2022-07-29 20:37:09 +02:00
|
|
|
package http
|
|
|
|
|
|
|
|
import (
|
2023-02-03 21:47:20 +01:00
|
|
|
"net/http"
|
|
|
|
|
2022-07-29 20:37:09 +02:00
|
|
|
"github.com/gorilla/mux"
|
2023-02-28 15:01:24 +01:00
|
|
|
"github.com/rs/cors"
|
|
|
|
|
2023-10-17 17:19:47 +02:00
|
|
|
"github.com/netbirdio/management-integrations/integrations"
|
2023-11-28 14:23:38 +01:00
|
|
|
|
2022-07-29 20:37:09 +02:00
|
|
|
s "github.com/netbirdio/netbird/management/server"
|
|
|
|
"github.com/netbirdio/netbird/management/server/http/middleware"
|
2023-03-30 10:54:09 +02:00
|
|
|
"github.com/netbirdio/netbird/management/server/jwtclaims"
|
2022-10-22 13:29:39 +02:00
|
|
|
"github.com/netbirdio/netbird/management/server/telemetry"
|
2022-07-29 20:37:09 +02:00
|
|
|
)
|
|
|
|
|
2023-02-03 21:47:20 +01:00
|
|
|
// AuthCfg contains parameters for authentication middleware
|
|
|
|
type AuthCfg struct {
|
|
|
|
Issuer string
|
|
|
|
Audience string
|
|
|
|
UserIDClaim string
|
|
|
|
KeysLocation string
|
|
|
|
}
|
|
|
|
|
2023-02-28 18:08:02 +01:00
|
|
|
type apiHandler struct {
|
|
|
|
Router *mux.Router
|
|
|
|
AccountManager s.AccountManager
|
|
|
|
AuthCfg AuthCfg
|
|
|
|
}
|
|
|
|
|
2023-03-30 10:54:09 +02:00
|
|
|
// EmptyObject is an empty struct used to return empty JSON object
|
2023-03-29 18:46:40 +02:00
|
|
|
type emptyObject struct {
|
|
|
|
}
|
|
|
|
|
2022-07-29 20:37:09 +02:00
|
|
|
// APIHandler creates the Management service HTTP API handler registering all the available endpoints.
|
2023-03-30 10:54:09 +02:00
|
|
|
func APIHandler(accountManager s.AccountManager, jwtValidator jwtclaims.JWTValidator, appMetrics telemetry.AppMetrics, authCfg AuthCfg) (http.Handler, error) {
|
2023-12-11 16:59:15 +01:00
|
|
|
claimsExtractor := jwtclaims.NewClaimsExtractor(
|
|
|
|
jwtclaims.WithAudience(authCfg.Audience),
|
|
|
|
jwtclaims.WithUserIDClaim(authCfg.UserIDClaim),
|
|
|
|
)
|
|
|
|
|
2023-03-30 10:54:09 +02:00
|
|
|
authMiddleware := middleware.NewAuthMiddleware(
|
|
|
|
accountManager.GetAccountFromPAT,
|
|
|
|
jwtValidator.ValidateAndParse,
|
|
|
|
accountManager.MarkPATUsed,
|
2023-12-13 11:18:35 +01:00
|
|
|
accountManager.CheckUserAccessByJWTGroups,
|
2023-12-11 16:59:15 +01:00
|
|
|
claimsExtractor,
|
2023-09-01 18:09:59 +02:00
|
|
|
authCfg.Audience,
|
2023-12-11 16:59:15 +01:00
|
|
|
authCfg.UserIDClaim,
|
|
|
|
)
|
2022-07-29 20:37:09 +02:00
|
|
|
|
|
|
|
corsMiddleware := cors.AllowAll()
|
|
|
|
|
2022-11-03 17:02:31 +01:00
|
|
|
acMiddleware := middleware.NewAccessControl(
|
2023-02-03 21:47:20 +01:00
|
|
|
authCfg.Audience,
|
|
|
|
authCfg.UserIDClaim,
|
2023-05-11 18:09:36 +02:00
|
|
|
accountManager.GetUser)
|
2022-07-29 20:37:09 +02:00
|
|
|
|
2022-10-21 16:24:13 +02:00
|
|
|
rootRouter := mux.NewRouter()
|
2022-10-22 13:29:39 +02:00
|
|
|
metricsMiddleware := appMetrics.HTTPMiddleware()
