135 lines
3.0 KiB
Go
135 lines
3.0 KiB
Go
package service
|
|
|
|
import (
|
|
"context"
|
|
"crypto/tls"
|
|
"encoding/json"
|
|
"fmt"
|
|
"net"
|
|
|
|
"helmet/app/logger"
|
|
|
|
"helmet/app/handler"
|
|
"helmet/app/operator"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/credentials"
|
|
"google.golang.org/grpc/metadata"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
type ServiceConfig struct {
|
|
Handler *handler.Handler
|
|
Operator *operator.Operator
|
|
PortNum uint32
|
|
Hostname string
|
|
X509Cert []byte
|
|
X509Key []byte
|
|
}
|
|
|
|
type Service struct {
|
|
gsrv *grpc.Server
|
|
hand *handler.Handler
|
|
oper *operator.Operator
|
|
log *logger.Logger
|
|
portnum uint32
|
|
hostname string
|
|
|
|
username string
|
|
password string
|
|
x509Cert []byte
|
|
x509Key []byte
|
|
}
|
|
|
|
func NewService(conf *ServiceConfig) *Service {
|
|
svc := Service{
|
|
hand: conf.Handler,
|
|
oper: conf.Operator,
|
|
portnum: conf.PortNum,
|
|
hostname: conf.Hostname,
|
|
x509Cert: conf.X509Cert,
|
|
x509Key: conf.X509Key,
|
|
}
|
|
svc.log = logger.NewLogger("service")
|
|
|
|
return &svc
|
|
}
|
|
|
|
func (svc *Service) Run() error {
|
|
var err error
|
|
svc.log.Infof("Service run")
|
|
|
|
listenSpec := fmt.Sprintf(":%d", svc.portnum)
|
|
listener, err := net.Listen("tcp", listenSpec)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
tlsCert, err := tls.X509KeyPair(svc.x509Cert, svc.x509Key)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
tlsConfig := tls.Config{
|
|
Certificates: []tls.Certificate{tlsCert},
|
|
ClientAuth: tls.NoClientCert,
|
|
InsecureSkipVerify: true,
|
|
}
|
|
|
|
tlsCredentials := credentials.NewTLS(&tlsConfig)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
interceptors := []grpc.UnaryServerInterceptor{
|
|
svc.authInterceptor,
|
|
svc.logInterceptor,
|
|
}
|
|
gsrvOpts := []grpc.ServerOption{
|
|
grpc.Creds(tlsCredentials),
|
|
grpc.ChainUnaryInterceptor(interceptors...),
|
|
//grpc.UnaryInterceptor(svc.authInterceptor),
|
|
}
|
|
svc.gsrv = grpc.NewServer(gsrvOpts...)
|
|
|
|
svc.hand.Register(svc.gsrv)
|
|
|
|
svc.log.Infof("Service listening at %v", listener.Addr())
|
|
err = svc.gsrv.Serve(listener)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return err
|
|
}
|
|
|
|
func (svc *Service) authInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
|
|
meta, _ := metadata.FromIncomingContext(ctx)
|
|
usernameArr := meta["username"]
|
|
passwordArr := meta["password"]
|
|
if len(usernameArr) == 0 || len(passwordArr) == 0 {
|
|
err := status.Errorf(codes.PermissionDenied, "Empty auth data")
|
|
return nil, err
|
|
}
|
|
username := meta["username"][0]
|
|
password := meta["password"][0]
|
|
if !svc.oper.ValidateUser(username, password) {
|
|
err := status.Errorf(codes.PermissionDenied, "Incorrect auth data")
|
|
return nil, err
|
|
}
|
|
return handler(ctx, req)
|
|
}
|
|
|
|
func (svc *Service) logInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
|
|
var err error
|
|
svc.log.Debugf("Called method: %v", info.FullMethod)
|
|
reqData, err := json.Marshal(req)
|
|
if err == nil {
|
|
svc.log.Debugf("Request: %s", string(reqData))
|
|
}
|
|
return handler(ctx, req)
|
|
}
|
|
|
|
func (svc *Service) Stop() {
|
|
svc.log.Infof("Stopping service")
|
|
svc.gsrv.GracefulStop()
|
|
}
|