138 lines
3.1 KiB
Go
138 lines
3.1 KiB
Go
package service
|
|
|
|
import (
|
|
"context"
|
|
"crypto/tls"
|
|
"encoding/json"
|
|
"fmt"
|
|
"net"
|
|
|
|
"certmanager/internal/grpc/handler"
|
|
"certmanager/internal/logic"
|
|
"certmanager/pkg/logger"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/credentials"
|
|
"google.golang.org/grpc/metadata"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
type ServiceConfig struct {
|
|
Handler *handler.Handler
|
|
Logic *logic.Logic
|
|
PortNum int
|
|
Hostname string
|
|
X509Cert []byte
|
|
X509Key []byte
|
|
}
|
|
|
|
type Service struct {
|
|
gsrv *grpc.Server
|
|
hand *handler.Handler
|
|
lg *logic.Logic
|
|
log *logger.Logger
|
|
portnum int
|
|
hostname string
|
|
|
|
username string
|
|
password string
|
|
x509Cert []byte
|
|
x509Key []byte
|
|
}
|
|
|
|
func NewService(conf *ServiceConfig) *Service {
|
|
svc := Service{
|
|
hand: conf.Handler,
|
|
lg: conf.Logic,
|
|
portnum: conf.PortNum,
|
|
hostname: conf.Hostname,
|
|
x509Cert: conf.X509Cert,
|
|
x509Key: conf.X509Key,
|
|
}
|
|
svc.log = logger.NewLogger("gservice")
|
|
|
|
return &svc
|
|
}
|
|
|
|
func (svc *Service) Run() error {
|
|
var err error
|
|
svc.log.Infof("Service run")
|
|
|
|
listenSpec := fmt.Sprintf(":%d", svc.portnum)
|
|
listener, err := net.Listen("tcp", listenSpec)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
tlsCert, err := tls.X509KeyPair(svc.x509Cert, svc.x509Key)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
tlsConfig := tls.Config{
|
|
Certificates: []tls.Certificate{tlsCert},
|
|
ClientAuth: tls.NoClientCert,
|
|
InsecureSkipVerify: true,
|
|
}
|
|
|
|
tlsCredentials := credentials.NewTLS(&tlsConfig)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
gsrvOpts := []grpc.ServerOption{
|
|
grpc.Creds(tlsCredentials),
|
|
grpc.UnaryInterceptor(svc.authInterceptor),
|
|
}
|
|
svc.gsrv = grpc.NewServer(gsrvOpts...)
|
|
|
|
svc.hand.Register(svc.gsrv)
|
|
|
|
svc.log.Infof("Service listening at %v", listener.Addr())
|
|
err = svc.gsrv.Serve(listener)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return err
|
|
}
|
|
|
|
func (svc *Service) authInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
|
|
svc.log.Debugf("Called unary interceptor with method: %v", info.FullMethod)
|
|
meta, _ := metadata.FromIncomingContext(ctx)
|
|
svc.log.Debugf("Reqest username: %s", meta["username"])
|
|
svc.log.Debugf("Reqest password: %s", meta["password"])
|
|
usernameArr := meta["username"]
|
|
passwordArr := meta["password"]
|
|
if len(usernameArr) == 0 || len(passwordArr) == 0 {
|
|
err := status.Errorf(codes.PermissionDenied, "Empty auth data")
|
|
return nil, err
|
|
}
|
|
username := meta["username"][0]
|
|
password := meta["password"][0]
|
|
if !svc.lg.ValidateUser(username, password) {
|
|
err := status.Errorf(codes.PermissionDenied, "Wrong auth data")
|
|
return nil, err
|
|
}
|
|
reqBinary, err := json.Marshal(req)
|
|
if err == nil {
|
|
svc.log.Debugf("Request: %s", string(reqBinary))
|
|
}
|
|
return handler(ctx, req)
|
|
}
|
|
|
|
func (svc *Service) logInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
|
|
var err error
|
|
svc.log.Debugf("Called unary interceptor with method: %v", info.FullMethod)
|
|
|
|
reqBinary, err := json.Marshal(req)
|
|
if err == nil {
|
|
svc.log.Debugf("Request: %f", string(reqBinary))
|
|
}
|
|
return handler(ctx, req)
|
|
}
|
|
|
|
func (svc *Service) Stop() {
|
|
svc.log.Infof("Stopping service")
|
|
svc.gsrv.GracefulStop()
|
|
}
|