Ready to Test
This commit is contained in:
21
go.mod
Normal file
21
go.mod
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
module git.hugfreevikings.wtf/rudi/SecREST
|
||||||
|
|
||||||
|
go 1.18
|
||||||
|
|
||||||
|
require github.com/gorilla/mux v1.8.0
|
||||||
|
|
||||||
|
require (
|
||||||
|
github.com/ProtonMail/gopenpgp/v2 v2.4.6
|
||||||
|
github.com/google/uuid v1.3.0
|
||||||
|
)
|
||||||
|
|
||||||
|
require (
|
||||||
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f // indirect
|
||||||
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f // indirect
|
||||||
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1 // indirect
|
||||||
|
github.com/pkg/errors v0.9.1 // indirect
|
||||||
|
github.com/sirupsen/logrus v1.4.2 // indirect
|
||||||
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // indirect
|
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 // indirect
|
||||||
|
golang.org/x/text v0.3.3 // indirect
|
||||||
|
)
|
||||||
64
go.sum
Normal file
64
go.sum
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||||
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f h1:J2FzIrXN82q5uyUraeJpLIm7U6PffRwje2ORho5yIik=
|
||||||
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
|
||||||
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f h1:CGq7OieOz3wyQJ1fO8S0eO9TCW1JyvLrf8fhzz1i8ko=
|
||||||
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4=
|
||||||
|
github.com/ProtonMail/gopenpgp/v2 v2.4.6 h1:/EcJsFIsE0ywShAJ+lNLafcaSd6GBhIzHsaBID5pGXw=
|
||||||
|
github.com/ProtonMail/gopenpgp/v2 v2.4.6/go.mod h1:ZW1KxHNG6q5LMgFKf9Ap/d2eVYeyGf5+fAUEAjJWtmo=
|
||||||
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||||
|
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
|
github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
|
||||||
|
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
|
||||||
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
|
||||||
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||||
|
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||||
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
|
github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
|
||||||
|
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||||
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
|
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
|
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||||
|
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
|
||||||
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||||
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
|
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w=
|
||||||
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
|
||||||
|
golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9tZUw9qufEGTyX1+7lmHxV5q5G4=
|
||||||
|
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||||
|
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||||
|
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
|
||||||
|
golang.org/x/mobile v0.0.0-20200801112145-973feb4309de/go.mod h1:skQtrUTUwhdJvXM/2KKJzY8pDgNr9I/FOMqDVRPBUS4=
|
||||||
|
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
|
||||||
|
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||||
|
golang.org/x/mod v0.1.1-0.20191209134235-331c550502dd/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
|
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||||
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw=
|
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||||
|
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
|
||||||
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
|
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||||
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
199
main.go
Normal file
199
main.go
Normal file
@ -0,0 +1,199 @@
|
|||||||
|
package SecREST
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"encoding/json"
|
||||||
|
"log"
|
||||||
|
"net/http"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/ProtonMail/gopenpgp/v2/helper"
|
||||||
|
"github.com/google/uuid"
|
||||||
|
"github.com/gorilla/mux"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// Handlers that will be called for internall routing after de/encryption
|
||||||
|
Handlers []SecRESTHandler
|
||||||
|
// Auth handler
|
||||||
|
Auth SecRESTAuth
|
||||||
|
// SERVER public key, armored
|
||||||
|
PubKey string
|
||||||
|
// SERVER private key, armored
|
||||||
|
PrivKey string
|
||||||
|
// Password for SERVER private key
|
||||||
|
KeyPass string
|
||||||
|
// AuthClients is intentionally made non-persistent, expires all clients on reboot.
|
||||||
|
// This however is open for debate.
|
||||||
|
AuthClients = make(map[string]string)
|
||||||
|
)
|
||||||
|
|
||||||
|
// StartRouter accepts a Port string, and a slice of SecRESTHandler
|
||||||
|
// then starts the router.
