GPG Key ID:
EF64F3CBD1A1EBDD
4 changed files with 332 additions and 0 deletions
@ -0,0 +1,21 @@ |
|||||||
|
module git.hugfreevikings.wtf/rudi/SecREST |
||||||
|
|
||||||
|
go 1.18 |
||||||
|
|
||||||
|
require github.com/gorilla/mux v1.8.0 |
||||||
|
|
||||||
|
require ( |
||||||
|
github.com/ProtonMail/gopenpgp/v2 v2.4.6 |
||||||
|
github.com/google/uuid v1.3.0 |
||||||
|
) |
||||||
|
|
||||||
|
require ( |
||||||
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f // indirect |
||||||
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f // indirect |
||||||
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1 // indirect |
||||||
|
github.com/pkg/errors v0.9.1 // indirect |
||||||
|
github.com/sirupsen/logrus v1.4.2 // indirect |
||||||
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // indirect |
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 // indirect |
||||||
|
golang.org/x/text v0.3.3 // indirect |
||||||
|
) |
||||||
@ -0,0 +1,64 @@ |
|||||||
|
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= |
||||||
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f h1:J2FzIrXN82q5uyUraeJpLIm7U6PffRwje2ORho5yIik= |
||||||
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= |
||||||
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f h1:CGq7OieOz3wyQJ1fO8S0eO9TCW1JyvLrf8fhzz1i8ko= |
||||||
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4= |
||||||
|
github.com/ProtonMail/gopenpgp/v2 v2.4.6 h1:/EcJsFIsE0ywShAJ+lNLafcaSd6GBhIzHsaBID5pGXw= |
||||||
|
github.com/ProtonMail/gopenpgp/v2 v2.4.6/go.mod h1:ZW1KxHNG6q5LMgFKf9Ap/d2eVYeyGf5+fAUEAjJWtmo= |
||||||
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= |
||||||
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= |
||||||
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= |
||||||
|
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= |
||||||
|
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= |
||||||
|
github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= |
||||||
|
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= |
||||||
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= |
||||||
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= |
||||||
|
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= |
||||||
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= |
||||||
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= |
||||||
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= |
||||||
|
github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= |
||||||
|
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= |
||||||
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= |
||||||
|
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= |
||||||
|
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= |
||||||
|
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= |
||||||
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= |
||||||
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= |
||||||
|
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= |
||||||
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= |
||||||
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w= |
||||||
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= |
||||||
|
golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9tZUw9qufEGTyX1+7lmHxV5q5G4= |
||||||
|
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= |
||||||
|
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= |
||||||
|
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= |
||||||
|
golang.org/x/mobile v0.0.0-20200801112145-973feb4309de/go.mod h1:skQtrUTUwhdJvXM/2KKJzY8pDgNr9I/FOMqDVRPBUS4= |
||||||
|
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= |
||||||
|
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= |
||||||
|
golang.org/x/mod v0.1.1-0.20191209134235-331c550502dd/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= |
||||||
|
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= |
||||||
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= |
||||||
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= |
||||||
|
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= |
||||||
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= |
||||||
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= |
||||||
|
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= |
||||||
|
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= |
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw= |
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= |
||||||
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= |
||||||
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= |
||||||
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= |
||||||
|
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= |
||||||
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= |
||||||
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= |
||||||
|
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= |
||||||
|
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= |
||||||
|
golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= |
||||||
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= |
||||||
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= |
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= |
||||||
|
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= |
||||||
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= |
||||||
@ -0,0 +1,199 @@ |
|||||||
|
package SecREST |
||||||
|
|
||||||
|
import ( |
||||||
|
"bytes" |
||||||
|
"encoding/json" |
||||||
|
"log" |
||||||
|
"net/http" |
||||||
|
"time" |
||||||
|
|
||||||
|
"github.com/ProtonMail/gopenpgp/v2/helper" |
||||||
|
"github.com/google/uuid" |
||||||
|
"github.com/gorilla/mux" |
||||||
|
) |
||||||
|
|
||||||
|
var ( |
||||||
|
// Handlers that will be called for internall routing after de/encryption
|
||||||
|
Handlers []SecRESTHandler |
||||||
|
// Auth handler
|
||||||
|
Auth SecRESTAuth |
||||||
|
// SERVER public key, armored
|
||||||
|
PubKey string |
||||||
|
// SERVER private key, armored
|
||||||
|
PrivKey string |
||||||
|
// Password for SERVER private key
|
||||||
|
KeyPass string |
||||||
|
// AuthClients is intentionally made non-persistent, expires all clients on reboot.
|
||||||
|
// This however is open for debate.
|
||||||
|
AuthClients = make(map[string]string) |
||||||
|
) |
||||||
|
|
||||||
|
// StartRouter accepts a Port string, and a slice of SecRESTHandler
|
||||||
|
// then starts the router.
