methods ( "GET" , "PUT" , "DELETE" , "OPTIONS" )
2021-08-20 22:33:43 +02:00
2021-08-23 21:43:05 +02:00
r . HandleFunc ( "/api/setup-keys" , keysHandler . GetKeys ) . Methods ( "GET" , "POST" , "OPTIONS" )
r . HandleFunc ( "/api/setup-keys/{id}" , keysHandler . HandleKey ) . Methods ( "GET" , "PUT" , "OPTIONS" )
2021-08-20 22:33:43 +02:00
http . Handle ( "/" , r )
2021-08-07 12:26:07 +02:00
if s . certManager != nil {
// if HTTPS is enabled we reuse the listener from the cert manager
listener := s . certManager . Listener ( )
2021-09-25 19:22:49 +02:00
log . Infof ( "HTTPs server listening on %s with Let's Encrypt autocert configured" , listener . Addr ( ) )
2021-08-20 22:33:43 +02:00
if err = http . Serve ( listener , s . certManager . HTTPHandler ( r ) ) ; err != nil {
2021-08-07 12:26:07 +02:00
log . Errorf ( "failed to serve https server: %v" , err )
return err
}
2021-09-25 19:22:49 +02:00
} else if s . tlsConfig != nil {
listener , err := tls . Listen ( "tcp" , s . config . Address , s . tlsConfig )
if err != nil {
log . Errorf ( "failed to serve https server: %v" , err )
return err
}
log . Infof ( "HTTPs server listening on %s" , listener . Addr ( ) )
if err = http . Serve ( listener , r ) ; err != nil {
log . Errorf ( "failed to serve https server: %v" , err )
return err
}
2021-08-07 12:26:07 +02:00
} else {
2021-09-25 19:22:49 +02:00
log . Infof ( "HTTP server listening on %s" , s . server . Addr )
2021-08-07 12:26:07 +02:00
if err = s . server . ListenAndServe ( ) ; err != nil {
log . Errorf ( "failed to serve http server: %v" , err )
return err
}
}
return nil
}
