1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
package main
import (
"log"
"net/http"
"0xacab.org/leap/vpnweb/pkg/auth"
"0xacab.org/leap/vpnweb/pkg/config"
"0xacab.org/leap/vpnweb/pkg/web"
"github.com/prometheus/client_golang/prometheus/promhttp"
)
func main() {
opts := config.NewOpts()
ch := web.NewCertHandler(opts.CaCrt, opts.CaKey)
authenticator := auth.GetAuthenticator(opts, false)
srv := http.NewServeMux()
/* protected routes */
/* TODO https://0xacab.org/leap/vpnweb/issues/4
http.HandleFunc("/3/refresh-token", auth.RefreshAuthMiddleware(opts.Auth))
*/
srv.HandleFunc("/3/auth", web.AuthMiddleware(authenticator.CheckCredentials, opts))
srv.Handle("/3/cert", web.RestrictedMiddleware(authenticator.NeedsCredentials, ch.CertResponder, opts))
/* static files */
web.HttpFileHandler(srv, "/3/configs.json", opts.ApiPath+"/3/configs.json")
web.HttpFileHandler(srv, "/3/service.json", opts.ApiPath+"/3/service.json")
web.HttpFileHandler(srv, "/3/config/eip-service.json", opts.ApiPath+"/3/eip-service.json")
web.HttpFileHandler(srv, "/provider.json", opts.ApiPath+"provider.json")
web.HttpFileHandler(srv, "/ca.crt", opts.ProviderCaPath)
web.HttpFileHandler(srv, "/3/ca.crt", opts.ProviderCaPath)
mtr := http.NewServeMux()
mtr.Handle("/metrics", promhttp.Handler())
/* prometheus metrics */
go func() {
pstr := ":" + opts.MetricsPort
log.Println("/metrics endpoint in port", opts.MetricsPort)
log.Fatal(http.ListenAndServe(pstr, mtr))
}()
/* api server */
pstr := ":" + opts.Port
log.Println("API listening in port", opts.Port)
if opts.Tls == true {
log.Fatal(http.ListenAndServeTLS(pstr, opts.TlsCrt, opts.TlsKey, srv))
} else {
log.Fatal(http.ListenAndServe(pstr, srv))
}
}
|
