sig-auth/main.go

package main

import (
	"bytes"
	"crypto"
	"encoding/json"
	"flag"
	"fmt"
	"io"
	"log"
	"net/http"
	"os"

	"crispbyte.dev/sig-auth/client"
	"crispbyte.dev/sig-auth/server"
	"crispbyte.dev/sig-auth/sqlite_directory"
	"github.com/opencontainers/go-digest"
	"golang.org/x/crypto/ssh"
)

func main() {
	useClient := flag.Bool("c", false, "Run client")

	register := flag.Bool("r", false, "Register a key")

	user := flag.String("user", "", "Username to register")

	keyPath := flag.String("key", "", "Path to the private key (client mode) or public key (registration mode) to use")

	simulateCaddy := flag.Bool("caddy", false, "Simulate caddy reverse proxy")

	flag.Parse()

	if *useClient {
		if *keyPath == "" || *user == "" {
			flag.PrintDefaults()
			return
		}

		runClient(*keyPath, *user, *simulateCaddy)
	} else if *register {
		if *keyPath == "" || *user == "" {
			flag.PrintDefaults()
			return
		}

		registerKey(*keyPath, *user)
	} else {
		runServer(*simulateCaddy)
	}
}

func runClient(keyFile string, user string, simulateCaddy bool) {
	testData := map[string]string{"hello": "world"}
	json_data, _ := json.Marshal(testData)

	key, err := loadPrivateKey(keyFile)

	if err != nil {
		log.Fatal(err)
	}

	client, err := client.GetSigningClient(key, user)

	if err != nil {
		log.Fatal(err)
	}

	id := digest.FromBytes(json_data)

	var req *http.Request

	req, err = http.NewRequest("POST", "http://localhost:8080/post", bytes.NewBuffer(json_data))

	if err != nil {
		log.Fatal(err)
	}

	req.Header.Add("Content-Digest", string(id.Algorithm())+"="+id.Encoded())
	req.Header.Add("Content-Type", "application/json")

	if simulateCaddy {
		req.Header.Add("X-Forwarded-Method", req.Method)
		req.Header.Add("X-Forwarded-Uri", req.RequestURI)
	}

	resp, err := client.Do(req)

	if err != nil {
		log.Fatal(err)
	}

	defer resp.Body.Close()

	out, err := io.ReadAll(resp.Body)

	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(resp.StatusCode)
	fmt.Println(resp.Header)
	fmt.Println(string(out[:]))
}

func runServer(simulateCaddy bool) {
	keyDir := sqlite_directory.CreateDirectory()

	server.Start(simulateCaddy, keyDir)
}

func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {
	keyBytes, err := os.ReadFile(keyFile)

	if err != nil {
		return nil, err
	}

	return ssh.ParseRawPrivateKey(keyBytes)
}

func registerKey(keyFile string, userId string) {
	keyBytes, err := os.ReadFile(keyFile)

	if err != nil {
		log.Fatal(err)
	}

	keyText := string(keyBytes)

	request := server.RegisterRequest{
		UserId: userId,
		Key:    keyText,
	}

	json_data, _ := json.Marshal(request)

	http.DefaultClient.Post("http://localhost:8080/register", "application/json", bytes.NewBuffer(json_data))
}
Initial commit - test client 2025-02-10 23:07:41 -05:00			`package main`

			`import (`
			`"bytes"`
			`"crypto"`
			`"encoding/json"`
Implement test server 2025-02-14 19:41:22 -05:00			`"flag"`
Initial commit - test client 2025-02-10 23:07:41 -05:00			`"fmt"`
Implement test server 2025-02-14 19:41:22 -05:00			`"io"`
Initial commit - test client 2025-02-10 23:07:41 -05:00			`"log"`
Implement test server 2025-02-14 19:41:22 -05:00			`"net/http"`
Initial commit - test client 2025-02-10 23:07:41 -05:00			`"os"`

			`"crispbyte.dev/sig-auth/client"`
Implement test server 2025-02-14 19:41:22 -05:00			`"crispbyte.dev/sig-auth/server"`
Separate out key directory 2025-02-17 19:55:53 -05:00			`"crispbyte.dev/sig-auth/sqlite_directory"`
Add digest to request 2025-02-14 19:41:22 -05:00			`"github.com/opencontainers/go-digest"`
Initial commit - test client 2025-02-10 23:07:41 -05:00			`"golang.org/x/crypto/ssh"`
			`)`

			`func main() {`
Implement test server 2025-02-14 19:41:22 -05:00			`useClient := flag.Bool("c", false, "Run client")`

Add basic key registration 2025-02-17 20:50:48 -05:00			`register := flag.Bool("r", false, "Register a key")`

			`user := flag.String("user", "", "Username to register")`

			`keyPath := flag.String("key", "", "Path to the private key (client mode) or public key (registration mode) to use")`
Implement test server 2025-02-14 19:41:22 -05:00
Try simulating caddy forward_auth 2025-02-16 13:51:53 -05:00			`simulateCaddy := flag.Bool("caddy", false, "Simulate caddy reverse proxy")`

