2020-03-24 13:15:01 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
2022-02-14 16:22:30 +00:00
|
|
|
"fmt"
|
2020-03-24 13:15:01 +00:00
|
|
|
"net/http"
|
2020-07-08 11:56:37 +00:00
|
|
|
"strings"
|
2020-03-24 13:15:01 +00:00
|
|
|
|
feat: protos refactoring
* start with user
* user first try done in all services
* user, org, idp for discussion
* remove unused stuff
* bla
* dockerbuild
* rename search, get multiple to list...
* add annotation
* update proto dependencies
* update proto dependencies
* change proto imports
* replace all old imports
* fix go out
* remove unused lines
* correct protoc flags
* grpc and openapi flags
* go out source path relative
* -p
* remove dead code
* sourcepath relative
* ls
* is onenapi the problem?
* hobla
* authoption output
* wrong field name
* gopf
* correct option, add correct flags
* small improvments
* SIMPLYFY
* relative path
* gopf bin ich en tubel
* correct path
* default policies in admin
* grpc generation in one file
* remove non ascii
* metadata on manipulations
* correct auth_option import
* fixes
* larry
* idp provider to idp
* fix generate
* admin and auth nearly done
* admin and auth nearly done
* gen
* healthz
* imports
* deleted too much imports
* fix org
* add import
* imports
* import
* naming
* auth_opt
* gopf
* management
* imports
* _TYPE_UNSPECIFIED
* improts
* auth opts
* management policies
* imports
* passwordlessType to MFAType
* auth_opt
* add user grant calls
* add missing messages
* result
* fix option
* improvements
* ids
* fix http
* imports
* fixes
* fields
* body
* add fields
* remove wrong member query
* fix request response
* fixes
* add copy files
* variable versions
* generate all files
* improvements
* add dependencies
* factors
* user session
* oidc information, iam
* remove unused file
* changes
* enums
* dockerfile
* fix build
* remove unused folder
* update readme for build
* move old server impl
* add event type to change
* some changes
* start admin
* remove wrong field
* admin only list calls missing
* fix proto numbers
* surprisingly it compiles
* service ts changes
* admin mgmt
* mgmt
* auth manipulation and gets done, lists missing
* validations and some field changes
* validations
* enum validations
* remove todo
* move proto files to proto/zitadel
* change proto path in dockerfile
* it compiles!
* add validate import
* remove duplicate import
* fix protos
* fix import
* tests
* cleanup
* remove unimplemented methods
* iam member multiple queries
* all auth and admin calls
* add initial password on crate human
* message names
* management user server
* machine done
* fix: todos (#1346)
* fix: pub sub in new eventstore
* fix: todos
* fix: todos
* fix: todos
* fix: todos
* fix: todos
* fix tests
* fix: search method domain
* admin service, user import type typescript
* admin changes
* admin changes
* fix: search method domain
* more user grpc and begin org, fix configs
* fix: return object details
* org grpc
* remove creation date add details
* app
* fix: return object details
* fix: return object details
* mgmt service, project members
* app
* fix: convert policies
* project, members, granted projects, searches
* fix: convert usergrants
* fix: convert usergrants
* auth user detail, user detail, mfa, second factor, auth
* fix: convert usergrants
* mfa, memberships, password, owned proj detail
* fix: convert usergrants
* project grant
* missing details
* changes, userview
* idp table, keys
* org list and user table filter
* unify rest paths (#1381)
* unify rest paths
* post for all searches,
mfa to multi_factor,
secondfactor to second_factor
* remove v1
* fix tests
* rename api client key to app key
* machine keys, age policy
* user list, machine keys, changes
* fix: org states
* add default flag to policy
* second factor to type
* idp id
* app type
* unify ListQuery, ListDetails, ObjectDetails field names
* user grants, apps, memberships
* fix type params
* metadata to detail, linke idps
* api create, membership, app detail, create
* idp, app, policy
* queries, multi -> auth factors and missing fields
* update converters
* provider to user, remove old mgmt refs
* temp remove authfactor dialog, build finish
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2021-03-09 09:30:11 +00:00
|
|
|
"github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
|
2023-04-11 13:37:42 +00:00
|
|
|
"github.com/zitadel/logging"
|
feat: protos refactoring
* start with user
* user first try done in all services
* user, org, idp for discussion
* remove unused stuff
* bla
* dockerbuild
* rename search, get multiple to list...
