Cadoles/go-http-peering
10
0
Fork 0
Code Issues Pull Requests Releases 3 Wiki Activity

Compare commits

base: Cadoles:fbb2381b
Branches Tags
Cadoles:master
Cadoles:2024.1.5-stable.1112.b28a87c Cadoles:2024.1.5-stable.955.db06098 Cadoles:2024.1.4-stable.1622.052c690 Cadoles:2024.1.4-stable.1135.72f6073 Cadoles:2023.11.21-stable.1413.1bf8d75 Cadoles:2023.11.21-stable.1221.ced46bf Cadoles:2023.10.19-stable.1544.cf8f026 Cadoles:2023.10.19-stable.1515.958652d Cadoles:2023.9.5-stable.508.891cfa7 Cadoles:1.0.0 Cadoles:932aa46 Cadoles:c15a85a Cadoles:e6727c8 Cadoles:fbb2381b Cadoles:1.0.0-7-g891cfa7 Cadoles:1.0.0-6-gd38f0be Cadoles:1.0.0-5-g5be381d Cadoles:1.0.0-4-g7cff0e3 Cadoles:1.0.0-4-g4c3217b Cadoles:1.0.0-2-g6257330 Cadoles:1.0.0-1-g9c26b79
...
compare: Cadoles:932aa46
Branches Tags
Cadoles:master
Cadoles:2024.1.5-stable.1112.b28a87c Cadoles:2024.1.5-stable.955.db06098 Cadoles:2024.1.4-stable.1622.052c690 Cadoles:2024.1.4-stable.1135.72f6073 Cadoles:2023.11.21-stable.1413.1bf8d75 Cadoles:2023.11.21-stable.1221.ced46bf Cadoles:2023.10.19-stable.1544.cf8f026 Cadoles:2023.10.19-stable.1515.958652d Cadoles:2023.9.5-stable.508.891cfa7 Cadoles:1.0.0 Cadoles:932aa46 Cadoles:c15a85a Cadoles:e6727c8 Cadoles:fbb2381b Cadoles:1.0.0-7-g891cfa7 Cadoles:1.0.0-6-gd38f0be Cadoles:1.0.0-5-g5be381d Cadoles:1.0.0-4-g7cff0e3 Cadoles:1.0.0-4-g4c3217b Cadoles:1.0.0-2-g6257330 Cadoles:1.0.0-1-g9c26b79

7 Commits
fbb2381b ... 932aa46

Author SHA1 Message Date
William Petit
932aa46a18 Add Jenkinsfile
All checks were successful
Cadoles/go-http-peering/pipeline/head This commit looks good
Details
2022-09-05 12:30:00 +02:00
William Petit
b826f7de2d Rename advertise sequence diagram 2020-01-06 14:58:21 +01:00
William Petit
3c44e82b65 Update sequence diagrams 
- Use PlantUML
- Update README
 2020-01-06 11:12:38 +01:00
William Petit
e6643cba6b Merge branch 'master' of ssh://forge.cadoles.com:4242/Cadoles/go-http-peering 2019-10-16 11:35:15 +02:00
William Petit
e7072ccdb3 Migrate to namespace forge.cadoles.com/Cadoles/go-http-peering 2019-10-16 11:18:34 +02:00
William Petit
5f3f508329 Allow ignoring of specific client token errors 2019-05-17 13:03:32 +02:00
William Petit
dab91eea29 Fix client token generation 
- Set NotBefore timestamp one minute in the past to prevent false
negative checks
- Set NotAfter timestamp 5 minutes to the future
 2019-05-10 14:20:01 +02:00
34 changed files with 192 additions and 180 deletions
Expand all files Collapse all files

3
.gitignore vendored
View File

@ -2,4 +2,5 @@
/vendor
/bin
/testdata
/release
/release
/out

33
Jenkinsfile vendored Normal file
View File

@ -0,0 +1,33 @@
@Library('cadoles@gitea-release') _
pipeline {
agent {
dockerfile {
filename 'Dockerfile'
dir 'misc/ci'
}
}
stages {
stage('Release') {
steps {
script {
sh 'ARCH_TARGETS="amd64 arm arm64" make release'
def attachments = sh(returnStdout: true, script: 'find release -maxdepth 1 -type f').split(' ')
gitea.release('forge-jenkins', 'Cadoles', 'go-http-peering', [
'attachments': attachments
])
}
}
}
}
post {
always {
script {
cleanWs()
}
}
}
}

