WIP mgmt apis
This commit is contained in:
parent
dbb22d4b45
commit
6736d68446
mplexer
|
@ -32,6 +32,11 @@ type MWKey string
|
||||||
var store authstore.Store
|
var store authstore.Store
|
||||||
var provider challenge.Provider = nil // TODO is this concurrency-safe?
|
var provider challenge.Provider = nil // TODO is this concurrency-safe?
|
||||||
var secret *string
|
var secret *string
|
||||||
|
var primaryDomain string
|
||||||
|
|
||||||
|
func help() {
|
||||||
|
fmt.Fprintf(os.Stderr, "Usage: mgmt --domain <example.com> --secret <128-bit secret>\n")
|
||||||
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
var err error
|
var err error
|
||||||
|
@ -44,8 +49,15 @@ func main() {
|
||||||
"database (postgres) connection url",
|
"database (postgres) connection url",
|
||||||
)
|
)
|
||||||
secret = flag.String("secret", "", "a >= 16-character random string for JWT key signing")
|
secret = flag.String("secret", "", "a >= 16-character random string for JWT key signing")
|
||||||
|
domain := flag.String("domain", "", "the base domain to use for all clients")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
primaryDomain = *domain
|
||||||
|
if "" == primaryDomain {
|
||||||
|
help()
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
if "" != os.Getenv("GODADDY_API_KEY") {
|
if "" != os.Getenv("GODADDY_API_KEY") {
|
||||||
id := os.Getenv("GODADDY_API_KEY")
|
id := os.Getenv("GODADDY_API_KEY")
|
||||||
apiSecret := os.Getenv("GODADDY_API_SECRET")
|
apiSecret := os.Getenv("GODADDY_API_SECRET")
|
||||||
|
@ -64,7 +76,7 @@ func main() {
|
||||||
*secret = os.Getenv("SECRET")
|
*secret = os.Getenv("SECRET")
|
||||||
}
|
}
|
||||||
if "" == *secret {
|
if "" == *secret {
|
||||||
fmt.Fprintf(os.Stderr, "Usage: signjwt <secret>")
|
help()
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -131,6 +131,19 @@ func routeAll() chi.Router {
|
||||||
handleDNSRoutes(r)
|
handleDNSRoutes(r)
|
||||||
handleDeviceRoutes(r)
|
handleDeviceRoutes(r)
|
||||||
|
|
||||||
|
r.Post("/inspect", func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
ctx := r.Context()
|
||||||
|
claims, ok := ctx.Value(MWKey("claims")).(*MgmtClaims)
|
||||||
|
if !ok {
|
||||||
|
msg := `{"error":"failure to ping: 1"}`
|
||||||
|
fmt.Println("touch no claims", claims)
|
||||||
|
http.Error(w, msg+"\n", http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
w.Write([]byte(fmt.Sprintf(`{ "domains": [ "%s.%s" ] }`+"\n", claims.Slug, primaryDomain)))
|
||||||
|
})
|
||||||
|
|
||||||
r.Route("/register-device", func(r chi.Router) {
|
r.Route("/register-device", func(r chi.Router) {
|
||||||
// r.Use() // must NOT have slug '*'
|
// r.Use() // must NOT have slug '*'
|
||||||
|
|
||||||
|
|
|
@ -20,3 +20,4 @@ echo "PPID: $my_ppid KeyID: $my_keyid"
|
||||||
|
|
||||||
TOKEN=$(go run cmd/signjwt/*.go $my_ppid)
|
TOKEN=$(go run cmd/signjwt/*.go $my_ppid)
|
||||||
curl -X POST http://localhost:3000/api/ping -H "Authorization: Bearer ${TOKEN}"
|
curl -X POST http://localhost:3000/api/ping -H "Authorization: Bearer ${TOKEN}"
|
||||||
|
curl -X POST http://localhost:3000/api/inspect -H "Authorization: Bearer ${TOKEN}"
|
||||||
|
|
Loading…
Reference in New Issue