netmaker/controllers/enrollmentkeys.go

package controller

import (
	"encoding/json"
	"fmt"
	"net/http"
	"time"

	"github.com/gorilla/mux"
	"github.com/gravitl/netmaker/logger"
	"github.com/gravitl/netmaker/logic"
	"github.com/gravitl/netmaker/logic/hostactions"
	"github.com/gravitl/netmaker/models"
	"github.com/gravitl/netmaker/servercfg"
)

func enrollmentKeyHandlers(r *mux.Router) {
	r.HandleFunc("/api/v1/enrollment-keys", logic.SecurityCheck(true, http.HandlerFunc(createEnrollmentKey))).Methods(http.MethodPost)
	r.HandleFunc("/api/v1/enrollment-keys", logic.SecurityCheck(true, http.HandlerFunc(getEnrollmentKeys))).Methods(http.MethodGet)
	r.HandleFunc("/api/v1/enrollment-keys/{keyID}", logic.SecurityCheck(true, http.HandlerFunc(deleteEnrollmentKey))).Methods(http.MethodDelete)
	r.HandleFunc("/api/v1/host/register/{token}", http.HandlerFunc(handleHostRegister)).Methods(http.MethodPost)
}

// swagger:route GET /api/v1/enrollment-keys enrollmentKeys getEnrollmentKeys
//
// Lists all hosts.
//
//			Schemes: https
//
//			Security:
//	  		oauth
//
//			Responses:
//				200: getEnrollmentKeysSlice
func getEnrollmentKeys(w http.ResponseWriter, r *http.Request) {
	currentKeys, err := logic.GetAllEnrollmentKeys()
	if err != nil {
		logger.Log(0, r.Header.Get("user"), "failed to fetch enrollment keys: ", err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}
	for i := range currentKeys {
		currentKey := currentKeys[i]
		if err = logic.Tokenize(currentKey, servercfg.GetAPIHost()); err != nil {
			logger.Log(0, r.Header.Get("user"), "failed to get token values for keys:", err.Error())
			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			return
		}
	}
	// return JSON/API formatted keys
	logger.Log(2, r.Header.Get("user"), "fetched enrollment keys")
	w.WriteHeader(http.StatusOK)
	json.NewEncoder(w).Encode(currentKeys)
}

// swagger:route DELETE /api/v1/enrollment-keys/{keyID} enrollmentKeys deleteEnrollmentKey
//
// Deletes a Netclient host from Netmaker server.
//
//			Schemes: https
//
//			Security:
//	  		oauth
//
//			Responses:
//				200: deleteEnrollmentKeyResponse
func deleteEnrollmentKey(w http.ResponseWriter, r *http.Request) {
	var params = mux.Vars(r)
	keyID := params["keyID"]
	err := logic.DeleteEnrollmentKey(keyID)
	if err != nil {
		logger.Log(0, r.Header.Get("user"), "failed to remove enrollment key: ", err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}
	logger.Log(2, r.Header.Get("user"), "deleted enrollment key", keyID)
	w.WriteHeader(http.StatusOK)
}

// swagger:route POST /api/v1/enrollment-keys enrollmentKeys createEnrollmentKey
//
// Creates an EnrollmentKey for hosts to use on Netmaker server.
//
//			Schemes: https
//
//			Security:
//	  		oauth
//
//			Responses:
//				200: createEnrollmentKeyResponse
func createEnrollmentKey(w http.ResponseWriter, r *http.Request) {

	var enrollmentKeyBody models.APIEnrollmentKey

	err := json.NewDecoder(r.Body).Decode(&enrollmentKeyBody)
	if err != nil {
		logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
			err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
		return
	}
	var newTime time.Time
	if enrollmentKeyBody.Expiration > 0 {
		newTime = time.Unix(enrollmentKeyBody.Expiration, 0)
	}

	newEnrollmentKey, err := logic.CreateEnrollmentKey(enrollmentKeyBody.UsesRemaining, newTime, enrollmentKeyBody.Networks, enrollmentKeyBody.Tags, enrollmentKeyBody.Unlimited)
	if err != nil {
		logger.Log(0, r.Header.Get("user"), "failed to create enrollment key:", err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}

	if err = logic.Tokenize(newEnrollmentKey, servercfg.GetAPIHost()); err != nil {
		logger.Log(0, r.Header.Get("user"), "failed to create enrollment key:", err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}
	logger.Log(2, r.Header.Get("user"), "created enrollment key")
	w.WriteHeader(http.StatusOK)
	json.NewEncoder(w).Encode(newEnrollmentKey)
}