|
2022-10-21 16:24:13 +02:00
|
|
|
|
2023-02-28 18:08:02 +01:00
|
|
|
router := rootRouter.PathPrefix("/api").Subrouter()
|
2023-03-30 10:54:09 +02:00
|
|
|
router.Use(metricsMiddleware.Handler, corsMiddleware.Handler, authMiddleware.Handler, acMiddleware.Handler)
|
2023-02-28 18:08:02 +01:00
|
|
|
|
|
|
|
api := apiHandler{
|
|
|
|
Router: router,
|
|
|
|
AccountManager: accountManager,
|
|
|
|
AuthCfg: authCfg,
|
|
|
|
}
|
|
|
|
|
2023-10-27 17:18:44 +02:00
|
|
|
integrations.RegisterHandlers(api.Router, accountManager, claimsExtractor)
|
2023-02-28 18:17:55 +01:00
|
|
|
api.addAccountsEndpoint()
|
|
|
|
api.addPeersEndpoint()
|
|
|
|
api.addUsersEndpoint()
|
2023-03-21 16:02:19 +01:00
|
|
|
api.addUsersTokensEndpoint()
|
2023-02-28 18:17:55 +01:00
|
|
|
api.addSetupKeysEndpoint()
|
|
|
|
api.addRulesEndpoint()
|
2023-03-13 15:14:18 +01:00
|
|
|
api.addPoliciesEndpoint()
|
2023-02-28 18:17:55 +01:00
|
|
|
api.addGroupsEndpoint()
|
|
|
|
api.addRoutesEndpoint()
|
|
|
|
api.addDNSNameserversEndpoint()
|
|
|
|
api.addDNSSettingEndpoint()
|
|
|
|
api.addEventsEndpoint()
|
2023-02-28 18:08:02 +01:00
|
|
|
|
2023-03-30 10:54:09 +02:00
|
|
|
err := api.Router.Walk(func(route *mux.Route, _ *mux.Router, _ []*mux.Route) error {
|
2022-10-21 16:24:13 +02:00
|
|
|
methods, err := route.GetMethods()
|
2023-10-17 17:19:47 +02:00
|
|
|
if err != nil { // we may have wildcard routes from integrations without methods, skip them for now
|
|
|
|
methods = []string{}
|
2022-10-21 16:24:13 +02:00
|
|
|
}
|
|
|
|
for _, method := range methods {
|
|
|
|
template, err := route.GetPathTemplate()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-10-22 11:50:21 +02:00
|
|
|
err = metricsMiddleware.AddHTTPRequestResponseCounter(template, method)
|
2022-10-21 16:24:13 +02:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return rootRouter, nil
|
2022-07-29 20:37:09 +02:00
|
|
|
}
|
2023-02-28 18:08:02 +01:00
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addAccountsEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
accountsHandler := NewAccountsHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/accounts/{accountId}", accountsHandler.UpdateAccount).Methods("PUT", "OPTIONS")
|
2023-11-28 14:23:38 +01:00
|
|
|
apiHandler.Router.HandleFunc("/accounts/{accountId}", accountsHandler.DeleteAccount).Methods("DELETE", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
apiHandler.Router.HandleFunc("/accounts", accountsHandler.GetAllAccounts).Methods("GET", "OPTIONS")
|
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addPeersEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
peersHandler := NewPeersHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/peers", peersHandler.GetAllPeers).Methods("GET", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/peers/{peerId}", peersHandler.HandlePeer).
