-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
82 lines (68 loc) · 2.52 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
// package main is this really necessary
package main
import (
"context"
"errors"
"flag"
"fmt"
"os"
"strings"
"github.com/getkin/kin-openapi/openapi3filter"
repoApi "github.com/iggy/packages/internal/openapi"
"github.com/labstack/echo-contrib/prometheus"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
echomiddleware "github.com/oapi-codegen/echo-middleware"
)
func main() {
var port = flag.Int("port", 8888, "Port for HTTP server")
var dir = flag.String("dir", "/srv/packages", "Root directory for packages/config")
flag.Parse()
swagger, err := repoApi.GetSwagger()
if err != nil {
fmt.Fprintf(os.Stderr, "Error loading swagger spec\n: %s", err)
os.Exit(1)
}
// Clear out the servers array in the swagger spec, that skips validating
// that server names match. We don't know how this thing will be run.
swagger.Servers = nil
// Create an instance of our handler which satisfies the generated interface
papi := repoApi.NewPkgRepo(*dir)
// This is how you set up a basic Echo router
e := echo.New()
// Enable metrics middleware
p := prometheus.NewPrometheus("packages", nil)
p.Use(e)
// Log all requests
e.Use(middleware.Logger())
// secure middleware
e.Use(middleware.Secure())
// Use our validation middleware to check all requests against the
// OpenAPI schema.
validatorOptions := &echomiddleware.Options{}
validatorOptions.Options.AuthenticationFunc = func(ctx context.Context, input *openapi3filter.AuthenticationInput) error {
orgName := input.RequestValidationInput.PathParams["org"]
validTokens := repoApi.GetValidTokens(orgName)
// they probably forgot to set the auth header or the env var for the token
if input.RequestValidationInput.Request.Header.Get("Authorization") == "" ||
input.RequestValidationInput.Request.Header["Authorization"][0] == "Bearer" {
return errors.New("no auth token")
}
token := strings.Split(input.RequestValidationInput.Request.Header["Authorization"][0], " ")[1]
for _, t := range validTokens {
if token == t {
return nil
}
}
return errors.New("invalid auth")
}
validatorOptions.Skipper = func(ctx echo.Context) bool {
// we want the prometheus middleware to handle this, not the normal openapi route
return ctx.Path() == "/metrics"
}
e.Use(echomiddleware.OapiRequestValidatorWithOptions(swagger, validatorOptions))
// We now register our API above as the handler for the interface
repoApi.RegisterHandlers(e, papi)
// And we serve HTTP until the world ends.
e.Logger.Fatal(e.Start(fmt.Sprintf("0.0.0.0:%d", *port)))
}