add 'proxyEndpoint' to tunnel response (#21)

This commit is contained in:
Michael Quigley 2022-08-09 11:49:40 -04:00
parent 2c36a461eb
commit 57931eff09
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
6 changed files with 40 additions and 13 deletions

View File

@ -27,7 +27,7 @@ func Run(cfg *Config) error {
api.IdentityLoginHandler = identity.LoginHandlerFunc(loginHandler) api.IdentityLoginHandler = identity.LoginHandlerFunc(loginHandler)
api.MetadataOverviewHandler = metadata.OverviewHandlerFunc(overviewHandler) api.MetadataOverviewHandler = metadata.OverviewHandlerFunc(overviewHandler)
api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler) api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler)
api.TunnelTunnelHandler = tunnel.TunnelHandlerFunc(tunnelHandler) api.TunnelTunnelHandler = newTunnelHandler(cfg)
api.TunnelUntunnelHandler = tunnel.UntunnelHandlerFunc(untunnelHandler) api.TunnelUntunnelHandler = tunnel.UntunnelHandlerFunc(untunnelHandler)
if v, err := store.Open(cfg.Store); err == nil { if v, err := store.Open(cfg.Store); err == nil {

View File

@ -14,10 +14,19 @@ import (
"github.com/openziti/edge/rest_management_api_client/service_policy" "github.com/openziti/edge/rest_management_api_client/service_policy"
"github.com/openziti/edge/rest_model" "github.com/openziti/edge/rest_model"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"strings"
"time" "time"
) )
func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder { type tunnelHandler struct {
cfg *Config
}
func newTunnelHandler(cfg *Config) *tunnelHandler {
return &tunnelHandler{cfg: cfg}
}
func (self *tunnelHandler) Handle(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder {
logrus.Infof("tunneling for '%v' (%v)", principal.Username, principal.Token) logrus.Infof("tunneling for '%v' (%v)", principal.Username, principal.Token)
tx, err := str.Begin() tx, err := str.Begin()
@ -56,24 +65,24 @@ func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Princi
logrus.Error(err) logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
svcId, err := createService(svcName, edge) svcId, err := self.createService(svcName, edge)
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
if err := createServicePolicyBind(svcName, svcId, envId, edge); err != nil { if err := self.createServicePolicyBind(svcName, svcId, envId, edge); err != nil {
logrus.Error(err) logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
if err := createServicePolicyDial(svcName, svcId, edge); err != nil { if err := self.createServicePolicyDial(svcName, svcId, edge); err != nil {
logrus.Error(err) logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
if err := createServiceEdgeRouterPolicy(svcName, svcId, edge); err != nil { if err := self.createServiceEdgeRouterPolicy(svcName, svcId, edge); err != nil {
logrus.Error(err) logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
if err := createEdgeRouterPolicy(svcName, envId, edge); err != nil { if err := self.createEdgeRouterPolicy(svcName, envId, edge); err != nil {
logrus.Error(err) logrus.Error(err)
return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return tunnel.NewTunnelInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
@ -96,11 +105,12 @@ func tunnelHandler(params tunnel.TunnelParams, principal *rest_model_zrok.Princi
logrus.Infof("recorded service '%v' with id '%v' for '%v'", svcId, sid, principal.Username) logrus.Infof("recorded service '%v' with id '%v' for '%v'", svcId, sid, principal.Username)
return tunnel.NewTunnelCreated().WithPayload(&rest_model_zrok.TunnelResponse{ return tunnel.NewTunnelCreated().WithPayload(&rest_model_zrok.TunnelResponse{
Service: svcName, ProxyEndpoint: self.proxyUrl(svcName),
Service: svcName,
}) })
} }
func createService(name string, edge *rest_management_api_client.ZitiEdgeManagement) (serviceId string, err error) { func (self *tunnelHandler) createService(name string, edge *rest_management_api_client.ZitiEdgeManagement) (serviceId string, err error) {
configs := make([]string, 0) configs := make([]string, 0)
encryptionRequired := true encryptionRequired := true
svc := &rest_model.ServiceCreate{ svc := &rest_model.ServiceCreate{
@ -121,7 +131,7 @@ func createService(name string, edge *rest_management_api_client.ZitiEdgeManagem
return resp.Payload.Data.ID, nil return resp.Payload.Data.ID, nil
} }
func createServicePolicyBind(svcName, svcId, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error { func (self *tunnelHandler) createServicePolicyBind(svcName, svcId, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
semantic := rest_model.SemanticAllOf semantic := rest_model.SemanticAllOf
identityRoles := []string{fmt.Sprintf("@%v", envId)} identityRoles := []string{fmt.Sprintf("@%v", envId)}
name := fmt.Sprintf("%v-bind", svcName) name := fmt.Sprintf("%v-bind", svcName)
@ -149,7 +159,7 @@ func createServicePolicyBind(svcName, svcId, envId string, edge *rest_management
return nil return nil
} }
func createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { func (self *tunnelHandler) createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
identityRoles := []string{"@PyB606.S."} // @proxy identityRoles := []string{"@PyB606.S."} // @proxy
name := fmt.Sprintf("%v-dial", svcName) name := fmt.Sprintf("%v-dial", svcName)
postureCheckRoles := []string{} postureCheckRoles := []string{}
@ -177,7 +187,7 @@ func createServicePolicyDial(svcName, svcId string, edge *rest_management_api_cl
return nil return nil
} }
func createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { func (self *tunnelHandler) createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
edgeRouterRoles := []string{"#all"} edgeRouterRoles := []string{"#all"}
semantic := rest_model.SemanticAllOf semantic := rest_model.SemanticAllOf
serviceRoles := []string{fmt.Sprintf("@%v", svcId)} serviceRoles := []string{fmt.Sprintf("@%v", svcId)}
@ -200,7 +210,7 @@ func createServiceEdgeRouterPolicy(svcName, svcId string, edge *rest_management_
return nil return nil
} }
func createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error { func (self *tunnelHandler) createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
edgeRouterRoles := []string{"#all"} edgeRouterRoles := []string{"#all"}
identityRoles := []string{fmt.Sprintf("@%v", envId)} identityRoles := []string{fmt.Sprintf("@%v", envId)}
semantic := rest_model.SemanticAllOf semantic := rest_model.SemanticAllOf
@ -222,3 +232,7 @@ func createEdgeRouterPolicy(svcName, envId string, edge *rest_management_api_cli
logrus.Infof("created edge router policy '%v'", resp.Payload.Data.ID) logrus.Infof("created edge router policy '%v'", resp.Payload.Data.ID)
return nil return nil
} }
func (self *tunnelHandler) proxyUrl(svcName string) string {
return strings.Replace(self.cfg.Proxy.UrlTemplate, "{svcName}", svcName, -1)
}

