mirror of
https://github.com/juanfont/headscale.git
synced 2024-12-20 19:09:07 +01:00
Simplify and streamline preauth commands for new cli/rpc/api
This commit is contained in:
parent
787814ea89
commit
77f5f8bd1c
@ -4,14 +4,20 @@ import (
|
|||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"errors"
|
"errors"
|
||||||
|
"strconv"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"google.golang.org/protobuf/types/known/timestamppb"
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
|
|
||||||
|
v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
const errorAuthKeyNotFound = Error("AuthKey not found")
|
const (
|
||||||
const errorAuthKeyExpired = Error("AuthKey expired")
|
errorAuthKeyNotFound = Error("AuthKey not found")
|
||||||
const errSingleUseAuthKeyHasBeenUsed = Error("AuthKey has already been used")
|
errorAuthKeyExpired = Error("AuthKey expired")
|
||||||
|
errSingleUseAuthKeyHasBeenUsed = Error("AuthKey has already been used")
|
||||||
|
)
|
||||||
|
|
||||||
// PreAuthKey describes a pre-authorization key usable in a particular namespace
|
// PreAuthKey describes a pre-authorization key usable in a particular namespace
|
||||||
type PreAuthKey struct {
|
type PreAuthKey struct {
|
||||||
@ -28,7 +34,12 @@ type PreAuthKey struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// CreatePreAuthKey creates a new PreAuthKey in a namespace, and returns it
|
// CreatePreAuthKey creates a new PreAuthKey in a namespace, and returns it
|
||||||
func (h *Headscale) CreatePreAuthKey(namespaceName string, reusable bool, ephemeral bool, expiration *time.Time) (*PreAuthKey, error) {
|
func (h *Headscale) CreatePreAuthKey(
|
||||||
|
namespaceName string,
|
||||||
|
reusable bool,
|
||||||
|
ephemeral bool,
|
||||||
|
expiration *time.Time,
|
||||||
|
) (*PreAuthKey, error) {
|
||||||
n, err := h.GetNamespace(namespaceName)
|
n, err := h.GetNamespace(namespaceName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -54,8 +65,8 @@ func (h *Headscale) CreatePreAuthKey(namespaceName string, reusable bool, epheme
|
|||||||
return &k, nil
|
return &k, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetPreAuthKeys returns the list of PreAuthKeys for a namespace
|
// ListPreAuthKeys returns the list of PreAuthKeys for a namespace
|
||||||
func (h *Headscale) GetPreAuthKeys(namespaceName string) (*[]PreAuthKey, error) {
|
func (h *Headscale) ListPreAuthKeys(namespaceName string) ([]PreAuthKey, error) {
|
||||||
n, err := h.GetNamespace(namespaceName)
|
n, err := h.GetNamespace(namespaceName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -65,7 +76,7 @@ func (h *Headscale) GetPreAuthKeys(namespaceName string) (*[]PreAuthKey, error)
|
|||||||
if err := h.db.Preload("Namespace").Where(&PreAuthKey{NamespaceID: n.ID}).Find(&keys).Error; err != nil {
|
if err := h.db.Preload("Namespace").Where(&PreAuthKey{NamespaceID: n.ID}).Find(&keys).Error; err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &keys, nil
|
return keys, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetPreAuthKey returns a PreAuthKey for a given key
|
// GetPreAuthKey returns a PreAuthKey for a given key
|
||||||
@ -83,7 +94,7 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er
|
|||||||
}
|
}
|
||||||
|
|
||||||
// MarkExpirePreAuthKey marks a PreAuthKey as expired
|
// MarkExpirePreAuthKey marks a PreAuthKey as expired
|
||||||
func (h *Headscale) MarkExpirePreAuthKey(k *PreAuthKey) error {
|
func (h *Headscale) ExpirePreAuthKey(k *PreAuthKey) error {
|
||||||
if err := h.db.Model(&k).Update("Expiration", time.Now()).Error; err != nil {
|
if err := h.db.Model(&k).Update("Expiration", time.Now()).Error; err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -126,3 +137,16 @@ func (h *Headscale) generateKey() (string, error) {
|
|||||||
}
|
}
|
||||||
return hex.EncodeToString(bytes), nil
|
return hex.EncodeToString(bytes), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (key *PreAuthKey) toProto() *v1.PreAuthKey {
|
||||||
|
return &v1.PreAuthKey{
|
||||||
|
Namespace: key.Namespace.Name,
|
||||||
|
Id: strconv.FormatUint(key.ID, 10),
|
||||||
|
Key: key.Key,
|
||||||
|
Resuable: key.Reusable,
|
||||||
|
Ephemeral: key.Ephemeral,
|
||||||
|
Used: key.Used,
|
||||||
|
Expiration: timestamppb.New(*key.Expiration),
|
||||||
|
CreatedAt: timestamppb.New(*key.CreatedAt),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@ -24,15 +24,15 @@ func (*Suite) TestCreatePreAuthKey(c *check.C) {
|
|||||||
// Make sure the Namespace association is populated
|
// Make sure the Namespace association is populated
|
||||||
c.Assert(k.Namespace.Name, check.Equals, n.Name)
|
c.Assert(k.Namespace.Name, check.Equals, n.Name)
|
||||||
|
|
||||||
_, err = h.GetPreAuthKeys("bogus")
|
_, err = h.ListPreAuthKeys("bogus")
|
||||||
c.Assert(err, check.NotNil)
|
c.Assert(err, check.NotNil)
|
||||||
|
|
||||||
keys, err := h.GetPreAuthKeys(n.Name)
|
keys, err := h.ListPreAuthKeys(n.Name)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
c.Assert(len(*keys), check.Equals, 1)
|
c.Assert(len(keys), check.Equals, 1)
|
||||||
|
|
||||||
// Make sure the Namespace association is populated
|
// Make sure the Namespace association is populated
|
||||||
c.Assert((*keys)[0].Namespace.Name, check.Equals, n.Name)
|
c.Assert((keys)[0].Namespace.Name, check.Equals, n.Name)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (*Suite) TestExpiredPreAuthKey(c *check.C) {
|
func (*Suite) TestExpiredPreAuthKey(c *check.C) {
|
||||||
@ -172,7 +172,7 @@ func (*Suite) TestExpirePreauthKey(c *check.C) {
|
|||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
c.Assert(pak.Expiration, check.IsNil)
|
c.Assert(pak.Expiration, check.IsNil)
|
||||||
|
|
||||||
err = h.MarkExpirePreAuthKey(pak)
|
err = h.ExpirePreAuthKey(pak)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
c.Assert(pak.Expiration, check.NotNil)
|
c.Assert(pak.Expiration, check.NotNil)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user