4
Makefile
View File

@ -26,10 +26,10 @@ sd-%:
goseq doc/sequence-diagram/$*.seq > doc/sequence-diagram/$*.svg
doc:
@echo "open your browser to http://localhost:6060/pkg/forge.cadoles.com/wpetit/go-http-peering to see the documentation"
@echo "open your browser to http://localhost:6060/pkg/forge.cadoles.com/Cadoles/go-http-peering to see the documentation"
godoc -http=:6060
bin/keygen:
go build -o bin/keygen ./cmd/keygen
CGO_ENABLED=0 go build -o bin/keygen ./cmd/keygen
.PHONY: test lint doc sequence-diagram bin/keygen release

10
README.md
View File

@ -2,23 +2,21 @@
Librairie implémentant un protocole d'authentification par "appairage" d'un serveur et client HTTP basé sur [JWT](https://jwt.io/).
[Documentation](https://godoc.org/forge.cadoles.com/wpetit/go-http-peering)
[Documentation](https://godoc.org/forge.cadoles.com/Cadoles/go-http-peering)
## Séquences
### Annonce du client
![advertise](./doc/sequence-diagram/advertise.svg)
![advertise](./doc/sequence-diagram/advertising.png)
### Mise à jour des attributs
![update](./doc/sequence-diagram/update.svg)
![update](./doc/sequence-diagram/update.png)
### Ping
![ping](./doc/sequence-diagram/ping.svg)
**Statut** Instable
![ping](./doc/sequence-diagram/ping.png)
## Licence

4
chi/mount.go
View File

@ -3,8 +3,8 @@ package chi
import (
"crypto/rsa"
peering "forge.cadoles.com/wpetit/go-http-peering"
"forge.cadoles.com/wpetit/go-http-peering/server"
peering "forge.cadoles.com/Cadoles/go-http-peering"
"forge.cadoles.com/Cadoles/go-http-peering/server"
"github.com/go-chi/chi"
)

6
chi/mount_test.go
View File

@ -3,9 +3,9 @@ package chi
import (
"testing"
peering "forge.cadoles.com/wpetit/go-http-peering"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/wpetit/go-http-peering/memory"
peering "forge.cadoles.com/Cadoles/go-http-peering"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/memory"
"github.com/go-chi/chi"
)

12
client/client.go
View File

@ -9,11 +9,11 @@ import (
"net/http"
"time"
"github.com/dgrijalva/jwt-go"
jwt "github.com/dgrijalva/jwt-go"
peering "forge.cadoles.com/wpetit/go-http-peering"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/wpetit/go-http-peering/server"
peering "forge.cadoles.com/Cadoles/go-http-peering"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/server"
)
var (
@ -153,8 +153,8 @@ func (c *Client) addClientToken(r *http.Request, body []byte) error {
token := jwt.NewWithClaims(jwt.SigningMethodRS256, peering.ClientTokenClaims{
StandardClaims: jwt.StandardClaims{
NotBefore: time.Now().Unix(),
ExpiresAt: time.Now().Add(time.Minute * 10).Unix(),
NotBefore: time.Now().Add(time.Minute * -1).Unix(),
ExpiresAt: time.Now().Add(time.Minute * 5).Unix(),
},
BodySum: bodySum,
})

4
client/client_test.go
View File

@ -5,9 +5,9 @@ import (
"crypto/rsa"
"testing"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
peering "forge.cadoles.com/wpetit/go-http-peering"
peering "forge.cadoles.com/Cadoles/go-http-peering"
)
func TestClientPeerID(t *testing.T) {

2
cmd/keygen/create_key.go
View File

@ -3,7 +3,7 @@ package main
import (
"fmt"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
)
func createKey() {

4
cmd/keygen/create_token.go
View File

@ -3,9 +3,9 @@ package main
import (
"fmt"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
peering "forge.cadoles.com/wpetit/go-http-peering"
peering "forge.cadoles.com/Cadoles/go-http-peering"
)
func createToken() {

2
cmd/keygen/get_public_key.go
View File

@ -3,7 +3,7 @@ package main
import (
"fmt"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
)
func getPublicKey() {

2
cmd/keygen/util.go
View File

@ -12,7 +12,7 @@ import (
"os"
"syscall"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
"golang.org/x/crypto/ssh/terminal"
)

2
crypto/rsa.go
View File

@ -5,7 +5,7 @@ import (
"crypto/rsa"
"time"
peering "forge.cadoles.com/wpetit/go-http-peering"
peering "forge.cadoles.com/Cadoles/go-http-peering"
jwt "github.com/dgrijalva/jwt-go"
)

