Implement second HTTP route, to be protected via JWT

The actual verification isn't yet implemented — this work forms a base for that.
OpenCHAMI · Jul 8, 2024 · d1779ea · d1779ea
1 parent c7c17c9
commit d1779ea
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 9 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- Added an additional URL endpoint (`/cloud-init-secure`) which will require JWT authentication for access
+
 ### Changed
 
 - Switched from [Gin](https://github.com/gin-gonic/gin) HTTP router to [Chi](https://github.com/go-chi/chi)

diff --git a/cmd/cloud-init-server/main.go b/cmd/cloud-init-server/main.go
@@ -21,19 +21,36 @@ func main() {
 	flag.StringVar(&smdToken, "smd-token", smdToken, "JWT token for SMD access")
 	flag.Parse()
 
+	// Primary router and shared SMD client
 	router := chi.NewRouter()
-	store := memstore.NewMemStore()
 	sm := smdclient.NewSMDClient(smdEndpoint, smdToken)
+
+	// Unsecured datastore and router
+	store := memstore.NewMemStore()
 	ciHandler := NewCiHandler(store, sm)
+	router_unsec := newCiRouter(ciHandler)
+	router.Mount("/cloud-init", router_unsec)
 
-	router.Get("/cloud-init", ciHandler.ListEntries)
-	router.Post("/cloud-init", ciHandler.AddEntry)
-	router.Get("/cloud-init/{id}", ciHandler.GetEntry)
-	router.Get("/cloud-init/{id}/user-data", ciHandler.GetUserData)
-	router.Get("/cloud-init/{id}/meta-data", ciHandler.GetMetaData)
-	router.Get("/cloud-init/{id}/vendor-data", ciHandler.GetVendorData)
-	router.Put("/cloud-init/{id}", ciHandler.UpdateEntry)
-	router.Delete("/cloud-init/{id}", ciHandler.DeleteEntry)
+	// Secured datastore and router
+	store_sec := memstore.NewMemStore()
+	ciHandler_sec := NewCiHandler(store_sec, sm)
+	router_sec := newCiRouter(ciHandler_sec)
+	router.Mount("/cloud-init-secure", router_sec)
 
+	// Serve all routes
 	http.ListenAndServe(ciEndpoint, router)
 }
+
+func newCiRouter(handler *CiHandler) chi.Router {
+	// Create a fresh Router with cloud-init endpoints
+	router := chi.NewRouter()
+	router.Get("/", handler.ListEntries)
+	router.Post("/", handler.AddEntry)
+	router.Get("/{id}", handler.GetEntry)
+	router.Get("/{id}/user-data", handler.GetUserData)
+	router.Get("/{id}/meta-data", handler.GetMetaData)
+	router.Get("/{id}/vendor-data", handler.GetVendorData)
+	router.Put("/{id}", handler.UpdateEntry)
+	router.Delete("/{id}", handler.DeleteEntry)
+	return router
+}