mirror of
https://github.com/yusing/godoxy.git
synced 2026-04-20 07:21:26 +02:00
refactor(api): restructured API for type safety, maintainability and docs generation
- These changes makes the API incombatible with previous versions - Added new types for error handling, success responses, and health checks. - Updated health check logic to utilize the new types for better clarity and structure. - Refactored existing handlers to improve response consistency and error handling. - Updated Makefile to include a new target for generating API types from Swagger. - Updated "new agent" API to respond an encrypted cert pair
This commit is contained in:
yusing
67
internal/api/v1/agent/common.go
Normal file
67
internal/api/v1/agent/common.go
Normal file
@@ -0,0 +1,67 @@
|
||||
package agentapi
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
|
||||
"github.com/rs/zerolog/log"
|
||||
"github.com/yusing/go-proxy/agent/pkg/agent"
|
||||
)
|
||||
|
||||
type PEMPairResponse struct {
|
||||
Cert string `json:"cert" format:"base64"`
|
||||
Key string `json:"key" format:"base64"`
|
||||
} // @name PEMPairResponse
|
||||
|
||||
var encryptionKey atomic.Value
|
||||
|
||||
const rotateKeyInterval = 15 * time.Minute
|
||||
|
||||
func init() {
|
||||
if err := rotateKey(); err != nil {
|
||||
log.Panic().Err(err).Msg("failed to generate encryption key")
|
||||
}
|
||||
go func() {
|
||||
for range time.Tick(rotateKeyInterval) {
|
||||
if err := rotateKey(); err != nil {
|
||||
log.Error().Err(err).Msg("failed to rotate encryption key")
|
||||
}
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func getEncryptionKey() []byte {
|
||||
return encryptionKey.Load().([]byte)
|
||||
}
|
||||
|
||||
func rotateKey() error {
|
||||
// generate a random 32 bytes key
|
||||
key := make([]byte, 32)
|
||||
if _, err := rand.Read(key); err != nil {
|
||||
return err
|
||||
}
|
||||
encryptionKey.Store(key)
|
||||
return nil
|
||||
}
|
||||
|
||||
func toPEMPairResponse(encPEMPair agent.PEMPair) PEMPairResponse {
|
||||
return PEMPairResponse{
|
||||
Cert: base64.StdEncoding.EncodeToString(encPEMPair.Cert),
|
||||
Key: base64.StdEncoding.EncodeToString(encPEMPair.Key),
|
||||
}
|
||||
}
|
||||
|
||||
func fromEncryptedPEMPairResponse(pemPair PEMPairResponse) (agent.PEMPair, error) {
|
||||
encCert, err := base64.StdEncoding.DecodeString(pemPair.Cert)
|
||||
if err != nil {
|
||||
return agent.PEMPair{}, err
|
||||
}
|
||||
encKey, err := base64.StdEncoding.DecodeString(pemPair.Key)
|
||||
if err != nil {
|
||||
return agent.PEMPair{}, err
|
||||
}
|
||||
pair := agent.PEMPair{Cert: encCert, Key: encKey}
|
||||
return pair.Decrypt(getEncryptionKey())
|
||||
}
|
||||
Reference in New Issue
Block a user