2024-10-27 06:10:27 +01:00
|
|
|
package pkg
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
Copyright 2024 Jonas Kaninda
|
|
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
2024-11-04 08:48:38 +01:00
|
|
|
"github.com/jkaninda/goma-gateway/pkg/logger"
|
2024-10-27 06:10:27 +01:00
|
|
|
"github.com/jkaninda/goma-gateway/util"
|
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
|
"gopkg.in/yaml.v3"
|
|
|
|
|
"os"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var cfg *Gateway
|
|
|
|
|
|
|
|
|
|
// Config reads config file and returns Gateway
|
|
|
|
|
func (GatewayServer) Config(configFile string) (*GatewayServer, error) {
|
|
|
|
|
if util.FileExists(configFile) {
|
|
|
|
|
buf, err := os.ReadFile(configFile)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
util.SetEnv("GOMA_CONFIG_FILE", configFile)
|
|
|
|
|
c := &GatewayConfig{}
|
|
|
|
|
err = yaml.Unmarshal(buf, c)
|
|
|
|
|
if err != nil {
|
2024-10-27 07:24:50 +01:00
|
|
|
return nil, fmt.Errorf("error parsing yaml %q: %w", configFile, err)
|
2024-10-27 06:10:27 +01:00
|
|
|
}
|
|
|
|
|
return &GatewayServer{
|
|
|
|
|
ctx: nil,
|
|
|
|
|
gateway: c.GatewayConfig,
|
|
|
|
|
middlewares: c.Middlewares,
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
logger.Error("Configuration file not found: %v", configFile)
|
|
|
|
|
logger.Info("Generating new configuration file...")
|
|
|
|
|
initConfig(ConfigFile)
|
|
|
|
|
logger.Info("Server configuration file is available at %s", ConfigFile)
|
|
|
|
|
util.SetEnv("GOMA_CONFIG_FILE", ConfigFile)
|
|
|
|
|
buf, err := os.ReadFile(ConfigFile)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
c := &GatewayConfig{}
|
|
|
|
|
err = yaml.Unmarshal(buf, c)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("in file %q: %w", ConfigFile, err)
|
|
|
|
|
}
|
|
|
|
|
logger.Info("Generating new configuration file...done")
|
|
|
|
|
logger.Info("Starting server with default configuration")
|
|
|
|
|
return &GatewayServer{
|
|
|
|
|
ctx: nil,
|
|
|
|
|
gateway: c.GatewayConfig,
|
|
|
|
|
middlewares: c.Middlewares,
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
func GetConfigPaths() string {
|
|
|
|
|
return util.GetStringEnv("GOMAY_CONFIG_FILE", ConfigFile)
|
|
|
|
|
}
|
|
|
|
|
func InitConfig(cmd *cobra.Command) {
|
|
|
|
|
configFile, _ := cmd.Flags().GetString("output")
|
|
|
|
|
if configFile == "" {
|
|
|
|
|
configFile = GetConfigPaths()
|
|
|
|
|
}
|
|
|
|
|
initConfig(configFile)
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
func initConfig(configFile string) {
|
|
|
|
|
if configFile == "" {
|
|
|
|
|
configFile = GetConfigPaths()
|
|
|
|
|
}
|
|
|
|
|
conf := &GatewayConfig{
|
|
|
|
|
GatewayConfig: Gateway{
|
|
|
|
|
WriteTimeout: 15,
|
|
|
|
|
ReadTimeout: 15,
|
|
|
|
|
IdleTimeout: 60,
|
|
|
|
|
AccessLog: "/dev/Stdout",
|
|
|
|
|
ErrorLog: "/dev/stderr",
|
|
|
|
|
DisableRouteHealthCheckError: false,
|
|
|
|
|
DisableDisplayRouteOnStart: false,
|
|
|
|
|
RateLimiter: 0,
|
2024-10-29 14:21:55 +01:00
|
|
|
InterceptErrors: []int{405, 500},
|
2024-10-27 06:10:27 +01:00
|
|
|
Cors: Cors{
|
|
|
|
|
Origins: []string{"http://localhost:8080", "https://example.com"},
|
|
|
|
|
Headers: map[string]string{
|
|
|
