158 lines
3 KiB
Go
158 lines
3 KiB
Go
package main
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto"
|
|
"encoding/json"
|
|
"flag"
|
|
"fmt"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
|
|
"crispbyte.dev/sig-auth/client"
|
|
"crispbyte.dev/sig-auth/keydirectory"
|
|
"crispbyte.dev/sig-auth/server"
|
|
"github.com/opencontainers/go-digest"
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
func main() {
|
|
useClient := flag.Bool("c", false, "Run client")
|
|
|
|
keyId := flag.String("id", "", "The key id to pass")
|
|
|
|
register := flag.Bool("r", false, "Register a key")
|
|
|
|
user := flag.String("user", "", "Username to register")
|
|
|
|
keyPath := flag.String("key", "", "Path to the private key (client mode) or public key (registration mode) to use")
|
|
|
|
simulateCaddy := flag.Bool("caddy", false, "Simulate caddy reverse proxy")
|
|
|
|
useTempDb := flag.Bool("temp-db", false, "Use a temporary in-memory database")
|
|
|
|
dbPath := flag.String("db", "", "Path to the sqlite database file")
|
|
|
|
flag.Parse()
|
|
|
|
if *useClient {
|
|
if *keyPath == "" || *keyId == "" {
|
|
flag.PrintDefaults()
|
|
return
|
|
}
|
|
|
|
runClient(*keyPath, *keyId, *simulateCaddy)
|
|
} else if *register {
|
|
if *keyPath == "" || *user == "" {
|
|
flag.PrintDefaults()
|
|
return
|
|
}
|
|
|
|
registerKey(*keyPath, *user)
|
|
} else {
|
|
if !*useTempDb && *dbPath == "" {
|
|
flag.PrintDefaults()
|
|
return
|
|
}
|
|
|
|
runServer(*simulateCaddy, *useTempDb, *dbPath)
|
|
}
|
|
}
|
|
|
|
func runClient(keyFile string, keyId string, simulateCaddy bool) {
|
|
testData := map[string]string{"hello": "world"}
|
|
json_data, _ := json.Marshal(testData)
|
|
|
|
key, err := loadPrivateKey(keyFile)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
client, err := client.GetSigningClient(key, keyId)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
id := digest.FromBytes(json_data)
|
|
|
|
var req *http.Request
|
|
|
|
req, err = http.NewRequest("POST", "http://localhost:8080/post", bytes.NewBuffer(json_data))
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
req.Header.Add("Content-Digest", string(id.Algorithm())+"="+id.Encoded())
|
|
req.Header.Add("Content-Type", "application/json")
|
|
|
|
if simulateCaddy {
|
|
req.Header.Add("X-Forwarded-Method", req.Method)
|
|
req.Header.Add("X-Forwarded-Uri", req.RequestURI)
|
|
}
|
|
|
|
resp, err := client.Do(req)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
defer resp.Body.Close()
|
|
|
|
out, err := io.ReadAll(resp.Body)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
fmt.Println(resp.StatusCode)
|
|
fmt.Println(resp.Header)
|
|
fmt.Println(string(out[:]))
|
|
}
|
|
|
|
func runServer(simulateCaddy bool, useTempDb bool, dbPath string) {
|
|
var keyDir keydirectory.RegistrationDirectory
|
|
|
|
if useTempDb {
|
|
keyDir = keydirectory.CreateMemoryDirectory()
|
|
} else {
|
|
var err error
|
|
keyDir, err = keydirectory.InitSqlite(dbPath)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
}
|
|
|
|
server.Start(simulateCaddy, keyDir)
|
|
}
|
|
|
|
func loadPrivateKey(keyFile string) (crypto.PrivateKey, error) {
|
|
keyBytes, err := os.ReadFile(keyFile)
|
|
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return ssh.ParseRawPrivateKey(keyBytes)
|
|
}
|
|
|
|
func registerKey(keyFile string, userId string) {
|
|
keyBytes, err := os.ReadFile(keyFile)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
keyText := string(keyBytes)
|
|
|
|
err = client.RegisterKey(keyText, userId)
|
|
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
}
|