* add annotation
* update proto dependencies
* update proto dependencies
* change proto imports
* replace all old imports
* fix go out
* remove unused lines
* correct protoc flags
* grpc and openapi flags
* go out source path relative
* -p
* remove dead code
* sourcepath relative
* ls
* is onenapi the problem?
* hobla
* authoption output
* wrong field name
* gopf
* correct option, add correct flags
* small improvments
* SIMPLYFY
* relative path
* gopf bin ich en tubel
* correct path
* default policies in admin
* grpc generation in one file
* remove non ascii
* metadata on manipulations
* correct auth_option import
* fixes
* larry
* idp provider to idp
* fix generate
* admin and auth nearly done
* admin and auth nearly done
* gen
* healthz
* imports
* deleted too much imports
* fix org
* add import
* imports
* import
* naming
* auth_opt
* gopf
* management
* imports
* _TYPE_UNSPECIFIED
* improts
* auth opts
* management policies
* imports
* passwordlessType to MFAType
* auth_opt
* add user grant calls
* add missing messages
* result
* fix option
* improvements
* ids
* fix http
* imports
* fixes
* fields
* body
* add fields
* remove wrong member query
* fix request response
* fixes
* add copy files
* variable versions
* generate all files
* improvements
* add dependencies
* factors
* user session
* oidc information, iam
* remove unused file
* changes
* enums
* dockerfile
* fix build
* remove unused folder
* update readme for build
* move old server impl
* add event type to change
* some changes
* start admin
* remove wrong field
* admin only list calls missing
* fix proto numbers
* surprisingly it compiles
* service ts changes
* admin mgmt
* mgmt
* auth manipulation and gets done, lists missing
* validations and some field changes
* validations
* enum validations
* remove todo
* move proto files to proto/zitadel
* change proto path in dockerfile
* it compiles!
* add validate import
* remove duplicate import
* fix protos
* fix import
* tests
* cleanup
* remove unimplemented methods
* iam member multiple queries
* all auth and admin calls
* add initial password on crate human
* message names
* management user server
* machine done
* fix: todos (#1346)
* fix: pub sub in new eventstore
* fix: todos
* fix: todos
* fix: todos
* fix: todos
* fix: todos
* fix tests
* fix: search method domain
* admin service, user import type typescript
* admin changes
* admin changes
* fix: search method domain
* more user grpc and begin org, fix configs
* fix: return object details
* org grpc
* remove creation date add details
* app
* fix: return object details
* fix: return object details
* mgmt service, project members
* app
* fix: convert policies
* project, members, granted projects, searches
* fix: convert usergrants
* fix: convert usergrants
* auth user detail, user detail, mfa, second factor, auth
* fix: convert usergrants
* mfa, memberships, password, owned proj detail
* fix: convert usergrants
* project grant
* missing details
* changes, userview
* idp table, keys
* org list and user table filter
* unify rest paths (#1381)
* unify rest paths
* post for all searches,
mfa to multi_factor,
secondfactor to second_factor
* remove v1
* fix tests
* rename api client key to app key
* machine keys, age policy
* user list, machine keys, changes
* fix: org states
* add default flag to policy
* second factor to type
* idp id
* app type
* unify ListQuery, ListDetails, ObjectDetails field names
