extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-06-19 17:27:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

ziti edge client in sdk package (#128)

Browse Source
This commit is contained in:
Michael Quigley 2023-03-07 14:31:39 -05:00
parent df4c52aae5
commit 3a0c06f54d
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
15 changed files with 62 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
controller/access.go
View File

@ -66,7 +66,7 @@ func (h *accessHandler) Handle(params share.AccessParams, principal *rest_model_
return share.NewAccessInternalServerError() return share.NewAccessInternalServerError()
} }
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return share.NewAccessInternalServerError() return share.NewAccessInternalServerError()

2
controller/bootstrap.go
View File

@ -32,7 +32,7 @@ func Bootstrap(skipCtrl, skipFrontend bool, inCfg *Config) error {
} }
logrus.Info("connecting to the ziti edge management api") logrus.Info("connecting to the ziti edge management api")
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
return errors.Wrap(err, "error connecting to the ziti edge management api") return errors.Wrap(err, "error connecting to the ziti edge management api")
} }

9
controller/config.go
View File

@ -1,6 +1,7 @@
package controller package controller
import ( import (
"github.com/openziti/zrok/controller/zrokEdgeSdk"
"time" "time"
"github.com/michaelquigley/cf" "github.com/michaelquigley/cf"
@ -21,7 +22,7 @@ type Config struct {
Registration *RegistrationConfig Registration *RegistrationConfig
ResetPassword *ResetPasswordConfig ResetPassword *ResetPasswordConfig
Store *store.Config Store *store.Config
Ziti *ZitiConfig Ziti *zrokEdgeSdk.ZitiConfig
} }
type AdminConfig struct { type AdminConfig struct {
@ -51,12 +52,6 @@ type ResetPasswordConfig struct {
ResetUrlTemplate string ResetUrlTemplate string
} }
type ZitiConfig struct {
ApiEndpoint string
Username string
Password string `cf:"+secret"`
}
type InfluxConfig struct { type InfluxConfig struct {
Url string Url string
Bucket string Bucket string

2
controller/createFrontend.go
View File

@ -25,7 +25,7 @@ func (h *createFrontendHandler) Handle(params admin.CreateFrontendParams, princi
return admin.NewCreateFrontendUnauthorized() return admin.NewCreateFrontendUnauthorized()
} }
client, err := edgeClient() client, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Errorf("error getting edge client: %v", err) logrus.Errorf("error getting edge client: %v", err)
return admin.NewCreateFrontendInternalServerError() return admin.NewCreateFrontendInternalServerError()

2
controller/createIdentity.go
View File

@ -25,7 +25,7 @@ func (h *createIdentityHandler) Handle(params admin.CreateIdentityParams, princi
return admin.NewCreateIdentityUnauthorized() return admin.NewCreateIdentityUnauthorized()
} }
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Errorf("error getting edge client: %v", err) logrus.Errorf("error getting edge client: %v", err)
return admin.NewCreateIdentityInternalServerError() return admin.NewCreateIdentityInternalServerError()

2
controller/disable.go
View File

@ -36,7 +36,7 @@ func (h *disableHandler) Handle(params environment.DisableParams, principal *res
logrus.Errorf("error getting environment for user '%v': %v", principal.Email, err) logrus.Errorf("error getting environment for user '%v': %v", principal.Email, err)
return environment.NewDisableInternalServerError() return environment.NewDisableInternalServerError()
} }
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Errorf("error getting edge client for user '%v': %v", principal.Email, err) logrus.Errorf("error getting edge client for user '%v': %v", principal.Email, err)
return environment.NewDisableInternalServerError() return environment.NewDisableInternalServerError()

2
controller/enable.go
View File

@ -35,7 +35,7 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
return environment.NewEnableUnauthorized() return environment.NewEnableUnauthorized()
} }
client, err := edgeClient() client, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Errorf("error getting edge client for user '%v': %v", principal.Email, err) logrus.Errorf("error getting edge client for user '%v': %v", principal.Email, err)
return environment.NewEnableInternalServerError() return environment.NewEnableInternalServerError()

2
controller/gc.go
View File

@ -28,7 +28,7 @@ func GC(inCfg *Config) error {
logrus.Errorf("error closing store: %v", err) logrus.Errorf("error closing store: %v", err)
} }
}() }()
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
return err return err
} }

3
controller/share.go
View File

@ -4,6 +4,7 @@ import (
"github.com/go-openapi/runtime/middleware" "github.com/go-openapi/runtime/middleware"
"github.com/jmoiron/sqlx" "github.com/jmoiron/sqlx"
"github.com/openziti/zrok/controller/store" "github.com/openziti/zrok/controller/store"
"github.com/openziti/zrok/controller/zrokEdgeSdk"
"github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_model_zrok"
"github.com/openziti/zrok/rest_server_zrok/operations/share" "github.com/openziti/zrok/rest_server_zrok/operations/share"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -55,7 +56,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
return share.NewShareUnauthorized() return share.NewShareUnauthorized()
} }
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return share.NewShareInternalServerError() return share.NewShareInternalServerError()