|
||||||
|
func StartRouter(port string, pubKey string, privKey string, keyPass string, handlers []SecRESTHandler, auth SecRESTAuth) {
|
||||||
|
log.Printf("Initializing SecREST Server")
|
||||||
|
// Get Config
|
||||||
|
Handlers = handlers
|
||||||
|
Auth = auth
|
||||||
|
PrivKey = privKey
|
||||||
|
KeyPass = keyPass
|
||||||
|
PubKey = pubKey
|
||||||
|
log.Printf("Preparing SecREST Server on port %+v", port)
|
||||||
|
|
||||||
|
r := mux.NewRouter()
|
||||||
|
|
||||||
|
r.HandleFunc("/", handleRoot)
|
||||||
|
r.HandleFunc("/secure", handleSecure)
|
||||||
|
r.HandleFunc("/insecure", handleInsecure)
|
||||||
|
r.HandleFunc("/handshake", handleHandshake)
|
||||||
|
log.Printf("Starting SecREST Server")
|
||||||
|
log.Printf("Fatal error serving SecREST: %+v", http.ListenAndServe(":"+port, r))
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// Serve the base site's basic HTML and JavaScript, maybe via static file?
|
||||||
|
func handleRoot(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// Accept RAW POST of PGP armored text, and decrypt with server key
|
||||||
|
// should be in SecRESTRequest format
|
||||||
|
// will respond with SecRESTResponse, encrypted to client
|
||||||
|
// ClientIdentifier header needs to match UUID in storage
|
||||||
|
func handleSecure(w http.ResponseWriter, r *http.Request) {
|
||||||
|
w.Header().Set("Content-Type", "application/crypt64")
|
||||||
|
clientIdentifier := w.Header().Get("ClientIdentifier")
|
||||||
|
if val, ok := AuthClients[clientIdentifier]; !ok {
|
||||||
|
log.Printf("%+v not found in authorized clients. Returning 401 with empty body.", val)
|
||||||
|
w.WriteHeader(401)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
buf := new(bytes.Buffer)
|
||||||
|
buf.ReadFrom(r.Body)
|
||||||
|
decrypted, err := helper.DecryptVerifyMessageArmored(AuthClients[clientIdentifier], PrivKey, []byte(KeyPass), buf.String())
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to decrypt request from %+v, returning 500 with empty body.\n%+v", clientIdentifier, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
var request SecRESTRequest
|
||||||
|
err = json.Unmarshal([]byte(decrypted), &request)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to unmarshal decrypted request from %+v\n%+v", clientIdentifier, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
request.Insecure = false
|
||||||
|
request.TimeStamp = time.Now()
|
||||||
|
resp := routeRequest(request)
|
||||||
|
payload, err := json.Marshal(resp)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to marshal internal response for %+v\n%+v", clientIdentifier, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
armor, err := helper.EncryptSignMessageArmored(AuthClients[clientIdentifier], PrivKey, []byte(KeyPass), string(payload))
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to encrypt and sign message for %+v\n%+v", clientIdentifier, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.Write([]byte(armor))
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// Accept JSON Request, will route if destination allows insecure,
|
||||||
|
// otherwise will respond with HTTP 401
|
||||||
|
func handleInsecure(w http.ResponseWriter, r *http.Request) {
|
||||||
|
ipaddr := r.Header.Get("X-Real-IP")
|
||||||
|
request := SecRESTRequest{
|
||||||
|
TimeStamp: time.Now(),
|
||||||
|
Insecure: true,
|
||||||
|
}
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
decoder := json.NewDecoder(r.Body)
|
||||||
|
if err := decoder.Decode(&request); err != nil {
|
||||||
|
log.Printf("Unable to decode request from %+v\n%+v", ipaddr, err)
|
||||||
|
w.WriteHeader(400)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer r.Body.Close()
|
||||||
|
resp := routeRequest(request)
|
||||||
|
payload, err := json.Marshal(resp)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to marshal internal response for %+v\n%+v", ipaddr, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.Write(payload)
|
||||||
|
}
|
||||||
|
|
||||||
|
func routeRequest(r SecRESTRequest) SecRESTResponse {
|
||||||
|
var resp SecRESTResponse
|
||||||
|
for _, h := range Handlers {
|
||||||
|
if h.Path == r.Path {
|
||||||
|
if h.Insecure == r.Insecure {
|
||||||
|
resp = h.Run(r)
|
||||||
|
} else {
|
||||||
|
log.Printf("Client attempted to access secure path \"%+v\" via /insecure but is denied.", r.Path)
|
||||||
|
resp.Status = 401
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// If resp.Status isn't set above, no matching path found.
