From 850c52f9dc4a92c593152a763a53de12ca8c108d Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Wed, 22 Jul 2020 05:23:49 +0000 Subject: [PATCH] updates for auth API --- .../assets/.well-known/telebit.app/index.json | 12 +++++++++ cmd/telebit/admin.go | 26 +++++++++++++++++-- cmd/telebit/telebit.go | 5 ++-- 3 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 admin/assets/.well-known/telebit.app/index.json diff --git a/admin/assets/.well-known/telebit.app/index.json b/admin/assets/.well-known/telebit.app/index.json new file mode 100644 index 0000000..3f0e1de --- /dev/null +++ b/admin/assets/.well-known/telebit.app/index.json @@ -0,0 +1,12 @@ +{ + "terms_of_service": ":hostname/tos/", + "api_host": ":hostname/api", + "authn": { + "method": "GET", + "pathname": "inspect" + }, + "pair_request": { + "method": "POST", + "pathname": "telebit.app/pair_request" + } +} diff --git a/cmd/telebit/admin.go b/cmd/telebit/admin.go index 9fd12a7..7c2ee69 100644 --- a/cmd/telebit/admin.go +++ b/cmd/telebit/admin.go @@ -6,7 +6,10 @@ import ( "fmt" "log" "net/http" + "net/http/httputil" + "net/url" "os" + "strings" "sync" telebit "git.rootprojects.org/root/telebit" @@ -20,7 +23,7 @@ import ( var httpsrv *http.Server -func init() { +func InitAdmin(authURL string) { r := chi.NewRouter() r.Use(func(next http.Handler) http.Handler { @@ -39,6 +42,19 @@ func init() { w.Write(apiPingContent) })) + parsedAuthURL, err := url.Parse(authURL) + if nil != err { + panic(err) + } + + proxyHandler := httputil.NewSingleHostReverseProxy(parsedAuthURL) + proxyHandleFunc := func(w http.ResponseWriter, r *http.Request) { + r.URL.Path = strings.TrimPrefix(r.URL.Path, "/api") + proxyHandler.ServeHTTP(w, r) + } + r.Get("/api/inspect", proxyHandleFunc) + r.Post("/api/register-device/*", proxyHandleFunc) + r.Route("/api", func(r chi.Router) { // TODO token needs a globally unique subject @@ -69,7 +85,13 @@ func init() { }) adminUI := http.FileServer(admin.AdminFS) - r.Get("/", adminUI.ServeHTTP) + r.Get("/*", func(w http.ResponseWriter, r *http.Request) { + //rctx := chi.RouteContext(r.Context()) + //pathPrefix := strings.TrimSuffix(rctx.RoutePattern(), "/*") + //fs := http.StripPrefix(pathPrefix, http.FileServer(root)) + fmt.Println("Request Path:", r.URL.Path) + adminUI.ServeHTTP(w, r) + }) httpsrv = &http.Server{ Handler: r, diff --git a/cmd/telebit/telebit.go b/cmd/telebit/telebit.go index ccb9cc5..7dce61e 100644 --- a/cmd/telebit/telebit.go +++ b/cmd/telebit/telebit.go @@ -311,7 +311,7 @@ func main() { EnableTLSALPNChallenge: *enableTLSALPN01, } - mux := muxAll(portForwards, forwards, acme, apiHostname, grants) + mux := muxAll(portForwards, forwards, acme, apiHostname, authURL, grants) done := make(chan error) if dbg.Debug { @@ -385,7 +385,7 @@ func main() { func muxAll( portForwards, forwards []Forward, acme *telebit.ACME, - apiHostname *string, + apiHostname, authURL *string, grants *telebit.Grants, ) *telebit.RouteMux { //mux := telebit.NewRouteMux(acme) @@ -405,6 +405,7 @@ func muxAll( } if "" != *apiHostname { // this is a generic net listener + InitAdmin(*authURL) apiListener := tunnel.NewListener() go func() { httpsrv.Serve(apiListener)