Compare commits
No commits in common. "c0f0e03ff305a89459277144823638be2af2a67f" and "4909df4b04e57729925ea9bd5f813d6188c42d51" have entirely different histories.
c0f0e03ff3
...
4909df4b04
8 changed files with 182 additions and 284 deletions
|
@ -6,9 +6,7 @@ COPY polyculeconnect ./
|
||||||
RUN make build
|
RUN make build
|
||||||
|
|
||||||
# Replace with from scratch later on
|
# Replace with from scratch later on
|
||||||
FROM --platform=$TARGETPLATFORM debian:latest
|
FROM --platform=$TARGETPLATFORM alpine:latest
|
||||||
RUN apt-get update && \
|
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get -qq install ca-certificates
|
|
||||||
WORKDIR /root
|
WORKDIR /root
|
||||||
COPY --from=builder go/src/git.faercol.me/polyculeconnect/build/polyculeconnect ./
|
COPY --from=builder go/src/git.faercol.me/polyculeconnect/build/polyculeconnect ./
|
||||||
ADD polyculeconnect/robots.txt /root/
|
ADD polyculeconnect/robots.txt /root/
|
||||||
|
@ -18,4 +16,4 @@ ADD polyculeconnect/templates /root/templates/
|
||||||
VOLUME [ "/config" ]
|
VOLUME [ "/config" ]
|
||||||
|
|
||||||
ENTRYPOINT [ "./polyculeconnect" ]
|
ENTRYPOINT [ "./polyculeconnect" ]
|
||||||
CMD [ "serve", "--config", "/config/config.json" ]
|
CMD [ "-config", "/config/config.json" ]
|
||||||
|
|
|
@ -1,45 +0,0 @@
|
||||||
/*
|
|
||||||
Copyright © 2023 NAME HERE <EMAIL ADDRESS>
|
|
||||||
*/
|
|
||||||
package cmd
|
|
||||||
|
|
||||||
import (
|
|
||||||
"os"
|
|
||||||
|
|
||||||
"github.com/spf13/cobra"
|
|
||||||
)
|
|
||||||
|
|
||||||
// rootCmd represents the base command when called without any subcommands
|
|
||||||
var rootCmd = &cobra.Command{
|
|
||||||
Use: "polyculeconnect",
|
|
||||||
Short: "You're in their DM, I'm in their SSO",
|
|
||||||
Long: `PolyculeConnect is a SSO OpenIDConnect provider allowing multiple authentication
|
|
||||||
backends, and enabling authentication federation among several infrastructures.`,
|
|
||||||
// Uncomment the following line if your bare application
|
|
||||||
// has an action associated with it:
|
|
||||||
// Run: func(cmd *cobra.Command, args []string) { },
|
|
||||||
}
|
|
||||||
|
|
||||||
// Execute adds all child commands to the root command and sets flags appropriately.
|
|
||||||
// This is called by main.main(). It only needs to happen once to the rootCmd.
|
|
||||||
func Execute() {
|
|
||||||
err := rootCmd.Execute()
|
|
||||||
if err != nil {
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func init() {
|
|
||||||
// Here you will define your flags and configuration settings.
|
|
||||||
// Cobra supports persistent flags, which, if defined here,
|
|
||||||
// will be global for your application.
|
|
||||||
|
|
||||||
// rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.polyculeconnect.yaml)")
|
|
||||||
|
|
||||||
// Cobra also supports local flags, which will only run
|
|
||||||
// when this action is called directly.