// swagger:route POST /api/v1/enrollment-keys/{token} enrollmentKeys deleteEnrollmentKey
//
// Deletes a Netclient host from Netmaker server.
//
//			Schemes: https
//
//			Security:
//	  		oauth
//
//			Responses:
//				200: hostRegisterResponse
func handleHostRegister(w http.ResponseWriter, r *http.Request) {
	var params = mux.Vars(r)
	token := params["token"]
	logger.Log(0, "received registration attempt with token", token)
	// check if token exists
	enrollmentKey, err := logic.DeTokenize(token)
	if err != nil {
		logger.Log(0, "invalid enrollment key used", token, err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
		return
	}
	// get the host
	var newHost models.Host
	if err = json.NewDecoder(r.Body).Decode(&newHost); err != nil {
		logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
			err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}
	// check if host already exists
	if ok := logic.HostExists(&newHost); ok {
		logger.Log(0, "host", newHost.ID.String(), newHost.Name, "attempted to re-register")
		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("host already exists"), "badrequest"))
		return
	}
	// version check
	if !logic.IsVersionComptatible(newHost.Version) || newHost.TrafficKeyPublic == nil {
		err := fmt.Errorf("incompatible netclient")
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
		return
	}
	key, keyErr := logic.RetrievePublicTrafficKey()
	if keyErr != nil {
		logger.Log(0, "error retrieving key:", keyErr.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}
	// use the token
	if ok := logic.TryToUseEnrollmentKey(enrollmentKey); !ok {
		logger.Log(0, "host", newHost.ID.String(), newHost.Name, "failed registration")
		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("invalid enrollment key"), "badrequest"))
		return
	}
	// register host
	logic.CheckHostPorts(&newHost)
	if err = logic.CreateHost(&newHost); err != nil {
		logger.Log(0, "host", newHost.ID.String(), newHost.Name, "failed registration -", err.Error())
		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
		return
	}
	// ready the response
	server := servercfg.GetServerInfo()
	server.TrafficKey = key
	logger.Log(0, newHost.Name, newHost.ID.String(), "registered with Netmaker")
	w.WriteHeader(http.StatusOK)
	json.NewEncoder(w).Encode(&server)
	// notify host of changes, peer and node updates
	go checkNetRegAndHostUpdate(enrollmentKey.Networks, &newHost)
}

// run through networks and send a host update
func checkNetRegAndHostUpdate(networks []string, h *models.Host) {
	// publish host update through MQ
	for i := range networks {
		if ok, _ := logic.NetworkExists(networks[i]); ok {
			newNode, err := logic.UpdateHostNetwork(h, networks[i], true)
			if err != nil {
				logger.Log(0, "failed to add host to network:", h.ID.String(), h.Name, networks[i], err.Error())
				continue
			}
			logger.Log(1, "added new node", newNode.ID.String(), "to host", h.Name)
			hostactions.AddAction(models.HostUpdate{
				Action: models.JoinHostToNetwork,
				Host:   *h,
				Node:   *newNode,
			})
		}
	}
}
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`package controller`

			`import (`
			`"encoding/json"`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`"fmt"`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`"net/http"`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`"time"`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00
			`"github.com/gorilla/mux"`
			`"github.com/gravitl/netmaker/logger"`
			`"github.com/gravitl/netmaker/logic"`
handled node additions in more elegant manner 2023-02-18 00:32:02 +08:00			`"github.com/gravitl/netmaker/logic/hostactions"`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`"github.com/gravitl/netmaker/models"`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`"github.com/gravitl/netmaker/servercfg"`
			`)`

