From 57931eff09880ec574644dc58d2cde8d7e6d584a Mon Sep 17 00:00:00 2001 From: Michael Quigley Date: Tue, 9 Aug 2022 11:49:40 -0400 Subject: [PATCH] add 'proxyEndpoint' to tunnel response (#21) --- controller/controller.go | 2 +- controller/tunnel.go | 38 ++++++++++++++++++++---------- rest_model_zrok/tunnel_response.go | 3 +++ rest_server_zrok/embedded_spec.go | 6 +++++ specs/zrok.yml | 3 +++ ui/src/api/types.js | 1 + 6 files changed, 40 insertions(+), 13 deletions(-) diff --git a/controller/controller.go b/controller/controller.go index dfb57e40..893c030e 100644 --- a/controller/controller.go +++ b/controller/controller.go @@ -27,7 +27,7 @@ func Run(cfg *Config) error { api.IdentityLoginHandler = identity.LoginHandlerFunc(loginHandler) api.MetadataOverviewHandler = metadata.OverviewHandlerFunc(overviewHandler) api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler) - api.TunnelTunnelHandler = tunnel.TunnelHandlerFunc(tunnelHandler) + api.TunnelTunnelHandler = newTunnelHandler(cfg) api.TunnelUntunnelHandler = tunnel.UntunnelHandlerFunc(untunnelHandler) if v, err := store.Open(cfg.Store); err == nil { diff --git a/controller/tunnel.go b/controller/tunnel.go index 0d7d136a..4ec15aa9 100644 --- a/controller/tunnel.go +++ b/controller/tunnel.go @@ -14,10 +14,19 @@ import ( "github.com/openziti/edge/rest_management_api_client/service_policy" "github.com/openziti/edge/rest_model" "github.com/sirupsen/logrus" + "strings" "time" ) -func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder { +type tunnelHandler struct { + cfg *Config +} + +func newTunnelHandler(cfg *Config) *tunnelHandler { + return &tunnelHandler{cfg: cfg} +} + +func (self *tunnelHandler) Handle(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder { logrus.Infof("tunneling for '%v' (%v)", principal.Username, principal.Token) tx, err := str.Begin() @@ -56,24 +65,24 @@ func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Princi logrus.Error(err) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) } - svcId, err := createService(svcName, edge) + svcId, err := self.createService(svcName, edge) if err != nil { logrus.Error(err) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) } - if err := createServicePolicyBind(svcName, svcId, envId, edge); err != nil { + if err := self.createServicePolicyBind(svcName, svcId, envId, edge); err != nil { logrus.Error(err) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) } - if err := createServicePolicyDial(svcName, svcId, edge); err != nil { + if err := self.createServicePolicyDial(svcName, svcId, edge); err != nil { logrus.Error(err) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) } - if err := createServiceEdgeRouterPolicy(svcName, svcId, edge); err != nil { + if err := self.createServiceEdgeRouterPolicy(svcName, svcId, edge); err != nil { logrus.Error(err) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) } - if err := createEdgeRouterPolicy(svcName, envId, edge); err != nil { + if err := self.createEdgeRouterPolicy(svcName, envId, edge); err != nil { logrus.Error(err) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) } @@ -96,11 +105,12 @@ func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Princi logrus.Infof("recorded service '%v' with id '%v' for '%v'", svcId, sid, principal.Username) return tunnel.NewTunnelCreated().WithPayload(&rest_model_zrok.TunnelResponse{ - Service: svcName, + ProxyEndpoint: self.proxyUrl(svcName), + Service: svcName, }) } -func createService(name string, edge *rest_management_api_client.ZitiEdgeManagement) (serviceId string, err error) { +func (self *tunnelHandler) createService(name string, edge *rest_management_api_client.ZitiEdgeManagement) (serviceId string, err error) { configs := make([]string, 0) encryptionRequired := true svc := &rest_model.ServiceCreate{ @@ -121,7 +131,7 @@ func createService(name string, edge *rest_management_api_client.ZitiEdgeManagem return resp.Payload.Data.ID, nil } -func createServicePolicyBind(svcName, svcId, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error { +func (self *tunnelHandler) createServicePolicyBind(svcName, svcId, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error { semantic := rest_model.SemanticAllOf identityRoles := []string{fmt.Sprintf("@%v", envId)} name := fmt.Sprintf("%v-bind", svcName) @@ -149,7 +159,7 @@ func createServicePolicyBind(svcName, svcId, envId string, edge *rest_management return nil } -func createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { +func (self *tunnelHandler) createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { identityRoles := []string{"@PyB606.S."} // @proxy name := fmt.Sprintf("%v-dial", svcName) postureCheckRoles := []string{} @@ -177,7 +187,7 @@ func createServicePolicyDial(svcName, svcId string, edge *rest_management_api_cl return nil } -func createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { +func (self *tunnelHandler) createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { edgeRouterRoles := []string{"#all"} semantic := rest_model.SemanticAllOf serviceRoles := []string{fmt.Sprintf("@%v", svcId)} @@ -200,7 +210,7 @@ func createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_ return nil } -func createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error { +func (self *tunnelHandler) createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error { edgeRouterRoles := []string{"#all"} identityRoles := []string{fmt.Sprintf("@%v", envId)} semantic := rest_model.SemanticAllOf @@ -222,3 +232,7 @@ func createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_cli logrus.Infof("created edge router policy '%v'", resp.Payload.Data.ID) return nil } + +func (self *tunnelHandler) proxyUrl(svcName string) string { + return strings.Replace(self.cfg.Proxy.UrlTemplate, "{svcName}", svcName, -1) +} diff --git a/rest_model_zrok/tunnel_response.go b/rest_model_zrok/tunnel_response.go index 843ec4f8..db0451ea 100644 --- a/rest_model_zrok/tunnel_response.go +++ b/rest_model_zrok/tunnel_response.go @@ -17,6 +17,9 @@ import ( // swagger:model tunnelResponse type TunnelResponse struct { + // proxy endpoint + ProxyEndpoint string `json:"proxyEndpoint,omitempty"` + // service Service string `json:"service,omitempty"` } diff --git a/rest_server_zrok/embedded_spec.go b/rest_server_zrok/embedded_spec.go index 3c2a9e81..c2eebc2c 100644 --- a/rest_server_zrok/embedded_spec.go +++ b/rest_server_zrok/embedded_spec.go @@ -429,6 +429,9 @@ func init() { "tunnelResponse": { "type": "object", "properties": { + "proxyEndpoint": { + "type": "string" + }, "service": { "type": "string" } @@ -869,6 +872,9 @@ func init() { "tunnelResponse": { "type": "object", "properties": { + "proxyEndpoint": { + "type": "string" + }, "service": { "type": "string" } diff --git a/specs/zrok.yml b/specs/zrok.yml index 58b8b431..673a86e6 100644 --- a/specs/zrok.yml +++ b/specs/zrok.yml @@ -145,6 +145,7 @@ paths: description: internal server error schema: $ref: "#/definitions/errorMessage" + /version: get: tags: @@ -270,6 +271,8 @@ definitions: tunnelResponse: type: object properties: + proxyEndpoint: + type: string service: type: string diff --git a/ui/src/api/types.js b/ui/src/api/types.js index 6b193210..9fd5c245 100644 --- a/ui/src/api/types.js +++ b/ui/src/api/types.js @@ -93,6 +93,7 @@ * @typedef tunnelResponse * @memberof module:types * + * @property {string} proxyEndpoint * @property {string} service */