Code owners
Assign users and groups as approvers for specific file changes. Learn more.
akms-simulator.go 3.18 KiB
package main
import (
"crypto/tls"
"crypto/x509"
"encoding/json"
"flag"
"io"
"net/http"
"os"
"github.com/sirupsen/logrus"
)
type LogFile struct {
Source string `json:"source"`
Body PushKSAKeyRequest `json:"body"`
}
type PushKSAKeyRequest struct {
RequestID string `json:"request_ID"`
ProcessID string `json:"process_ID"`
KSAKeys []KSAKey `json:"ksa_keys"`
}
type KSAKey struct {
KeyID string `json:"key_ID"`
Key string `json:"key"`
}
func main() {
tlsCAFile := flag.String("ca", "", "Path to CA certificate file")
tlsCertFile := flag.String("cert", "", "Path to certificate file")
tlsKeyFile := flag.String("key", "", "Path to key file")
flag.Parse()
logrus.Info("Starting AKMS Simulator...")
router := http.NewServeMux()
router.HandleFunc("/api/v1/keys/push_ksa_key", handlePushKsaKey)
router.HandleFunc("/debug/get_log_file", getLogFile)
server := &http.Server{
Addr: ":4444",
Handler: router,
}
if *tlsCAFile != "" && *tlsCertFile != "" && *tlsKeyFile != "" {
logrus.Info("TLS enabled")
cp := x509.NewCertPool()
b, err := os.ReadFile(*tlsCAFile)
if err != nil {
logrus.Fatalf("Error reading CA file: %s", err)
}
if !cp.AppendCertsFromPEM(b) {
logrus.Fatalf("Error appending certs from PEM")
}
cert, err := tls.LoadX509KeyPair(*tlsCertFile, *tlsKeyFile)
if err != nil {
logrus.Fatalf("Error loading X509 key pair: %s", err)
}
tlsConfig := &tls.Config{
MinVersion: tls.VersionTLS13,
ClientCAs: cp,
Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequireAndVerifyClientCert,
}
server.TLSConfig = tlsConfig
}
logrus.Fatal(server.ListenAndServe())
}
func getLogFile(w http.ResponseWriter, r *http.Request) {
logrus.Info("Log file requested")
http.ServeFile(w, r, "akms-simulator.log")
}
func handlePushKsaKey(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
logrus.Errorf("Method not allowed: %s", r.Method)
return
}
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Failed to read request body", http.StatusInternalServerError)
logrus.Errorf("Failed to read request body: %s", err)
return
}
ip := r.RemoteAddr
logstring := "Request came from: " + ip + "; Body: " + string(body)
logrus.Info(logstring)
var bodyObject PushKSAKeyRequest
err = json.Unmarshal(body, &bodyObject)
if err != nil {
logrus.Errorf("Error parsing body into PushKSAKeyRequest: %s", err)
return
}
logFile := LogFile{Source: ip, Body: bodyObject}
jsonLogFile, err := json.Marshal(logFile)
if err != nil {
logrus.Errorf("Error marshaling logFile: %s", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
// Append jsonLogFile to akms-logfile.log
f, err := os.OpenFile("akms-simulator.log", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
logrus.Errorf("Error opening log file: %s", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
defer f.Close() //nolint:errcheck
if _, err := f.Write(jsonLogFile); err != nil {
logrus.Errorf("Error writing to log file: %s", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusNoContent)
}