-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
111 lines (90 loc) · 3.57 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package main
import (
"encoding/hex"
"flag"
"net"
"os"
"os/signal"
"syscall"
"time"
log "github.com/Sirupsen/logrus"
"github.com/TykTechnologies/tyk-protobuf/bindings/go"
"github.com/asoorm/tyk-mashery-auth/dispatcher"
"github.com/asoorm/tyk-mashery-auth/hook"
"google.golang.org/grpc"
)
const (
defaultListenAddress = ":9000"
defaultNetwork = "tcp"
defaultClockSkew = 300
defaultSharedSecret = "4321knj8fqgm5ffq64tdzifato6fb5p5rkqze933ehivqelctivti8qs0xnzmpq3"
defaultDebug = false
defaultDebugToken = "foo"
defaultHeaderAuthKey = "Api-Key"
defaultHeaderSignatureKey = "X-Signature"
)
func main() {
allowedClockSkew := flag.Int64("skew", defaultClockSkew, "allowed clock skew in seconds")
network := flag.String("network", defaultNetwork, "network mode e.g. tcp | unix")
listenAddress := flag.String("listen", defaultListenAddress, "listen address e.g. :9000 | /tmp/foo.sock")
debug := flag.Bool("debug", defaultDebug, "enable debug mode")
debugToken := flag.String("token", defaultDebugToken, "token used for generating debug logs")
sharedSecret := flag.String("secret", defaultSharedSecret, "shared secret for debugging")
headerAuthKey := flag.String("header_auth", defaultHeaderAuthKey, "header location to look for auth token")
headerSignatureKey := flag.String("header_signature", defaultHeaderSignatureKey, "header location to look for signature")
flag.Parse()
/*
* Only run if debug mode is set.
* Responsible for generating test curl messages to use when sending requests via the gateway to invoke signature
* validating gRPC middleware.
*/
if *debug {
log.SetLevel(log.DebugLevel)
myShaGenerator := hook.Sha256{}
myShaGenerator.Init(*sharedSecret, *allowedClockSkew, *headerAuthKey, *headerSignatureKey)
go func() {
for {
msgFormat := "curl http://localhost:8080/sha/get -H '%s: %s' -H '%s: %s'"
now := time.Now().Unix()
log.Debugf("raw: %s%s%d", *debugToken, *sharedSecret, now)
log.Debugf("now: "+msgFormat, *headerAuthKey, *debugToken, *headerSignatureKey, hex.EncodeToString(myShaGenerator.Sha256Sum(*debugToken, now)))
log.Debugf("-30s: "+msgFormat, *headerAuthKey, *debugToken, *headerSignatureKey, hex.EncodeToString(myShaGenerator.Sha256Sum(*debugToken, now-30)))
log.Debugf("+30s: "+msgFormat, *headerAuthKey, *debugToken, *headerSignatureKey, hex.EncodeToString(myShaGenerator.Sha256Sum(*debugToken, now+30)))
time.Sleep(time.Second * 30)
}
}()
}
/*
* If listening on unix domain socket, e.g. unix:///tmp/foo.sock, then by killing the process with ctrl+c
* we need to catch this signal & delete the sock file, otherwise we won't be able to re-bind to the socket.
*/
go func() {
<-handleSIGINTKILL()
log.Info("received termination signal")
if *network == "unix" {
log.Infof("unbinding from %s://%s", *network, *listenAddress)
if err := os.Remove(*listenAddress); err != nil {
log.WithError(err).Error("unable to unbind. Please delete sock file manually")
}
}
os.Exit(0)
}()
listener, err := net.Listen(*network, *listenAddress)
if err != nil {
log.Fatal(err)
}
log.Infof("gRPC server listening on %s://%s", *network, *listenAddress)
s := grpc.NewServer()
coprocess.RegisterDispatcherServer(s, &dispatcher.Server{
ClockSkew: *allowedClockSkew,
SharedSecret: *sharedSecret,
HeaderAuthKey: *headerAuthKey,
HeaderSignatureKey: *headerSignatureKey,
})
s.Serve(listener)
}
func handleSIGINTKILL() chan os.Signal {
sig := make(chan os.Signal, 1)
signal.Notify(sig, syscall.SIGINT, syscall.SIGTERM)
return sig
}