suite

wazuh-agent-k8s-autoadd/internal/config/config.go

@@ -2,13 +2,14 @@ package config
 
 import (
 	"github.com/caarlos0/env/v11"
-	"log"
+	"strings"
 )
 
 type Config struct {
-	BaseURL string `env:"WAZUH_MANAGER_BASE_URL,required,notEmpty"`
+	BaseURL             string `env:"WAZUH_MANAGER_BASE_URL,required,notEmpty"`
-	User    string `env:"WAZUH_MANAGER_USER,required,notEmpty"`
+	User                string `env:"WAZUH_MANAGER_USER,required,notEmpty"`
-	Passwd  string `env:"WAZUH_MANAGER_PASSWD,required,notEmpty"`
+	Passwd              string `env:"WAZUH_MANAGER_PASSWD,required,notEmpty"`
+	SkipSSLVerification bool   `env:"WAZUH_MANAGER_SKIP_SSL_VERIFICATION",envDefault:"false"`
 }
 
 func NewConfig() (*Config, error) {
@@ -17,5 +18,7 @@ func NewConfig() (*Config, error) {
 		return nil, err
 	}
 
+	cfg.BaseURL = strings.TrimSuffix(cfg.BaseURL, "/")
+
 	return cfg, nil
 }

wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go

@@ -1,62 +1,84 @@
 package wazuh
 
 import (
+	"crypto/tls"
 	"encoding/json"
+	"fmt"
+	"io"
 	"log"
 	"net/http"
 
 	"forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd/internal/config"
 )
 
-const APIAuthentication = "/security/user/authenticate"
+const APIAuthenticate = "/security/user/authenticate"
+const APIAgents = "/agents"
 
-func getJWT(cfg Config) (string, error) {
+type AuthResponse struct {
-	req, err := http.NewRequest(http.MethodPost, cfg.BaseURL+APIAuthentication, http.NoBody)
+	Data struct {
+		Token string `json:"token"`
+	} `json:"data"`
+	Error int `json:"error"`
+}
+
+func getJWT(cfg *config.Config) (string, error) {
+	req, err := http.NewRequest(http.MethodPost, cfg.BaseURL+APIAuthenticate, http.NoBody)
 
 	if err != nil {
-		return nil, fmt.Errorf("cannot create request for %v : %+v", cfg.BaseURL+APIAuthentication, err)
+		return "", fmt.Errorf("cannot create request for %v : %+v", cfg.BaseURL+APIAuthenticate, err)
 	}
 	req.SetBasicAuth(cfg.User, cfg.Passwd)
 
-	res, err := http.DefaultClient.Do(req)
+	client := http.DefaultClient
+	if cfg.SkipSSLVerification {
+		tr := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		}
+		client = &http.Client{Transport: tr}
+	}
+
+	res, err := client.Do(req)
 	if err != nil {
-		return nil, fmt.Errorf("cannot request for %v : %+v", cfg.BaseURL+APIAuthentication, err)
+		return "", err
 	}
 
 	defer res.Body.Close()
 
 	if res.StatusCode != http.StatusOK {
-		return nil, "Bad status on %v: %d", cfg.BaseURL + APIAuthentication, res.StatusCode
+		return "", fmt.Errorf("Bad status on %v: %d", cfg.BaseURL+APIAuthenticate, res.StatusCode)
 	}
 
-	// Faux, mapper sur du json
+	body, err := io.ReadAll(res.Body)
-	token, err := io.ReadAll(res.Body)
 	if err != nil {
 		log.Fatal(err)
 	}
 
-	return token, nil
+	var authInfo AuthResponse
+	if err := json.Unmarshal(body, &authInfo); err != nil {
+		return "", fmt.Errorf("Cannot unmarshal JSON: %v", string(body))
+	}
+	return authInfo.Data.Token, nil
 }
 
-func AddAgent(cfg Config) error {
+func AddAgent(cfg *config.Config) error {
-	resp, err := getJWT(cfg)
+	token, err := getJWT(cfg)
 	if err != nil {
 		return err
 	}
 
-	print(resp)
+	print(token) /*
-	resp, err := http.DefaultClient.Post(cfg.BaseURL + "/agents")
+		resp, err := http.DefaultClient.Post(cfg.BaseURL + APIAgents)
-	if err != nil {
+		if err != nil {
-		return false, err
+			return err
-	}
+		}
-	defer resp.Body.Close()
+		defer resp.Body.Close()
-
-	switch resp.StatusCode {
-	case http.StatusOK:
-		return nil
-	default:
-		return false, fmt.Errorf("Bad status: %d", resp.StatusCode)
-	}
 
+		switch resp.StatusCode {
+		case http.StatusOK:
+			return nil
+		default:
+			return false, fmt.Errorf("Bad status: %d", resp.StatusCode)
+		}
+	*/
 	return nil
 }