			`func enrollmentKeyHandlers(r *mux.Router) {`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`r.HandleFunc("/api/v1/enrollment-keys", logic.SecurityCheck(true, http.HandlerFunc(createEnrollmentKey))).Methods(http.MethodPost)`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`r.HandleFunc("/api/v1/enrollment-keys", logic.SecurityCheck(true, http.HandlerFunc(getEnrollmentKeys))).Methods(http.MethodGet)`
			`r.HandleFunc("/api/v1/enrollment-keys/{keyID}", logic.SecurityCheck(true, http.HandlerFunc(deleteEnrollmentKey))).Methods(http.MethodDelete)`
removed admin security check 2023-02-17 05:42:08 +08:00			`r.HandleFunc("/api/v1/host/register/{token}", http.HandlerFunc(handleHostRegister)).Methods(http.MethodPost)`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`}`

			`// swagger:route GET /api/v1/enrollment-keys enrollmentKeys getEnrollmentKeys`
			`//`
			`// Lists all hosts.`
			`//`
			`// Schemes: https`
			`//`
			`// Security:`
			`// oauth`
			`//`
			`// Responses:`
			`// 200: getEnrollmentKeysSlice`
			`func getEnrollmentKeys(w http.ResponseWriter, r *http.Request) {`
			`currentKeys, err := logic.GetAllEnrollmentKeys()`
			`if err != nil {`
			`logger.Log(0, r.Header.Get("user"), "failed to fetch enrollment keys: ", err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
			`for i := range currentKeys {`
fixed nil pointer from dereference in loop 2023-02-17 04:41:23 +08:00			`currentKey := currentKeys[i]`
added log 2023-02-17 08:34:25 +08:00			`if err = logic.Tokenize(currentKey, servercfg.GetAPIHost()); err != nil {`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`logger.Log(0, r.Header.Get("user"), "failed to get token values for keys:", err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
			`}`
fixed nil pointer from dereference in loop 2023-02-17 04:41:23 +08:00			`// return JSON/API formatted keys`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`logger.Log(2, r.Header.Get("user"), "fetched enrollment keys")`
			`w.WriteHeader(http.StatusOK)`
			`json.NewEncoder(w).Encode(currentKeys)`
			`}`

			`// swagger:route DELETE /api/v1/enrollment-keys/{keyID} enrollmentKeys deleteEnrollmentKey`
			`//`
			`// Deletes a Netclient host from Netmaker server.`
			`//`
			`// Schemes: https`
			`//`
			`// Security:`
			`// oauth`
			`//`
			`// Responses:`
			`// 200: deleteEnrollmentKeyResponse`
			`func deleteEnrollmentKey(w http.ResponseWriter, r *http.Request) {`
			`var params = mux.Vars(r)`
			`keyID := params["keyID"]`
			`err := logic.DeleteEnrollmentKey(keyID)`
			`if err != nil {`
			`logger.Log(0, r.Header.Get("user"), "failed to remove enrollment key: ", err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
			`logger.Log(2, r.Header.Get("user"), "deleted enrollment key", keyID)`
			`w.WriteHeader(http.StatusOK)`
			`}`

added host registration endpoint 2023-02-17 03:27:57 +08:00			`// swagger:route POST /api/v1/enrollment-keys enrollmentKeys createEnrollmentKey`
			`//`
			`// Creates an EnrollmentKey for hosts to use on Netmaker server.`
			`//`
			`// Schemes: https`
			`//`
			`// Security:`
			`// oauth`
			`//`
			`// Responses:`
			`// 200: createEnrollmentKeyResponse`
			`func createEnrollmentKey(w http.ResponseWriter, r *http.Request) {`

			`var enrollmentKeyBody models.APIEnrollmentKey`

			`err := json.NewDecoder(r.Body).Decode(&enrollmentKeyBody)`
			`if err != nil {`
			`logger.Log(0, r.Header.Get("user"), "error decoding request body: ",`
			`err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))`
			`return`
			`}`
			`var newTime time.Time`
			`if enrollmentKeyBody.Expiration > 0 {`
			`newTime = time.Unix(enrollmentKeyBody.Expiration, 0)`
			`}`

			`newEnrollmentKey, err := logic.CreateEnrollmentKey(enrollmentKeyBody.UsesRemaining, newTime, enrollmentKeyBody.Networks, enrollmentKeyBody.Tags, enrollmentKeyBody.Unlimited)`
			`if err != nil {`
			`logger.Log(0, r.Header.Get("user"), "failed to create enrollment key:", err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
fix initial map allocation 2023-02-17 04:13:40 +08:00
added log 2023-02-17 08:34:25 +08:00			`if err = logic.Tokenize(newEnrollmentKey, servercfg.GetAPIHost()); err != nil {`
fix initial map allocation 2023-02-17 04:13:40 +08:00			`logger.Log(0, r.Header.Get("user"), "failed to create enrollment key:", err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`logger.Log(2, r.Header.Get("user"), "created enrollment key")`
			`w.WriteHeader(http.StatusOK)`
			`json.NewEncoder(w).Encode(newEnrollmentKey)`
			`}`