3
controller/startup.go
View File

@ -5,6 +5,7 @@ import (
"fmt" "fmt"
"github.com/openziti/edge/rest_management_api_client" "github.com/openziti/edge/rest_management_api_client"
"github.com/openziti/edge/rest_management_api_client/config" "github.com/openziti/edge/rest_management_api_client/config"
"github.com/openziti/zrok/controller/zrokEdgeSdk"
"github.com/openziti/zrok/model" "github.com/openziti/zrok/model"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -23,7 +24,7 @@ func controllerStartup() error {
func inspectZiti() error { func inspectZiti() error {
logrus.Infof("inspecting ziti controller configuration") logrus.Infof("inspecting ziti controller configuration")
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
return errors.Wrap(err, "error getting ziti edge client") return errors.Wrap(err, "error getting ziti edge client")
} }

2
controller/unaccess.go
View File

@ -29,7 +29,7 @@ func (h *unaccessHandler) Handle(params share.UnaccessParams, principal *rest_mo
} }
defer func() { _ = tx.Rollback() }() defer func() { _ = tx.Rollback() }()
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return share.NewUnaccessInternalServerError() return share.NewUnaccessInternalServerError()

2
controller/unshare.go
View File

@ -29,7 +29,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
} }
defer func() { _ = tx.Rollback() }() defer func() { _ = tx.Rollback() }()
edge, err := edgeClient() edge, err := zrokEdgeSdk.Client(cfg.Ziti)
if err != nil { if err != nil {
logrus.Errorf("error getting edge client for '%v': %v", principal.Email, err) logrus.Errorf("error getting edge client for '%v': %v", principal.Email, err)
return share.NewUnshareInternalServerError() return share.NewUnshareInternalServerError()

15
controller/util.go
View File

@ -1,11 +1,8 @@
package controller package controller
import ( import (
"crypto/x509"
errors2 "github.com/go-openapi/errors" errors2 "github.com/go-openapi/errors"
"github.com/jaevor/go-nanoid" "github.com/jaevor/go-nanoid"
"github.com/openziti/edge/rest_management_api_client"
"github.com/openziti/edge/rest_util"
"github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_model_zrok"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"net/http" "net/http"
@ -56,18 +53,6 @@ func (za *zrokAuthenticator) authenticate(token string) (*rest_model_zrok.Princi
} }
} }
func edgeClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
caCerts, err := rest_util.GetControllerWellKnownCas(cfg.Ziti.ApiEndpoint)
if err != nil {
return nil, err
}
caPool := x509.NewCertPool()
for _, ca := range caCerts {
caPool.AddCert(ca)
}
return rest_util.NewEdgeManagementClientWithUpdb(cfg.Ziti.Username, cfg.Ziti.Password, cfg.Ziti.ApiEndpoint, caPool)
}
func createShareToken() (string, error) { func createShareToken() (string, error) {
gen, err := nanoid.CustomASCII("abcdefghijklmnopqrstuvwxyz0123456789", 12) gen, err := nanoid.CustomASCII("abcdefghijklmnopqrstuvwxyz0123456789", 12)
if err != nil { if err != nil {

25
controller/zrokEdgeSdk/client.go Normal file
View File

@ -0,0 +1,25 @@
package zrokEdgeSdk
import (
"crypto/x509"
"github.com/openziti/edge/rest_management_api_client"
"github.com/openziti/edge/rest_util"
)
type ZitiConfig struct {
ApiEndpoint string
Username string
Password string `cf:"+secret"`
}
func Client(cfg *ZitiConfig) (*rest_management_api_client.ZitiEdgeManagement, error) {
caCerts, err := rest_util.GetControllerWellKnownCas(cfg.ApiEndpoint)
if err != nil {
return nil, err
}
caPool := x509.NewCertPool()
for _, ca := range caCerts {
caPool.AddCert(ca)
}
return rest_util.NewEdgeManagementClientWithUpdb(cfg.Username, cfg.Password, cfg.ApiEndpoint, caPool)
}

22
controller/zrokEdgeSdk/service.go
View File

@ -2,6 +2,7 @@ package zrokEdgeSdk
import ( import (
"context" "context"
"fmt"
"github.com/openziti/edge/rest_management_api_client" "github.com/openziti/edge/rest_management_api_client"
edge_service "github.com/openziti/edge/rest_management_api_client/service" edge_service "github.com/openziti/edge/rest_management_api_client/service"
"github.com/openziti/edge/rest_model" "github.com/openziti/edge/rest_model"
@ -10,6 +11,27 @@ import (
"time" "time"
) )
func FindShareService(svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
filter := fmt.Sprintf("id=\"%v\"", svcZId)
limit := int64(0)
offset := int64(0)
listReq := &edge_service.ListServicesParams{
Filter: &filter,
Limit: &limit,
Offset: &offset,
Context: context.Background(),
}
listReq.SetTimeout(30 * time.Second)
listResp, err := edge.Service.ListServices(listReq, nil)
if err != nil {
return "", errors.Wrapf(err, "error listing service '%v'", svcZId)
}
if len(listResp.Payload.Data) == 1 {
return *listResp.Payload.Data[0].Name, nil
}
return "", errors.Errorf("service with ziti id '%v' not found", svcZId)
}
func CreateShareService(envZId, shrToken, cfgZId string, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, err error) { func CreateShareService(envZId, shrToken, cfgZId string, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, err error) {
shrZId, err = CreateService(shrToken, []string{cfgZId}, map[string]interface{}{"zrokShareToken": shrToken}, edge) shrZId, err = CreateService(shrToken, []string{cfgZId}, map[string]interface{}{"zrokShareToken": shrToken}, edge)
if err != nil { if err != nil {