mirror
/
galene
mirror of https://github.com/jech/galene.git
1
Fork 0
Code
galene/webserver/api.go

702 lines
14 KiB
Go
Raw Normal View History

Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
package webserver
import (
Implement administrative API.
2024-04-09 16:53:03 +02:00
"crypto/rand"
"crypto/sha256"
Token API.
2024-05-01 22:12:48 +02:00
"encoding/base64"
Implement administrative API.
2024-04-09 16:53:03 +02:00
"encoding/hex"
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
"encoding/json"
Replace uses of os.IsExist and os.IsNotExist with errors.Is. The former don't properly unwrap errors.
2024-04-14 13:33:52 +02:00
"errors"
Implement administrative API.
2024-04-09 16:53:03 +02:00
"io"
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
"net/http"
Implement administrative API.
2024-04-09 16:53:03 +02:00
"os"
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
"strings"
Implement administrative API.
2024-04-09 16:53:03 +02:00
"golang.org/x/crypto/pbkdf2"
"github.com/jech/galene/group"
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
"github.com/jech/galene/stats"
Token API.
2024-05-01 22:12:48 +02:00
"github.com/jech/galene/token"
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
)
Implement parseContentType.
2024-04-09 15:30:11 +02:00
func parseContentType(ctype string) string {
return strings.Trim(strings.Split(ctype, ";")[0], " ")
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
// checkAdmin checks whether the client authentifies as an administrator
func checkAdmin(w http.ResponseWriter, r *http.Request) bool {
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
username, password, ok := r.BasicAuth()
Implement administrative API.
2024-04-09 16:53:03 +02:00
if ok {
ok, _ = adminMatch(username, password)
}
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
if !ok {
Implement administrative API.
2024-04-09 16:53:03 +02:00
failAuthentication(w, "/galene-api/")
return false
}
return true
}
// checkPasswordAdmin checks whether the client authentifies as either an
// administrator or the given user. It is used to check whether the
// client has the right to change user's password.
func checkPasswordAdmin(w http.ResponseWriter, r *http.Request, groupname, user string) bool {
username, password, ok := r.BasicAuth()
if ok {
ok, _ := adminMatch(username, password)
if ok {
return true
}
}
if ok && username == user {
desc, err := group.GetDescription(groupname)
if err == nil && desc.Users != nil {
u, ok := desc.Users[user]
if ok {
ok, _ := u.Password.Match(password)
if ok {
return true
}
}
}
}
failAuthentication(w, "/galene-api/")
return false
}
func apiHandler(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.URL.Path, "/galene-api/") {
http.NotFound(w, r)
return
}
first, kind, rest := splitPath(r.URL.Path[len("/galene-api"):])
Rename /galene-api/0/ to /v0/.
2024-05-03 18:33:37 +02:00
if first == "/v0" && kind == ".stats" && rest == "" {
Implement administrative API.
2024-04-09 16:53:03 +02:00
if !checkAdmin(w, r) {
return
}
if r.Method != "HEAD" && r.Method != "GET" {
methodNotAllowed(w, "HEAD", "GET")
return
}
w.Header().Set("content-type", "application/json")
w.Header().Set("cache-control", "no-cache")
if r.Method == "HEAD" {
return
}
ss := stats.GetGroups()
e := json.NewEncoder(w)
e.Encode(ss)
return
Rename /galene-api/0/ to /v0/.
2024-05-03 18:33:37 +02:00
} else if first == "/v0" && kind == ".groups" {
Implement administrative API.
2024-04-09 16:53:03 +02:00
apiGroupHandler(w, r, rest)
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
return
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
http.NotFound(w, r)
return
}
func apiGroupHandler(w http.ResponseWriter, r *http.Request, pth string) {
first, kind, rest := splitPath(pth)
if first == "" {
notFound(w)
return
}
g := first[1:]
if g == "" && kind == "" {
if !checkAdmin(w, r) {
return
}
if r.Method != "HEAD" && r.Method != "GET" {
methodNotAllowed(w, "HEAD", "GET")
return
}
groups, err := group.GetDescriptionNames()
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
if err != nil {
Implement administrative API.
2024-04-09 16:53:03 +02:00
httpError(w, err)
return
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
w.Header().Set("content-type", "application/json")
Implement administrative API.
2024-04-09 16:53:03 +02:00
if r.Method == "HEAD" {
return
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
e := json.NewEncoder(w)
e.Encode(groups)
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
return
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
if kind == ".users" {
Rename usersHandler.