* user grants, apps, memberships
* fix type params
* metadata to detail, linke idps
* api create, membership, app detail, create
* idp, app, policy
* queries, multi -> auth factors and missing fields
* update converters
* provider to user, remove old mgmt refs
* temp remove authfactor dialog, build finish
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2021-03-09 09:30:11 +00:00
|
|
|
"google.golang.org/grpc"
|
2022-02-14 16:22:30 +00:00
|
|
|
"google.golang.org/grpc/credentials/insecure"
|
2023-04-11 13:37:42 +00:00
|
|
|
healthpb "google.golang.org/grpc/health/grpc_health_v1"
|
2021-04-19 15:20:18 +00:00
|
|
|
"google.golang.org/protobuf/encoding/protojson"
|
2022-02-14 16:22:30 +00:00
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
client_middleware "github.com/zitadel/zitadel/internal/api/grpc/client/middleware"
|
2022-06-03 12:44:04 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/api/grpc/server/middleware"
|
2022-04-26 23:01:45 +00:00
|
|
|
http_mw "github.com/zitadel/zitadel/internal/api/http/middleware"
|
2020-03-24 13:15:01 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
2022-02-14 16:22:30 +00:00
|
|
|
mimeWildcard = "*/*"
|
2020-03-24 13:15:01 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var (
|
2022-02-14 16:22:30 +00:00
|
|
|
customHeaders = []string{
|
|
|
|
|
"x-zitadel-",
|
|
|
|
|
}
|
|
|
|
|
jsonMarshaler = &runtime.JSONPb{
|
2021-04-19 15:20:18 +00:00
|
|
|
UnmarshalOptions: protojson.UnmarshalOptions{
|
|
|
|
|
DiscardUnknown: true,
|
|
|
|
|
},
|
|
|
|
|
}
|
2020-03-24 13:15:01 +00:00
|
|
|
|
2022-02-14 16:22:30 +00:00
|
|
|
serveMuxOptions = []runtime.ServeMuxOption{
|
|
|
|
|
runtime.WithMarshalerOption(jsonMarshaler.ContentType(nil), jsonMarshaler),
|
|
|
|
|
runtime.WithMarshalerOption(mimeWildcard, jsonMarshaler),
|
|
|
|
|
runtime.WithMarshalerOption(runtime.MIMEWildcard, jsonMarshaler),
|
|
|
|
|
runtime.WithIncomingHeaderMatcher(headerMatcher),
|
|
|
|
|
runtime.WithOutgoingHeaderMatcher(runtime.DefaultHeaderMatcher),
|
2020-07-08 11:56:37 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-14 16:22:30 +00:00
|
|
|
headerMatcher = runtime.HeaderMatcherFunc(
|
|
|
|
|
func(header string) (string, bool) {
|
2020-07-08 11:56:37 +00:00
|
|
|
for _, customHeader := range customHeaders {
|
|
|
|
|
if strings.HasPrefix(strings.ToLower(header), customHeader) {
|
|
|
|
|
return header, true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return runtime.DefaultHeaderMatcher(header)
|
2022-02-14 16:22:30 +00:00
|
|
|
},
|
|
|
|
|
)
|
2020-03-24 13:15:01 +00:00
|
|
|
)
|
|
|
|
|
|
2023-04-11 13:37:42 +00:00
|
|
|
type Gateway struct {
|
|
|
|
|
mux *runtime.ServeMux
|
|
|
|
|
http1HostName string
|
|
|
|
|
connection *grpc.ClientConn
|
2020-03-24 13:15:01 +00:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 13:37:42 +00:00
|
|
|
func (g *Gateway) Handler() http.Handler {
|
|
|
|
|
return addInterceptors(g.mux, g.http1HostName)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type RegisterGatewayFunc func(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error
|
2020-03-24 13:15:01 +00:00
|
|
|
|
2023-04-11 13:37:42 +00:00
|
|
|
func CreateGatewayWithPrefix(ctx context.Context, g WithGatewayPrefix, port uint16, http1HostName string) (http.Handler, string, error) {
|
2022-02-14 16:22:30 +00:00
|
|
|
runtimeMux := runtime.NewServeMux(serveMuxOptions...)