Implement test server 2025-02-14 19:41:22 -05:00			`flag.Parse()`

			`if *useClient {`
Add basic key registration 2025-02-17 20:50:48 -05:00			`if keyPath == "" \|\| user == "" {`
			`flag.PrintDefaults()`
			`return`
			`}`

			`runClient(keyPath, user, *simulateCaddy)`
			`} else if *register {`
			`if keyPath == "" \|\| user == "" {`
			`flag.PrintDefaults()`
			`return`
			`}`

			`registerKey(keyPath, user)`
Implement test server 2025-02-14 19:41:22 -05:00			`} else {`
Add basic key registration 2025-02-17 20:50:48 -05:00			`runServer(*simulateCaddy)`
Implement test server 2025-02-14 19:41:22 -05:00			`}`
			`}`

Add basic key registration 2025-02-17 20:50:48 -05:00			`func runClient(keyFile string, user string, simulateCaddy bool) {`
Initial commit - test client 2025-02-10 23:07:41 -05:00			`testData := map[string]string{"hello": "world"}`
			`json_data, _ := json.Marshal(testData)`

Add basic key registration 2025-02-17 20:50:48 -05:00			`key, err := loadPrivateKey(keyFile)`
Initial commit - test client 2025-02-10 23:07:41 -05:00
			`if err != nil {`
			`log.Fatal(err)`
			`}`

Add basic key registration 2025-02-17 20:50:48 -05:00			`client, err := client.GetSigningClient(key, user)`
Initial commit - test client 2025-02-10 23:07:41 -05:00
			`if err != nil {`
			`log.Fatal(err)`
			`}`

Add digest to request 2025-02-14 19:41:22 -05:00			`id := digest.FromBytes(json_data)`

Try simulating caddy forward_auth 2025-02-16 13:51:53 -05:00			`var req *http.Request`

			`req, err = http.NewRequest("POST", "http://localhost:8080/post", bytes.NewBuffer(json_data))`
Add digest to request 2025-02-14 19:41:22 -05:00
			`if err != nil {`
			`log.Fatal(err)`
			`}`

			`req.Header.Add("Content-Digest", string(id.Algorithm())+"="+id.Encoded())`
			`req.Header.Add("Content-Type", "application/json")`

Try simulating caddy forward_auth 2025-02-16 13:51:53 -05:00			`if simulateCaddy {`
			`req.Header.Add("X-Forwarded-Method", req.Method)`
			`req.Header.Add("X-Forwarded-Uri", req.RequestURI)`
			`}`

Add digest to request 2025-02-14 19:41:22 -05:00			`resp, err := client.Do(req)`
Initial commit - test client 2025-02-10 23:07:41 -05:00
			`if err != nil {`
			`log.Fatal(err)`
			`}`

			`defer resp.Body.Close()`

Implement test server 2025-02-14 19:41:22 -05:00			`out, err := io.ReadAll(resp.Body)`

			`if err != nil {`
			`log.Fatal(err)`
			`}`

			`fmt.Println(resp.StatusCode)`
Try simulating caddy forward_auth 2025-02-16 13:51:53 -05:00			`fmt.Println(resp.Header)`
Implement test server 2025-02-14 19:41:22 -05:00			`fmt.Println(string(out[:]))`
			`}`

Add basic key registration 2025-02-17 20:50:48 -05:00			`func runServer(simulateCaddy bool) {`
			`keyDir := sqlite_directory.CreateDirectory()`
Separate out key directory 2025-02-17 19:55:53 -05:00
			`server.Start(simulateCaddy, keyDir)`
Initial commit - test client 2025-02-10 23:07:41 -05:00			`}`

			`func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {`
			`keyBytes, err := os.ReadFile(keyFile)`

			`if err != nil {`
			`return nil, err`
			`}`

			`return ssh.ParseRawPrivateKey(keyBytes)`
			`}`
Implement test server 2025-02-14 19:41:22 -05:00
Add basic key registration 2025-02-17 20:50:48 -05:00			`func registerKey(keyFile string, userId string) {`
Implement test server 2025-02-14 19:41:22 -05:00			`keyBytes, err := os.ReadFile(keyFile)`

			`if err != nil {`
Add basic key registration 2025-02-17 20:50:48 -05:00			`log.Fatal(err)`
Implement test server 2025-02-14 19:41:22 -05:00			`}`

Add basic key registration 2025-02-17 20:50:48 -05:00			`keyText := string(keyBytes)`
Separate out key directory 2025-02-17 19:55:53 -05:00
Add basic key registration 2025-02-17 20:50:48 -05:00			`request := server.RegisterRequest{`
			`UserId: userId,`
			`Key: keyText,`
Separate out key directory 2025-02-17 19:55:53 -05:00			`}`

Add basic key registration 2025-02-17 20:50:48 -05:00			`json_data, _ := json.Marshal(request)`

			`http.DefaultClient.Post("http://localhost:8080/register", "application/json", bytes.NewBuffer(json_data))`
Implement test server 2025-02-14 19:41:22 -05:00			`}`