2024-04-14 01:04:44 +02:00
usersHandler(w, r, g, rest)
Implement administrative API.
2024-04-09 16:53:03 +02:00
return
Implement FallbackUsers in API.
2024-04-11 13:45:30 +02:00
} else if kind == ".fallback-users" && rest == "" {
fallbackUsersHandler(w, r, g)
return
Implement keys handling in API.
2024-04-11 13:25:59 +02:00
} else if kind == ".keys" && rest == "" {
keysHandler(w, r, g)
return
Token API.
2024-05-01 22:12:48 +02:00
} else if kind == ".tokens" {
tokensHandler(w, r, g, rest)
return
Implement administrative API.
2024-04-09 16:53:03 +02:00
} else if kind != "" {
if !checkAdmin(w, r) {
return
}
notFound(w)
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
return
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
if !checkAdmin(w, r) {
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
return
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
if r.Method == "HEAD" || r.Method == "GET" {
desc, etag, err := group.GetSanitisedDescription(g)
if err != nil {
httpError(w, err)
return
}
w.Header().Set("etag", etag)
done := checkPreconditions(w, r, etag)
if done {
return
}
w.Header().Set("content-type", "application/json")
if r.Method == "HEAD" {
return
}
e := json.NewEncoder(w)
e.Encode(desc)
return
} else if r.Method == "PUT" {
etag, err := group.GetDescriptionTag(g)
Replace uses of os.IsExist and os.IsNotExist with errors.Is. The former don't properly unwrap errors.
2024-04-14 13:33:52 +02:00
if errors.Is(err, os.ErrNotExist) {
Implement administrative API.
2024-04-09 16:53:03 +02:00
err = nil
etag = ""
} else if err != nil {
httpError(w, err)
return
}
done := checkPreconditions(w, r, etag)
if done {
return
}
ctype := parseContentType(
r.Header.Get("Content-Type"),
)
if !strings.EqualFold(ctype, "application/json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var newdesc group.Description
err = d.Decode(&newdesc)
if err != nil {
httpError(w, err)
return
}
err = group.UpdateDescription(g, etag, &newdesc)
if err != nil {
httpError(w, err)
return
}
if etag == "" {
w.WriteHeader(http.StatusCreated)
} else {
w.WriteHeader(http.StatusNoContent)
}
return
} else if r.Method == "DELETE" {
etag, err := group.GetDescriptionTag(g)
if err != nil {
httpError(w, err)
return
}
done := checkPreconditions(w, r, etag)
if done {
return
}
err = group.DeleteDescription(g, etag)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
}
methodNotAllowed(w, "HEAD", "GET", "PUT", "DELETE")
return
}
Rename usersHandler.
2024-04-14 01:04:44 +02:00
func usersHandler(w http.ResponseWriter, r *http.Request, g, pth string) {
Check for empty path in api.
2024-05-01 22:20:02 +02:00
if pth == "" {
http.NotFound(w, r)
return
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
if pth == "/" {
if !checkAdmin(w, r) {
return
}
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
if r.Method != "HEAD" && r.Method != "GET" {
http.Error(w, "method not allowed",
http.StatusMethodNotAllowed)
Implement administrative API.
2024-04-09 16:53:03 +02:00
return
}
users, etag, err := group.GetUsers(g)
if err != nil {
httpError(w, err)
return
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
w.Header().Set("content-type", "application/json")
Implement administrative API.
2024-04-09 16:53:03 +02:00
w.Header().Set("etag", etag)
done := checkPreconditions(w, r, etag)
if done {
return
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
}
if r.Method == "HEAD" {
return
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
e := json.NewEncoder(w)
e.Encode(users)
Implement administrative API.
2024-04-09 16:53:03 +02:00
return
}
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
Implement administrative API.
2024-04-09 16:53:03 +02:00
first2, kind2, rest2 := splitPath(pth)
Implement keys handling in API.
2024-04-11 13:25:59 +02:00
if first2 != "" && kind2 == ".password" && rest2 == "" {
Implement administrative API.
2024-04-09 16:53:03 +02:00
passwordHandler(w, r, g, first2[1:])
return
} else if kind2 != "" || first2 == "" {
if !checkAdmin(w, r) {
return
}
notFound(w)
return
}
if !checkAdmin(w, r) {
return
}
username := first2[1:]
if r.Method == "HEAD" || r.Method == "GET" {
user, etag, err := group.GetSanitisedUser(g, username)
if err != nil {
httpError(w, err)
return
}
w.Header().Set("content-type", "application/json")
w.Header().Set("etag", etag)
done := checkPreconditions(w, r, etag)
if done {
return
}
if r.Method == "HEAD" {
return
}
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
e := json.NewEncoder(w)
Implement administrative API.
