Initial commit

.gitignore

@@ -0,0 +1 @@
+.idea

cnAuth/cnAuth.go

@@ -0,0 +1,102 @@
+package cnAuth
+
+import (
+  "bufio"
+  "bytes"
+  "crypto/hmac"
+  "crypto/sha256"
+  "encoding/base64"
+  "encoding/hex"
+  "fmt"
+  "github.com/pkg/errors"
+  "os"
+  "time"
+)
+
+type CnAuth struct {
+  keys map[string]string
+}
+
+func NewCnAuthFromFile( file *os.File ) (*CnAuth, error) {
+  cnAuth := new (CnAuth)
+  err := cnAuth.parseConfigFile(file)
+  if err != nil {
+    return nil, err
+  }
+  return cnAuth, nil
+}
+
+
+/* legacy: parse strange key file format
+kapi_id="001";kapi_key="a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a";kapi_groups="watcher";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}
+ */
+
+func ( cnAuth *CnAuth ) parseConfigFile(file *os.File) error {
+  cnAuth.keys = make( map[string]string, 0 )
+  scanner := bufio.NewScanner(file)
+  for scanner.Scan() {
+    line := []byte(scanner.Text())
+    fieldsKV :=bytes.Split( bytes.Trim(line, " "), []byte(";") )
+
+    // only first 3 kv pairs are relevant
+    var keyLabel string
+    var keyHex string
+    for fkv := 0; fkv<3; fkv++ {
+      kv := bytes.Split( bytes.Trim(fieldsKV[fkv], " "), []byte("=") )
+
+      switch string(kv[0]) {
+      case "kapi_id":
+        keyLabel = string(bytes.Trim(kv[1],"\""))
+        break
+      case "kapi_key":
+        keyHex = string(bytes.Trim(kv[1],"\""))
+        break
+      }
+
+    }
+    if keyLabel != "" && keyHex != "" {
+      cnAuth.keys[keyLabel] = keyHex
+    }
+  }
+  return scanner.Err()
+}
+
+/*
+
+#!/bin/bash
+
+k="9cf15759eb77400f2d0d54d9e3a5822fc5b1f49817f0a65e930a1ed6bf3f8a00"
+id="003"
+
+h64=$(echo -n "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64)
+p64=$(echo -n "{\"id\":\"$id\",\"exp\":$((`date +"%s"`+10))}" | base64)
+s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1)
+token="$h64.$p64.$s"
+
+echo h64=$h64
+echo p64=$p64
+echo k=$k
+echo token=$token
+echo ""
+curl --cacert dist/gatekeeper/cert.pem -H "Authorization: Bearer $token" https://127.0.0.1/getnewaddress
+echo ""
+
+
+ */
+
+func ( cnAuth *CnAuth ) BearerFromKey( keyLabel string ) (string, error) {
+  if keyHex, ok := cnAuth.keys[keyLabel]; ok {
+    h64 := base64.StdEncoding.EncodeToString( []byte("{\"alg\":\"HS256\",\"typ\":\"JWT\"}") )
+    p64 := base64.StdEncoding.EncodeToString( []byte(fmt.Sprintf("{\"id\":\"%s\",\"exp\":%d}", keyLabel, time.Now().Unix()+10 ) ) )
+    toSign := h64+"."+p64
+    key, err := hex.DecodeString(keyHex)
+    if err != nil {
+      return "", err
+    }
+    h := hmac.New( sha256.New, key )
+    h.Write([]byte(toSign))
+    sha := hex.EncodeToString(h.Sum(nil))
+    return "Bearer "+toSign+"."+sha, nil
+  }
+  return "", errors.New("No such key with label "+keyLabel )
+}

