aboutsummaryrefslogtreecommitdiff
path: root/garage.go
diff options
context:
space:
mode:
Diffstat (limited to 'garage.go')
-rw-r--r--garage.go78
1 files changed, 72 insertions, 6 deletions
diff --git a/garage.go b/garage.go
index 4e23e8f..e8962ae 100644
--- a/garage.go
+++ b/garage.go
@@ -1,9 +1,12 @@
package main
import (
+ "errors"
+ "log"
"net/http"
"context"
"fmt"
+ "github.com/go-ldap/ldap/v3"
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
)
@@ -21,26 +24,82 @@ func gadmin() (*garage.APIClient, context.Context) {
}
-func createKey(name string) error {
+func grgCreateKey(name string) (*garage.KeyInfo, error) {
client, ctx := gadmin()
kr := garage.AddKeyRequest{Name: &name}
resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(kr).Execute()
if err != nil {
fmt.Printf("%+v\n", err)
- return err
+ return nil, err
}
- fmt.Printf("%+v\n", resp)
- return nil
+ return resp, nil
+}
+
+func grgGetKey(accessKey string) (*garage.KeyInfo, error) {
+ client, ctx := gadmin()
+
+ resp, _, err := client.KeyApi.GetKey(ctx, accessKey).Execute()
+ if err != nil {
+ fmt.Printf("%+v\n", err)
+ return nil, err
+ }
+ return resp, nil
+}
+
+
+func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
+ login := checkLogin(w, r)
+ if login == nil {
+ return nil, nil, errors.New("LDAP login failed")
+ }
+
+ keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
+ if keyID == "" {
+ keyPair, err := grgCreateKey(login.Info.Username)
+ if err != nil {
+ return login, nil, err
+ }
+ modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
+ modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
+ // @FIXME compatibility feature for bagage (SFTP+webdav)
+ // you can remove it once bagage will be updated to fetch the key from garage directly
+ // or when bottin will be able to dynamically fetch it.
+ modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
+ err = login.conn.Modify(modify_request)
+ return login, keyPair, err
+ }
+ // Note: we could simply return the login info, but LX asked we do not
+ // store the secrets in LDAP in the future.
+ keyPair, err := grgGetKey(keyID)
+ return login, keyPair, err
+}
+
+type keyView struct {
+ Status *LoginStatus
+ Key *garage.KeyInfo
}
func handleGarageKey(w http.ResponseWriter, r *http.Request) {
- createKey("toto")
+ login, s3key, err := checkLoginAndS3(w, r)
+ if err != nil {
+ log.Println(err)
+ return
+ }
+ view := keyView{Status: login, Key: s3key}
+
tKey := getTemplate("garage_key.html")
- tKey.Execute(w, nil)
+ tKey.Execute(w, &view)
}
func handleGarageWebsiteList(w http.ResponseWriter, r *http.Request) {
+ login, s3key, err := checkLoginAndS3(w, r)
+ if err != nil {
+ log.Println(err)
+ return
+ }
+ log.Println(login, s3key)
+
tWebsiteList := getTemplate("garage_website_list.html")
tWebsiteList.Execute(w, nil)
}
@@ -51,6 +110,13 @@ func handleGarageWebsiteNew(w http.ResponseWriter, r *http.Request) {
}
func handleGarageWebsiteInspect(w http.ResponseWriter, r *http.Request) {
+ login, s3key, err := checkLoginAndS3(w, r)
+ if err != nil {
+ log.Println(err)
+ return
+ }
+ log.Println(login, s3key)
+
tWebsiteInspect := getTemplate("garage_website_inspect.html")
tWebsiteInspect.Execute(w, nil)
}