|
|
||||||
// rootCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
|
|
||||||
|
|
||||||
// Disable the default `completion` command to generate the autocompletion files
|
|
||||||
rootCmd.Root().CompletionOptions.DisableDefaultCmd = true
|
|
||||||
}
|
|
|
@ -1,158 +0,0 @@
|
||||||
/*
|
|
||||||
Copyright © 2023 NAME HERE <EMAIL ADDRESS>
|
|
||||||
*/
|
|
||||||
package cmd
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
"os"
|
|
||||||
"os/signal"
|
|
||||||
"time"
|
|
||||||
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/connector"
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger"
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/server"
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/services"
|
|
||||||
"github.com/dexidp/dex/connector/oidc"
|
|
||||||
dex_server "github.com/dexidp/dex/server"
|
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
|
||||||
"github.com/spf13/cobra"
|
|
||||||
)
|
|
||||||
|
|
||||||
var configPath string
|
|
||||||
|
|
||||||
const stopTimeout = 10 * time.Second
|
|
||||||
|
|
||||||
// serveCmd represents the serve command
|
|
||||||
var serveCmd = &cobra.Command{
|
|
||||||
Use: "serve",
|
|
||||||
Short: "Start the web server",
|
|
||||||
Long: `Start the PolyculeConnect web server using the configuration defined through environment
|
|
||||||
variables`,
|
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
|
||||||
serve()
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
func serve() {
|
|
||||||
mainCtx, cancel := context.WithCancel(context.Background())
|
|
||||||
|
|
||||||
conf, err := config.New(configPath)
|
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
logger.Init(conf.LogLevel)
|
|
||||||
logger.L.Infof("Initialized logger with level %v", conf.LogLevel)
|
|
||||||
|
|
||||||
storageType, err := services.InitStorage(conf)
|
|
||||||
if err != nil {
|
|
||||||
logger.L.Fatalf("Failed to initialize storage backend: %s", err.Error())
|
|
||||||
}
|
|
||||||
logger.L.Infof("Initialized storage backend %q", conf.StorageType)
|
|
||||||
dexConf := dex_server.Config{
|
|
||||||
Web: dex_server.WebConfig{
|
|
||||||
Dir: "./",
|
|
||||||
Theme: "default",
|
|
||||||
},
|
|
||||||
Storage: storageType,
|
|
||||||
Issuer: conf.OpenConnectConfig.Issuer,
|
|
||||||
SupportedResponseTypes: []string{"code"},
|
|
||||||
SkipApprovalScreen: false,
|
|
||||||
AllowedOrigins: []string{"*"},
|
|
||||||
Logger: logger.L,
|
|
||||||
PrometheusRegistry: prometheus.NewRegistry(),
|
|
||||||
}
|
|
||||||
|
|
||||||
logger.L.Info("Initializing authentication backends")
|
|
||||||
|
|
||||||
dex_server.ConnectorsConfig["refuseAll"] = func() dex_server.ConnectorConfig { return new(connector.RefuseAllConfig) }
|
|
||||||
connectors, err := dexConf.Storage.ListConnectors()
|
|
||||||
if err != nil {
|
|
||||||
logger.L.Fatalf("Failed to get existing connectors: %s", err.Error())
|
|
||||||
}
|
|
||||||
var connectorIDs []string
|
|
||||||
for _, conn := range connectors {
|
|
||||||
connectorIDs = append(connectorIDs, conn.ID)
|
|
||||||
}
|
|
||||||
|
|
||||||
backend := config.BackendConfig{
|
|
||||||
Config: &oidc.Config{},
|
|
||||||
Name: "RefuseAll",
|
|
||||||
ID: "null",
|
|
||||||
Type: "refuseAll",
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := services.CreateConnector(&backend, &dexConf, connectorIDs); err != nil {
|
|
||||||
logger.L.Errorf("Failed to add connector for backend RefuseAll to stage: %s", err.Error())
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, backend := range conf.OpenConnectConfig.BackendConfigs {
|
|
||||||
if err := services.CreateConnector(backend, &dexConf, connectorIDs); err != nil {
|
|
||||||
logger.L.Errorf("Failed to add connector for backend %q to stage: %s", backend.Name, err.Error())
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
logger.L.Info("Initializing clients")
|
|
||||||
for _, client := range conf.OpenConnectConfig.ClientConfigs {
|
|
||||||
if err := dexConf.Storage.CreateClient(*client); err != nil {
|
|
||||||
logger.L.Errorf("Failed to add client to storage: %s", err.Error())