|
|
"Access-Control-Allow-Headers": "Origin, Authorization, Accept, Content-Type, Access-Control-Allow-Headers, X-Client-Id, X-Session-Id",
|
|
|
|
|
"Access-Control-Allow-Credentials": "true",
|
|
|
|
|
"Access-Control-Max-Age": "1728000",
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
Routes: []Route{
|
|
|
|
|
{
|
2024-10-29 14:21:55 +01:00
|
|
|
Name: "Public",
|
2024-10-28 03:26:32 +01:00
|
|
|
Path: "/public",
|
2024-11-02 12:24:31 +01:00
|
|
|
Destination: "https://example.com",
|
|
|
|
|
Rewrite: "/",
|
2024-10-27 06:10:27 +01:00
|
|
|
HealthCheck: "",
|
2024-11-02 12:24:31 +01:00
|
|
|
Middlewares: []string{"api-forbidden-paths"},
|
2024-10-27 06:10:27 +01:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "Basic auth",
|
2024-10-28 03:26:32 +01:00
|
|
|
Path: "/protected",
|
|
|
|
|
Destination: "https://example.com",
|
|
|
|
|
Rewrite: "/",
|
2024-10-27 06:10:27 +01:00
|
|
|
HealthCheck: "",
|
2024-10-28 10:17:55 +01:00
|
|
|
Cors: Cors{
|
|
|
|
|
Origins: []string{"http://localhost:3000", "https://dev.example.com"},
|
|
|
|
|
Headers: map[string]string{
|
|
|
|
|
"Access-Control-Allow-Headers": "Origin, Authorization",
|
|
|
|
|
"Access-Control-Allow-Credentials": "true",
|
|
|
|
|
"Access-Control-Max-Age": "1728000",
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-10-30 16:58:22 +01:00
|
|
|
Middlewares: []string{"basic-auth", "api-forbidden-paths"},
|
2024-10-27 06:10:27 +01:00
|
|
|
},
|
2024-10-29 14:21:55 +01:00
|
|
|
{
|
|
|
|
|
Name: "Hostname example",
|
2024-11-04 06:52:41 +01:00
|
|
|
Host: "http://example.localhost",
|
2024-10-29 14:21:55 +01:00
|
|
|
Path: "/",
|
|
|
|
|
Destination: "https://example.com",
|
|
|
|
|
Rewrite: "/",
|
|
|
|
|
HealthCheck: "",
|
|
|
|
|
},
|
2024-10-27 06:10:27 +01:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []Middleware{
|
|
|
|
|
{
|
|
|
|
|
Name: "basic-auth",
|
2024-10-30 16:58:22 +01:00
|
|
|
Type: BasicAuth,
|
|
|
|
|
Paths: []string{
|
2024-11-02 12:24:31 +01:00
|
|
|
"/*",
|
2024-10-30 16:58:22 +01:00
|
|
|
},
|
2024-10-30 16:38:09 +01:00
|
|
|
Rule: BasicRuleMiddleware{
|
2024-11-02 12:24:31 +01:00
|
|
|
Username: "admin",
|
|
|
|
|
Password: "admin",
|
2024-10-27 06:10:27 +01:00
|
|
|
},
|
|
|
|
|
}, {
|
2024-10-28 03:26:32 +01:00
|
|
|
Name: "jwt",
|
2024-10-30 16:58:22 +01:00
|
|
|
Type: JWTAuth,
|
|
|
|
|
Paths: []string{
|
|
|
|
|
"/protected-access",
|
|
|
|
|
"/example-of-jwt",
|
|
|
|
|
},
|
2024-10-30 16:38:09 +01:00
|
|
|
Rule: JWTRuleMiddleware{
|
2024-10-28 03:26:32 +01:00
|
|
|
URL: "https://www.googleapis.com/auth/userinfo.email",
|
|
|
|
|
RequiredHeaders: []string{
|
|
|
|
|
"Authorization",
|
|
|
|
|
},
|
2024-10-27 06:10:27 +01:00
|
|
|
Headers: map[string]string{},
|
|
|
|
|
Params: map[string]string{},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-10-30 16:58:22 +01:00
|
|
|
{
|
|
|
|
|
Name: "api-forbidden-paths",
|
|
|
|
|
Type: AccessMiddleware,
|
|
|
|
|
Paths: []string{
|
|
|
|
|
"/swagger-ui/*",
|
|
|
|
|
"/v2/swagger-ui/*",
|
|
|
|
|
"/api-docs/*",
|
|
|
|
|
"/internal/*",
|
|
|
|
|
"/actuator/*",
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-10-27 06:10:27 +01:00
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
