Merge branch 'master' of github.com:LeeEirc/cocogo

1cbc95dd · ibuler · e91d39a6 · 26569a86 · 1cbc95dd · 1cbc95dd
Commit 1cbc95dd authored Apr 30, 2019 by ibuler
10 changed files
--- a/pkg/auth/server.go
+++ b/pkg/auth/server.go
@@ -21,7 +21,7 @@ func checkAuth(ctx ssh.Context, password, publicKey string) (ok bool) {
 	if password != "" {
 		authMethod = "password"
 	}
-	if user == nil {
+	if user.Id == "" {
 		action = "Failed"
 	} else {
 		ctx.SetValue(cctx.ContextKeyUser, user)

--- a/pkg/common/client.go
+++ b/pkg/common/client.go
@@ -15,7 +15,7 @@ import (
 )

 type ClientAuth interface {
-	Sign() string
+	Sign() (date, sign string)
 }

 type Client struct {
@@ -97,7 +97,9 @@ func (c *Client) SetAuthHeader(r *http.Request, params ...map[string]string) {
 		return
 	}
 	if c.Auth != nil {
-		r.Header.Set("Authorization", c.Auth.Sign())
+		date, sign := c.Auth.Sign()
+		r.Header.Set("Date", date)
+		r.Header.Set("Authorization", sign)
 	}
 }


--- a/pkg/model/terminal.go
+++ b/pkg/model/terminal.go
+package model
+
+type Terminal struct {
+	Name           string `json:"name"`
+	Comment        string `json:"comment"`
+	ServiceAccount struct {
+		Id        string `json:"id"`
+		Name      string `json:"name"`
+		AccessKey struct {
+			Id     string `json:"id"`
+			Secret string `json:"secret"`
+		}
+	} `json:"service_account"`
+}
+
+type TerminalConf struct {
+	AssetListPageSize   string            `json:"TERMINAL_ASSET_LIST_PAGE_SIZE"`
+	AssetListSortBy     string            `json:"TERMINAL_ASSET_LIST_SORT_BY"`
+	HeaderTitle         string            `json:"TERMINAL_HEADER_TITLE"`
+	HostKey             string            `json:"TERMINAL_HOST_KEY" yaml:"HOST_KEY"`
+	PasswordAuth        bool              `json:"TERMINAL_PASSWORD_AUTH" yaml:"PASSWORD_AUTH"`
+	PublicKeyAuth       bool              `json:"TERMINAL_PUBLIC_KEY_AUTH" yaml:"PUBLIC_KEY_AUTH"`
+	CommandStorage      map[string]string `json:"TERMINAL_COMMAND_STORAGE"`
+	ReplayStorage       map[string]string `json:"TERMINAL_REPLAY_STORAGE" yaml:"REPLAY_STORAGE"`
+	SessionKeepDuration int               `json:"TERMINAL_SESSION_KEEP_DURATION"`
+	TelnetRegex         string            `json:"TERMINAL_TELNET_REGEX"`
+}
+
+type TerminalTask struct {
+	Id         string `json:"id"`
+	Name       string `json:"name"`
+	Args       string `json:"args"`
+	IsFinished bool
+}
--- a/pkg/service/accesskey.go
+++ b/pkg/service/accesskey.go
@@ -24,10 +24,10 @@ type AccessKey struct {
 	Value  string
 }

-func (ak AccessKey) Sign() string {
+func (ak AccessKey) Sign() (string, string) {
 	date := common.HTTPGMTDate()
 	signature := common.MakeSignature(ak.Secret, date)
-	return fmt.Sprintf("Sign %s:%s", ak.Id, signature)
+	return date, fmt.Sprintf("Sign %s:%s", ak.Id, signature)
 }

 func (ak *AccessKey) LoadAccessKeyFromStr(key string) error {
@@ -35,7 +35,7 @@ func (ak *AccessKey) LoadAccessKeyFromStr(key string) error {
 		return AccessKeyNotFound
 	}
 	keySlice := strings.Split(strings.TrimSpace(key), ":")
-	if len(ak.Value) != 2 {
+	if len(keySlice) != 2 {
 		return AccessKeyInvalid
 	}
 	ak.Id = keySlice[0]

--- a/pkg/service/assets.go
+++ b/pkg/service/assets.go
 package service

 import (
-	"cocogo/pkg/logger"
-	"cocogo/pkg/model"
 	"encoding/json"
 	"fmt"
+
+	"cocogo/pkg/logger"
+	"cocogo/pkg/model"
 )

 func GetSystemUserAssetAuthInfo(systemUserID, assetID string) (info model.SystemUserAuthInfo) {
@@ -14,7 +15,7 @@ func GetSystemUserAssetAuthInfo(systemUserID, assetID string) (info model.System
 func GetSystemUserAuthInfo(systemUserID string) (info model.SystemUserAuthInfo) {
 	Url := fmt.Sprintf(SystemUserAuthInfoURL, systemUserID)

-	err := client.Get(Url, &info, true)
+	err := authClient.Get(Url, &info)
 	if err != nil {
 		logger.Error("Get system user auth info failed")
 	}