			`// swagger:route POST /api/v1/enrollment-keys/{token} enrollmentKeys deleteEnrollmentKey`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`//`
			`// Deletes a Netclient host from Netmaker server.`
			`//`
			`// Schemes: https`
			`//`
			`// Security:`
			`// oauth`
			`//`
			`// Responses:`
			`// 200: hostRegisterResponse`
			`func handleHostRegister(w http.ResponseWriter, r *http.Request) {`
			`var params = mux.Vars(r)`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`token := params["token"]`
added log 2023-02-17 08:34:25 +08:00			`logger.Log(0, "received registration attempt with token", token)`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`// check if token exists`
			`enrollmentKey, err := logic.DeTokenize(token)`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`if err != nil {`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`logger.Log(0, "invalid enrollment key used", token, err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))`
			`return`
			`}`
			`// get the host`
			`var newHost models.Host`
			`if err = json.NewDecoder(r.Body).Decode(&newHost); err != nil {`
			`logger.Log(0, r.Header.Get("user"), "error decoding request body: ",`
			`err.Error())`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`// check if host already exists`
			`if ok := logic.HostExists(&newHost); ok {`
			`logger.Log(0, "host", newHost.ID.String(), newHost.Name, "attempted to re-register")`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("host already exists"), "badrequest"))`
			`return`
			`}`
			`// version check`
			`if !logic.IsVersionComptatible(newHost.Version) \|\| newHost.TrafficKeyPublic == nil {`
			`err := fmt.Errorf("incompatible netclient")`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))`
			`return`
			`}`
			`key, keyErr := logic.RetrievePublicTrafficKey()`
			`if keyErr != nil {`
			`logger.Log(0, "error retrieving key:", keyErr.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
			`// use the token`
			`if ok := logic.TryToUseEnrollmentKey(enrollmentKey); !ok {`
			`logger.Log(0, "host", newHost.ID.String(), newHost.Name, "failed registration")`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("invalid enrollment key"), "badrequest"))`
			`return`
			`}`
			`// register host`
			`logic.CheckHostPorts(&newHost)`
			`if err = logic.CreateHost(&newHost); err != nil {`
			`logger.Log(0, "host", newHost.ID.String(), newHost.Name, "failed registration -", err.Error())`
			`logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))`
			`return`
			`}`
			`// ready the response`
			`server := servercfg.GetServerInfo()`
			`server.TrafficKey = key`
added log 2023-02-17 08:34:25 +08:00			`logger.Log(0, newHost.Name, newHost.ID.String(), "registered with Netmaker")`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`w.WriteHeader(http.StatusOK)`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`json.NewEncoder(w).Encode(&server)`
			`// notify host of changes, peer and node updates`
			`go checkNetRegAndHostUpdate(enrollmentKey.Networks, &newHost)`
			`}`

			`// run through networks and send a host update`
			`func checkNetRegAndHostUpdate(networks []string, h *models.Host) {`
			`// publish host update through MQ`
			`for i := range networks {`
			`if ok, _ := logic.NetworkExists(networks[i]); ok {`
			`newNode, err := logic.UpdateHostNetwork(h, networks[i], true)`
			`if err != nil {`
			`logger.Log(0, "failed to add host to network:", h.ID.String(), h.Name, networks[i], err.Error())`
			`continue`
			`}`
			`logger.Log(1, "added new node", newNode.ID.String(), "to host", h.Name)`
handled node additions in more elegant manner 2023-02-18 00:32:02 +08:00			`hostactions.AddAction(models.HostUpdate{`
			`Action: models.JoinHostToNetwork,`
			`Host: *h,`
			`Node: *newNode,`
			`})`
added host registration endpoint 2023-02-17 03:27:57 +08:00			`}`
			`}`
added tokenization + detokenization 2023-02-16 05:32:16 +08:00			`}`