yamlData, err := yaml.Marshal(&conf)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Fatal("Error serializing configuration %v", err.Error())
|
|
|
|
|
}
|
|
|
|
|
err = os.WriteFile(configFile, yamlData, 0644)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Fatal("Unable to write config file %s", err)
|
|
|
|
|
}
|
|
|
|
|
logger.Info("Configuration file has been initialized successfully")
|
|
|
|
|
}
|
|
|
|
|
func Get() *Gateway {
|
|
|
|
|
if cfg == nil {
|
|
|
|
|
c := &Gateway{}
|
|
|
|
|
c.Setup(GetConfigPaths())
|
|
|
|
|
cfg = c
|
|
|
|
|
}
|
|
|
|
|
return cfg
|
|
|
|
|
}
|
|
|
|
|
func (Gateway) Setup(conf string) *Gateway {
|
|
|
|
|
if util.FileExists(conf) {
|
|
|
|
|
buf, err := os.ReadFile(conf)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return &Gateway{}
|
|
|
|
|
}
|
|
|
|
|
util.SetEnv("GOMA_CONFIG_FILE", conf)
|
|
|
|
|
c := &GatewayConfig{}
|
|
|
|
|
err = yaml.Unmarshal(buf, c)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Fatal("Error loading configuration %v", err.Error())
|
|
|
|
|
}
|
|
|
|
|
return &c.GatewayConfig
|
|
|
|
|
}
|
|
|
|
|
return &Gateway{}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-30 16:38:09 +01:00
|
|
|
// getJWTMiddleware returns JWTRuleMiddleware,error
|
|
|
|
|
func getJWTMiddleware(input interface{}) (JWTRuleMiddleware, error) {
|
|
|
|
|
jWTRuler := new(JWTRuleMiddleware)
|
2024-10-27 06:10:27 +01:00
|
|
|
var bytes []byte
|
|
|
|
|
bytes, err := yaml.Marshal(input)
|
|
|
|
|
if err != nil {
|
2024-10-30 16:38:09 +01:00
|
|
|
return JWTRuleMiddleware{}, fmt.Errorf("error parsing yaml: %v", err)
|
2024-10-27 06:10:27 +01:00
|
|
|
}
|
|
|
|
|
err = yaml.Unmarshal(bytes, jWTRuler)
|
|
|
|
|
if err != nil {
|
2024-10-30 16:38:09 +01:00
|
|
|
return JWTRuleMiddleware{}, fmt.Errorf("error parsing yaml: %v", err)
|
2024-10-27 07:24:50 +01:00
|
|
|
}
|
|
|
|
|
if jWTRuler.URL == "" {
|
2024-10-30 16:38:09 +01:00
|
|
|
return JWTRuleMiddleware{}, fmt.Errorf("error parsing yaml: empty url in jwt auth middleware")
|
2024-10-27 07:24:50 +01:00
|
|
|
|
2024-10-27 06:10:27 +01:00
|
|
|
}
|
|
|
|
|
return *jWTRuler, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-30 16:38:09 +01:00
|
|
|
// getBasicAuthMiddleware returns BasicRuleMiddleware,error
|
|
|
|
|
func getBasicAuthMiddleware(input interface{}) (BasicRuleMiddleware, error) {
|
|
|
|
|
basicAuth := new(BasicRuleMiddleware)
|
2024-10-27 06:10:27 +01:00
|
|
|
var bytes []byte
|
|
|
|
|
bytes, err := yaml.Marshal(input)
|
|
|
|
|
if err != nil {
|
2024-10-30 16:38:09 +01:00
|
|
|
return BasicRuleMiddleware{}, fmt.Errorf("error parsing yaml: %v", err)
|
2024-10-27 06:10:27 +01:00
|
|
|
}
|
|
|
|
|
err = yaml.Unmarshal(bytes, basicAuth)
|
|
|
|
|
if err != nil {
|
2024-10-30 16:38:09 +01:00
|
|
|
return BasicRuleMiddleware{}, fmt.Errorf("error parsing yaml: %v", err)
|
2024-10-27 07:24:50 +01:00
|
|
|
}
|
|
|
|
|
if basicAuth.Username == "" || basicAuth.Password == "" {
|
2024-10-30 16:38:09 +01:00
|
|
|
return BasicRuleMiddleware{}, fmt.Errorf("error parsing yaml: empty username/password in %s middleware", basicAuth)
|
2024-10-27 07:24:50 +01:00
|
|
|
|
2024-10-27 06:10:27 +01:00
|
|
|
}
|
|
|
|
|
return *basicAuth, nil
|
|
|
|
|
}
|