data/cert.pem

@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIE/jCCAuagAwIBAgIJAIBv4aiI2NRtMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV
+BAMME2Rpc2swYm9vay5mcml0ei5ib3gwHhcNMTkwMTE3MTcwMDA5WhcNMjkwMTE0
+MTcwMDA5WjAeMRwwGgYDVQQDDBNkaXNrMGJvb2suZnJpdHouYm94MIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyVKNTGlPfd4QX9HaDc9a6prbc9il4jtR
+iChSlMf3/6UfAMcS+xVgR2iR8FK/DQuFzxn+6BybpoiD333rjDr7zR7y9px3Xph2
+bmsjZy0hv9SIBbx0DJvvwODTlWTAH8qgU2DN6xWc7vjgeGi5uTpnmwWrkH6BjtVr
+woBkF0JmfH7KiLS/QjWqPKeI6o/GpvCP9meD131Sq/ReoOTrJ4F5aNdhAril4nU5
+6e7Y+Iyp35DZSLuU+pDJAhxEvkYGas1ted5RRxlho8ukaoABCbmaTeNmgsJxK2SC
+ABjfUc38aAlNLuMbMMR7Q85Z84OTJiUqanVczwdSj1QHlNCWZK1McBPhj2m2Wdge
+gedrq5XcjQGChzTEozcFntU0qzY3ja1+DOE8UaMaTrDH4saUXCMZk3W1m5mmiZW3
+mcB0cKGdeg6K6USg1BwBTU9qolUusxz5T0tNxjcMlXU93P17d4s5IXfliXhMNr/6
+4fl78Ey3FNprTix4alW7hBAp/eA/LhS55s3jwdoVzJl4RELC0284pahj5exYQwU6
+zjLedMxzC+7veQYwWfZOs9jVCTP0YStuT0j9xD3ausLZyB1Egbsajyy71IeoYOf1
+9S6dFIXE5LHAw2j3D3bh5wb019I8V5szGbeemdBpb3m+bzT8qjLSNranuT41CIHd
+IYjq85vDEJsCAwEAAaM/MD0wOwYDVR0RBDQwMoITZGlzazBib29rLmZyaXR6LmJv
+eIIJbG9jYWxob3N0ggpnYXRla2VlcGVyhwR/AAABMA0GCSqGSIb3DQEBCwUAA4IC
+AQBrE4bJsIMwSRPng94PcqR5F6Cux0bkwezALJCHpjHTuqok/wHHE5dZsAXcSsYc
+5givuBESih6CpY5h21Od0TBugyv3FCRY8OoaBXtlO6FYlEnVeJ8AOexJTb3qcbBS
+HU8MBWEydUh5HFA3PRKAG0Y4cvUK4WXJZ42Et3td0NkGFOv6bxdtVGB4Vz7FGn+3
+qd9fpmFCdQYDp6RSZDDz4B8XLsVuTeTES5GbUMSQAGanP7jxMr04wQ3MuoZrRODN
+FatifOJfq0fZddsBjJbrTLxArIqaPh3J4xzwiNE5du4CQDQrbbHXG22kuvbr5foA
+cixLnuyWMq0a5a70mSNS6TZ3nq4ATXNNa0cZ8fBxHqHGTLM8gQisW8vTaZfIFh/i
+hnFcGxtpo1ryi7JG9HCWsh0x20677iag5MuZfv2s4TbK71Ol6WV4FravCqU0qgbn
+TTl+BnYw3H67FO/a6RD4ISlFWK+8EVEQdMgvPoRuw323YznT0Nd8Q/Gq8raYF2wa
+z9T9OXu6TcVGtfPAgX+AM/+hDqWGxyiFR9ZtLpGOHGP8f+TZA5uCawc8Zry4yN6L
+E0yPIx96pJz59T3k8XbRHTQCaPsSUGRAZIY9LpJj0fIG7zCr9eCBpp2qyzmpyNfx
+egN3ILYy1Y8JbJj73HWyP0F3Am7i76tkCWB7tQeFOb5FMg==
+-----END CERTIFICATE-----

data/config.toml

@@ -0,0 +1,12 @@
+[server]
+listen = "0.0.0.0:8080"
+index_template = "templates/index.html"
+
+[gatekeeper]
+status_url = "http://localhost:3333/status"
+key_label = "001"
+key_file = "data/keys.properties"
+cert_file = "data/cert.pem"
+
+
+