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
dexSrv, err := dex_server.NewServer(mainCtx, dexConf)
|
|
||||||
if err != nil {
|
|
||||||
logger.L.Fatalf("Failed to init dex server: %s", err.Error())
|
|
||||||
}
|
|
||||||
|
|
||||||
logger.L.Info("Initializing server")
|
|
||||||
s, err := server.New(conf, dexSrv, logger.L)
|
|
||||||
if err != nil {
|
|
||||||
logger.L.Fatalf("Failed to initialize server: %s", err.Error())
|
|
||||||
}
|
|
||||||
|
|
||||||
go s.Run(mainCtx)
|
|
||||||
|
|
||||||
c := make(chan os.Signal, 1)
|
|
||||||
signal.Notify(c, os.Interrupt)
|
|
||||||
|
|
||||||
logger.L.Info("Application successfully started")
|
|
||||||
|
|
||||||
logger.L.Debug("Waiting for stop signal")
|
|
||||||
select {
|
|
||||||
case <-s.Done():
|
|
||||||
logger.L.Fatal("Unexpected exit from server")
|
|
||||||
case <-c:
|
|
||||||
logger.L.Info("Stopping main application")
|
|
||||||
cancel()
|
|
||||||
}
|
|
||||||
|
|
||||||
logger.L.Debugf("Waiting %v for all daemons to stop", stopTimeout)
|
|
||||||
select {
|
|
||||||
case <-time.After(stopTimeout):
|
|
||||||
logger.L.Fatalf("Failed to stop all daemons in the expected time")
|
|
||||||
case <-s.Done():
|
|
||||||
logger.L.Info("web server successfully stopped")
|
|
||||||
}
|
|
||||||
|
|
||||||
logger.L.Info("Application successfully stopped")
|
|
||||||
os.Exit(0)
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
func init() {
|
|
||||||
rootCmd.AddCommand(serveCmd)
|
|
||||||
|
|
||||||
// Here you will define your flags and configuration settings.
|
|
||||||
|
|
||||||
// Cobra supports Persistent Flags which will work for this command
|
|
||||||
// and all subcommands, e.g.:
|
|
||||||
// serveCmd.PersistentFlags().String("foo", "", "A help for foo")
|
|
||||||
|
|
||||||
// Cobra supports local flags which will only run when this command
|
|
||||||
// is called directly, e.g.:
|
|
||||||
// serveCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
|
|
||||||
serveCmd.Flags().StringVarP(&configPath, "config", "c", "config.json", "Path to the JSON configuration file")
|
|
||||||
}
|
|
|
@ -6,7 +6,6 @@ require (
|
||||||
github.com/dexidp/dex v0.0.0-20231014000322-089f374d4f3e
|
github.com/dexidp/dex v0.0.0-20231014000322-089f374d4f3e
|
||||||
github.com/prometheus/client_golang v1.17.0
|
github.com/prometheus/client_golang v1.17.0
|
||||||
github.com/sirupsen/logrus v1.9.3
|
github.com/sirupsen/logrus v1.9.3
|
||||||
github.com/spf13/cobra v1.7.0
|
|
||||||
github.com/stretchr/testify v1.8.4
|
github.com/stretchr/testify v1.8.4
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -39,7 +38,6 @@ require (
|
||||||
github.com/gorilla/mux v1.8.0 // indirect
|
github.com/gorilla/mux v1.8.0 // indirect
|
||||||
github.com/huandu/xstrings v1.3.3 // indirect
|
github.com/huandu/xstrings v1.3.3 // indirect
|
||||||
github.com/imdario/mergo v0.3.11 // indirect
|
github.com/imdario/mergo v0.3.11 // indirect
|
||||||
github.com/inconshreveable/mousetrap v1.1.0 // indirect
|
|
||||||
github.com/jonboulle/clockwork v0.2.2 // indirect
|
github.com/jonboulle/clockwork v0.2.2 // indirect
|
||||||
github.com/lib/pq v1.10.9 // indirect
|
github.com/lib/pq v1.10.9 // indirect
|
||||||
github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
|
github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
|
||||||
|
@ -55,7 +53,6 @@ require (
|
||||||
github.com/russellhaering/goxmldsig v1.4.0 // indirect
|
github.com/russellhaering/goxmldsig v1.4.0 // indirect
|
||||||
github.com/shopspring/decimal v1.2.0 // indirect
|
github.com/shopspring/decimal v1.2.0 // indirect
|
||||||
github.com/spf13/cast v1.4.1 // indirect
|
github.com/spf13/cast v1.4.1 // indirect
|
||||||
github.com/spf13/pflag v1.0.5 // indirect
|
|
||||||
go.opencensus.io v0.24.0 // indirect
|
go.opencensus.io v0.24.0 // indirect
|
||||||
golang.org/x/crypto v0.14.0 // indirect
|
golang.org/x/crypto v0.14.0 // indirect
|
||||||
golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741 // indirect
|
golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741 // indirect