2
doc/sequence-diagram/advertise.seq
View File

@ -1,2 +0,0 @@
Client -> Server: POST /advertise\nX-Server-Token: <JWT_TOKEN>\n\n{"Attributes": <PEER_ATTRIBUTES>, "PublicKey": <PUBLIC_KEY> }
Server -> Client: 201 Created

36
doc/sequence-diagram/advertise.svg
View File

@ -1,36 +0,0 @@
<?xml version="1.0"?>
<!-- Generated by SVGo -->
<svg width="589" height="212"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink">
<defs>
<style>
@font-face {
font-family: 'DejaVuSans';
src: url('https://fontlibrary.org/assets/fonts/dejavu-sans/f5ec8426554a3a67ebcdd39f9c3fee83/49c0f03ec2fa354df7002bcb6331e106/DejaVuSansBook.ttf') format('truetype');
font-weight: normal;
font-style: normal;
}
</style>
</defs>
<line x1="45" y1="24" x2="45" y2="188" style="stroke-dasharray:8,8;stroke-width:2px;stroke:black;" />
<rect x="8" y="8" width="75" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="24" y="29" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Client</text>
<rect x="8" y="172" width="75" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="24" y="193" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Client</text>
<line x1="539" y1="24" x2="539" y2="188" style="stroke-dasharray:8,8;stroke-width:2px;stroke:black;" />
<rect x="497" y="8" width="84" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="513" y="29" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Server</text>
<rect x="497" y="172" width="84" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="513" y="193" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Server</text>
<rect x="61" y="56" width="462" height="62" style="fill:white;stroke:white;" />
<text x="237" y="68" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >POST /advertise</text>
<text x="184" y="84" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >X-Server-Token: &lt;JWT_TOKEN&gt;</text>
<text x="61" y="116" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >{&#34;Attributes&#34;: &lt;PEER_ATTRIBUTES&gt;, &#34;PublicKey&#34;: &lt;PUBLIC_KEY&gt; }</text>
<line x1="45" y1="122" x2="539" y2="122" style="stroke:black;stroke-width:2px;" />
<polyline points="530,117 539,122 530,127" style="fill:black;stroke-width:2px;stroke:black;" />
<rect x="249" y="138" width="87" height="14" style="fill:white;stroke:white;" />
<text x="249" y="150" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >201 Created</text>
<line x1="539" y1="156" x2="45" y2="156" style="stroke:black;stroke-width:2px;" />
<polyline points="54,151 45,156 54,161" style="fill:black;stroke-width:2px;stroke:black;" />
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 2.4 KiB

15
doc/sequence-diagram/advertising.plantuml Normal file
View File

@ -0,0 +1,15 @@
@startuml
Client -> Server: POST /advertise\nX-Server-Token: <JWT_TOKEN>\n\n{"Attributes": <PEER_ATTRIBUTES>, "PublicKey": <PUBLIC_KEY> }
Server -> Server: Validate server token
alt Success
Server -> Server: Create peer with public key and attributes
Server -> Server: Update last contact for peer ID
Server -> Client: 201 Created
else Invalid server token
Server -> Client: 401 Unauthorized
else Malformed advertising request
Server -> Client: 400 Bad request
else Unexpected error
Server -> Client: 500 Server error
end
@enduml

BIN
doc/sequence-diagram/advertising.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

17
doc/sequence-diagram/ping.plantuml Normal file
View File

@ -0,0 +1,17 @@
@startuml
Client -> Server: POST /ping\nX-Server-Token: <JWT_TOKEN>\nX-Client-Token: <JWT_TOKEN>
Server -> Server: Validate client/server tokens
alt Success
Server -> Server: Update last contact for peer ID
Server -> Client: 204 No Content
else Invalid client or server token
Server -> Client: 400 Bad request
else Peer not found
Server -> Client: 401 Unauthorized
else Peer rejected
Server -> Client: 403 Forbidden
else Unexpected error
Server -> Client: 500 Server error
end
@enduml

BIN
doc/sequence-diagram/ping.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

2
doc/sequence-diagram/ping.seq
View File

@ -1,2 +0,0 @@
Client -> Server: POST /ping\nX-Server-Token: <JWT_TOKEN>\nX-Client-Token: <JWT_TOKEN>
Server -> Client: 204 No Content