--- a/pkg/service/client.go
+++ b/pkg/service/client.go
-package service
-
-import (
-	"path"
-	"path/filepath"
-
-	"cocogo/pkg/common"
-	"cocogo/pkg/config"
-	"cocogo/pkg/model"
-)
-
-type ClientAuth interface {
-	Sign() string
-}
-
-type WrapperClient struct {
-	Http       *common.Client
-	AuthClient *common.Client
-	Auth       ClientAuth
-	BaseHost   string
-}
-
-func (c *WrapperClient) LoadAuth() error {
-	keyPath := config.Conf.AccessKeyFile
-	if !path.IsAbs(config.Conf.AccessKeyFile) {
-		keyPath = filepath.Join(config.Conf.RootPath, keyPath)
-	}
-	ak := AccessKey{Value: config.Conf.AccessKey, Path: keyPath}
-	err := ak.Load()
-	if err != nil {
-		return err
-	}
-	c.Auth = ak
-	return nil
-}
-
-func (c *WrapperClient) CheckAuth() error {
-	var user model.User
-	err := c.Http.Get("UserProfileUrl", &user)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-func (c *WrapperClient) Get(url string, res interface{}, needAuth bool) error {
-	if needAuth {
-		return c.AuthClient.Get(c.BaseHost+url, res)
-	} else {
-		return c.Http.Get(c.BaseHost+url, res)
-	}
-}
-
-func (c *WrapperClient) Post(url string, data interface{}, res interface{}, needAuth bool) error {
-	if needAuth {
-		return c.AuthClient.Post(url, data, res)
-	} else {
-		return c.Http.Post(url, data, res)
-	}
-}
-
-func (c *WrapperClient) Delete(url string, res interface{}, needAuth bool) error {
-	if needAuth {
-		return c.AuthClient.Delete(url, res)
-	} else {
-		return c.Http.Delete(url, res)
-	}
-}
-
-func (c *WrapperClient) Put(url string, data interface{}, res interface{}, needAuth bool) error {
-	if needAuth {
-		return c.AuthClient.Put(url, data, res)
-	} else {
-		return c.Http.Put(url, data, res)
-	}
-
-}
-
-func (c *WrapperClient) Patch(url string, data interface{}, res interface{}, needAuth bool) error {
-	if needAuth {
-		return c.AuthClient.Patch(url, data, res)
-	} else {
-		return c.Http.Patch(url, data, res)
-	}
-
-}
--- a/pkg/service/init.go
+++ b/pkg/service/init.go
 package service

-var client = WrapperClient{}
+import (
+	"path"
+	"path/filepath"
+	"strings"
+
+	"cocogo/pkg/common"
+	"cocogo/pkg/config"
+)
+
+var client = common.NewClient(10)
+var authClient = common.NewClient(10)
+var baseHost string
+
+func Initial() {
+	keyPath := config.Conf.AccessKeyFile
+	baseHost = strings.TrimRight(config.Conf.CoreHost, "/")
+
+	if !path.IsAbs(config.Conf.AccessKeyFile) {
+		keyPath = filepath.Join(config.Conf.RootPath, keyPath)
+	}
+	ak := AccessKey{Value: config.Conf.AccessKey, Path: keyPath}
+	_ = ak.Load()
+	authClient.Auth = ak
+}
--- a/pkg/service/terminal.go
+++ b/pkg/service/terminal.go
 package service

-func registerTerminal(name string) {
+import (
+	"fmt"

-}
+	"cocogo/pkg/logger"
+	"cocogo/pkg/model"
+)

-func CreateServiceAccount() {
+func RegisterTerminal(name, token, comment string) (res model.Terminal) {
+	if client.Headers == nil {
+		client.Headers = make(map[string]string)
+	}
+	client.Headers["Authorization"] = fmt.Sprintf("BootstrapToken %s", token)
+	data := map[string]string{"name": name, "comment": comment}

+	err := client.Post(baseHost+TerminalRegisterURL, data, &res)
+	if err != nil {
+		logger.Error(err)
+	}
+	return
 }

-func CreateSession() {
+func TerminalHeartBeat(sIds []string) (res []model.TerminalTask) {

+	data := map[string][]string{
+		"sessions": sIds,
+	}
+	err := authClient.Post(baseHost+TerminalHeartBeatURL, data, &res)
+	if err != nil {
+		logger.Error(err)
+	}
+	return
 }

-func FinishSession() {
+func CreateSession(data map[string]interface{}) bool {
+	var res map[string]interface{}
+	err := authClient.Post(baseHost+SessionListURL, data, &res)
+	if err == nil {
+		return true
+	}
+	logger.Error(err)
+	return false
+}

+func FinishSession(sid, dataEnd string) {
+	var res map[string]interface{}
+	data := map[string]interface{}{
+		"is_finished": true,
+		"date_end":    dataEnd,
+	}
+	Url := fmt.Sprintf(baseHost+SessionDetailURL, sid)
+	err := authClient.Patch(Url, data, &res)
+	if err != nil {
+		logger.Error(err)
+	}
 }