data/keys.properties

@@ -0,0 +1,3 @@
+kapi_id="001";kapi_key="a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a";kapi_groups="watcher";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}
+kapi_id="002";kapi_key="fe58ddbb66d7302a7087af3242a98b6326c51a257f5eab1c06bb8cc02e25890d";kapi_groups="watcher,spender";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}
+kapi_id="003";kapi_key="f0b8bb52f4c7007938757bcdfc73b452d6ce08cc0c660ce57c5464ae95f35417";kapi_groups="watcher,spender,admin";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}

main.go

@@ -0,0 +1,111 @@
+
+package main
+
+import (
+  "bytes"
+  "cyphernode_status/cnAuth"
+  "fmt"
+  "github.com/gorilla/mux"
+  "github.com/op/go-logging"
+  "github.com/spf13/viper"
+  "html/template"
+  "io/ioutil"
+  "net/http"
+  "os"
+)
+
+type Status struct {
+  Foo string  `json:"foo"`
+}
+
+var auth *cnAuth.CnAuth
+var statsKeyLabel string
+var indexTemplate string
+var statusUrl string
+var log = logging.MustGetLogger("main")
+
+func RootHandler(w http.ResponseWriter, _ *http.Request) {
+  t,_ := template.ParseFiles(indexTemplate)
+  t.Execute(w, nil)
+}
+
+func generateAuthHeaders() map[string]string {
+  result := make( map[string]string, 0 )
+  return result
+}
+
+func StatusHandler(w http.ResponseWriter, r *http.Request) {
+
+  req, err := http.NewRequest("GET", statusUrl, nil)
+  if err != nil {
+    w.WriteHeader(503 )
+    return
+  }
+
+  res, err := http.DefaultClient.Do(req)
+
+  if err != nil {
+    w.WriteHeader(503 )
+    return
+  }
+
+  defer res.Body.Close()
+
+  body, _ := ioutil.ReadAll(res.Body)
+
+  //status := new (Status)
+  //jsonData, _ := json.Marshal(status)
+  w.Header().Set("Content-Type", "application/json")
+  bearer, err := auth.BearerFromKey(statsKeyLabel)
+  if err != nil {
+    w.WriteHeader(503 )
+    return
+  }
+  w.Header().Set("Authorization", bearer )
+
+  fmt.Fprint(w, bytes.NewBuffer(body))
+  return
+
+}
+
+func main() {
+
+  viper.SetConfigName("config")
+  viper.AddConfigPath("data")
+
+  err := viper.ReadInConfig()
+
+  if err != nil {
+    log.Error(err)
+  }
+
+  keysFilePath := viper.GetString("gatekeeper.key_file")
+  statsKeyLabel = viper.GetString("gatekeeper.key_label")
+  statusUrl = viper.GetString("gatekeeper.status_url")
+  listenTo := viper.GetString("server.listen")
+  indexTemplate = viper.GetString("server.index_template")
+
+  file, err := os.Open(keysFilePath)
+
+  if err != nil {
+    log.Error(err)
+  }
+
+  auth, err = cnAuth.NewCnAuthFromFile( file )
+  file.Close()
+
+  if err != nil {
+    log.Error(err)
+  }
+
+  log.Infof("Started cyphernode status page backend. URL Port [%v] ",listenTo)
+
+  router := mux.NewRouter()
+  router.HandleFunc("/", RootHandler)
+  router.HandleFunc("/status", StatusHandler)
+  router.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(http.Dir("./static"))))
+
+  http.Handle("/", router)
+
+  log.Fatal(http.ListenAndServe(listenTo, nil))
+}

templates/index.html

@@ -0,0 +1,30 @@
+
+<html lang="en">
+
+<head>
+    <title>Cyphernode status page</title>
+    <link rel="stylesheet" href="static/css/bootstrap.min.css" rel="stylesheet">
+</head>
+
+<body>
+    <div class="container">
+        <div class="card">
+            <div class="card-header">
+                <h1>Cyphernode status page</h1>
+            </div>
+        </div>
+
+        <div class="card-body">
+
+        </div>
+
+        <li class="card">
+
+        </li>
+    </div>
+
+    <script src="static/js/bootstrap.min.js"></script>
+
+</body>
+
+</html>