|
||||||
|
func StartRouter(port string, pubKey string, privKey string, keyPass string, handlers []SecRESTHandler, auth SecRESTAuth) { |
||||||
|
log.Printf("Initializing SecREST Server") |
||||||
|
// Get Config
|
||||||
|
Handlers = handlers |
||||||
|
Auth = auth |
||||||
|
PrivKey = privKey |
||||||
|
KeyPass = keyPass |
||||||
|
PubKey = pubKey |
||||||
|
log.Printf("Preparing SecREST Server on port %+v", port) |
||||||
|
|
||||||
|
r := mux.NewRouter() |
||||||
|
|
||||||
|
r.HandleFunc("/", handleRoot) |
||||||
|
r.HandleFunc("/secure", handleSecure) |
||||||
|
r.HandleFunc("/insecure", handleInsecure) |
||||||
|
r.HandleFunc("/handshake", handleHandshake) |
||||||
|
log.Printf("Starting SecREST Server") |
||||||
|
log.Printf("Fatal error serving SecREST: %+v", http.ListenAndServe(":"+port, r)) |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
// Serve the base site's basic HTML and JavaScript, maybe via static file?
|
||||||
|
func handleRoot(w http.ResponseWriter, r *http.Request) { |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
// Accept RAW POST of PGP armored text, and decrypt with server key
|
||||||
|
// should be in SecRESTRequest format
|
||||||
|
// will respond with SecRESTResponse, encrypted to client
|
||||||
|
// ClientIdentifier header needs to match UUID in storage
|
||||||
|
func handleSecure(w http.ResponseWriter, r *http.Request) { |
||||||
|
w.Header().Set("Content-Type", "application/crypt64") |
||||||
|
clientIdentifier := w.Header().Get("ClientIdentifier") |
||||||
|
if val, ok := AuthClients[clientIdentifier]; !ok { |
||||||
|
log.Printf("%+v not found in authorized clients. Returning 401 with empty body.", val) |
||||||
|
w.WriteHeader(401) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
buf := new(bytes.Buffer) |
||||||
|
buf.ReadFrom(r.Body) |
||||||
|
decrypted, err := helper.DecryptVerifyMessageArmored(AuthClients[clientIdentifier], PrivKey, []byte(KeyPass), buf.String()) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to decrypt request from %+v, returning 500 with empty body.\n%+v", clientIdentifier, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
var request SecRESTRequest |
||||||
|
err = json.Unmarshal([]byte(decrypted), &request) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to unmarshal decrypted request from %+v\n%+v", clientIdentifier, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
request.Insecure = false |
||||||
|
request.TimeStamp = time.Now() |
||||||
|
resp := routeRequest(request) |
||||||
|
payload, err := json.Marshal(resp) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to marshal internal response for %+v\n%+v", clientIdentifier, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
armor, err := helper.EncryptSignMessageArmored(AuthClients[clientIdentifier], PrivKey, []byte(KeyPass), string(payload)) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to encrypt and sign message for %+v\n%+v", clientIdentifier, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
w.Write([]byte(armor)) |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
// Accept JSON Request, will route if destination allows insecure,
|
||||||
|
// otherwise will respond with HTTP 401
|
||||||
|
func handleInsecure(w http.ResponseWriter, r *http.Request) { |
||||||
|
ipaddr := r.Header.Get("X-Real-IP") |
||||||
|
request := SecRESTRequest{ |
||||||
|
TimeStamp: time.Now(), |
||||||
|
Insecure: true, |
||||||
|
} |
||||||
|
w.Header().Set("Content-Type", "application/json") |
||||||
|
decoder := json.NewDecoder(r.Body) |
||||||
|
if err := decoder.Decode(&request); err != nil { |
||||||
|
log.Printf("Unable to decode request from %+v\n%+v", ipaddr, err) |
||||||
|
w.WriteHeader(400) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
defer r.Body.Close() |
||||||
|
resp := routeRequest(request) |
||||||
|
payload, err := json.Marshal(resp) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to marshal internal response for %+v\n%+v", ipaddr, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
return |
||||||
|
} |
||||||
|
w.Write(payload) |
||||||
|
} |
||||||
|
|
||||||
|
func routeRequest(r SecRESTRequest) SecRESTResponse { |
||||||
|
var resp SecRESTResponse |
||||||
|
for _, h := range Handlers { |
||||||
|
if h.Path == r.Path { |
||||||
|
if h.Insecure == r.Insecure { |
||||||
|
resp = h.Run(r) |
||||||
|
} else { |
||||||
|
log.Printf("Client attempted to access secure path \"%+v\" via /insecure but is denied.", r.Path) |
||||||
|
resp.Status = 401 |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
// If resp.Status isn't set above, no matching path found.
