create the service (#3)

cmd/zrok/enable.go

@@ -34,7 +34,7 @@ func enable(_ *cobra.Command, args []string) {
 	if err := zrokdir.WriteToken(token); err != nil {
 		panic(err)
 	}
-	if err := zrokdir.WriteIdentity(resp.Payload.Identity); err != nil {
+	if err := zrokdir.WriteIdentity(resp.Payload.Cfg); err != nil {
 		panic(err)
 	}
 	logrus.Infof("enabled, identity = '%v'", resp.Payload.Identity)

controller/controller.go

@@ -9,6 +9,7 @@ import (
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/identity"
 	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/metadata"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/tunnel"
 	"github.com/pkg/errors"
 )
 
@@ -30,6 +31,7 @@ func Run(cfg *Config) error {
 	api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler)
 	api.IdentityCreateAccountHandler = identity.CreateAccountHandlerFunc(createAccountHandler)
 	api.IdentityEnableHandler = identity.EnableHandlerFunc(enableHandler)
+	api.TunnelTunnelHandler = tunnel.TunnelHandlerFunc(tunnelHandler)
 
 	server := rest_server_zrok.NewServer(api)
 	defer func() { _ = server.Shutdown() }()

controller/enable.go

@@ -3,7 +3,6 @@ package controller
 import (
 	"bytes"
 	"context"
-	"crypto/x509"
 	"encoding/json"
 	"fmt"
 	"github.com/go-openapi/runtime/middleware"
@@ -13,10 +12,8 @@ import (
 	"github.com/openziti/edge/rest_management_api_client"
 	identity_edge "github.com/openziti/edge/rest_management_api_client/identity"
 	rest_model_edge "github.com/openziti/edge/rest_model"
-	"github.com/openziti/edge/rest_util"
 	sdk_config "github.com/openziti/sdk-golang/ziti/config"
 	"github.com/openziti/sdk-golang/ziti/enroll"
-	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"time"
 )
@@ -38,27 +35,20 @@ func enableHandler(params identity.EnableParams) middleware.Responder {
 	}
 	logrus.Infof("found account '%v'", a.Username)
 
-	ctrlAddress := "https://linux:1280"
+	client, err := edgeClient()
-	caCerts, err := rest_util.GetControllerWellKnownCas(ctrlAddress)
 	if err != nil {
-		panic(errors.Wrap(err, "error getting cas"))
+		logrus.Errorf("error getting edge client: %v", err)
-	}
+		return middleware.Error(500, err.Error())
-	caPool := x509.NewCertPool()
-	for _, ca := range caCerts {
-		caPool.AddCert(ca)
-	}
-	client, err := rest_util.NewEdgeManagementClientWithUpdb("admin", "admin", ctrlAddress, caPool)
-	if err != nil {
-		panic(err)
 	}
 	ident, err := createIdentity(a, client)
 	if err != nil {
 		logrus.Error(err)
-		panic(err)
+		return middleware.Error(500, err.Error())
 	}
 	cfg, err := enrollIdentity(ident.Payload.Data.ID, client)
 	if err != nil {
-		panic(err)
+		logrus.Error(err)
+		return middleware.Error(500, err.Error())
 	}
 
 	resp := identity.NewEnableCreated().WithPayload(&rest_model_zrok.EnableResponse{
@@ -79,7 +69,7 @@ func enableHandler(params identity.EnableParams) middleware.Responder {
 
 func createIdentity(a *store.Account, client *rest_management_api_client.ZitiEdgeManagement) (*identity_edge.CreateIdentityCreated, error) {
 	iIsAdmin := false
-	iId, err := generateIdentityId()
+	iId, err := randomId()
 	if err != nil {
 		return nil, err
 	}

controller/identity.go

@@ -14,8 +14,8 @@ func generateApiToken() (string, error) {
 	return hex.EncodeToString(bytes), nil
 }
 
-func generateIdentityId() (string, error) {
+func randomId() (string, error) {
-	bytes := make([]byte, 16)
+	bytes := make([]byte, 8)
 	if _, err := rand.Read(bytes); err != nil {
 		return "", errors.Wrap(err, "error generating random identity id")
 	}

controller/tunnel.go

@@ -0,0 +1,51 @@
+package controller
+
+import (
+	"context"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
+	"github.com/openziti-test-kitchen/zrok/rest_server_zrok/operations/tunnel"
+	"github.com/openziti/edge/rest_management_api_client/service"
+	"github.com/openziti/edge/rest_model"
+	"github.com/sirupsen/logrus"
+	"time"
+)
+
+func tunnelHandler(params tunnel.TunnelParams) middleware.Responder {
+	edge, err := edgeClient()
+	if err != nil {
+		logrus.Error(err)
+		return middleware.Error(500, err.Error())
+	}
+
+	serviceId, err := randomId()
+	if err != nil {
+		logrus.Error(err)
+		return middleware.Error(500, err.Error())
+	}
+	logrus.Infof("using service '%v'", serviceId)
+
+	svcConfigs := make([]string, 0)
+	svcEnc := true
+	svc := &rest_model.ServiceCreate{
+		Configs:            svcConfigs,
+		EncryptionRequired: &svcEnc,
+		Name:               &serviceId,
+	}
+	svcParams := &service.CreateServiceParams{
+		Service: svc,
+		Context: context.Background(),
+	}
+	svcParams.SetTimeout(30 * time.Second)
+	_, err = edge.Service.CreateService(svcParams, nil)
+	if err != nil {
+		logrus.Error(err)
+		return middleware.Error(500, err.Error())
+	}
+	logrus.Infof("created service '%v'", serviceId)
+
+	resp := tunnel.NewTunnelCreated().WithPayload(&rest_model_zrok.TunnelResponse{
+		Service: serviceId,
+	})
+	return resp
+}

controller/ziti.go

@@ -0,0 +1,20 @@
+package controller
+
+import (
+	"crypto/x509"
+	"github.com/openziti/edge/rest_management_api_client"
+	"github.com/openziti/edge/rest_util"
+)
+
+func edgeClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
+	ctrlAddress := "https://linux:1280"
+	caCerts, err := rest_util.GetControllerWellKnownCas(ctrlAddress)
+	if err != nil {
+		return nil, err
+	}
+	caPool := x509.NewCertPool()
+	for _, ca := range caCerts {
+		caPool.AddCert(ca)
+	}
+	return rest_util.NewEdgeManagementClientWithUpdb("admin", "admin", ctrlAddress, caPool)
+}