teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

token-validator: Implement token collector

Browse source
This commit is contained in:
nemunaire 2021-03-25 14:38:20 +01:00
commit 3e3a0e9e37
3 changed files with 60 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

15
token-validator/main.go
View file

@ -2,6 +2,7 @@ package main
import (
"context"
"encoding/base64"
"flag"
"fmt"
"log"
@ -16,7 +17,9 @@ import (
"git.nemunai.re/lectures/adlin/libadlin"
)
var baseURL string = "/"
var (
baseURL string = "/"
)
type ResponseWriterPrefix struct {
real http.ResponseWriter
@ -59,6 +62,8 @@ func StripPrefix(prefix string, h http.Handler) http.Handler {
}
func main() {
var err error
if v, exists := os.LookupEnv("ADLIN_NS_HOST"); exists {
ControlSocket = v
}
@ -68,6 +73,13 @@ func main() {
if v, exists := os.LookupEnv("ADLIN_TSIG_SECRET"); exists {
tsigSecret = v
}
if v, exists := os.LookupEnv("ADLIN_COLLECTOR_SECRET"); !exists {
log.Fatal("Please define ADLIN_COLLECTOR_SECRET environment variable")
} else if t, err := base64.StdEncoding.DecodeString(v); err != nil {
log.Fatal("Error reading ADLIN_COLLECTOR_SECRET variable:", err)
} else {
adlin.SetCollectorSecret(t)
}
var bind = flag.String("bind", ":8081", "Bind port/socket")
var dsn = flag.String("dsn", adlin.DSNGenerator(), "DSN to connect to the MySQL server")
@ -82,7 +94,6 @@ func main() {
flag.Parse()
// Sanitize options
var err error
log.Println("Checking paths...")
if err = sanitizeStaticOptions(); err != nil {
log.Fatal(err)

6
token-validator/wg.go
View file

@ -17,6 +17,9 @@ import (
)
func init() {
router.GET("/api/collector_info", apiHandler(func(ps httprouter.Params, body []byte) (interface{}, error) {
return "\"" + base64.StdEncoding.EncodeToString(adlin.GetCollectorPublic()) + "\"", nil
}))
router.GET("/api/wg.conf", func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
w.Header().Set("Content-Type", "text/plain")
@ -149,7 +152,8 @@ PersistentKeepalive = 5
# MyNetwork=%s/%d
# GWIPv6=%s
# MyLogin=%s
`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, token.SuffixIP, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6, student.Login)))
# KeySign=%s
`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, token.SuffixIP, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6, student.Login, base64.StdEncoding.EncodeToString(token.GenKeySign()))))
}
func updateWgTunnel(student *adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {