// Copyright (C) 2019 Storj Labs, Inc. // See LICENSE for copying information. package authorization import ( "context" "errors" "fmt" "net" "net/http" "path" "github.com/zeebo/errs" "go.uber.org/zap" "golang.org/x/sync/errgroup" "storj.io/common/errs2" ) // ErrEndpoint is the default error class for the authorization endpoint. var ErrEndpoint = errs.Class("authorization endpoint") // Endpoint provides a http endpoint for interacting with an authorization service. type Endpoint struct { log *zap.Logger service *Service server http.Server listener net.Listener } // NewEndpoint creates a authorization endpoint. func NewEndpoint(log *zap.Logger, service *Service, listener net.Listener) *Endpoint { mux := http.NewServeMux() endpoint := &Endpoint{ log: log, listener: listener, service: service, server: http.Server{ Addr: listener.Addr().String(), Handler: mux, }, } mux.HandleFunc("/v1/authorizations/", endpoint.handleAuthorization) return endpoint } // Run starts the endpoint HTTP server and waits for the context to be // cancelled or for `Close` to be called. func (endpoint *Endpoint) Run(ctx context.Context) (err error) { defer mon.Task()(&ctx)(&err) ctx, cancel := context.WithCancel(ctx) var group errgroup.Group group.Go(func() error { <-ctx.Done() return endpoint.server.Shutdown(context.Background()) }) group.Go(func() error { defer cancel() err := endpoint.server.Serve(endpoint.listener) if errs2.IsCanceled(err) || errors.Is(err, http.ErrServerClosed) { err = nil } return err }) return group.Wait() } // Close closes the endpoint HTTP server. func (endpoint *Endpoint) Close() error { return endpoint.server.Close() } func (endpoint *Endpoint) handleAuthorization(writer http.ResponseWriter, httpReq *http.Request) { var err error ctx := httpReq.Context() mon.Task()(&ctx)(&err) if httpReq.Method != http.MethodPut { msg := fmt.Sprintf("unsupported HTTP method: %s", httpReq.Method) // NB: err set for `mon.Task` call. err = ErrEndpoint.New("%s", msg) http.Error(writer, msg, http.StatusMethodNotAllowed) return } userID := path.Base(httpReq.URL.Path) if userID == "authorizations" || userID == "" { msg := "missing user ID body" err = ErrEndpoint.New("%s", msg) http.Error(writer, msg, http.StatusUnprocessableEntity) return } token, err := endpoint.service.GetOrCreate(ctx, userID) if err != nil { msg := "error creating authorization" err = ErrEndpoint.Wrap(err) endpoint.log.Error(msg, zap.Error(err)) http.Error(writer, msg, http.StatusInternalServerError) return } writer.WriteHeader(http.StatusCreated) if _, err = writer.Write([]byte(token.String())); err != nil { msg := "error writing response" err = ErrEndpoint.Wrap(err) endpoint.log.Error(msg, zap.Error(err)) // NB: status cannot be changed and the resource *was* created. http.Error(writer, msg, http.StatusCreated) return } }