-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f270db7
commit 620618c
Showing
10 changed files
with
192 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
// Copyright (c) 2023 Target Brands, Inc. All rights reserved. | ||
// | ||
// Use of this source code is governed by the LICENSE file in this repository. | ||
|
||
package api | ||
|
||
import ( | ||
"encoding/base64" | ||
"net/http" | ||
|
||
"github.com/gin-gonic/gin" | ||
"github.com/go-vela/worker/router/middleware/token" | ||
) | ||
|
||
// swagger:operation POST /register system Register | ||
// | ||
// Fill registration token channel in worker to continue operation | ||
// | ||
// --- | ||
// produces: | ||
// - application/json | ||
// parameters: | ||
// security: | ||
// - ApiKeyAuth: [] | ||
// responses: | ||
// '200': | ||
// description: Successfully passed token to worker | ||
// schema: | ||
// type: string | ||
// '401': | ||
// description: No token was passed | ||
// schema: | ||
// "$ref": "#/definitions/Error" | ||
// '500': | ||
// description: Unable to pass token to worker | ||
// schema: | ||
// "$ref": "#/definitions/Error" | ||
|
||
// QueueKey will pass the token given in the request header to the register token | ||
// channel of the worker. This will unblock operation if the worker has not been | ||
// registered and the provided registration token is valid. | ||
func QueueKey(c *gin.Context) { // extract the register token channel that was packed into gin context | ||
v, ok := c.Get("queue-signing-key") | ||
if !ok { | ||
c.JSON(http.StatusInternalServerError, "no queue signing key channel in the context") | ||
return | ||
} | ||
|
||
// make sure we configured the channel properly | ||
rChan, ok := v.(chan string) | ||
if !ok { | ||
c.JSON(http.StatusInternalServerError, "queue signing key channel in the context is the wrong type") | ||
return | ||
} | ||
|
||
// if token is present in the channel, deny registration | ||
// this will likely never happen as the channel is offloaded immediately | ||
if len(rChan) > 0 { | ||
c.JSON(http.StatusOK, "queue key already provided") | ||
return | ||
} | ||
|
||
// retrieve auth token from header | ||
t, err := token.Retrieve(c.Request) | ||
if err != nil { | ||
// an error occurs when no token was passed | ||
c.JSON(http.StatusUnauthorized, err) | ||
return | ||
} | ||
|
||
publicKeyDecoded, err := base64.StdEncoding.DecodeString(t) | ||
if err != nil { | ||
c.JSON(http.StatusBadRequest, "Bad public key was provided") | ||
return | ||
} | ||
|
||
if len(publicKeyDecoded) == 0 { | ||
c.JSON(http.StatusBadRequest, "Provided public key is empty") | ||
return | ||
} | ||
// write registration token to auth token channel | ||
rChan <- t | ||
|
||
c.JSON(http.StatusOK, "successfully passed public key to worker") | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
// Copyright (c) 2023 Target Brands, Inc. All rights reserved. | ||
// | ||
// Use of this source code is governed by the LICENSE file in this repository. | ||
|
||
package middleware | ||
|
||
import ( | ||
"github.com/gin-gonic/gin" | ||
) | ||
|
||
// QueueSigningKey is a middleware function that attaches the | ||
// auth-token channel to the context of every http.Request. | ||
func QueueSigningKey(r chan string) gin.HandlerFunc { | ||
return func(c *gin.Context) { | ||
c.Set("queue-signing-key", r) | ||
c.Next() | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
// Copyright (c) 2023 Target Brands, Inc. All rights reserved. | ||
// | ||
// Use of this source code is governed by the LICENSE file in this repository. | ||
|
||
package middleware | ||
|
||
import ( | ||
"net/http" | ||
"net/http/httptest" | ||
"reflect" | ||
"testing" | ||
|
||
"github.com/gin-gonic/gin" | ||
) | ||
|
||
func TestMiddleware_QueueSigningKey(t *testing.T) { | ||
// setup types | ||
want := make(chan string, 1) | ||
got := make(chan string, 1) | ||
|
||
want <- "foo" | ||
|
||
// setup context | ||
gin.SetMode(gin.TestMode) | ||
|
||
resp := httptest.NewRecorder() | ||
context, engine := gin.CreateTestContext(resp) | ||
context.Request, _ = http.NewRequest(http.MethodGet, "/health", nil) | ||
|
||
// setup mock server | ||
engine.Use(QueueSigningKey(want)) | ||
engine.GET("/health", func(c *gin.Context) { | ||
got = c.Value("queue-signing-key").(chan string) | ||
|
||
c.Status(http.StatusOK) | ||
}) | ||
|
||
// run test | ||
engine.ServeHTTP(context.Writer, context.Request) | ||
|
||
if resp.Code != http.StatusOK { | ||
t.Errorf("QueueSigningKey returned %v, want %v", resp.Code, http.StatusOK) | ||
} | ||
|
||
if !reflect.DeepEqual(got, want) { | ||
t.Errorf("QueueSigningKey is %v, want foo", got) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters