From 8bb41cff9f47895e00d7773dfd9372a7e17fae59 Mon Sep 17 00:00:00 2001
From: "kali kaneko (leap communications)" <kali@leap.se>
Date: Fri, 31 Jan 2020 12:15:06 -0600
Subject: [refactor] refactor auth files

---
 pkg/vpn/bonafide/auth_sip.go | 59 +++++++++++++++++++++-----------------------
 1 file changed, 28 insertions(+), 31 deletions(-)

(limited to 'pkg/vpn/bonafide/auth_sip.go')

diff --git a/pkg/vpn/bonafide/auth_sip.go b/pkg/vpn/bonafide/auth_sip.go
index 072812f..b7ab0c8 100644
--- a/pkg/vpn/bonafide/auth_sip.go
+++ b/pkg/vpn/bonafide/auth_sip.go
@@ -23,70 +23,67 @@ import (
 	"strings"
 )
 
-type SipAuthentication struct {
-	bonafide *Bonafide
+type sipAuthentication struct {
+	client  httpClient
+	authURI string
+	certURI string
 }
 
-func (a *SipAuthentication) GetPemCertificate() ([]byte, error) {
-	cred := a.bonafide.credentials
+func (a *sipAuthentication) needsCredentials() bool {
+	return true
+}
+
+func (a *sipAuthentication) getPemCertificate(cred *credentials) ([]byte, error) {
 	if cred == nil {
 		return nil, fmt.Errorf("Need bonafide credentials for sip auth")
 	}
-	credJSON, err := formatCredentials(cred.User, cred.Password)
-	if err != nil {
-		return nil, fmt.Errorf("Cannot encode credentials: %s", err)
-	}
-	token, err := a.getToken(credJSON)
+	token, err := a.getToken(cred)
 	if err != nil {
 		return nil, fmt.Errorf("Error while getting token: %s", err)
 	}
-	cert, err := a.getProtectedCert(string(token))
+	cert, err := a.getProtectedCert(a.certURI, string(token))
 	if err != nil {
 		return nil, fmt.Errorf("Error while getting cert: %s", err)
 	}
 	return cert, nil
 }
 
-func (a *SipAuthentication) getProtectedCert(token string) ([]byte, error) {
-	certURL, err := a.bonafide.GetURL("certv3")
+func (a *sipAuthentication) getToken(cred *credentials) ([]byte, error) {
+	/* TODO
+	[ ] get token from disk?
+	[ ] check if expired? set a goroutine to refresh it periodically?
+	*/
+	credJSON, err := formatCredentials(cred.User, cred.Password)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("Cannot encode credentials: %s", err)
 	}
-	req, err := http.NewRequest("POST", certURL, strings.NewReader(""))
-	req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
-	resp, err := a.bonafide.client.Do(req)
+	resp, err := http.Post(a.authURI, "text/json", strings.NewReader(credJSON))
 	if err != nil {
-		return nil, fmt.Errorf("Error while getting token: %s", err)
+		return nil, fmt.Errorf("Error on auth request: %v", err)
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != 200 {
-		return nil, fmt.Errorf("Error %d", resp.StatusCode)
+		return nil, fmt.Errorf("Cannot get token: Error %d", resp.StatusCode)
 	}
 	return ioutil.ReadAll(resp.Body)
 }
 
-func (a *SipAuthentication) getToken(credJson string) ([]byte, error) {
-	/* TODO
-	[ ] get token from disk?
-	[ ] check if expired? set a goroutine to refresh it periodically?
-	*/
-	authURL, err := a.bonafide.GetURL("auth")
-	if err != nil {
-		return nil, fmt.Errorf("Error getting auth url")
-	}
-	resp, err := http.Post(authURL, "text/json", strings.NewReader(credJson))
+func (a *sipAuthentication) getProtectedCert(uri, token string) ([]byte, error) {
+	req, err := http.NewRequest("POST", uri, strings.NewReader(""))
+	req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
+	resp, err := a.client.Do(req)
 	if err != nil {
-		return nil, fmt.Errorf("Error on auth request: %v", err)
+		return nil, fmt.Errorf("Error while getting token: %s", err)
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != 200 {
-		return nil, fmt.Errorf("Cannot get token: Error %d", resp.StatusCode)
+		return nil, fmt.Errorf("Error %d", resp.StatusCode)
 	}
 	return ioutil.ReadAll(resp.Body)
 }
 
 func formatCredentials(user, pass string) (string, error) {
-	c := Credentials{User: user, Password: pass}
+	c := credentials{User: user, Password: pass}
 	credJSON, err := json.Marshal(c)
 	if err != nil {
 		return "", err
-- 
cgit v1.2.3