...

Source file src/edge-infra.dev/pkg/edge/iam/provider/provider.go

Documentation: edge-infra.dev/pkg/edge/iam/provider 

     1  package provider
     2  
     3  import (
     4  	"net/http"
     5  	"os"
     6  	"os/signal"
     7  
     8  	"golang.org/x/sys/unix"
     9  
    10  	"edge-infra.dev/pkg/edge/iam/barcode"
    11  	"edge-infra.dev/pkg/edge/iam/cloud"
    12  	"edge-infra.dev/pkg/edge/iam/config"
    13  	"edge-infra.dev/pkg/edge/iam/device"
    14  	"edge-infra.dev/pkg/edge/iam/errors"
    15  	"edge-infra.dev/pkg/edge/iam/identity"
    16  	"edge-infra.dev/pkg/edge/iam/middleware"
    17  	"edge-infra.dev/pkg/edge/iam/oauth2"
    18  	"edge-infra.dev/pkg/edge/iam/pin"
    19  	"edge-infra.dev/pkg/edge/iam/prometheus"
    20  	"edge-infra.dev/pkg/edge/iam/storage/database"
    21  
    22  	"github.com/gin-contrib/secure"
    23  	"github.com/gin-gonic/gin"
    24  	"github.com/go-logr/logr"
    25  	"github.com/prometheus/client_golang/prometheus/promhttp"
    26  )
    27  
    28  func Serve(log logr.Logger) error {
    29  	log = log.WithName("provider")
    30  	// registering the metrics of the provider server
    31  	metrics := prometheus.NewMetrics()
    32  	log.Info("registered all the metrics")
    33  
    34  	// get a place to store data
    35  	storage, err := database.NewProviderStore(log)
    36  	if err != nil {
    37  		return err
    38  	}
    39  
    40  	// create and configure a new Gin router
    41  	router := newGin(log)
    42  
    43  	// serve up our main capabilities
    44  	oauth2.NewOAuth2(router, storage.Sessions, storage)
    45  	identity.NewIdentity(router, storage.Sessions, storage)
    46  	cloud.NewCloud(router, log, storage.Sessions, storage, metrics)
    47  	// initialize device login capabilities, irrespective of feature flag being enabled, as this piece of code is run only once during startup.
    48  	deviceService := device.NewCloudService(config.DeviceBaseURL(), config.OrganizationID(), config.SiteID())
    49  	device.NewAuthMethod(router, deviceService, storage.Sessions, storage, metrics)
    50  	// keep the PIN capabilities, even with device login enabled, no usage is expected with device login enabled.
    51  	pin.NewPIN(router, storage.Sessions, storage, metrics)
    52  	barcode.NewEmergency(router, storage.Sessions, storage, metrics)
    53  	errors.NewEsodError(router)
    54  	router.GET("/metrics", gin.WrapH(promhttp.Handler()))
    55  
    56  	if config.ProxyToWeb() {
    57  		log.Info("Proxying to the react web server, only for dev purpose.")
    58  	} else {
    59  		log.Info("serving up the UI from local filesystem")
    60  	}
    61  
    62  	// TODO:* handle errors
    63  	// TODO:* look into graceful shutdown, can use termination handler process to perform graceful shutdown.
    64  	log.Info("encryption", "enabled", config.EncryptionEnabled())
    65  	log.Info("starting the http router", "mode", gin.Mode())
    66  	log.Info("serving up Edge ID..")
    67  	term := make(chan os.Signal, 1)
    68  	signal.Notify(term, unix.SIGINT, unix.SIGTERM)
    69  
    70  	go func() {
    71  		signal := <-term
    72  		log.Info("got termination signal", "signal", signal)
    73  	}()
    74  	return router.Run(config.Addr())
    75  }
    76  
    77  func newGin(logger logr.Logger) *gin.Engine {
    78  	if config.IsProduction() {
    79  		gin.SetMode(gin.ReleaseMode)
    80  	}
    81  
    82  	router := gin.New()
    83  
    84  	router.Use(middleware.SetOperationInContext())
    85  	router.Use(middleware.IntoContext(logger))
    86  	router.Use(middleware.RequestLogger(logger))
    87  
    88  	router.Use(secure.New(secure.Config{
    89  		ContentTypeNosniff:      true,
    90  		CustomFrameOptionsValue: "SAMEORIGIN",
    91  		BrowserXssFilter:        true,
    92  		IENoOpen:                true,
    93  		// ContentSecurityPolicy:   "default-src 'self' 'unsafe-inline'; img-src *; connect-src 'self' ws:",
    94  	}))
    95  	// for now
    96  	router.GET("/live", func(c *gin.Context) { c.Status(http.StatusOK) })
    97  	router.GET("/ready", func(c *gin.Context) { c.Status(http.StatusOK) })
    98  
    99  	// recover from panics
   100  	router.Use(gin.Recovery())
   101  
   102  	return router
   103  }
   104  

View as plain text