2024-04-09 16:53:03 +02:00
e.Encode(user)
return
} else if r.Method == "PUT" {
etag, err := group.GetUserTag(g, username)
Replace uses of os.IsExist and os.IsNotExist with errors.Is. The former don't properly unwrap errors.
2024-04-14 13:33:52 +02:00
if errors.Is(err, os.ErrNotExist) {
Implement administrative API.
2024-04-09 16:53:03 +02:00
etag = ""
err = nil
} else if err != nil {
httpError(w, err)
return
}
done := checkPreconditions(w, r, etag)
if done {
return
}
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "application/json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var newdesc group.UserDescription
err = d.Decode(&newdesc)
if err != nil {
httpError(w, err)
return
}
err = group.UpdateUser(g, username, etag, &newdesc)
if err != nil {
httpError(w, err)
return
}
if etag == "" {
w.WriteHeader(http.StatusCreated)
} else {
w.WriteHeader(http.StatusNoContent)
}
return
} else if r.Method == "DELETE" {
etag, err := group.GetUserTag(g, username)
if err != nil {
httpError(w, err)
return
}
done := checkPreconditions(w, r, etag)
if done {
return
}
err = group.DeleteUser(g, username, etag)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
return
}
Implement administrative API.
2024-04-09 16:53:03 +02:00
methodNotAllowed(w, "HEAD", "GET", "PUT", "DELETE")
return
}
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
Implement administrative API.
2024-04-09 16:53:03 +02:00
func passwordHandler(w http.ResponseWriter, r *http.Request, g, user string) {
if !checkPasswordAdmin(w, r, g, user) {
return
}
if r.Method == "PUT" {
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "application/json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var pw group.Password
err := d.Decode(&pw)
if err != nil {
httpError(w, err)
return
}
err = group.SetUserPassword(g, user, pw)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
} else if r.Method == "POST" {
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "text/plain") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
body, err := io.ReadAll(http.MaxBytesReader(w, r.Body, 4096))
if err != nil {
httpError(w, err)
return
}
salt := make([]byte, 8)
_, err = rand.Read(salt)
if err != nil {
httpError(w, err)
return
}
iterations := 4096
key := pbkdf2.Key(body, salt, iterations, 32, sha256.New)
Distinguish empty key in password from absence of key.
2024-04-12 01:05:48 +02:00
encoded := hex.EncodeToString(key)
Implement administrative API.
2024-04-09 16:53:03 +02:00
pw := group.Password{
Type: "pbkdf2",
Hash: "sha-256",
Distinguish empty key in password from absence of key.
2024-04-12 01:05:48 +02:00
Key: &encoded,
Implement administrative API.
2024-04-09 16:53:03 +02:00
Salt: hex.EncodeToString(salt),
Iterations: iterations,
}
err = group.SetUserPassword(g, user, pw)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
} else if r.Method == "DELETE" {
err := group.SetUserPassword(g, user, group.Password{})
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
}
methodNotAllowed(w, "PUT", "POST", "DELETE")
Beginnings of administrative API. The "stats.json" file is moved under "galene-api", where the rest of the API will live.
2024-01-04 19:47:12 +01:00
return
}
Implement keys handling in API.
2024-04-11 13:25:59 +02:00
Implement FallbackUsers in API.
2024-04-11 13:45:30 +02:00
func fallbackUsersHandler(w http.ResponseWriter, r *http.Request, g string) {
if !checkAdmin(w, r) {
return
}
if r.Method == "PUT" {
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "application/json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var users []group.UserDescription
err := d.Decode(&users)
if err != nil {
httpError(w, err)
return
}
err = group.SetFallbackUsers(g, users)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
} else if r.Method == "DELETE" {
err := group.SetFallbackUsers(g, nil)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
}
methodNotAllowed(w, "PUT", "DELETE")
return
}
Implement keys handling in API.