|
2020-11-20 06:57:39 +00:00
|
|
|
opts := []grpc.DialOption{
|
2022-02-14 16:22:30 +00:00
|
|
|
grpc.WithTransportCredentials(insecure.NewCredentials()),
|
2020-11-20 06:57:39 +00:00
|
|
|
grpc.WithUnaryInterceptor(client_middleware.DefaultTracingClient()),
|
|
|
|
|
}
|
2023-04-11 13:37:42 +00:00
|
|
|
connection, err := dial(ctx, port, opts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, "", err
|
|
|
|
|
}
|
|
|
|
|
err = g.RegisterGateway()(ctx, runtimeMux, connection)
|
2022-02-14 16:22:30 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, "", fmt.Errorf("failed to register grpc gateway: %w", err)
|
2020-03-24 13:15:01 +00:00
|
|
|
}
|
2022-06-03 12:44:04 +00:00
|
|
|
return addInterceptors(runtimeMux, http1HostName), g.GatewayPathPrefix(), nil
|
2020-03-24 13:15:01 +00:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 13:37:42 +00:00
|
|
|
func CreateGateway(ctx context.Context, port uint16, http1HostName string) (*Gateway, error) {
|
|
|
|
|
connection, err := dial(ctx,
|
|
|
|
|
port,
|
|
|
|
|
[]grpc.DialOption{
|
|
|
|
|
grpc.WithTransportCredentials(insecure.NewCredentials()),
|
|
|
|
|
grpc.WithUnaryInterceptor(client_middleware.DefaultTracingClient()),
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
runtimeMux := runtime.NewServeMux(append(serveMuxOptions, runtime.WithHealthzEndpoint(healthpb.NewHealthClient(connection)))...)
|
|
|
|
|
return &Gateway{
|
|
|
|
|
mux: runtimeMux,
|
|
|
|
|
http1HostName: http1HostName,
|
|
|
|
|
connection: connection,
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func RegisterGateway(ctx context.Context, gateway *Gateway, server Server) error {
|
|
|
|
|
err := server.RegisterGateway()(ctx, gateway.mux, gateway.connection)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("failed to register grpc gateway: %w", err)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func dial(ctx context.Context, port uint16, opts []grpc.DialOption) (*grpc.ClientConn, error) {
|
|
|
|
|
endpoint := fmt.Sprintf("localhost:%d", port)
|
|
|
|
|
conn, err := grpc.Dial(endpoint, opts...)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
defer func() {
|
|
|
|
|
if err != nil {
|
|
|
|
|
if cerr := conn.Close(); cerr != nil {
|
|
|
|
|
logging.Infof("Failed to close conn to %s: %v", endpoint, cerr)
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
go func() {
|
|
|
|
|
<-ctx.Done()
|
|
|
|
|
if cerr := conn.Close(); cerr != nil {
|
|
|
|
|
logging.Infof("Failed to close conn to %s: %v", endpoint, cerr)
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}()
|
|
|
|
|
return conn, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-03 12:44:04 +00:00
|
|
|
func addInterceptors(handler http.Handler, http1HostName string) http.Handler {
|
2023-02-27 21:36:43 +00:00
|
|
|
handler = http_mw.CallDurationHandler(handler)
|
2022-06-03 12:44:04 +00:00
|
|
|
handler = http1Host(handler, http1HostName)
|
|
|
|
|
handler = http_mw.CORSInterceptor(handler)
|
2020-12-02 07:50:59 +00:00
|
|
|
handler = http_mw.DefaultTelemetryHandler(handler)
|
2022-06-03 12:44:04 +00:00
|
|
|
return http_mw.DefaultMetricsHandler(handler)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func http1Host(next http.Handler, http1HostName string) http.Handler {
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
host, err := http_mw.HostFromRequest(r, http1HostName)
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusForbidden)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
r.Header.Set(middleware.HTTP1Host, host)
|
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
|
})
|
2020-03-24 13:15:01 +00:00
|
|
|
}
|