36
doc/sequence-diagram/ping.svg
View File

@ -1,36 +0,0 @@
<?xml version="1.0"?>
<!-- Generated by SVGo -->
<svg width="343" height="196"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink">
<defs>
<style>
@font-face {
font-family: 'DejaVuSans';
src: url('https://fontlibrary.org/assets/fonts/dejavu-sans/f5ec8426554a3a67ebcdd39f9c3fee83/49c0f03ec2fa354df7002bcb6331e106/DejaVuSansBook.ttf') format('truetype');
font-weight: normal;
font-style: normal;
}
</style>
</defs>
<line x1="45" y1="24" x2="45" y2="172" style="stroke-dasharray:8,8;stroke-width:2px;stroke:black;" />
<rect x="8" y="8" width="75" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="24" y="29" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Client</text>
<rect x="8" y="156" width="75" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="24" y="177" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Client</text>
<line x1="293" y1="24" x2="293" y2="172" style="stroke-dasharray:8,8;stroke-width:2px;stroke:black;" />
<rect x="251" y="8" width="84" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="267" y="29" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Server</text>
<rect x="251" y="156" width="84" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="267" y="177" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Server</text>
<rect x="61" y="56" width="216" height="46" style="fill:white;stroke:white;" />
<text x="130" y="68" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >POST /ping</text>
<text x="61" y="84" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >X-Server-Token: &lt;JWT_TOKEN&gt;</text>
<text x="63" y="100" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >X-Client-Token: &lt;JWT_TOKEN&gt;</text>
<line x1="45" y1="106" x2="293" y2="106" style="stroke:black;stroke-width:2px;" />
<polyline points="284,101 293,106 284,111" style="fill:black;stroke-width:2px;stroke:black;" />
<rect x="114" y="122" width="111" height="14" style="fill:white;stroke:white;" />
<text x="114" y="134" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >204 No Content</text>
<line x1="293" y1="140" x2="45" y2="140" style="stroke:black;stroke-width:2px;" />
<polyline points="54,135 45,140 54,145" style="fill:black;stroke-width:2px;stroke:black;" />
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 2.4 KiB

19
doc/sequence-diagram/update.plantuml Normal file
View File

@ -0,0 +1,19 @@
@startuml
Client -> Server: POST /update\nX-Server-Token: <JWT_TOKEN>\nX-Client-Token: <JWT_TOKEN>\n\n{"Attributes": <PEER_ATTRIBUTES>}
Server -> Server: Validate client/server tokens
alt Success
Server -> Server: Save attributes
Server -> Server: Update last contact for peer ID
Server -> Client: 200 OK {""}
else Invalid client or server token
Server -> Client: 400 Bad request
else Malformed update request
Server -> Client: 400 Bad request
else Peer not found
Server -> Client: 401 Unauthorized
else Peer rejected
Server -> Client: 403 Forbidden
else Unexpected error
Server -> Client: 500 Server error
end
@enduml

BIN
doc/sequence-diagram/update.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

2
doc/sequence-diagram/update.seq
View File

@ -1,2 +0,0 @@
Client -> Server: POST /update\nX-Server-Token: <JWT_TOKEN>\nX-Client-Token: <JWT_TOKEN>\n\n{"Attributes": <PEER_ATTRIBUTES>}
Server -> Client: 204 No Content