2024-04-11 13:25:59 +02:00
type jwkset = struct {
Keys []map[string]any `json:"keys"`
}
func keysHandler(w http.ResponseWriter, r *http.Request, g string) {
if !checkAdmin(w, r) {
return
}
if r.Method == "PUT" {
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "application/jwk-set+json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var keys jwkset
err := d.Decode(&keys)
if err != nil {
httpError(w, err)
return
}
err = group.SetKeys(g, keys.Keys)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
} else if r.Method == "DELETE" {
err := group.SetKeys(g, nil)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
}
methodNotAllowed(w, "PUT", "DELETE")
return
}
Token API.
2024-05-01 22:12:48 +02:00
func tokensHandler(w http.ResponseWriter, r *http.Request, g, pth string) {
if pth == "" {
http.NotFound(w, r)
return
}
if !checkAdmin(w, r) {
return
}
if pth == "/" {
if r.Method == "HEAD" || r.Method == "GET" {
tokens, etag, err := token.List(g)
if err != nil {
httpError(w, err)
return
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
w.Header().Set("content-type", "application/json")
Token API.
2024-05-01 22:12:48 +02:00
if etag != "" {
w.Header().Set("etag", etag)
}
if r.Method == "HEAD" {
return
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
toknames := make([]string, len(tokens))
for i, t := range tokens {
toknames[i] = t.Token
Token API.
2024-05-01 22:12:48 +02:00
}
Use JSON arrays instead of plain text in API. Suggested by Dianne Skoll.
2024-05-03 18:54:22 +02:00
e := json.NewEncoder(w)
e.Encode(toknames)
Token API.
2024-05-01 22:12:48 +02:00
return
} else if r.Method == "POST" {
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "application/json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var newtoken token.Stateful
err := d.Decode(&newtoken)
if err != nil {
httpError(w, err)
return
}
if newtoken.Token != "" || newtoken.Group != "" {
http.Error(w, "overspecified token",
http.StatusBadRequest)
return
}
buf := make([]byte, 8)
rand.Read(buf)
newtoken.Token =
base64.RawURLEncoding.EncodeToString(buf)
newtoken.Group = g
t, err := token.Update(&newtoken, "")
if err != nil {
httpError(w, err)
return
}
w.Header().Set("location", t.Token)
w.WriteHeader(http.StatusCreated)
return
}
methodNotAllowed(w, "HEAD", "GET", "POST")
return
}
if pth[0] != '/' {
http.NotFound(w, r)
return
}
t := pth[1:]
if r.Method == "HEAD" || r.Method == "GET" {
tok, etag, err := token.Get(t)
if err != nil {
httpError(w, err)
return
}
if tok.Group != g {
http.NotFound(w, r)
return
}
w.Header().Set("content-type", "application/json")
w.Header().Set("etag", etag)
done := checkPreconditions(w, r, etag)
if done {
return
}
if r.Method == "HEAD" {
return
}
e := json.NewEncoder(w)
e.Encode(t)
return
} else if r.Method == "PUT" {
old, etag, err := token.Get(t)
if errors.Is(err, os.ErrNotExist) {
etag = ""
err = nil
} else if err != nil {
httpError(w, err)
return
}
if old.Group != g {
http.Error(w, "token exists in different group",
http.StatusConflict)
return
}
done := checkPreconditions(w, r, etag)
if done {
return
}
ctype := parseContentType(r.Header.Get("Content-Type"))
if !strings.EqualFold(ctype, "application/json") {
http.Error(w, "unsupported content type",
http.StatusUnsupportedMediaType)
return
}
d := json.NewDecoder(r.Body)
var newtoken token.Stateful
err = d.Decode(&newtoken)
if err != nil {
httpError(w, err)
return
}
if newtoken.Group != g {
http.Error(w, "wrong group", http.StatusBadRequest)
return
}
Check for mismatched token in API.
2024-05-02 18:14:51 +02:00
if newtoken.Token != t {
http.Error(w, "token mismatch", http.StatusBadRequest)
return
}
Token API.
2024-05-01 22:12:48 +02:00
_, err = token.Update(&newtoken, etag)
if err != nil {
httpError(w, err)
return
}
if etag == "" {
w.WriteHeader(http.StatusCreated)
} else {
w.WriteHeader(http.StatusNoContent)
}
return
} else if r.Method == "DELETE" {
old, etag, err := token.Get(t)
if err != nil {
httpError(w, err)
return
}
if old.Group != g {
http.NotFound(w, r)
return
}
done := checkPreconditions(w, r, etag)
if done {
return
}
err = token.Delete(t, etag)
if err != nil {
httpError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
return
}
methodNotAllowed(w, "HEAD", "GET", "PUT", "DELETE")
return
}