...

Source file src/edge-infra.dev/pkg/edge/auth-proxy/config.go

Documentation: edge-infra.dev/pkg/edge/auth-proxy 

     1  package authproxy
     2  
     3  import (
     4  	"database/sql"
     5  	"flag"
     6  	"fmt"
     7  	"strings"
     8  	"time"
     9  
    10  	"github.com/gin-gonic/gin"
    11  	"github.com/peterbourgon/ff/v3"
    12  
    13  	"edge-infra.dev/pkg/edge/auth-proxy/session"
    14  	"edge-infra.dev/pkg/lib/gcp/cloudsql"
    15  	"edge-infra.dev/pkg/lib/runtime/metrics"
    16  )
    17  
    18  // ProxyConfig
    19  type ProxyConfig struct {
    20  	MetricsPort            string
    21  	UIProxyPort            string
    22  	Mode                   string
    23  	BffEndpoint            string
    24  	Domain                 string
    25  	DatabaseHost           string
    26  	DatabaseConnectionName string
    27  	DatabaseName           string
    28  	DatabaseUsername       string
    29  	DatabasePassword       string
    30  	DatabasePort           string
    31  	DatabaseSchema         string
    32  	EAGatewayEndpoint      string
    33  	TokenSecret            string
    34  	SessionSecret          string
    35  	AllowedOrigins         string
    36  	SessionDuration        time.Duration
    37  	StripToken             bool
    38  	SessionLength          int
    39  }
    40  
    41  func NewConfig(args []string) (*ProxyConfig, error) {
    42  	config := ProxyConfig{}
    43  
    44  	fs := flag.NewFlagSet("authproxy", flag.ExitOnError)
    45  
    46  	fs.StringVar(
    47  		&config.MetricsPort,
    48  		"metrics_port",
    49  		metrics.DefaultBindAddress,
    50  		"Port number for metrics bind address for runnable manager",
    51  	)
    52  
    53  	fs.StringVar(
    54  		&config.UIProxyPort,
    55  		"auth_proxy_port",
    56  		"9003",
    57  		"Port number for gin reverse proxy server",
    58  	)
    59  
    60  	fs.StringVar(
    61  		&config.Domain,
    62  		"domain",
    63  		"",
    64  		"domain for cookie",
    65  	)
    66  	fs.StringVar(
    67  		&config.BffEndpoint,
    68  		"bff_endpoint",
    69  		"",
    70  		"Bff endpoint URL for proxy target",
    71  	)
    72  	fs.StringVar(
    73  		&config.EAGatewayEndpoint,
    74  		"ea_gateway_endpoint",
    75  		"",
    76  		"EA gateway endpoint URL for proxy target",
    77  	)
    78  
    79  	fs.StringVar(&config.Mode,
    80  		"mode",
    81  		gin.ReleaseMode,
    82  		"gin server mode",
    83  	)
    84  
    85  	fs.StringVar(&config.DatabaseHost,
    86  		"database_host",
    87  		"",
    88  		"Database Host",
    89  	)
    90  
    91  	fs.StringVar(&config.DatabaseConnectionName,
    92  		"database_connection_name",
    93  		"",
    94  		"Database Connection Name",
    95  	)
    96  
    97  	fs.StringVar(&config.DatabaseName,
    98  		"database_name",
    99  		"",
   100  		"Database Name",
   101  	)
   102  
   103  	fs.StringVar(&config.DatabaseUsername,
   104  		"database_username",
   105  		"",
   106  		"Database User Name",
   107  	)
   108  
   109  	fs.StringVar(&config.DatabasePassword,
   110  		"database_password",
   111  		"",
   112  		"Database Password",
   113  	)
   114  
   115  	fs.StringVar(&config.DatabasePort,
   116  		"database_port",
   117  		"",
   118  		"Database Port",
   119  	)
   120  
   121  	fs.StringVar(&config.DatabaseSchema,
   122  		"database_schema",
   123  		"",
   124  		"Optionally specify a search path for DB connection",
   125  	)
   126  
   127  	fs.StringVar(&config.TokenSecret,
   128  		"app_secret",
   129  		"",
   130  		"JWT Token Secret",
   131  	)
   132  
   133  	fs.StringVar(&config.SessionSecret,
   134  		"session_secret",
   135  		"",
   136  		"Session Secret",
   137  	)
   138  
   139  	fs.StringVar(&config.AllowedOrigins,
   140  		"allowed_origins",
   141  		"http://localhost:3000",
   142  		"Origins that CORS should allow",
   143  	)
   144  
   145  	fs.DurationVar(&config.SessionDuration,
   146  		"session_duration",
   147  		session.DefaultDuration,
   148  		"Duration a session should be active",
   149  	)
   150  
   151  	fs.BoolVar(&config.StripToken,
   152  		"strip_token",
   153  		false,
   154  		"Strip the jwt token from the login mutation",
   155  	)
   156  
   157  	fs.IntVar(&config.SessionLength,
   158  		"session_length",
   159  		1024*1024*1024,
   160  		"The length of the session value in database",
   161  	)
   162  
   163  	if err := ff.Parse(fs, args, ff.WithEnvVarNoPrefix()); err != nil {
   164  		return &ProxyConfig{}, err
   165  	}
   166  
   167  	return &config, nil
   168  }
   169  
   170  func (c *ProxyConfig) allowedOrigins() []string {
   171  	return strings.Split(c.AllowedOrigins, ",")
   172  }
   173  
   174  func (c *ProxyConfig) connectDatabase() (*sql.DB, error) {
   175  	edgeDB := &cloudsql.EdgePostgres{}
   176  	switch {
   177  	case c.DatabaseConnectionName != "":
   178  		edgeDB = cloudsql.GCPPostgresConnection(c.DatabaseConnectionName)
   179  	case c.DatabaseConnectionName == "" && c.DatabaseHost != "":
   180  		if c.DatabasePort == "" {
   181  			return nil, fmt.Errorf("database port is required")
   182  		}
   183  		edgeDB = cloudsql.PostgresConnection(c.DatabaseHost, c.DatabasePort).Password(c.DatabasePassword)
   184  	default:
   185  		return nil, fmt.Errorf("database_connection_name or database_host must be provided")
   186  	}
   187  
   188  	// Only set search_path when the schema is a non-empty string
   189  	if c.DatabaseSchema != "" {
   190  		edgeDB = edgeDB.SearchPath(c.DatabaseSchema)
   191  	}
   192  
   193  	dbConnection, err := edgeDB.
   194  		DBName(c.DatabaseName).
   195  		Username(c.DatabaseUsername).
   196  		NewConnection()
   197  	if err != nil {
   198  		return nil, err
   199  	}
   200  	if err := dbConnection.Ping(); err != nil {
   201  		return nil, err
   202  	}
   203  	return dbConnection, nil
   204  }
   205  

View as plain text