proxy: improve reconnect logic, send version, properly version proxy

2020-09-19 01:29:49 +02:00 · 2020-09-19 01:29:49 +02:00 · 4749c3fad0
parent 18886697d6
commit 4749c3fad0
8 changed files with 72 additions and 19 deletions
--- a/.bumpversion.cfg
+++ b/.bumpversion.cfg
@ -10,7 +10,7 @@ tag_name = version/{new_version}
 [bumpversion:part:release]
 optional_value = stable
 first_value = beta
-values = 
+values =
 	alpha
 	beta
 	stable
@ -28,3 +28,5 @@ values =
 [bumpversion:file:.github/workflows/release.yml]

 [bumpversion:file:passbook/__init__.py]
+
+[bumpversion:file:proxy/pkg/version.go]
--- a/passbook/providers/oauth2/models.py
+++ b/passbook/providers/oauth2/models.py
@ -340,6 +340,7 @@ class BaseGrantModel(models.Model):
        abstract = True


+# pylint: disable=too-many-instance-attributes
 class AuthorizationCode(ExpiringModel, BaseGrantModel):
    """OAuth2 Authorization Code"""

--- a/proxy/cmd/server.go
+++ b/proxy/cmd/server.go
@ -1,6 +1,7 @@
 package cmd

 import (
+	"fmt"
 	"math/rand"
 	"net/url"
 	"os"
@ -10,20 +11,33 @@ import (
 	"github.com/BeryJu/passbook/proxy/pkg/server"
 )

+const helpMessage = `passbook proxy
+
+Required environment variables:
+ - PASSBOOK_HOST: URL to connect to (format "http://passbook.company")
+ - PASSBOOK_TOKEN: Token to authenticate with
+ - PASSBOOK_INSECURE: Skip SSL Certificate verification`
+
 // RunServer main entrypoint, runs the full server
 func RunServer() {
 	pbURL, found := os.LookupEnv("PASSBOOK_HOST")
 	if !found {
-		panic("env PASSBOOK_HOST not set!")
+		fmt.Println("env PASSBOOK_HOST not set!")
+		fmt.Println(helpMessage)
+		os.Exit(1)
 	}
 	pbToken, found := os.LookupEnv("PASSBOOK_TOKEN")
 	if !found {
-		panic("env PASSBOOK_TOKEN not set!")
+		fmt.Println("env PASSBOOK_TOKEN not set!")
+		fmt.Println(helpMessage)
+		os.Exit(1)
 	}

 	pbURLActual, err := url.Parse(pbURL)
 	if err != nil {
-		panic(err)
+		fmt.Println(err)
+		fmt.Println(helpMessage)
+		os.Exit(1)
 	}

 	rand.Seed(time.Now().UnixNano())
--- a/proxy/go.mod
+++ b/proxy/go.mod
@ -29,12 +29,16 @@ require (
 	github.com/recws-org/recws v1.2.1
 	github.com/sirupsen/logrus v1.6.0
 	github.com/spf13/afero v1.4.0 // indirect
+	github.com/spf13/cast v1.3.1 // indirect
+	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/spf13/viper v1.7.1 // indirect
 	github.com/stretchr/testify v1.6.1
 	go.mongodb.org/mongo-driver v1.4.1 // indirect
 	golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de // indirect
 	golang.org/x/net v0.0.0-20200904194848-62affa334b73 // indirect
-	golang.org/x/sys v0.0.0-20200917061948-648f2a039071 // indirect
-	golang.org/x/tools v0.0.0-20200917050209-655488c8ae71 // indirect
+	golang.org/x/sys v0.0.0-20200918174421-af09f7315aff // indirect
+	golang.org/x/tools v0.0.0-20200918201133-e94ab7288189 // indirect
 	gopkg.in/ini.v1 v1.61.0 // indirect
+	gopkg.in/square/go-jose.v2 v2.5.1 // indirect
 )
--- a/proxy/go.sum
+++ b/proxy/go.sum
@ -832,6 +832,8 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200917061948-648f2a039071 h1:t0H7WMwCt9t0LnLSYz5zdZ/OiAtROxc5cHb5iHt3Xyw=
 golang.org/x/sys v0.0.0-20200917061948-648f2a039071/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200918174421-af09f7315aff h1:1CPUrky56AcgSpxz/KfgzQWzfG09u5YOL8MvPYBlrL8=
+golang.org/x/sys v0.0.0-20200918174421-af09f7315aff/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -898,8 +900,8 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc
 golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200817023811-d00afeaade8f h1:33yHANSyO/TeglgY9rBhUpX43wtonTXoFOsMRtNB6qE=
 golang.org/x/tools v0.0.0-20200817023811-d00afeaade8f/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200917050209-655488c8ae71 h1:HfjhL52L9Q15ZudgTl0s5+wcqOKViwBgZJQLxgKn20E=
-golang.org/x/tools v0.0.0-20200917050209-655488c8ae71/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
+golang.org/x/tools v0.0.0-20200918201133-e94ab7288189 h1:7E/geNtekOV4N/07EhKz7zyXs0hZhoZZ19R2O2mMHoI=
+golang.org/x/tools v0.0.0-20200918201133-e94ab7288189/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/proxy/pkg/server/api.go
+++ b/proxy/pkg/server/api.go
@ -6,6 +6,7 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	"strings"
 	"time"

