2024-01-12 19:19:52 +01:00
|
|
|
package pass
|
|
|
|
|
|
|
|
|
|
import (
|
2024-01-24 20:57:31 +01:00
|
|
|
"log"
|
|
|
|
|
|
|
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
|
|
|
"github.com/aws/aws-sdk-go/aws/session"
|
|
|
|
|
"github.com/aws/aws-sdk-go/service/kms"
|
2024-01-12 19:19:52 +01:00
|
|
|
"github.com/gin-gonic/gin"
|
2024-01-24 20:57:31 +01:00
|
|
|
"github.com/twofas/2fas-server/internal/pass/sign"
|
|
|
|
|
|
|
|
|
|
"github.com/twofas/2fas-server/config"
|
2024-01-12 19:19:52 +01:00
|
|
|
httphelpers "github.com/twofas/2fas-server/internal/common/http"
|
|
|
|
|
"github.com/twofas/2fas-server/internal/common/recovery"
|
|
|
|
|
"github.com/twofas/2fas-server/internal/pass/pairing"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Server struct {
|
|
|
|
|
router *gin.Engine
|
|
|
|
|
addr string
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-24 20:57:31 +01:00
|
|
|
func NewServer(cfg config.PassConfig) *Server {
|
|
|
|
|
var awsEndpoint *string
|
|
|
|
|
if cfg.AWSEndpoint != "" {
|
|
|
|
|
awsEndpoint = aws.String(cfg.AWSEndpoint)
|
|
|
|
|
}
|
2024-01-24 21:05:16 +01:00
|
|
|
region := cfg.AWSRegion
|
|
|
|
|
if region == "" {
|
|
|
|
|
region = "us-east-1"
|
|
|
|
|
}
|
2024-01-25 17:55:08 +01:00
|
|
|
sess, err := session.NewSessionWithOptions(
|
|
|
|
|
session.Options{
|
|
|
|
|
Config: aws.Config{
|
|
|
|
|
Region: aws.String(region),
|
|
|
|
|
S3ForcePathStyle: aws.Bool(true),
|
|
|
|
|
Endpoint: awsEndpoint,
|
|
|
|
|
},
|
|
|
|
|
SharedConfigState: session.SharedConfigEnable,
|
|
|
|
|
})
|
2024-01-24 20:57:31 +01:00
|
|
|
if err != nil {
|
|
|
|
|
log.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
kmsClient := kms.New(sess)
|
|
|
|
|
|
|
|
|
|
signSvc, err := sign.NewService(cfg.KMSKeyID, kmsClient)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pairingApp := pairing.NewPairingApp(signSvc)
|
2024-01-12 19:19:52 +01:00
|
|
|
proxyApp := pairing.NewProxy()
|
|
|
|
|
|
|
|
|
|
router := gin.New()
|
|
|
|
|
router.Use(recovery.RecoveryMiddleware())
|
|
|
|
|
router.Use(httphelpers.RequestIdMiddleware())
|
|
|
|
|
router.Use(httphelpers.CorrelationIdMiddleware())
|
|
|
|
|
// TODO: don't log auth headers.
|
|
|
|
|
router.Use(httphelpers.RequestJsonLogger())
|
|
|
|
|
|
|
|
|
|
router.GET("/health", func(context *gin.Context) {
|
|
|
|
|
context.Status(200)
|
|
|
|
|
})
|
|
|
|
|
|
2024-01-21 10:25:12 +01:00
|
|
|
router.POST("/browser_extension/configure", pairing.ExtensionConfigureHandler(pairingApp))
|
|
|
|
|
router.GET("/browser_extension/wait_for_connection", pairing.ExtensionWaitForConnWSHandler(pairingApp))
|
|
|
|
|
router.GET("/browser_extension/proxy_to_mobile", pairing.ExtensionProxyWSHandler(pairingApp, proxyApp))
|
2024-01-12 19:19:52 +01:00
|
|
|
router.POST("/mobile/confirm", pairing.MobileConfirmHandler(pairingApp))
|
2024-01-21 10:25:12 +01:00
|
|
|
router.GET("/mobile/proxy_to_browser_extension", pairing.MobileProxyWSHandler(pairingApp, proxyApp))
|
2024-01-12 19:19:52 +01:00
|
|
|
|
|
|
|
|
return &Server{
|
|
|
|
|
router: router,
|
2024-01-24 20:57:31 +01:00
|
|
|
addr: cfg.Addr,
|
2024-01-12 19:19:52 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *Server) Run() error {
|
|
|
|
|
return s.router.Run(s.addr)
|
|
|
|
|
}
|