|
||||||
|
|
|
@ -28,7 +28,6 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk
|
||||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||||
github.com/coreos/go-oidc/v3 v3.6.0 h1:AKVxfYw1Gmkn/w96z0DbT/B/xFnzTd3MkZvWLjF4n/o=
|
github.com/coreos/go-oidc/v3 v3.6.0 h1:AKVxfYw1Gmkn/w96z0DbT/B/xFnzTd3MkZvWLjF4n/o=
|
||||||
github.com/coreos/go-oidc/v3 v3.6.0/go.mod h1:ZpHUsHBucTUj6WOkrP4E20UPynbLZzhTQ1XKCXkxyPc=
|
github.com/coreos/go-oidc/v3 v3.6.0/go.mod h1:ZpHUsHBucTUj6WOkrP4E20UPynbLZzhTQ1XKCXkxyPc=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
|
||||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
|
@ -98,8 +97,6 @@ github.com/huandu/xstrings v1.3.3 h1:/Gcsuc1x8JVbJ9/rlye4xZnVAbEkGauT8lbebqcQws4
|
||||||
github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
||||||
github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA=
|
github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA=
|
||||||
github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
|
github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
|
||||||
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
|
|
||||||
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
|
|
||||||
github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
|
github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
|
||||||
github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
|
github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
|
||||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||||
|
@ -143,7 +140,6 @@ github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6po
|
||||||
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
||||||
github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys=
|
github.com/russellhaering/goxmldsig v1.4.0 h1:8UcDh/xGyQiyrW+Fq5t8f+l2DLB1+zlhYzkPUJ7Qhys=
|
||||||
github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
|
github.com/russellhaering/goxmldsig v1.4.0/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
|
||||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
|
||||||
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
|
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
|
||||||
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
|
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
|
||||||
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
|
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
|
||||||
|
@ -151,10 +147,6 @@ github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVs
|
||||||
github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
||||||
github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA=
|
github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA=
|
||||||
github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
||||||
github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
|
|
||||||
github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
|
|
||||||
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
|
||||||
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
|
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
|
||||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||||
|
|
|
@ -1,11 +1,185 @@
|
||||||
/*
|
|
||||||
Copyright © 2023 NAME HERE <EMAIL ADDRESS>
|
|
||||||
|
|
||||||
*/
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd"
|
import (
|
||||||
|
"context"
|
||||||
|
"encoding/json"
|
||||||
|
"flag"
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"os/signal"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
||||||
|
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/connector"
|
||||||
|
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger"
|
||||||
|
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/server"
|
||||||
|
"github.com/dexidp/dex/connector/oidc"
|
||||||
|
dex_server "github.com/dexidp/dex/server"
|
||||||
|
"github.com/dexidp/dex/storage"
|
||||||
|
"github.com/dexidp/dex/storage/memory"
|
||||||
|
"github.com/dexidp/dex/storage/sql"
|
||||||
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
