authentication (#11)

controller/util.go

@@ -4,6 +4,7 @@ import (
 	"crypto/rand"
 	"crypto/x509"
 	"encoding/hex"
+	errors2 "github.com/go-openapi/errors"
 	"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
 	"github.com/openziti/edge/rest_management_api_client"
 	"github.com/openziti/edge/rest_util"
@@ -21,7 +22,7 @@ func ZrokAuthenticate(token string) (*rest_model_zrok.Principal, error) {
 		principal := rest_model_zrok.Principal(a.Token)
 		return &principal, nil
 	} else {
-		return nil, errors.Wrap(err, "error authenticating")
+		return nil, errors2.New(401, "invalid api key")
 	}
 }
 

rest_client_zrok/identity/enable_responses.go

@@ -29,6 +29,12 @@ func (o *EnableReader) ReadResponse(response runtime.ClientResponse, consumer ru
 			return nil, err
 		}
 		return result, nil
+	case 401:
+		result := NewEnableUnauthorized()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
 	case 404:
 		result := NewEnableNotFound()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
@@ -78,6 +84,27 @@ func (o *EnableCreated) readResponse(response runtime.ClientResponse, consumer r
 	return nil
 }
 
+// NewEnableUnauthorized creates a EnableUnauthorized with default headers values
+func NewEnableUnauthorized() *EnableUnauthorized {
+	return &EnableUnauthorized{}
+}
+
+/* EnableUnauthorized describes a response with status code 401, with default header values.
+
+invalid api key
+*/
+type EnableUnauthorized struct {
+}
+
+func (o *EnableUnauthorized) Error() string {
+	return fmt.Sprintf("[POST /enable][%d] enableUnauthorized ", 401)
+}
+
+func (o *EnableUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
 // NewEnableNotFound creates a EnableNotFound with default headers values
 func NewEnableNotFound() *EnableNotFound {
 	return &EnableNotFound{}

rest_server_zrok/embedded_spec.go

@@ -89,6 +89,9 @@ func init() {
               "$ref": "#/definitions/enableResponse"
             }
           },
+          "401": {
+            "description": "invalid api key"
+          },
           "404": {
             "description": "account not found"
           },
@@ -325,6 +328,9 @@ func init() {
               "$ref": "#/definitions/enableResponse"
             }
           },
+          "401": {
+            "description": "invalid api key"
+          },
           "404": {
             "description": "account not found"
           },

rest_server_zrok/operations/identity/enable_responses.go

@@ -57,6 +57,30 @@ func (o *EnableCreated) WriteResponse(rw http.ResponseWriter, producer runtime.P
 	}
 }
 
+// EnableUnauthorizedCode is the HTTP code returned for type EnableUnauthorized
+const EnableUnauthorizedCode int = 401
+
+/*EnableUnauthorized invalid api key
+
+swagger:response enableUnauthorized
+*/
+type EnableUnauthorized struct {
+}
+
+// NewEnableUnauthorized creates EnableUnauthorized with default headers values
+func NewEnableUnauthorized() *EnableUnauthorized {
+
+	return &EnableUnauthorized{}
+}
+
+// WriteResponse to the client
+func (o *EnableUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(401)
+}
+
 // EnableNotFoundCode is the HTTP code returned for type EnableNotFound
 const EnableNotFoundCode int = 404
 

specs/zrok.yml

@@ -45,6 +45,8 @@ paths:
           description: environment enabled
           schema:
             $ref: "#/definitions/enableResponse"
+        401:
+          description: invalid api key
         404:
           description: account not found
         500: