Skip to content

Commit

Permalink
Update authentication client (#4)
Browse files Browse the repository at this point in the history 
Signed-off-by: Tamal Saha <[email protected]>
  • Loading branch information
@tamalsaha
tamalsaha authored Jan 11, 2023
1 parent a3f016e commit 6142620
Show file tree
Hide file tree
Showing 1,487 changed files with 685,064 additions and 1,811 deletions.
12 changes: 12 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,18 @@ jobs:
sudo apt-get -qq update || true
sudo apt-get install -y bzr
- name: Prepare git
env:
GITHUB_USER: 1gtm
GITHUB_TOKEN: ${{ secrets.LGTM_GITHUB_TOKEN }}
run: |
set -x
git config --global user.name "${GITHUB_USER}"
git config --global user.email "${GITHUB_USER}@appscode.com"
git config --global \
url."https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com".insteadOf \
"https://github.com"
- name: Run checks
run: |
make ci
53 changes: 48 additions & 5 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,20 +9,63 @@ require (
github.com/prometheus/client_golang v1.14.0
github.com/sirupsen/logrus v1.9.0
github.com/stretchr/testify v1.8.1
golang.org/x/crypto v0.3.0
go.bytebuilders.dev/lib-selfhost v0.0.0-20230111043008-3632af35d126
golang.org/x/crypto v0.4.1-0.20221221171930-bc7d1d1eb54b
)

require (
github.com/beorn7/perks v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
github.com/evanphx/json-patch/v5 v5.6.0 // indirect
github.com/go-logr/logr v1.2.3 // indirect
github.com/go-openapi/jsonpointer v0.19.5 // indirect
github.com/go-openapi/jsonreference v0.20.0 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
github.com/google/gnostic v0.6.9 // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/imdario/mergo v0.3.13 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.3.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/common v0.39.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
golang.org/x/sys v0.2.0 // indirect
go.bytebuilders.dev/installer v0.1.1-0.20230110092420-5ce925897d0f // indirect
go.openviz.dev/installer v0.0.0-20230104082956-b1c59b1b779d // indirect
golang.org/x/net v0.4.1-0.20221223171606-2aa82152a53e // indirect
golang.org/x/oauth2 v0.3.0 // indirect
golang.org/x/sys v0.3.1-0.20230101012411-b751db56c781 // indirect
golang.org/x/term v0.3.0 // indirect
golang.org/x/text v0.5.1-0.20221206182405-ec5565b1b747 // indirect
golang.org/x/time v0.3.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.28.1 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/api v0.25.3 // indirect
k8s.io/apimachinery v0.25.3 // indirect
k8s.io/client-go v0.25.3 // indirect
k8s.io/klog/v2 v2.80.1 // indirect
k8s.io/kube-openapi v0.0.0-20221207184640-f3cff1453715 // indirect
k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect
kmodules.xyz/client-go v0.25.15 // indirect
kmodules.xyz/objectstore-api v0.25.1-0.20221104003322-f0289b5b6ca2 // indirect
kubeops.dev/external-dns-operator v0.0.3 // indirect
kubeops.dev/installer v0.0.0-20230102190911-48de263490ae // indirect
sigs.k8s.io/controller-runtime v0.13.1 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)
508 changes: 162 additions & 346 deletions go.sum
View file

Large diffs are not rendered by default.

44 changes: 5 additions & 39 deletions main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,8 @@ package main
import (
"bytes"
"crypto/tls"
"encoding/json"
"fmt"
"net"
"net/http"
"net/textproto"
"os"
"os/exec"
Expand All @@ -15,6 +13,8 @@ import (
"syscall"
"time"

"go.bytebuilders.dev/lib-selfhost/client"

"github.com/chrj/smtpd"
"github.com/google/uuid"
"github.com/sirupsen/logrus"
Expand Down Expand Up @@ -97,60 +97,26 @@ func heloChecker(peer smtpd.Peer, addr string) error {
return nil
}

func fetchInstallerMetadata(url, authHeader string) (InstallerMetadata, error) {
req, err := http.NewRequest(http.MethodGet, url, nil)
if err != nil {
return InstallerMetadata{}, err
}

req.Header.Set("Authorization", authHeader)
fmt.Println(authHeader, url)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return InstallerMetadata{}, err
}

meta := InstallerMetadata{}
if err = json.NewDecoder(resp.Body).Decode(&meta); err != nil {
return InstallerMetadata{}, err
}

return meta, nil
}

type InstallerMetadata struct {
ID string `json:"ID"`
Domain string `json:"domain"`
HostedURL string `json:"hostedURL"`
OwnerID int64 `json:"ownerID"`
AuthorID int64 `json:"authorID"`
AuthorName string `json:"authorName,omitempty"`
Production bool `json:"production"`

CreateTimestamp time.Time `json:"createTimestamp"`
ExpiryTimestamp time.Time `json:"expiryTimestamp,omitempty"`
}

func senderChecker(peer smtpd.Peer, addr string) error {
if *authEndpoint != "" && peer.Username != "" {
// Get installer metadata
// username and sender matches the demo@${installer-domain}
md, err := fetchInstallerMetadata(*authEndpoint, peer.Password)
md, err := client.GetInstallerMetadata(*authEndpoint, peer.Password)
if err != nil {
log.WithFields(logrus.Fields{
"peer": peer.Addr,
"username": peer.Username,
}).WithError(err).Warn("could not fetch installer metadata from auth endpoint")
return observeErr(smtpd.Error{Code: 451, Message: "Failed to check authentication server"})
}
if peer.Username != "demo@"+md.Domain {
if peer.Username != "demo@"+md.HostedDomain {
log.WithFields(logrus.Fields{
"peer": peer.Addr,
"username": peer.Username,
}).WithError(err).Warn("auth error")
return observeErr(smtpd.Error{Code: 535, Message: "Authentication username does not match installer domain"})
}
if addr != "demo@"+md.Domain {
if addr != "demo@"+md.HostedDomain {
log.WithFields(logrus.Fields{
"peer": peer.Addr,
"username": peer.Username,
Expand Down
31 changes: 17 additions & 14 deletions vendor/github.com/cespare/xxhash/v2/README.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 10 additions & 0 deletions vendor/github.com/cespare/xxhash/v2/testall.sh
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

47 changes: 20 additions & 27 deletions vendor/github.com/cespare/xxhash/v2/xxhash.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 6142620

Please sign in to comment.