zrok/controller/util.go

package controller

import (
	"crypto/rand"
	"crypto/x509"
	"encoding/hex"
	errors2 "github.com/go-openapi/errors"
	"github.com/lithammer/shortuuid/v4"
	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
	"github.com/openziti/edge/rest_management_api_client"
	"github.com/openziti/edge/rest_util"
	"github.com/pkg/errors"
)

func ZrokAuthenticate(token string) (*rest_model_zrok.Principal, error) {
	tx, err := str.Begin()
	if err != nil {
		return nil, err
	}
	defer func() { _ = tx.Rollback() }()
	if a, err := str.FindAccountWithToken(token, tx); err == nil {
		principal := rest_model_zrok.Principal{
			ID:    int64(a.Id),
			Token: a.Token,
			Email: a.Email,
		}
		return &principal, nil
	} else {
		return nil, errors2.New(401, "invalid api key")
	}
}

func edgeClient(cfg *ZitiConfig) (*rest_management_api_client.ZitiEdgeManagement, error) {
	caCerts, err := rest_util.GetControllerWellKnownCas(cfg.ApiEndpoint)
	if err != nil {
		return nil, err
	}
	caPool := x509.NewCertPool()
	for _, ca := range caCerts {
		caPool.AddCert(ca)
	}
	return rest_util.NewEdgeManagementClientWithUpdb(cfg.Username, cfg.Password, cfg.ApiEndpoint, caPool)
}

func createToken() string {
	return shortuuid.New()
}

func createServiceName() (string, error) {
	bytes := make([]byte, 4)
	if _, err := rand.Read(bytes); err != nil {
		return "", errors.Wrap(err, "error generating service name")
	}
	return hex.EncodeToString(bytes), nil
}
rough 'create account' api skeleton 2022-07-25 19:17:52 +02:00			`package controller`

			`import (`
			`"crypto/rand"`
api improvements 2022-07-27 19:38:35 +02:00			`"crypto/x509"`
rough 'create account' api skeleton 2022-07-25 19:17:52 +02:00			`"encoding/hex"`
authentication (#11) 2022-07-27 20:50:46 +02:00			`errors2 "github.com/go-openapi/errors"`
shortuuid for tokens (#59) 2022-09-14 20:08:12 +02:00			`"github.com/lithammer/shortuuid/v4"`
authentication; enable only (for now) (#11) 2022-07-27 20:45:16 +02:00			`"github.com/openziti-test-kitchen/zrok/rest_model_zrok"`
api improvements 2022-07-27 19:38:35 +02:00			`"github.com/openziti/edge/rest_management_api_client"`
			`"github.com/openziti/edge/rest_util"`
rough 'create account' api skeleton 2022-07-25 19:17:52 +02:00			`"github.com/pkg/errors"`
			`)`

authentication; enable only (for now) (#11) 2022-07-27 20:45:16 +02:00			`func ZrokAuthenticate(token string) (*rest_model_zrok.Principal, error) {`
not public; lint 2022-07-29 21:28:40 +02:00			`tx, err := str.Begin()`
authentication; enable only (for now) (#11) 2022-07-27 20:45:16 +02:00			`if err != nil {`
			`return nil, err`
			`}`
fix authentication transaction; record created identities (#10) 2022-07-29 21:54:13 +02:00			`defer func() { _ = tx.Rollback() }()`
not public; lint 2022-07-29 21:28:40 +02:00			`if a, err := str.FindAccountWithToken(token, tx); err == nil {`
richer principal (#11) 2022-07-28 18:12:50 +02:00			`principal := rest_model_zrok.Principal{`
username -> email (#50, #51) 2022-09-09 16:20:05 +02:00			`ID: int64(a.Id),`
			`Token: a.Token,`
			`Email: a.Email,`
richer principal (#11) 2022-07-28 18:12:50 +02:00			`}`
authentication; enable only (for now) (#11) 2022-07-27 20:45:16 +02:00			`return &principal, nil`
			`} else {`
authentication (#11) 2022-07-27 20:50:46 +02:00			`return nil, errors2.New(401, "invalid api key")`
authentication; enable only (for now) (#11) 2022-07-27 20:45:16 +02:00			`}`
			`}`

configurable edge client (#31) 2022-08-12 17:03:15 +02:00			`func edgeClient(cfg ZitiConfig) (rest_management_api_client.ZitiEdgeManagement, error) {`
			`caCerts, err := rest_util.GetControllerWellKnownCas(cfg.ApiEndpoint)`
api improvements 2022-07-27 19:38:35 +02:00			`if err != nil {`
			`return nil, err`
			`}`
			`caPool := x509.NewCertPool()`
			`for _, ca := range caCerts {`
			`caPool.AddCert(ca)`
			`}`
configurable edge client (#31) 2022-08-12 17:03:15 +02:00			`return rest_util.NewEdgeManagementClientWithUpdb(cfg.Username, cfg.Password, cfg.ApiEndpoint, caPool)`
api improvements 2022-07-27 19:38:35 +02:00			`}`

shortuuid for tokens (#59) 2022-09-14 20:08:12 +02:00			`func createToken() string {`
			`return shortuuid.New()`
rough 'create account' api skeleton 2022-07-25 19:17:52 +02:00			`}`
rough and sketchy identity creation and enrollment 2022-07-26 18:26:58 +02:00
service name refactoring (#59) 2022-09-14 20:16:37 +02:00			`func createServiceName() (string, error) {`
			`bytes := make([]byte, 4)`
rough and sketchy identity creation and enrollment 2022-07-26 18:26:58 +02:00			`if _, err := rand.Read(bytes); err != nil {`
service name refactoring (#59) 2022-09-14 20:16:37 +02:00			`return "", errors.Wrap(err, "error generating service name")`
rough and sketchy identity creation and enrollment 2022-07-26 18:26:58 +02:00			`}`
			`return hex.EncodeToString(bytes), nil`
			`}`