From c56df01274a91ff730018dcd6272423a3e1593f0 Mon Sep 17 00:00:00 2001 From: Ruben Pollan Date: Tue, 11 Feb 2020 13:43:01 +0100 Subject: [feat] expose auth API in pkg/vpn Be able to check if it needs auth and then be able to login. Use the logged in token for fetching the cert. --- pkg/vpn/bonafide/auth_sip.go | 34 ++-------------------------------- 1 file changed, 2 insertions(+), 32 deletions(-) (limited to 'pkg/vpn/bonafide/auth_sip.go') diff --git a/pkg/vpn/bonafide/auth_sip.go b/pkg/vpn/bonafide/auth_sip.go index b7ab0c8..1bfef52 100644 --- a/pkg/vpn/bonafide/auth_sip.go +++ b/pkg/vpn/bonafide/auth_sip.go @@ -26,34 +26,18 @@ import ( type sipAuthentication struct { client httpClient authURI string - certURI string } func (a *sipAuthentication) needsCredentials() bool { return true } -func (a *sipAuthentication) getPemCertificate(cred *credentials) ([]byte, error) { - if cred == nil { - return nil, fmt.Errorf("Need bonafide credentials for sip auth") - } - token, err := a.getToken(cred) - if err != nil { - return nil, fmt.Errorf("Error while getting token: %s", err) - } - cert, err := a.getProtectedCert(a.certURI, string(token)) - if err != nil { - return nil, fmt.Errorf("Error while getting cert: %s", err) - } - return cert, nil -} - -func (a *sipAuthentication) getToken(cred *credentials) ([]byte, error) { +func (a *sipAuthentication) getToken(user, password string) ([]byte, error) { /* TODO [ ] get token from disk? [ ] check if expired? set a goroutine to refresh it periodically? */ - credJSON, err := formatCredentials(cred.User, cred.Password) + credJSON, err := formatCredentials(user, password) if err != nil { return nil, fmt.Errorf("Cannot encode credentials: %s", err) } @@ -68,20 +52,6 @@ func (a *sipAuthentication) getToken(cred *credentials) ([]byte, error) { return ioutil.ReadAll(resp.Body) } -func (a *sipAuthentication) getProtectedCert(uri, token string) ([]byte, error) { - req, err := http.NewRequest("POST", uri, strings.NewReader("")) - req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token)) - resp, err := a.client.Do(req) - if err != nil { - return nil, fmt.Errorf("Error while getting token: %s", err) - } - defer resp.Body.Close() - if resp.StatusCode != 200 { - return nil, fmt.Errorf("Error %d", resp.StatusCode) - } - return ioutil.ReadAll(resp.Body) -} - func formatCredentials(user, pass string) (string, error) { c := credentials{User: user, Password: pass} credJSON, err := json.Marshal(c) -- cgit v1.2.3