|
||||||
|
if resp.Status == 0 {
|
||||||
|
log.Printf("Client attempted to access \"%+v\" but it was not found.", r.Path)
|
||||||
|
resp.Status = 404
|
||||||
|
}
|
||||||
|
resp.Ellapsed = time.Since(r.TimeStamp).String()
|
||||||
|
return resp
|
||||||
|
}
|
||||||
|
|
||||||
|
// Request body should contain PGP Public Key for new client,
|
||||||
|
// and respond with PGP Public Key for Server if authorized.
|
||||||
|
func handleHandshake(w http.ResponseWriter, r *http.Request) {
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
ipaddr := r.Header.Get("X-Real-IP")
|
||||||
|
start := time.Now()
|
||||||
|
success, req := Auth.Run(w, r)
|
||||||
|
if success {
|
||||||
|
w.WriteHeader(200)
|
||||||
|
clientIdentifier := uuid.New().String()
|
||||||
|
AuthClients[clientIdentifier] = req.ClientKey
|
||||||
|
authResp := SecRESTAuthResponse{
|
||||||
|
ServerKey: PubKey,
|
||||||
|
ClientIdentifier: clientIdentifier,
|
||||||
|
}
|
||||||
|
resp := SecRESTResponse{
|
||||||
|
AuthResponse: authResp,
|
||||||
|
Ellapsed: time.Since(start).String(),
|
||||||
|
Status: 200,
|
||||||
|
Body: "Success",
|
||||||
|
}
|
||||||
|
payload, err := json.Marshal(resp)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to marshal response payload for %+v's successful handshake:\n%+v", clientIdentifier, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
}
|
||||||
|
armor, err := helper.EncryptSignMessageArmored(AuthClients[clientIdentifier], PrivKey, []byte(KeyPass), string(payload))
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Unable to encrypt response payload for %+v's successful handshake:\n%+v", clientIdentifier, err)
|
||||||
|
w.WriteHeader(500)
|
||||||
|
w.Write(nil)
|
||||||
|
}
|
||||||
|
w.Write([]byte(armor))
|
||||||
|
|
||||||
|
} else {
|
||||||
|
log.Printf("%+v tried to authenticate, unsuccessfully.", ipaddr)
|
||||||
|
w.WriteHeader(418)
|
||||||
|
w.Write([]byte("no"))
|
||||||
|
}
|
||||||
|
}
|
||||||
48
types.go
Normal file
48
types.go
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
package SecREST
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
// SecRESTRequest is a decrypted request coming in from a client
|
||||||
|
type SecRESTRequest struct {
|
||||||
|
Path string `json:"Path"`
|
||||||
|
Body string `json:"Body"`
|
||||||
|
ClientIdentifier string `json:"ClientIdentifier"`
|
||||||
|
Insecure bool
|
||||||
|
TimeStamp time.Time `json:"TimeStamp"`
|
||||||
|
AuthRequest SecRESTAuthRequest `json:"AuthRequest"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// SecRESTResponse is a decrypted response to be sent to the client
|
||||||
|
// Will be encrypted if request.Insecure = false
|
||||||
|
type SecRESTResponse struct {
|
||||||
|
Status int `json:"Status"`
|
||||||
|
Body string `json:"Body"`
|
||||||
|
Ellapsed string `json:"Ellapsed"`
|
||||||
|
AuthResponse SecRESTAuthResponse `json:"AuthResponse"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Struct for handlers, Insecure = True allows /insecure access
|
||||||
|
type SecRESTHandler struct {
|
||||||
|
Path string
|
||||||
|
Insecure bool
|
||||||
|
Body string
|
||||||
|
Run func(SecRESTRequest) SecRESTResponse
|
||||||
|
}
|
||||||
|
|
||||||
|
// SecRESTAuth struct is for authenticating a client, and storing their PGP key
|
||||||
|
type SecRESTAuth struct {
|
||||||
|
// Handle Authentication for new client
|
||||||
|
Run func(w http.ResponseWriter, r *http.Request) (bool, SecRESTAuthRequest)
|
||||||
|
}
|
||||||
|
|
||||||
|
type SecRESTAuthResponse struct {
|
||||||
|
ServerKey string `json:"ServerKey"`
|
||||||
|
ClientIdentifier string `json:"ClientIdentifier"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type SecRESTAuthRequest struct {
|
||||||
|
ClientKey string `json:"ClientKey"`
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user