-func PushSessionReplay(sessionID, gZipFile string) {
+func FinishReply(sid string) bool {
+	var res map[string]interface{}
+	data := map[string]bool{"has_replay": true}
+	Url := fmt.Sprintf(baseHost+SessionDetailURL, sid)
+	err := authClient.Patch(Url, data, &res)
+	if err != nil {
+		logger.Error(err)
+		return false
+	}
+	return true
+}

+func FinishTask(tid string) bool {
+	var res map[string]interface{}
+	data := map[string]bool{"is_finished": true}
+	Url := fmt.Sprintf(baseHost+FinishTaskURL, tid)
+	err := authClient.Patch(Url, data, res)
+	if err != nil {
+		logger.Error(err)
+		return false
+	}
+	return true
 }

-func FinishReply() {
+func LoadConfigFromServer() (res model.TerminalConf) {
+	err := authClient.Get(baseHost+TerminalConfigURL, &res)
+	if err != nil {
+		logger.Error(err)
+	}
+	return
+}
+
+func PushSessionReplay(sessionID, gZipFile string) {

 }
--- a/pkg/service/urls.go
+++ b/pkg/service/urls.go
 package service

 const (
-	UserAuthURL    = "/api/users/v1/auth/"    // post 验证用户登陆
-	UserProfileURL = "/api/users/v1/profile/" // 获取当前用户的基本信息
+	UserAuthURL    = "/api/users/v1/auth/"     // post 验证用户登陆
+	UserProfileURL = "/api/users/v1/profile/"  // 获取当前用户的基本信息
+	UserUserURL    = "/api/users/v1/users/%s/" // 获取用户信息

 	SystemUserAssetAuthURL = "/api/assets/v1/system-user/%s/asset/%s/auth-info/" // 该系统用户对某资产的授权
 	SystemUserAuthInfoURL  = "/api/assets/v1/system-user/%s/auth-info/"          // 该系统用户的授权

-	TerminalRegisterURL = "/api/terminal/v2/terminal-registrations/" // 注册当前coco
-	TerminalConfigURL   = "/api/terminal/v1/terminal/config/"        // 从jumpserver获取coco的配置
-	SessionListURL      = "/api/terminal/v1/sessions/"               //上传创建的资产会话session id
-	SessionDetailURL    = "/api/terminal/v1/sessions/%s/"            // finish session的时候发送
-	SessionReplayURL    = "/api/terminal/v1/sessions/%s/replay/"     //上传录像
+	TerminalRegisterURL  = "/api/terminal/v2/terminal-registrations/" // 注册当前coco
+	TerminalConfigURL    = "/api/terminal/v1/terminal/config/"        // 从jumpserver获取coco的配置
+	TerminalHeartBeatURL = "/api/terminal/v1/terminal/status/"
+
+	SessionListURL   = "/api/terminal/v1/sessions/"           //上传创建的资产会话session id
+	SessionDetailURL = "/api/terminal/v1/sessions/%s/"        // finish session的时候发送
+	SessionReplayURL = "/api/terminal/v1/sessions/%s/replay/" //上传录像
+
+	FinishTaskURL = "/api/terminal/v1/tasks/%s/"

 	UserAssetsURL                  = "/api/perms/v1/user/%s/assets/"                 //获取用户授权的所有资产
 	UserNodesAssetsURL             = "/api/perms/v1/user/%s/nodes-assets/"           // 获取用户授权的所有节点信息 节点分组

--- a/pkg/service/users.go
+++ b/pkg/service/users.go
 package service

 import (
+	"fmt"
+
+	"cocogo/pkg/logger"
 	"cocogo/pkg/model"
 )

-func Authenticate(username, password, publicKey, remoteAddr, loginType string) *model.User {
-	return &model.User{Id: "1111111111", Username: "admin", Name: "广宏伟"}
+func Authenticate(username, password, publicKey, remoteAddr, loginType string) (user model.User) {
+	data := map[string]string{
+		"username":    username,
+		"password":    password,
+		"public_key":  publicKey,
+		"remote_addr": remoteAddr,
+		"login_type":  loginType}
+	var resp struct {
+		Token string     `json:"token"`
+		User  model.User `json:"user"`
+	}
+
+	err := client.Post(baseHost+UserAuthURL, data, &resp)
+	if err != nil {
+		logger.Error(err)
+	}
+	return resp.User
 }

 func GetUserProfile(userId string) (user model.User) {
+	Url := fmt.Sprintf(baseHost+UserUserURL, userId)
+	err := authClient.Get(Url, &user)
+	if err != nil {
+		logger.Error(err)
+	}
 	return
 }

-func LoadUserByUsername(user *model.User) {
-
+func CheckUserCookie(sessionId, csrfToken string) (user model.User) {
+	client.SetCookie("csrftoken", csrfToken)
+	client.SetCookie("sessionid", sessionId)
+	err := client.Get(baseHost+UserProfileURL, &user)
+	if err != nil {
+		logger.Error(err)
+	}
+	return
 }