37
doc/sequence-diagram/update.svg
View File

@ -1,37 +0,0 @@
<?xml version="1.0"?>
<!-- Generated by SVGo -->
<svg width="386" height="228"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink">
<defs>
<style>
@font-face {
font-family: 'DejaVuSans';
src: url('https://fontlibrary.org/assets/fonts/dejavu-sans/f5ec8426554a3a67ebcdd39f9c3fee83/49c0f03ec2fa354df7002bcb6331e106/DejaVuSansBook.ttf') format('truetype');
font-weight: normal;
font-style: normal;
}
</style>
</defs>
<line x1="45" y1="24" x2="45" y2="204" style="stroke-dasharray:8,8;stroke-width:2px;stroke:black;" />
<rect x="8" y="8" width="75" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="24" y="29" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Client</text>
<rect x="8" y="188" width="75" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="24" y="209" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Client</text>
<line x1="336" y1="24" x2="336" y2="204" style="stroke-dasharray:8,8;stroke-width:2px;stroke:black;" />
<rect x="294" y="8" width="84" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="310" y="29" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Server</text>
<rect x="294" y="188" width="84" height="32" style="fill:white;stroke-width:2px;stroke:black;" />
<text x="310" y="209" style="fill:black;font-family:DejaVuSans,sans-serif;font-size:16px;" >Server</text>
<rect x="61" y="56" width="259" height="78" style="fill:white;stroke:white;" />
<text x="142" y="68" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >POST /update</text>
<text x="82" y="84" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >X-Server-Token: &lt;JWT_TOKEN&gt;</text>
<text x="84" y="100" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >X-Client-Token: &lt;JWT_TOKEN&gt;</text>
<text x="61" y="132" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >{&#34;Attributes&#34;: &lt;PEER_ATTRIBUTES&gt;}</text>
<line x1="45" y1="138" x2="336" y2="138" style="stroke:black;stroke-width:2px;" />
<polyline points="327,133 336,138 327,143" style="fill:black;stroke-width:2px;stroke:black;" />
<rect x="136" y="154" width="111" height="14" style="fill:white;stroke:white;" />
<text x="136" y="166" style="font-family:DejaVuSans,sans-serif;font-size:14px;" >204 No Content</text>
<line x1="336" y1="172" x2="45" y2="172" style="stroke:black;stroke-width:2px;" />
<polyline points="54,167 45,172 54,177" style="fill:black;stroke-width:2px;stroke:black;" />
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 2.5 KiB

4
go.mod
View File

@ -1,4 +1,4 @@
module forge.cadoles.com/wpetit/go-http-peering
module forge.cadoles.com/Cadoles/go-http-peering
require (
github.com/davecgh/go-spew v1.1.1
@ -8,3 +8,5 @@ require (
golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223 // indirect
)
go 1.13

2
memory/store.go
View File

@ -4,7 +4,7 @@ import (
"sync"
"time"
peering "forge.cadoles.com/wpetit/go-http-peering"
peering "forge.cadoles.com/Cadoles/go-http-peering"
)
type Store struct {

5
misc/ci/Dockerfile Normal file
View File

@ -0,0 +1,5 @@
FROM golang:1.19
RUN apt-get update && apt-get install -y make upx-ucl curl ca-certificates bash jq
RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash

4
server/handler.go
View File

@ -7,8 +7,8 @@ import (
"net/http"
"time"
peering "forge.cadoles.com/wpetit/go-http-peering"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
peering "forge.cadoles.com/Cadoles/go-http-peering"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
)
var (

49
server/middleware.go
View File

@ -10,9 +10,9 @@ import (
"io/ioutil"
"time"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
peering "forge.cadoles.com/wpetit/go-http-peering"
peering "forge.cadoles.com/Cadoles/go-http-peering"
jwt "github.com/dgrijalva/jwt-go"
"net/http"
@ -58,7 +58,13 @@ func Authenticate(store peering.Store, key *rsa.PublicKey, funcs ...OptionFunc)
return
}
clientClaims, err := assertClientToken(serverClaims.PeerID, store, clientToken)
clientClaims, err := assertClientToken(
serverClaims.PeerID,
store,
clientToken,
logger,
options.IgnoredClientTokenErrors...,
)
if err != nil {
logger.Printf("[ERROR] %s", err)
switch err {
@ -78,10 +84,11 @@ func Authenticate(store peering.Store, key *rsa.PublicKey, funcs ...OptionFunc)
return
}
sendError(w, http.StatusForbidden)
return
default:
sendError(w, http.StatusInternalServerError)
return
}
return
}
match, body, err := assertBodySum(r.Body, clientClaims.BodySum)
@ -145,7 +152,7 @@ func assertServerToken(key *rsa.PublicKey, serverToken string) (*peering.ServerT
return claims, nil
}
func assertClientToken(peerID peering.PeerID, store peering.Store, clientToken string) (*peering.ClientTokenClaims, error) {
func assertClientToken(peerID peering.PeerID, store peering.Store, clientToken string, logger Logger, ignoredValidationErrors ...uint32) (*peering.ClientTokenClaims, error) {
fn := func(token *jwt.Token) (interface{}, error) {
peer, err := store.Get(peerID)
if err != nil {
@ -163,22 +170,35 @@ func assertClientToken(peerID peering.PeerID, store peering.Store, clientToken s
}
return publicKey, nil
}
getPeeringClaims := func(token *jwt.Token) (*peering.ClientTokenClaims, error) {
claims, ok := token.Claims.(*peering.ClientTokenClaims)
if !ok {
return nil, ErrInvalidClaims
}
return claims, nil
}
token, err := jwt.ParseWithClaims(clientToken, &peering.ClientTokenClaims{}, fn)
if err != nil {
validationError, ok := err.(*jwt.ValidationError)
if ok {
for _, c := range ignoredValidationErrors {
if validationError.Errors&c != 0 {
logger.Printf("ignoring token validation error: '%s'", validationError.Inner)
return getPeeringClaims(token)
}
}
return nil, validationError.Inner
}
return nil, err
}
if !token.Valid {
return nil, ErrInvalidClaims
}
claims, ok := token.Claims.(*peering.ClientTokenClaims)
if !ok {
return nil, ErrInvalidClaims
}
return claims, nil
return getPeeringClaims(token)
}
func assertBodySum(rc io.ReadCloser, bodySum []byte) (bool, []byte, error) {
@ -200,6 +220,15 @@ func sendError(w http.ResponseWriter, status int) {
http.Error(w, http.StatusText(status), status)
}
func filterIgnoredValidationError(err *jwt.ValidationError, ignored ...uint32) error {
for _, c := range ignored {
if err.Errors&c != 0 {
return nil
}
}
return err
}
func compareChecksum(body []byte, sum []byte) (bool, error) {
sha := sha256.New()
_, err := sha.Write(body)