 	"github.com/BeryJu/passbook/proxy/pkg/client"
@ -37,7 +38,7 @@ type APIController struct {
 	lastBundleHash string
 	logger         *log.Entry

-	wsConn recws.RecConn
+	wsConn *recws.RecConn
 }

 func getCommonOptions() *options.Options {
@ -85,9 +86,12 @@ func doGlobalSetup(config map[string]interface{}) {
 }

 func getTLSTransport() http.RoundTripper {
-	_, set := os.LookupEnv("PASSBOOK_INSECURE")
+	value, set := os.LookupEnv("PASSBOOK_INSECURE")
+	if !set {
+		value = "false"
+	}
 	tlsTransport, err := httptransport.TLSTransport(httptransport.TLSClientOptions{
-		InsecureSkipVerify: set,
+		InsecureSkipVerify: strings.ToLower(value) == "true",
 	})
 	if err != nil {
 		panic(err)
--- a/proxy/pkg/server/api_ws.go
+++ b/proxy/pkg/server/api_ws.go
@ -9,6 +9,7 @@ import (
 	"strings"
 	"time"

+	"github.com/BeryJu/passbook/proxy/pkg"
 	"github.com/go-openapi/strfmt"
 	"github.com/gorilla/websocket"
 	"github.com/recws-org/recws"
@ -22,20 +23,33 @@ func (ac *APIController) initWS(pbURL url.URL, outpostUUID strfmt.UUID) {
 		"Authorization": []string{ac.token},
 	}

-	_, set := os.LookupEnv("PASSBOOK_INSECURE")
+	value, set := os.LookupEnv("PASSBOOK_INSECURE")
+	if !set {
+		value = "false"
+	}

-	ws := recws.RecConn{
-		// KeepAliveTimeout: 10 * time.Second,
+	ws := &recws.RecConn{
 		NonVerbose: true,
 		TLSClientConfig: &tls.Config{
-			InsecureSkipVerify: set,
+			InsecureSkipVerify: strings.ToLower(value) == "true",
 		},
 	}
 	ws.Dial(fmt.Sprintf(pathTemplate, scheme, pbURL.Host, outpostUUID.String()), header)

-	ac.logger.WithField("outpost", outpostUUID.String()).Debug("connecting to passbook")
+	ac.logger.WithField("component", "ws").WithField("outpost", outpostUUID.String()).Debug("connecting to passbook")

 	ac.wsConn = ws
+	// Send hello message with our version
+	msg := websocketMessage{
+		Instruction: WebsocketInstructionHello,
+		Args: map[string]interface{}{
+			"version": pkg.VERSION,
+		},
+	}
+	err := ws.WriteJSON(msg)
+	if err != nil {
+		ac.logger.WithField("component", "ws").WithError(err).Warning("Failed to hello to passbook")
+	}
 }

 // Shutdown Gracefully stops all workers, disconnects from websocket
@ -52,12 +66,15 @@ func (ac *APIController) Shutdown() {

 func (ac *APIController) startWSHandler() {
 	for {
+		if !ac.wsConn.IsConnected() {
+			continue
+		}
 		var wsMsg websocketMessage
 		err := ac.wsConn.ReadJSON(&wsMsg)
 		if err != nil {
 			ac.logger.WithField("loop", "ws-handler").Println("read:", err)
 			ac.wsConn.CloseAndReconnect()
-			return
+			continue
 		}
 		if wsMsg.Instruction != WebsocketInstructionAck {
 			ac.logger.Debugf("%+v\n", wsMsg)
@ -73,15 +90,21 @@ func (ac *APIController) startWSHandler() {

 func (ac *APIController) startWSHealth() {
 	for ; true; <-time.Tick(time.Second * 10) {
+		if !ac.wsConn.IsConnected() {
+			continue
+		}
 		aliveMsg := websocketMessage{
 			Instruction: WebsocketInstructionHello,
-			Args:        make(map[string]interface{}),
+			Args: map[string]interface{}{
+				"version": pkg.VERSION,
+			},
 		}
 		err := ac.wsConn.WriteJSON(aliveMsg)
+		ac.logger.WithField("loop", "ws-health").Debug("hello'd")
 		if err != nil {
 			ac.logger.WithField("loop", "ws-health").Println("write:", err)
 			ac.wsConn.CloseAndReconnect()
-			return
+			continue
 		}
 	}
 }
--- a/proxy/pkg/version.go
+++ b/proxy/pkg/version.go
@ -0,0 +1,3 @@
+package pkg
+
+const VERSION = "0.10.3-stable"