2017-08-03 08:13:53 -04:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2023-06-14 09:20:14 -04:00
|
|
|
"errors"
|
2017-08-03 08:13:53 -04:00
|
|
|
"net/http"
|
2023-06-26 17:01:06 -04:00
|
|
|
"strconv"
|
2019-05-10 17:00:08 -04:00
|
|
|
"strings"
|
2023-06-09 19:36:01 -04:00
|
|
|
"time"
|
2017-08-03 08:13:53 -04:00
|
|
|
|
2023-06-14 09:20:14 -04:00
|
|
|
"github.com/gofrs/uuid"
|
2017-08-03 08:13:53 -04:00
|
|
|
"github.com/gorilla/mux"
|
2023-06-14 09:20:14 -04:00
|
|
|
"github.com/sirupsen/logrus"
|
2017-08-03 08:13:53 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
type apiServer struct {
|
|
|
|
store storage
|
|
|
|
}
|
|
|
|
|
2021-09-07 06:45:27 -04:00
|
|
|
type apiResponse struct {
|
2023-06-26 17:01:06 -04:00
|
|
|
Success bool `json:"success"`
|
|
|
|
Error string `json:"error,omitempty"`
|
|
|
|
ExpiresAt *time.Time `json:"expires_at,omitempty"`
|
|
|
|
Secret string `json:"secret,omitempty"`
|
|
|
|
SecretId string `json:"secret_id,omitempty"`
|
2021-09-07 06:45:27 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
type apiRequest struct {
|
|
|
|
Secret string `json:"secret"`
|
|
|
|
}
|
|
|
|
|
2017-08-03 08:13:53 -04:00
|
|
|
func newAPI(s storage) *apiServer {
|
|
|
|
return &apiServer{
|
|
|
|
store: s,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a apiServer) Register(r *mux.Router) {
|
|
|
|
r.HandleFunc("/create", a.handleCreate)
|
|
|
|
r.HandleFunc("/get/{id}", a.handleRead)
|
2023-06-15 12:49:10 -04:00
|
|
|
r.HandleFunc("/isWritable", func(w http.ResponseWriter, _ *http.Request) { w.WriteHeader(http.StatusNoContent) })
|
2017-08-03 08:13:53 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func (a apiServer) handleCreate(res http.ResponseWriter, r *http.Request) {
|
2023-06-26 17:01:06 -04:00
|
|
|
var (
|
|
|
|
expiry = cfg.SecretExpiry
|
|
|
|
secret string
|
|
|
|
)
|
|
|
|
|
|
|
|
if !cust.DisableExpiryOverride {
|
|
|
|
if ev, err := strconv.ParseInt(r.URL.Query().Get("expire"), 10, 64); err == nil && (ev < expiry || cfg.SecretExpiry == 0) {
|
|
|
|
expiry = ev
|
|
|
|
}
|
|
|
|
}
|
2019-05-10 17:00:08 -04:00
|
|
|
|
|
|
|
if strings.HasPrefix(r.Header.Get("Content-Type"), "application/json") {
|
2021-09-07 06:45:27 -04:00
|
|
|
tmp := apiRequest{}
|
2019-05-10 17:00:08 -04:00
|
|
|
if err := json.NewDecoder(r.Body).Decode(&tmp); err != nil {
|
2023-06-14 09:20:14 -04:00
|
|
|
a.errorResponse(res, http.StatusBadRequest, err, "decoding request body")
|
2019-05-10 17:00:08 -04:00
|
|
|
return
|
|
|
|
}
|
2021-09-07 06:45:27 -04:00
|
|
|
secret = tmp.Secret
|
2019-05-10 17:00:08 -04:00
|
|
|
} else {
|
|
|
|
secret = r.FormValue("secret")
|
|
|
|
}
|
|
|
|
|
2017-08-03 08:13:53 -04:00
|
|
|
if secret == "" {
|
2023-06-14 09:20:14 -04:00
|
|
|
a.errorResponse(res, http.StatusBadRequest, errors.New("secret missing"), "")
|
2017-08-03 08:13:53 -04:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-06-26 17:01:06 -04:00
|
|
|
id, err := a.store.Create(secret, time.Duration(expiry)*time.Second)
|
2017-08-03 08:13:53 -04:00
|
|
|
if err != nil {
|
2023-06-14 09:20:14 -04:00
|
|
|
a.errorResponse(res, http.StatusInternalServerError, err, "creating secret")
|
2017-08-03 08:13:53 -04:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-06-26 17:01:06 -04:00
|
|
|
var expiresAt *time.Time
|
|
|
|
if expiry > 0 {
|
|
|
|
expiresAt = func(v time.Time) *time.Time { return &v }(time.Now().UTC().Add(time.Duration(expiry) * time.Second))
|
|
|
|
}
|
|
|
|
|
2021-09-07 06:45:27 -04:00
|
|
|
a.jsonResponse(res, http.StatusCreated, apiResponse{
|
2023-06-26 17:01:06 -04:00
|
|
|
ExpiresAt: expiresAt,
|
|
|
|
Success: true,
|
|
|
|
SecretId: id,
|
2017-08-03 08:13:53 -04:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a apiServer) handleRead(res http.ResponseWriter, r *http.Request) {
|
|
|
|
vars := mux.Vars(r)
|
|
|
|
id := vars["id"]
|
|
|
|
if id == "" {
|
2023-06-14 09:20:14 -04:00
|
|
|
a.errorResponse(res, http.StatusBadRequest, errors.New("id missing"), "")
|
2017-08-03 08:13:53 -04:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
secret, err := a.store.ReadAndDestroy(id)
|
|
|
|
if err != nil {
|
2017-08-03 12:18:05 -04:00
|
|
|
status := http.StatusInternalServerError
|
|
|
|
if err == errSecretNotFound {
|
|
|
|
status = http.StatusNotFound
|
|
|
|
}
|
2023-06-14 09:20:14 -04:00
|
|
|
a.errorResponse(res, status, err, "reading & destroying secret")
|
2017-08-03 08:13:53 -04:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-09-07 06:45:27 -04:00
|
|
|
a.jsonResponse(res, http.StatusOK, apiResponse{
|
|
|
|
Success: true,
|
|
|
|
Secret: secret,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-06-14 09:20:14 -04:00
|
|
|
func (a apiServer) errorResponse(res http.ResponseWriter, status int, err error, desc string) {
|
|
|
|
errID := uuid.Must(uuid.NewV4()).String()
|
|
|
|
|
|
|
|
if desc != "" {
|
|
|
|
// No description: Nothing interesting for the server log
|
|
|
|
logrus.WithField("err_id", errID).WithError(err).Error(desc)
|
|
|
|
}
|
|
|
|
|
2021-09-07 06:45:27 -04:00
|
|
|
a.jsonResponse(res, status, apiResponse{
|
2023-06-14 09:20:14 -04:00
|
|
|
Error: errID,
|
2017-08-03 08:13:53 -04:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2021-09-07 06:45:27 -04:00
|
|
|
func (a apiServer) jsonResponse(res http.ResponseWriter, status int, response apiResponse) {
|
2017-08-03 08:13:53 -04:00
|
|
|
res.Header().Set("Content-Type", "application/json")
|
2021-08-09 11:37:48 -04:00
|
|
|
res.Header().Set("Cache-Control", "no-store, max-age=0")
|
2017-08-03 08:13:53 -04:00
|
|
|
res.WriteHeader(status)
|
|
|
|
|
|
|
|
json.NewEncoder(res).Encode(response)
|
|
|
|
}
|