|
)
|
||||||
|
|
||||||
|
const stopTimeout = 10 * time.Second
|
||||||
|
|
||||||
|
type cliArgs struct {
|
||||||
|
configPath string
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseArgs() *cliArgs {
|
||||||
|
configPath := flag.String("config", "", "Path to the JSON configuration file")
|
||||||
|
|
||||||
|
flag.Parse()
|
||||||
|
|
||||||
|
return &cliArgs{
|
||||||
|
configPath: *configPath,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func initStorage(conf *config.AppConfig) (storage.Storage, error) {
|
||||||
|
var storageType storage.Storage
|
||||||
|
var err error
|
||||||
|
switch conf.StorageType {
|
||||||
|
case "memory":
|
||||||
|
storageType = memory.New(logger.L)
|
||||||
|
case "sqlite":
|
||||||
|
sqlconfig := sql.SQLite3{
|
||||||
|
File: conf.StorageConfig.File,
|
||||||
|
}
|
||||||
|
storageType, err = sqlconfig.Open(logger.L)
|
||||||
|
if err != nil {
|
||||||
|
logger.L.Fatalf("Failed to initialize sqlite backend: %s", err.Error())
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
return storageType, fmt.Errorf("unsupported storage backend type: %s", conf.StorageType)
|
||||||
|
}
|
||||||
|
return storageType, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func createConnector(backend *config.BackendConfig, dexConf *dex_server.Config, connectorIDs []string) error {
|
||||||
|
for _, id := range connectorIDs {
|
||||||
|
if id == backend.ID {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
backendConfJson, err := json.Marshal(backend.Config)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to serialize oidc config for backend %q: %s", backend.Name, err.Error())
|
||||||
|
}
|
||||||
|
return dexConf.Storage.CreateConnector(storage.Connector{
|
||||||
|
ID: backend.ID,
|
||||||
|
Name: backend.Name,
|
||||||
|
Type: string(backend.Type),
|
||||||
|
Config: backendConfJson,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
cmd.Execute()
|
args := parseArgs()
|
||||||
|
|
||||||
|
mainCtx, cancel := context.WithCancel(context.Background())
|
||||||
|
|
||||||
|
conf, err := config.New(args.configPath)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.Init(conf.LogLevel)
|
||||||
|
logger.L.Infof("Initialized logger with level %v", conf.LogLevel)
|
||||||
|
|
||||||
|
storageType, err := initStorage(conf)
|
||||||
|
if err != nil {
|
||||||
|
logger.L.Fatalf("Failed to initialize storage backend: %s", err.Error())
|
||||||
|
}
|
||||||
|
logger.L.Infof("Initialized storage backend %q", conf.StorageType)
|
||||||
|
dexConf := dex_server.Config{
|
||||||
|
Web: dex_server.WebConfig{
|
||||||
|
Dir: "./",
|
||||||
|
Theme: "default",
|
||||||
|
},
|
||||||
|
Storage: storageType,
|
||||||
|
Issuer: conf.OpenConnectConfig.Issuer,
|
||||||
|
SupportedResponseTypes: []string{"code"},
|
||||||
|
SkipApprovalScreen: false,
|
||||||
|
AllowedOrigins: []string{"*"},
|
||||||
|
Logger: logger.L,
|
||||||
|
PrometheusRegistry: prometheus.NewRegistry(),
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.L.Info("Initializing authentication backends")
|
||||||
|
|
||||||
|
dex_server.ConnectorsConfig["refuseAll"] = func() dex_server.ConnectorConfig { return new(connector.RefuseAllConfig) }
|
||||||
|
connectors, err := dexConf.Storage.ListConnectors()
|
||||||
|
if err != nil {
|
||||||
|
logger.L.Fatalf("Failed to get existing connectors: %s", err.Error())
|
||||||
|
}
|
||||||
|
var connectorIDs []string
|
||||||
|
for _, conn := range connectors {
|
||||||
|
connectorIDs = append(connectorIDs, conn.ID)
|
||||||
|
}
|
||||||
|
|
||||||
|
backend := config.BackendConfig{
|
||||||
|
Config: &oidc.Config{},
|
||||||
|
Name: "RefuseAll",
|
||||||
|
ID: "null",
|
||||||
|
Type: "refuseAll",
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := createConnector(&backend, &dexConf, connectorIDs); err != nil {
|
||||||
|
logger.L.Errorf("Failed to add connector for backend RefuseAll to stage: %s", err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, backend := range conf.OpenConnectConfig.BackendConfigs {
|
||||||
|