View File

@ -17,6 +17,9 @@ import (
// swagger:model tunnelResponse // swagger:model tunnelResponse
type TunnelResponse struct { type TunnelResponse struct {
// proxy endpoint
ProxyEndpoint string `json:"proxyEndpoint,omitempty"`
// service // service
Service string `json:"service,omitempty"` Service string `json:"service,omitempty"`
} }

View File

@ -429,6 +429,9 @@ func init() {
"tunnelResponse": { "tunnelResponse": {
"type": "object", "type": "object",
"properties": { "properties": {
"proxyEndpoint": {
"type": "string"
},
"service": { "service": {
"type": "string" "type": "string"
} }
@ -869,6 +872,9 @@ func init() {
"tunnelResponse": { "tunnelResponse": {
"type": "object", "type": "object",
"properties": { "properties": {
"proxyEndpoint": {
"type": "string"
},
"service": { "service": {
"type": "string" "type": "string"
} }

View File

@ -145,6 +145,7 @@ paths:
description: internal server error description: internal server error
schema: schema:
$ref: "#/definitions/errorMessage" $ref: "#/definitions/errorMessage"
/version: /version:
get: get:
tags: tags:
@ -270,6 +271,8 @@ definitions:
tunnelResponse: tunnelResponse:
type: object type: object
properties: properties:
proxyEndpoint:
type: string
service: service:
type: string type: string

View File

@ -93,6 +93,7 @@
* @typedef tunnelResponse * @typedef tunnelResponse
* @memberof module:types * @memberof module:types
* *
* @property {string} proxyEndpoint
* @property {string} service * @property {string} service
*/ */