2022-07-29 20:37:09 +02:00
|
|
|
package http
|
|
|
|
|
|
|
|
import (
|
2024-02-22 12:27:08 +01:00
|
|
|
"context"
|
|
|
|
"fmt"
|
2023-02-03 21:47:20 +01:00
|
|
|
"net/http"
|
|
|
|
|
2022-07-29 20:37:09 +02:00
|
|
|
"github.com/gorilla/mux"
|
2023-02-28 15:01:24 +01:00
|
|
|
"github.com/rs/cors"
|
|
|
|
|
2023-10-17 17:19:47 +02:00
|
|
|
"github.com/netbirdio/management-integrations/integrations"
|
2024-07-03 11:33:02 +02:00
|
|
|
|
2022-07-29 20:37:09 +02:00
|
|
|
s "github.com/netbirdio/netbird/management/server"
|
2024-02-20 09:59:56 +01:00
|
|
|
"github.com/netbirdio/netbird/management/server/geolocation"
|
2024-12-10 15:59:25 +01:00
|
|
|
"github.com/netbirdio/netbird/management/server/http/configs"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/accounts"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/dns"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/events"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/groups"
|
2024-12-11 12:58:45 +01:00
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/networks"
|
2024-12-10 15:59:25 +01:00
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/peers"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/policies"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/routes"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/setup_keys"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/handlers/users"
|
2022-07-29 20:37:09 +02:00
|
|
|
"github.com/netbirdio/netbird/management/server/http/middleware"
|
2024-04-15 12:08:38 +02:00
|
|
|
"github.com/netbirdio/netbird/management/server/integrated_validator"
|
2023-03-30 10:54:09 +02:00
|
|
|
"github.com/netbirdio/netbird/management/server/jwtclaims"
|
2022-10-22 13:29:39 +02:00
|
|
|
"github.com/netbirdio/netbird/management/server/telemetry"
|
2022-07-29 20:37:09 +02:00
|
|
|
)
|
|
|
|
|
2024-02-22 12:27:08 +01:00
|
|
|
const apiPrefix = "/api"
|
|
|
|
|
2023-02-28 18:08:02 +01:00
|
|
|
type apiHandler struct {
|
2024-02-20 09:59:56 +01:00
|
|
|
Router *mux.Router
|
|
|
|
AccountManager s.AccountManager
|
|
|
|
geolocationManager *geolocation.Geolocation
|
2024-12-10 15:59:25 +01:00
|
|
|
AuthCfg configs.AuthCfg
|
2023-03-29 18:46:40 +02:00
|
|
|
}
|
|
|
|
|
2022-07-29 20:37:09 +02:00
|
|
|
// APIHandler creates the Management service HTTP API handler registering all the available endpoints.
|
2024-12-10 15:59:25 +01:00
|
|
|
func APIHandler(ctx context.Context, accountManager s.AccountManager, LocationManager *geolocation.Geolocation, jwtValidator jwtclaims.JWTValidator, appMetrics telemetry.AppMetrics, authCfg configs.AuthCfg, integratedValidator integrated_validator.IntegratedValidator) (http.Handler, error) {
|
2023-12-11 16:59:15 +01:00
|
|
|
claimsExtractor := jwtclaims.NewClaimsExtractor(
|
|
|
|
jwtclaims.WithAudience(authCfg.Audience),
|
|
|
|
jwtclaims.WithUserIDClaim(authCfg.UserIDClaim),
|
|
|
|
)
|
|
|
|
|
2023-03-30 10:54:09 +02:00
|
|
|
authMiddleware := middleware.NewAuthMiddleware(
|
|
|
|
accountManager.GetAccountFromPAT,
|
|
|
|
jwtValidator.ValidateAndParse,
|
|
|
|
accountManager.MarkPATUsed,
|
2023-12-13 11:18:35 +01:00
|
|
|
accountManager.CheckUserAccessByJWTGroups,
|
2023-12-11 16:59:15 +01:00
|
|
|
claimsExtractor,
|
2023-09-01 18:09:59 +02:00
|
|
|
authCfg.Audience,
|
2023-12-11 16:59:15 +01:00
|
|
|
authCfg.UserIDClaim,
|
|
|
|
)
|
2022-07-29 20:37:09 +02:00
|
|
|
|
|
|
|
corsMiddleware := cors.AllowAll()
|
|
|
|
|
2024-07-03 11:33:02 +02:00
|
|
|
claimsExtractor = jwtclaims.NewClaimsExtractor(
|
|
|
|
jwtclaims.WithAudience(authCfg.Audience),
|
|
|
|
jwtclaims.WithUserIDClaim(authCfg.UserIDClaim),
|
|
|
|
)
|
|
|
|
|
2022-11-03 17:02:31 +01:00
|
|
|
acMiddleware := middleware.NewAccessControl(
|
2023-02-03 21:47:20 +01:00
|
|
|
authCfg.Audience,
|
|
|
|
authCfg.UserIDClaim,
|
2023-05-11 18:09:36 +02:00
|
|
|
accountManager.GetUser)
|
2022-07-29 20:37:09 +02:00
|
|
|
|
2022-10-21 16:24:13 +02:00
|
|
|
rootRouter := mux.NewRouter()
|
2022-10-22 13:29:39 +02:00
|
|
|
metricsMiddleware := appMetrics.HTTPMiddleware()
|
2022-10-21 16:24:13 +02:00
|
|
|
|
2024-02-22 12:27:08 +01:00
|
|
|
prefix := apiPrefix
|
|
|
|
router := rootRouter.PathPrefix(prefix).Subrouter()
|
2023-03-30 10:54:09 +02:00
|
|
|
router.Use(metricsMiddleware.Handler, corsMiddleware.Handler, authMiddleware.Handler, acMiddleware.Handler)
|
2023-02-28 18:08:02 +01:00
|
|
|
|
|
|
|
api := apiHandler{
|
2024-02-20 09:59:56 +01:00
|
|
|
Router: router,
|
|
|
|
AccountManager: accountManager,
|
|
|
|
geolocationManager: LocationManager,
|
|
|
|
AuthCfg: authCfg,
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2024-09-30 22:18:10 +02:00
|
|
|
if _, err := integrations.RegisterHandlers(ctx, prefix, api.Router, accountManager, claimsExtractor, integratedValidator, appMetrics.GetMeter()); err != nil {
|
2024-02-22 12:27:08 +01:00
|
|
|
return nil, fmt.Errorf("register integrations endpoints: %w", err)
|
|
|
|
}
|
|
|
|
|
2024-12-10 15:59:25 +01:00
|
|
|
accounts.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
peers.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
users.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
setup_keys.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
policies.AddEndpoints(api.AccountManager, api.geolocationManager, authCfg, router)
|
|
|
|
groups.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
routes.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
dns.AddEndpoints(api.AccountManager, authCfg, router)
|
|
|
|
events.AddEndpoints(api.AccountManager, authCfg, router)
|
2024-12-11 12:58:45 +01:00
|
|
|
networks.AddEndpoints(api.AccountManager.GetNetworksManager(), api.AccountManager.GetAccountIDFromToken, authCfg, router)
|
2023-02-28 18:08:02 +01:00
|
|
|
|
2022-10-21 16:24:13 +02:00
|
|
|
return rootRouter, nil
|
2022-07-29 20:37:09 +02:00
|
|
|
}
|