if err := createConnector(backend, &dexConf, connectorIDs); err != nil {
|
||||||
|
logger.L.Errorf("Failed to add connector for backend %q to stage: %s", backend.Name, err.Error())
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.L.Info("Initializing clients")
|
||||||
|
for _, client := range conf.OpenConnectConfig.ClientConfigs {
|
||||||
|
if err := dexConf.Storage.CreateClient(*client); err != nil {
|
||||||
|
logger.L.Errorf("Failed to add client to storage: %s", err.Error())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
dexSrv, err := dex_server.NewServer(mainCtx, dexConf)
|
||||||
|
if err != nil {
|
||||||
|
logger.L.Fatalf("Failed to init dex server: %s", err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.L.Info("Initializing server")
|
||||||
|
s, err := server.New(conf, dexSrv, logger.L)
|
||||||
|
if err != nil {
|
||||||
|
logger.L.Fatalf("Failed to initialize server: %s", err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
go s.Run(mainCtx)
|
||||||
|
|
||||||
|
c := make(chan os.Signal, 1)
|
||||||
|
signal.Notify(c, os.Interrupt)
|
||||||
|
|
||||||
|
logger.L.Info("Application successfully started")
|
||||||
|
|
||||||
|
logger.L.Debug("Waiting for stop signal")
|
||||||
|
select {
|
||||||
|
case <-s.Done():
|
||||||
|
logger.L.Fatal("Unexpected exit from server")
|
||||||
|
case <-c:
|
||||||
|
logger.L.Info("Stopping main application")
|
||||||
|
cancel()
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.L.Debugf("Waiting %v for all daemons to stop", stopTimeout)
|
||||||
|
select {
|
||||||
|
case <-time.After(stopTimeout):
|
||||||
|
logger.L.Fatalf("Failed to stop all daemons in the expected time")
|
||||||
|
case <-s.Done():
|
||||||
|
logger.L.Info("web server successfully stopped")
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.L.Info("Application successfully stopped")
|
||||||
|
os.Exit(0)
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,29 +0,0 @@
|
||||||
package services
|
|
||||||
|
|
||||||
import (
|
|
||||||
"encoding/json"
|
|
||||||
"fmt"
|
|
||||||
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
|
||||||
dex_server "github.com/dexidp/dex/server"
|
|
||||||
"github.com/dexidp/dex/storage"
|
|
||||||
)
|
|
||||||
|
|
||||||
func CreateConnector(backend *config.BackendConfig, dexConf *dex_server.Config, connectorIDs []string) error {
|
|
||||||
for _, id := range connectorIDs {
|
|
||||||
if id == backend.ID {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
backendConfJson, err := json.Marshal(backend.Config)
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("failed to serialize oidc config for backend %q: %s", backend.Name, err.Error())
|
|
||||||
}
|
|
||||||
return dexConf.Storage.CreateConnector(storage.Connector{
|
|
||||||
ID: backend.ID,
|
|
||||||
Name: backend.Name,
|
|
||||||
Type: string(backend.Type),
|
|
||||||
Config: backendConfJson,
|
|
||||||
})
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
package services
|
|
||||||
|
|
||||||
import (
|
|
||||||
"fmt"
|
|
||||||
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
|
|
||||||
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger"
|
|
||||||
"github.com/dexidp/dex/storage"
|
|
||||||
"github.com/dexidp/dex/storage/memory"
|
|
||||||
"github.com/dexidp/dex/storage/sql"
|
|
||||||
)
|
|
||||||
|
|
||||||
func InitStorage(conf *config.AppConfig) (storage.Storage, error) {
|
|
||||||
var storageType storage.Storage
|
|
||||||
var err error
|
|
||||||
switch conf.StorageType {
|
|
||||||
case "memory":
|
|
||||||
storageType = memory.New(logger.L)
|
|
||||||
case "sqlite":
|
|
||||||
sqlconfig := sql.SQLite3{
|
|
||||||
File: conf.StorageConfig.File,
|
|
||||||
}
|
|
||||||
storageType, err = sqlconfig.Open(logger.L)
|
|
||||||
if err != nil {
|
|
||||||
logger.L.Fatalf("Failed to initialize sqlite backend: %s", err.Error())
|
|
||||||
}
|
|
||||||
default:
|
|
||||||
return storageType, fmt.Errorf("unsupported storage backend type: %s", conf.StorageType)
|
|
||||||
}
|
|
||||||
return storageType, nil
|
|
||||||
}
|
|
Loading…
Reference in a new issue