verifier.go

Documentation: edge-infra.dev/pkg/edge/iam/verify

     1  package verify
     2  
     3  import (
     4  	"bytes"
     5  	"html/template"
     6  	"net/http"
     7  
     8  	"github.com/gin-gonic/gin"
     9  
    10  	"github.com/go-logr/logr"
    11  
    12  	"edge-infra.dev/pkg/edge/iam/middleware"
    13  )
    14  
    15  type BarcodeScanner struct {
    16  	ScanBarcodeURI string
    17  	Image          string
    18  	Token          string
    19  }
    20  
    21  type BarcodeResult struct {
    22  	FailureURI  string
    23  	RedirectURI string
    24  	Image       string
    25  	Token       string
    26  	HTML        template.HTML
    27  }
    28  
    29  type Result struct {
    30  	Name    string
    31  	Steps   []Step
    32  	Pass    bool
    33  	Barcode BarcodeResult
    34  }
    35  
    36  type Step struct {
    37  	Name        string
    38  	Description string
    39  	Pass        bool
    40  	IsPublic    bool
    41  	Expected    string
    42  	Got         string
    43  }
    44  
    45  type Verifier struct {
    46  	ClientID     string
    47  	ClientSecret string
    48  	ClientURL    string
    49  }
    50  
    51  func Serve(log logr.Logger) error {
    52  	// create and configure a new Gin router
    53  	router := gin.New()
    54  
    55  	router.Use(middleware.SetOperationInContext())
    56  	router.Use(middleware.IntoContext(log))
    57  	router.Use(middleware.RequestLogger(log))
    58  
    59  	// When in dev mode all calls are from outside and localhost:8080 will work. Hence we dont require the reverse proxy.
    60  	if !DevMode() {
    61  		//running reverse proxy
    62  		reverseproxy()
    63  	}
    64  
    65  	verifier := &Verifier{
    66  		ClientID:     ClientID(),
    67  		ClientSecret: ClientSecret(),
    68  		ClientURL:    ClientURL(),
    69  	}
    70  
    71  	// serve up our main capabilities
    72  	router.GET("", begin)
    73  	router.GET("/choose", choose)
    74  	router.GET("/custom", custom)
    75  	router.GET("/verify", verifier.start)
    76  	router.GET("/verify/customize", verifier.startWithOptions)
    77  	router.GET("/verify/client", verifier.client)
    78  	router.GET("/verify/print-barcode", verifier.printBarcode)
    79  	router.GET(verifyCallbackPath, verifier.callback)
    80  	router.GET("/verify/view-barcode", verifier.viewBarcode)
    81  	router.GET("/verify/scan-barcode", verifier.scanBarcode)
    82  	router.GET("/live", func(c *gin.Context) { c.Status(http.StatusOK) })
    83  	router.GET("/ready", func(c *gin.Context) {
    84  		if isReady() {
    85  			c.Status(http.StatusOK)
    86  		} else {
    87  			c.Status(http.StatusServiceUnavailable)
    88  		}
    89  	})
    90  
    91  	log.Info("serving up verify-client...")
    92  
    93  	return router.Run(Addr())
    94  }
    95  
    96  func writeResult(ctx *gin.Context, tmpl string, result *Result, steps ...Step) {
    97  	result.Steps = append(result.Steps, steps...)
    98  
    99  	// mark result to be failed, if any of the steps did not pass
   100  	for _, step := range result.Steps {
   101  		if !step.Pass {
   102  			result.Pass = false
   103  			break
   104  		}
   105  	}
   106  
   107  	t, err := template.New("").Parse(tmpl)
   108  	tpl := template.Must(t, err)
   109  	var w bytes.Buffer
   110  	_ = tpl.Execute(&w, result)
   111  
   112  	ctx.Data(http.StatusOK, "text/html", w.Bytes())
   113  }
   114  
   115  func isReady() bool {
   116  	// check if provider is ready
   117  	res, err := http.Get(InClusterIssuerURL() + "/ready")
   118  	if err != nil {
   119  		return false
   120  	}
   121  	return res.StatusCode == http.StatusOK
   122  }
   123
View as plain text