|
||||||
|
if resp.Status == 0 { |
||||||
|
log.Printf("Client attempted to access \"%+v\" but it was not found.", r.Path) |
||||||
|
resp.Status = 404 |
||||||
|
} |
||||||
|
resp.Ellapsed = time.Since(r.TimeStamp).String() |
||||||
|
return resp |
||||||
|
} |
||||||
|
|
||||||
|
// Request body should contain PGP Public Key for new client,
|
||||||
|
// and respond with PGP Public Key for Server if authorized.
|
||||||
|
func handleHandshake(w http.ResponseWriter, r *http.Request) { |
||||||
|
w.Header().Set("Content-Type", "application/json") |
||||||
|
ipaddr := r.Header.Get("X-Real-IP") |
||||||
|
start := time.Now() |
||||||
|
success, req := Auth.Run(w, r) |
||||||
|
if success { |
||||||
|
w.WriteHeader(200) |
||||||
|
clientIdentifier := uuid.New().String() |
||||||
|
AuthClients[clientIdentifier] = req.ClientKey |
||||||
|
authResp := SecRESTAuthResponse{ |
||||||
|
ServerKey: PubKey, |
||||||
|
ClientIdentifier: clientIdentifier, |
||||||
|
} |
||||||
|
resp := SecRESTResponse{ |
||||||
|
AuthResponse: authResp, |
||||||
|
Ellapsed: time.Since(start).String(), |
||||||
|
Status: 200, |
||||||
|
Body: "Success", |
||||||
|
} |
||||||
|
payload, err := json.Marshal(resp) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to marshal response payload for %+v's successful handshake:\n%+v", clientIdentifier, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
} |
||||||
|
armor, err := helper.EncryptSignMessageArmored(AuthClients[clientIdentifier], PrivKey, []byte(KeyPass), string(payload)) |
||||||
|
if err != nil { |
||||||
|
log.Printf("Unable to encrypt response payload for %+v's successful handshake:\n%+v", clientIdentifier, err) |
||||||
|
w.WriteHeader(500) |
||||||
|
w.Write(nil) |
||||||
|
} |
||||||
|
w.Write([]byte(armor)) |
||||||
|
|
||||||
|
} else { |
||||||
|
log.Printf("%+v tried to authenticate, unsuccessfully.", ipaddr) |
||||||
|
w.WriteHeader(418) |
||||||
|
w.Write([]byte("no")) |
||||||
|
} |
||||||
|
} |
||||||
@ -0,0 +1,48 @@ |
|||||||
|
package SecREST |
||||||
|
|
||||||
|
import ( |
||||||
|
"net/http" |
||||||
|
"time" |
||||||
|
) |
||||||
|
|
||||||
|
// SecRESTRequest is a decrypted request coming in from a client
|
||||||
|
type SecRESTRequest struct { |
||||||
|
Path string `json:"Path"` |
||||||
|
Body string `json:"Body"` |
||||||
|
ClientIdentifier string `json:"ClientIdentifier"` |
||||||
|
Insecure bool |
||||||
|
TimeStamp time.Time `json:"TimeStamp"` |
||||||
|
AuthRequest SecRESTAuthRequest `json:"AuthRequest"` |
||||||
|
} |
||||||
|
|
||||||
|
// SecRESTResponse is a decrypted response to be sent to the client
|
||||||
|
// Will be encrypted if request.Insecure = false
|
||||||
|
type SecRESTResponse struct { |
||||||
|
Status int `json:"Status"` |
||||||
|
Body string `json:"Body"` |
||||||
|
Ellapsed string `json:"Ellapsed"` |
||||||
|
AuthResponse SecRESTAuthResponse `json:"AuthResponse"` |
||||||
|
} |
||||||
|
|
||||||
|
// Struct for handlers, Insecure = True allows /insecure access
|
||||||
|
type SecRESTHandler struct { |
||||||
|
Path string |
||||||
|
Insecure bool |
||||||
|
Body string |
||||||
|
Run func(SecRESTRequest) SecRESTResponse |
||||||
|
} |
||||||
|
|
||||||
|
// SecRESTAuth struct is for authenticating a client, and storing their PGP key
|
||||||
|
type SecRESTAuth struct { |
||||||
|
// Handle Authentication for new client
|
||||||
|
Run func(w http.ResponseWriter, r *http.Request) (bool, SecRESTAuthRequest) |
||||||
|
} |
||||||
|
|
||||||
|
type SecRESTAuthResponse struct { |
||||||
|
ServerKey string `json:"ServerKey"` |
||||||
|
ClientIdentifier string `json:"ClientIdentifier"` |
||||||
|
} |
||||||
|
|
||||||
|
type SecRESTAuthRequest struct { |
||||||
|
ClientKey string `json:"ClientKey"` |
||||||
|
} |
||||||
Loading…
Reference in new issue