-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
147 lines (129 loc) · 3.68 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
package main
import (
"bytes"
"crypto/md5"
"encoding/json"
"flag"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/http/httputil"
"net/url"
"time"
uuid "github.com/hashicorp/go-uuid"
)
var downstream = flag.String("downstream", "", "downstream Ory Kratos cluster")
var address = flag.String("addr", ":7666", "address to listen on")
var logging = flag.Bool("log", false, "enable logging of requests")
const defaultAuthMethod = "password"
func main() {
flag.Parse()
if *downstream == "" {
log.Println("downstream must not be empty")
flag.PrintDefaults()
return
}
downstreamURL, err := url.Parse(*downstream)
if err != nil {
log.Printf("could not parse downstream URL: %v", err)
flag.PrintDefaults()
return
}
mux := http.ServeMux{}
mux.Handle("/health", handleHealthCheck())
mux.Handle("/", handleEverythingElse(*downstreamURL))
mux.Handle("/self-service/registration", sanitizeRequest(handleRegistration(*downstreamURL)))
mux.Handle("/self-service/registration/", sanitizeRequest(handleRegistration(*downstreamURL)))
proxy := &http.Server{
Addr: *address,
Handler: &mux,
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
}
log.Println("listening on port", *address)
log.Fatal(proxy.ListenAndServe())
}
func handleHealthCheck() http.HandlerFunc {
return func(writer http.ResponseWriter, request *http.Request) {
writer.WriteHeader(http.StatusOK)
}
}
func handleRegistration(url url.URL) *httputil.ReverseProxy {
type requestBody struct {
Method string `json:"method"`
Password string `json:"password"`
Traits struct {
AccountKey string `json:"accountKey"`
} `json:"traits"`
CSRF string `json:"csrf_token,omitempty"`
}
proxy := &httputil.ReverseProxy{
Director: func(req *http.Request) {
req.URL.Host = url.Host
req.URL.Scheme = url.Scheme
stamp, err := uuid.GenerateUUID()
if err != nil {
log.Printf("error generating UUID for request: %v", err)
return
}
d := json.NewDecoder(req.Body)
body := new(requestBody)
if err := d.Decode(body); err != nil {
log.Printf("error decoding request body: %v", err)
return
}
if body.Method == "" {
body.Method = defaultAuthMethod
}
body.Traits.AccountKey = stamp
body.Password = fmt.Sprintf("%x", md5.Sum([]byte(stamp)))
b := new(bytes.Buffer)
e := json.NewEncoder(b)
if err := e.Encode(body); err != nil {
log.Printf("error encoding request body: %v", err)
return
}
req.Body = ioutil.NopCloser(b)
req.ContentLength = int64(b.Len())
if *logging {
log.Printf("proxied registration call to %q", req.URL.Path)
}
},
}
return proxy
}
func handleEverythingElse(url url.URL) http.Handler {
proxy := &httputil.ReverseProxy{
Director: func(req *http.Request) {
req.URL.Host = url.Host
req.URL.Scheme = url.Scheme
if *logging {
log.Printf("proxied other call to %q", req.URL.Path)
}
},
}
return proxy
}
// sanitize Request is a http middleware, preprocessing the request for our needs
// It
// * Sets the Content-Type to application/json if not provided.
// * If the http request body is empty, it gets replace by an empty json object.
func sanitizeRequest(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Header.Get("Content-Type") == "" {
r.Header.Set("Content-Type", "application/json")
}
if r.Header.Get("Accept") == "" {
r.Header.Set("Accept", "application/json")
}
if r.ContentLength == 0 {
// Empty json body
emptyJson := bytes.NewBufferString("{}")
r.Body = ioutil.NopCloser(bytes.NewReader(emptyJson.Bytes()))
r.ContentLength = int64(emptyJson.Len())
}
next.ServeHTTP(w, r)
})
}