From bdb9af5a26f49799cb1feec866d289513eb09e7b Mon Sep 17 00:00:00 2001
From: Quentin Dufour <quentin@deuxfleurs.fr>
Date: Wed, 19 Apr 2023 11:36:13 +0200
Subject: Garage key page info

---
 garage.go | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 72 insertions(+), 6 deletions(-)

(limited to 'garage.go')

diff --git a/garage.go b/garage.go
index 4e23e8f..e8962ae 100644
--- a/garage.go
+++ b/garage.go
@@ -1,9 +1,12 @@
 package main
 
 import (
+    "errors"
+    "log"
 	"net/http"
     "context"
     "fmt"
+	"github.com/go-ldap/ldap/v3"
      garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
 )
 
@@ -21,26 +24,82 @@ func gadmin() (*garage.APIClient, context.Context) {
 }
 
 
-func createKey(name string) error {
+func grgCreateKey(name string) (*garage.KeyInfo, error) {
     client, ctx := gadmin()
 
     kr := garage.AddKeyRequest{Name: &name}
     resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(kr).Execute()
     if err != nil {
         fmt.Printf("%+v\n", err)
-        return err
+        return nil, err
     }
-    fmt.Printf("%+v\n", resp)
-    return nil
+    return resp, nil
+}
+
+func grgGetKey(accessKey string) (*garage.KeyInfo, error) {
+    client, ctx := gadmin()
+
+    resp, _, err := client.KeyApi.GetKey(ctx, accessKey).Execute()
+    if err != nil {
+        fmt.Printf("%+v\n", err)
+        return nil, err
+    }
+    return resp, nil
+}
+
+
+func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
+	login := checkLogin(w, r)
+	if login == nil {
+		return nil, nil, errors.New("LDAP login failed")
+	}
+
+	keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
+    if keyID == "" {
+        keyPair, err := grgCreateKey(login.Info.Username)
+        if err != nil {
+            return login, nil, err
+        }
+		modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
+		modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
+        // @FIXME compatibility feature for bagage (SFTP+webdav)
+        // you can remove it once bagage will be updated to fetch the key from garage directly
+        // or when bottin will be able to dynamically fetch it.
+		modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
+        err = login.conn.Modify(modify_request)
+        return login, keyPair, err
+    }
+    // Note: we could simply return the login info, but LX asked we do not 
+    // store the secrets in LDAP in the future.
+    keyPair, err := grgGetKey(keyID)
+    return login, keyPair, err
+}
+
+type keyView struct {
+	Status         *LoginStatus
+    Key            *garage.KeyInfo
 }
 
 func handleGarageKey(w http.ResponseWriter, r *http.Request) {
-    createKey("toto")
+    login, s3key, err := checkLoginAndS3(w, r)
+    if err != nil {
+        log.Println(err)
+        return
+    }
+    view := keyView{Status: login, Key: s3key}
+
     tKey := getTemplate("garage_key.html")
-	tKey.Execute(w, nil)
+	tKey.Execute(w, &view)
 }
 
 func handleGarageWebsiteList(w http.ResponseWriter, r *http.Request) {
+    login, s3key, err := checkLoginAndS3(w, r)    
+    if err != nil {
+        log.Println(err)
+        return
+    }
+    log.Println(login, s3key)
+
     tWebsiteList := getTemplate("garage_website_list.html")
 	tWebsiteList.Execute(w, nil)
 }
@@ -51,6 +110,13 @@ func handleGarageWebsiteNew(w http.ResponseWriter, r *http.Request) {
 }
 
 func handleGarageWebsiteInspect(w http.ResponseWriter, r *http.Request) {
+    login, s3key, err := checkLoginAndS3(w, r)
+    if err != nil {
+        log.Println(err)
+        return
+    }
+    log.Println(login, s3key)
+
     tWebsiteInspect := getTemplate("garage_website_inspect.html")
 	tWebsiteInspect.Execute(w, nil)
 }
-- 
cgit v1.2.3