20
server/option.go
View File

@ -11,9 +11,10 @@ type Logger interface {
}
type Options struct {
PeerAttributes []string
ErrorHandler ErrorHandler
Logger Logger
PeerAttributes []string
ErrorHandler ErrorHandler
Logger Logger
IgnoredClientTokenErrors []uint32
}
type OptionFunc func(*Options)
@ -38,12 +39,19 @@ func WithErrorHandler(handler ErrorHandler) OptionFunc {
}
}
func WithIgnoredClientTokenErrors(codes ...uint32) OptionFunc {
return func(options *Options) {
options.IgnoredClientTokenErrors = codes
}
}
func defaultOptions() *Options {
logger := log.New(os.Stdout, "[go-http-peering] ", log.LstdFlags|log.Lshortfile)
return &Options{
PeerAttributes: []string{"Label"},
ErrorHandler: DefaultErrorHandler,
Logger: logger,
PeerAttributes: []string{"Label"},
ErrorHandler: DefaultErrorHandler,
Logger: logger,
IgnoredClientTokenErrors: make([]uint32, 0),
}
}

12
test/advertise_test.go
View File

@ -5,13 +5,13 @@ import (
"testing"
"time"
"forge.cadoles.com/wpetit/go-http-peering/client"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/wpetit/go-http-peering/memory"
"forge.cadoles.com/wpetit/go-http-peering/server"
"forge.cadoles.com/Cadoles/go-http-peering/client"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/memory"
"forge.cadoles.com/Cadoles/go-http-peering/server"
peering "forge.cadoles.com/wpetit/go-http-peering"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
peering "forge.cadoles.com/Cadoles/go-http-peering"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
)
func TestAdvertise(t *testing.T) {

10
test/ping_test.go
View File

@ -3,11 +3,11 @@ package test
import (
"testing"
peering "forge.cadoles.com/wpetit/go-http-peering"
"forge.cadoles.com/wpetit/go-http-peering/client"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/wpetit/go-http-peering/memory"
"forge.cadoles.com/wpetit/go-http-peering/server"
peering "forge.cadoles.com/Cadoles/go-http-peering"
"forge.cadoles.com/Cadoles/go-http-peering/client"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/memory"
"forge.cadoles.com/Cadoles/go-http-peering/server"
)
func TestPing(t *testing.T) {

12
test/update_test.go
View File

@ -5,12 +5,12 @@ import (
"testing"
"time"
peering "forge.cadoles.com/wpetit/go-http-peering"
"forge.cadoles.com/wpetit/go-http-peering/client"
"forge.cadoles.com/wpetit/go-http-peering/crypto"
peeringCrypto "forge.cadoles.com/wpetit/go-http-peering/crypto"
"forge.cadoles.com/wpetit/go-http-peering/memory"
"forge.cadoles.com/wpetit/go-http-peering/server"
peering "forge.cadoles.com/Cadoles/go-http-peering"
"forge.cadoles.com/Cadoles/go-http-peering/client"
"forge.cadoles.com/Cadoles/go-http-peering/crypto"
peeringCrypto "forge.cadoles.com/Cadoles/go-http-peering/crypto"
"forge.cadoles.com/Cadoles/go-http-peering/memory"
"forge.cadoles.com/Cadoles/go-http-peering/server"
)
func TestUpdate(t *testing.T) {