|
2023-02-28 18:08:02 +01:00
|
|
|
Methods("GET", "PUT", "DELETE", "OPTIONS")
|
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addUsersEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
userHandler := NewUsersHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/users", userHandler.GetAllUsers).Methods("GET", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}", userHandler.UpdateUser).Methods("PUT", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}", userHandler.DeleteUser).Methods("DELETE", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
apiHandler.Router.HandleFunc("/users", userHandler.CreateUser).Methods("POST", "OPTIONS")
|
2023-07-03 12:20:19 +02:00
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}/invite", userHandler.InviteUser).Methods("POST", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2023-03-21 16:02:19 +01:00
|
|
|
func (apiHandler *apiHandler) addUsersTokensEndpoint() {
|
|
|
|
tokenHandler := NewPATsHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}/tokens", tokenHandler.GetAllTokens).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}/tokens", tokenHandler.CreateToken).Methods("POST", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}/tokens/{tokenId}", tokenHandler.GetToken).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/users/{userId}/tokens/{tokenId}", tokenHandler.DeleteToken).Methods("DELETE", "OPTIONS")
|
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addSetupKeysEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
keysHandler := NewSetupKeysHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/setup-keys", keysHandler.GetAllSetupKeys).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/setup-keys", keysHandler.CreateSetupKey).Methods("POST", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/setup-keys/{keyId}", keysHandler.GetSetupKey).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/setup-keys/{keyId}", keysHandler.UpdateSetupKey).Methods("PUT", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addRulesEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
rulesHandler := NewRulesHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/rules", rulesHandler.GetAllRules).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/rules", rulesHandler.CreateRule).Methods("POST", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/rules/{ruleId}", rulesHandler.UpdateRule).Methods("PUT", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/rules/{ruleId}", rulesHandler.GetRule).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/rules/{ruleId}", rulesHandler.DeleteRule).Methods("DELETE", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2023-03-13 15:14:18 +01:00
|
|
|
func (apiHandler *apiHandler) addPoliciesEndpoint() {
|
|
|
|
policiesHandler := NewPoliciesHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/policies", policiesHandler.GetAllPolicies).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/policies", policiesHandler.CreatePolicy).Methods("POST", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/policies/{policyId}", policiesHandler.UpdatePolicy).Methods("PUT", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/policies/{policyId}", policiesHandler.GetPolicy).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/policies/{policyId}", policiesHandler.DeletePolicy).Methods("DELETE", "OPTIONS")
|
2023-03-13 15:14:18 +01:00
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addGroupsEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
groupsHandler := NewGroupsHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/groups", groupsHandler.GetAllGroups).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/groups", groupsHandler.CreateGroup).Methods("POST", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/groups/{groupId}", groupsHandler.UpdateGroup).Methods("PUT", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/groups/{groupId}", groupsHandler.GetGroup).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/groups/{groupId}", groupsHandler.DeleteGroup).Methods("DELETE", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addRoutesEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
routesHandler := NewRoutesHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/routes", routesHandler.GetAllRoutes).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/routes", routesHandler.CreateRoute).Methods("POST", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/routes/{routeId}", routesHandler.UpdateRoute).Methods("PUT", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/routes/{routeId}", routesHandler.GetRoute).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/routes/{routeId}", routesHandler.DeleteRoute).Methods("DELETE", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addDNSNameserversEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
nameserversHandler := NewNameserversHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/dns/nameservers", nameserversHandler.GetAllNameservers).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/dns/nameservers", nameserversHandler.CreateNameserverGroup).Methods("POST", "OPTIONS")
|
2023-05-03 00:15:25 +02:00
|
|
|
apiHandler.Router.HandleFunc("/dns/nameservers/{nsgroupId}", nameserversHandler.UpdateNameserverGroup).Methods("PUT", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/dns/nameservers/{nsgroupId}", nameserversHandler.GetNameserverGroup).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/dns/nameservers/{nsgroupId}", nameserversHandler.DeleteNameserverGroup).Methods("DELETE", "OPTIONS")
|
2023-02-28 18:08:02 +01:00
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addDNSSettingEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
dnsSettingsHandler := NewDNSSettingsHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/dns/settings", dnsSettingsHandler.GetDNSSettings).Methods("GET", "OPTIONS")
|
|
|
|
apiHandler.Router.HandleFunc("/dns/settings", dnsSettingsHandler.UpdateDNSSettings).Methods("PUT", "OPTIONS")
|
|
|
|
}
|
|
|
|
|
2023-02-28 18:17:55 +01:00
|
|
|
func (apiHandler *apiHandler) addEventsEndpoint() {
|
2023-02-28 18:08:02 +01:00
|
|
|
eventsHandler := NewEventsHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
|
|
|
|
apiHandler.Router.HandleFunc("/events", eventsHandler.GetAllEvents).Methods("GET", "OPTIONS")
|
|
|
|
}
|