mirror of
https://github.com/jsiebens/ionscale.git
synced 2026-03-31 15:07:49 +01:00
Johan Siebens
112 lines
2.7 KiB
Go
112 lines
2.7 KiB
Go
package service
|
|
|
|
import (
|
|
"context"
|
|
"github.com/jsiebens/ionscale/internal/domain"
|
|
"github.com/jsiebens/ionscale/pkg/gen/api"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/status"
|
|
"google.golang.org/protobuf/types/known/timestamppb"
|
|
"time"
|
|
)
|
|
|
|
func (s *Service) ListAuthKeys(ctx context.Context, req *api.ListAuthKeysRequest) (*api.ListAuthKeysResponse, error) {
|
|
tailnet, err := s.repository.GetTailnet(ctx, req.TailnetId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if tailnet == nil {
|
|
return nil, status.Error(codes.NotFound, "")
|
|
}
|
|
|
|
authKeys, err := s.repository.ListAuthKeys(ctx, req.TailnetId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
response := api.ListAuthKeysResponse{}
|
|
|
|
for _, key := range authKeys {
|
|
var expiresAt *timestamppb.Timestamp
|
|
if key.ExpiresAt != nil {
|
|
expiresAt = timestamppb.New(*key.ExpiresAt)
|
|
}
|
|
|
|
response.AuthKeys = append(response.AuthKeys, &api.AuthKey{
|
|
Id: key.ID,
|
|
Key: key.Key,
|
|
Ephemeral: key.Ephemeral,
|
|
CreatedAt: timestamppb.New(key.CreatedAt),
|
|
ExpiresAt: expiresAt,
|
|
Tailnet: &api.Ref{
|
|
Id: tailnet.ID,
|
|
Name: tailnet.Name,
|
|
},
|
|
})
|
|
}
|
|
|
|
return &response, nil
|
|
}
|
|
|
|
func (s *Service) CreateAuthKey(ctx context.Context, req *api.CreateAuthKeyRequest) (*api.CreateAuthKeyResponse, error) {
|
|
if len(req.Tags) == 0 {
|
|
return nil, status.Errorf(codes.InvalidArgument, "at least one tag is required when creating an auth key")
|
|
}
|
|
|
|
tailnet, err := s.repository.GetTailnet(ctx, req.TailnetId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if tailnet == nil {
|
|
return nil, status.Error(codes.NotFound, "")
|
|
}
|
|
|
|
var expiresAt *time.Time
|
|
var expiresAtPb *timestamppb.Timestamp
|
|
|
|
if req.Expiry != nil {
|
|
duration := req.Expiry.AsDuration()
|
|
e := time.Now().UTC().Add(duration)
|
|
expiresAt = &e
|
|
expiresAtPb = timestamppb.New(*expiresAt)
|
|
}
|
|
|
|
user, _, err := s.repository.GetOrCreateServiceUser(ctx, tailnet)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
tags := domain.SanitizeTags(req.Tags)
|
|
|
|
v, authKey := domain.CreateAuthKey(tailnet, user, req.Ephemeral, tags, expiresAt)
|
|
|
|
if err := s.repository.SaveAuthKey(ctx, authKey); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
response := api.CreateAuthKeyResponse{
|
|
Value: v,
|
|
AuthKey: &api.AuthKey{
|
|
Id: authKey.ID,
|
|
Key: authKey.Key,
|
|
Ephemeral: authKey.Ephemeral,
|
|
CreatedAt: timestamppb.New(authKey.CreatedAt),
|
|
ExpiresAt: expiresAtPb,
|
|
Tailnet: &api.Ref{
|
|
Id: tailnet.ID,
|
|
Name: tailnet.Name,
|
|
},
|
|
}}
|
|
|
|
return &response, nil
|
|
}
|
|
|
|
func (s *Service) DeleteAuthKey(ctx context.Context, req *api.DeleteAuthKeyRequest) (*api.DeleteAuthKeyResponse, error) {
|
|
if _, err := s.repository.DeleteAuthKey(ctx, req.AuthKeyId); err != nil {
|
|
return nil, err
|
|
}
|
|
return &api.DeleteAuthKeyResponse{}, nil
|
|
}
|