Skip to content

Commit

Permalink
Merge branch 'refactor-test'
Browse files Browse the repository at this point in the history
  • Loading branch information
@babarot
babarot committed Apr 18, 2018
2 parents d31a108 + 2fe18cc commit 40a4a88
Show file tree
Hide file tree
Showing 6 changed files with 249 additions and 168 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
iap_curl
vendor
40 changes: 30 additions & 10 deletions Gopkg.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

57 changes: 38 additions & 19 deletions config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,19 @@ import (
"encoding/json"
"fmt"
"io/ioutil"
"math"
neturl "net/url"
"os"
"os/exec"
"path/filepath"
"runtime"

"github.com/agext/levenshtein"
homedir "github.com/mitchellh/go-homedir"
)

const (
envCredentials = "GOOGLE_APPLICATION_CREDENTIALS"
envClientID = "IAP_CLIENT_ID"
envCurlCommand = "IAP_CURL_BIN"
)

type Config struct {
Expand Down Expand Up @@ -84,7 +89,7 @@ func (cfg *Config) LoadFile(file string) error {
return json.NewEncoder(f).Encode(cfg)
}

func (cfg *Config) GetEnv(url string) (env Env, err error) {
func (cfg *Config) getEnvFromFile(url string) (env Env, err error) {
u1, _ := neturl.Parse(url)
for _, service := range cfg.Services {
u2, _ := neturl.Parse(service.URL)
Expand All @@ -96,6 +101,36 @@ func (cfg *Config) GetEnv(url string) (env Env, err error) {
return
}

func (cfg *Config) GetEnv(url string) (env Env, err error) {
env, _ = cfg.getEnvFromFile(url)
credentials := os.Getenv(envCredentials)
clientID := os.Getenv(envClientID)
binary := os.Getenv(envCurlCommand)
if credentials == "" {
credentials, _ = homedir.Expand(env.Credentials)
}
if clientID == "" {
clientID = env.ClientID
}
if binary == "" {
binary = env.Binary
}
if credentials == "" {
return env, fmt.Errorf("%s is missing", envCredentials)
}
if clientID == "" {
return env, fmt.Errorf("%s is missing", envClientID)
}
if binary == "" {
binary = "curl"
}
return Env{
Credentials: credentials,
ClientID: clientID,
Binary: binary,
}, nil
}

func (cfg *Config) GetURLs() (list []string) {
for _, service := range cfg.Services {
list = append(list, service.URL)
Expand All @@ -122,19 +157,3 @@ func (cfg *Config) Edit() error {
cmd.Stdin = os.Stdin
return cmd.Run()
}

func (cfg *Config) SimilarURLs(url string) (urls []string) {
u1, _ := neturl.Parse(url)
for _, service := range cfg.Services {
u2, _ := neturl.Parse(service.URL)
degree := round(levenshtein.Similarity(u1.Host, u2.Host, nil) * 100)
if degree > 50 {
urls = append(urls, service.URL)
}
}
return
}

func round(f float64) float64 {
return math.Floor(f + .5)
}
28 changes: 0 additions & 28 deletions curl.go
View file

This file was deleted.

91 changes: 58 additions & 33 deletions iap.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,43 +17,33 @@ import (
"golang.org/x/oauth2/jws"
)

func readRsaPrivateKey(bytes []byte) (key *rsa.PrivateKey, err error) {
block, _ := pem.Decode(bytes)
if block == nil {
err = errors.New("invalid private key data")
return
}

if block.Type == "RSA PRIVATE KEY" {
key, err = x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return
}
} else if block.Type == "PRIVATE KEY" {
keyInterface, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
var ok bool
key, ok = keyInterface.(*rsa.PrivateKey)
if !ok {
return nil, errors.New("not RSA private key")
}
} else {
return nil, fmt.Errorf("invalid private key type: %s", block.Type)
}
const (
// TokenURI is the base uri of google oauth API
TokenURI = "https://www.googleapis.com/oauth2/v4/token"
)

key.Precompute()
// IAP represents the information needed to access IAP-protected app
type IAP struct {
SA string
ID string
}

if err := key.Validate(); err != nil {
return nil, err
func newIAP(sa, id string) (*IAP, error) {
if sa == "" {
return &IAP{}, errors.New("Service Account is missing")
}

return
if id == "" {
return &IAP{}, errors.New("Client ID is missing")
}
return &IAP{
SA: sa,
ID: id,
}, nil
}

func getToken(saPath, clientID string) (token string, err error) {
sa, err := ioutil.ReadFile(saPath)
// GetToken returns JWT token for authz
func (c *IAP) GetToken() (token string, err error) {
sa, err := ioutil.ReadFile(c.SA)
if err != nil {
return
}
Expand All @@ -70,7 +60,7 @@ func getToken(saPath, clientID string) (token string, err error) {
Iat: iat.Unix(),
Exp: exp.Unix(),
PrivateClaims: map[string]interface{}{
"target_audience": clientID,
"target_audience": c.ID,
},
}
jwsHeader := &jws.Header{
Expand Down Expand Up @@ -111,3 +101,38 @@ func getToken(saPath, clientID string) (token string, err error) {
token = tokenRes.IDToken
return
}

func readRsaPrivateKey(bytes []byte) (key *rsa.PrivateKey, err error) {
block, _ := pem.Decode(bytes)
if block == nil {
err = errors.New("invalid private key data")
return
}

if block.Type == "RSA PRIVATE KEY" {
key, err = x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return
}
} else if block.Type == "PRIVATE KEY" {
keyInterface, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
var ok bool
key, ok = keyInterface.(*rsa.PrivateKey)
if !ok {
return nil, errors.New("not RSA private key")
}
} else {
return nil, fmt.Errorf("invalid private key type: %s", block.Type)
}

key.Precompute()

if err := key.Validate(); err != nil {
return nil, err
}

return
}
Loading

0 comments on commit 40a4a88

Please sign in to comment.