diff --git a/wazuh-agent-k8s-autoadd/internal/config/config.go b/wazuh-agent-k8s-autoadd/internal/config/config.go index f25948e..d71d335 100644 --- a/wazuh-agent-k8s-autoadd/internal/config/config.go +++ b/wazuh-agent-k8s-autoadd/internal/config/config.go @@ -2,13 +2,14 @@ package config import ( "github.com/caarlos0/env/v11" - "log" + "strings" ) type Config struct { - BaseURL string `env:"WAZUH_MANAGER_BASE_URL,required,notEmpty"` - User string `env:"WAZUH_MANAGER_USER,required,notEmpty"` - Passwd string `env:"WAZUH_MANAGER_PASSWD,required,notEmpty"` + BaseURL string `env:"WAZUH_MANAGER_BASE_URL,required,notEmpty"` + User string `env:"WAZUH_MANAGER_USER,required,notEmpty"` + Passwd string `env:"WAZUH_MANAGER_PASSWD,required,notEmpty"` + SkipSSLVerification bool `env:"WAZUH_MANAGER_SKIP_SSL_VERIFICATION",envDefault:"false"` } func NewConfig() (*Config, error) { @@ -17,5 +18,7 @@ func NewConfig() (*Config, error) { return nil, err } + cfg.BaseURL = strings.TrimSuffix(cfg.BaseURL, "/") + return cfg, nil } diff --git a/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go b/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go index 4141282..6e1bc00 100644 --- a/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go +++ b/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go @@ -1,62 +1,84 @@ package wazuh import ( + "crypto/tls" "encoding/json" + "fmt" + "io" "log" "net/http" "forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd/internal/config" ) -const APIAuthentication = "/security/user/authenticate" +const APIAuthenticate = "/security/user/authenticate" +const APIAgents = "/agents" -func getJWT(cfg Config) (string, error) { - req, err := http.NewRequest(http.MethodPost, cfg.BaseURL+APIAuthentication, http.NoBody) +type AuthResponse struct { + Data struct { + Token string `json:"token"` + } `json:"data"` + Error int `json:"error"` +} + +func getJWT(cfg *config.Config) (string, error) { + req, err := http.NewRequest(http.MethodPost, cfg.BaseURL+APIAuthenticate, http.NoBody) if err != nil { - return nil, fmt.Errorf("cannot create request for %v : %+v", cfg.BaseURL+APIAuthentication, err) + return "", fmt.Errorf("cannot create request for %v : %+v", cfg.BaseURL+APIAuthenticate, err) } req.SetBasicAuth(cfg.User, cfg.Passwd) - res, err := http.DefaultClient.Do(req) + client := http.DefaultClient + if cfg.SkipSSLVerification { + tr := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + client = &http.Client{Transport: tr} + } + + res, err := client.Do(req) if err != nil { - return nil, fmt.Errorf("cannot request for %v : %+v", cfg.BaseURL+APIAuthentication, err) + return "", err } defer res.Body.Close() if res.StatusCode != http.StatusOK { - return nil, "Bad status on %v: %d", cfg.BaseURL + APIAuthentication, res.StatusCode + return "", fmt.Errorf("Bad status on %v: %d", cfg.BaseURL+APIAuthenticate, res.StatusCode) } - // Faux, mapper sur du json - token, err := io.ReadAll(res.Body) + body, err := io.ReadAll(res.Body) if err != nil { log.Fatal(err) } - return token, nil + var authInfo AuthResponse + if err := json.Unmarshal(body, &authInfo); err != nil { + return "", fmt.Errorf("Cannot unmarshal JSON: %v", string(body)) + } + return authInfo.Data.Token, nil } -func AddAgent(cfg Config) error { - resp, err := getJWT(cfg) +func AddAgent(cfg *config.Config) error { + token, err := getJWT(cfg) if err != nil { return err } - print(resp) - resp, err := http.DefaultClient.Post(cfg.BaseURL + "/agents") - if err != nil { - return false, err - } - defer resp.Body.Close() - - switch resp.StatusCode { - case http.StatusOK: - return nil - default: - return false, fmt.Errorf("Bad status: %d", resp.StatusCode) - } + print(token) /* + resp, err := http.DefaultClient.Post(cfg.BaseURL + APIAgents) + if err != nil { + return err + } + defer resp.Body.Close() + switch resp.StatusCode { + case http.StatusOK: + return nil + default: + return false, fmt.Errorf("Bad status: %d", resp.StatusCode) + } + */ return nil }