Merge branch 'feat/worker-auth'

5 files changed, 67 insertions, 11 deletions

diff --git a/backend/auth/jwt.go b/backend/auth/jwt.go
index e1852da..510656b 100644
--- a/backend/auth/jwt.go
+++ b/backend/auth/jwt.go
@@ -33,6 +33,14 @@ func NewJWT(user *db.User) (string, error) {
 	return token.SignedString([]byte("TODO"))
 }
 
+func NewAnonymousJWT() (string, error) {
+	claims := jwt.RegisteredClaims{
+		ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 5)),
+	}
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString([]byte("TODO"))
+}
+
 func NewShortLivedJWT(claims *JWTClaims) (string, error) {
 	newClaims := &JWTClaims{
 		UserID:      claims.UserID,
diff --git a/backend/taskqueue/processor.go b/backend/taskqueue/processor.go
index cf90cbc..149ab67 100644
--- a/backend/taskqueue/processor.go
+++ b/backend/taskqueue/processor.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/nsfisis/iosdc-japan-2024-albatross/backend/auth"
 	"github.com/nsfisis/iosdc-japan-2024-albatross/backend/db"
 )
 
@@ -62,10 +63,24 @@ func (p *processor) doProcessTaskCompileSwiftToWasm(
 	if err != nil {
 		return nil, fmt.Errorf("json.Marshal failed: %v", err)
 	}
-	res, err := http.Post("http://worker:80/api/swiftc", "application/json", bytes.NewBuffer(reqJSON))
+	req, err := http.NewRequest("POST", "http://worker:80/api/swiftc", bytes.NewBuffer(reqJSON))
 	if err != nil {
-		return nil, fmt.Errorf("http.Post failed: %v", err)
+		return nil, fmt.Errorf("http.NewRequest failed: %v", err)
 	}
+	req.Header.Set("Content-Type", "application/json")
+	jwt, err := auth.NewAnonymousJWT()
+	if err != nil {
+		return nil, fmt.Errorf("auth.NewAnonymousJWT failed: %v", err)
+	}
+	req.Header.Set("Authorization", "Bearer "+jwt)
+
+	client := &http.Client{}
+	res, err := client.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("client.Do failed: %v", err)
+	}
+	defer res.Body.Close()
+
 	resData := swiftcResponseData{}
 	if err := json.NewDecoder(res.Body).Decode(&resData); err != nil {
 		return nil, fmt.Errorf("json.Decode failed: %v", err)
@@ -99,10 +114,24 @@ func (p *processor) doProcessTaskCompileWasmToNativeExecutable(
 	if err != nil {
 		return nil, fmt.Errorf("json.Marshal failed: %v", err)
 	}
-	res, err := http.Post("http://worker:80/api/wasmc", "application/json", bytes.NewBuffer(reqJSON))
+	req, err := http.NewRequest("POST", "http://worker:80/api/wasmc", bytes.NewBuffer(reqJSON))
+	if err != nil {
+		return nil, fmt.Errorf("http.NewRequest failed: %v", err)
+	}
+	req.Header.Set("Content-Type", "application/json")
+	jwt, err := auth.NewAnonymousJWT()
+	if err != nil {
+		return nil, fmt.Errorf("auth.NewAnonymousJWT failed: %v", err)
+	}
+	req.Header.Set("Authorization", "Bearer "+jwt)
+
+	client := &http.Client{}
+	res, err := client.Do(req)
 	if err != nil {
-		return nil, fmt.Errorf("http.Post failed: %v", err)
+		return nil, fmt.Errorf("client.Do failed: %v", err)
 	}
+	defer res.Body.Close()
+
 	resData := wasmcResponseData{}
 	if err := json.NewDecoder(res.Body).Decode(&resData); err != nil {
 		return nil, fmt.Errorf("json.Decode failed: %v", err)
@@ -138,10 +167,24 @@ func (p *processor) doProcessTaskRunTestcase(
 	if err != nil {
 		return nil, fmt.Errorf("json.Marshal failed: %v", err)
 	}
-	res, err := http.Post("http://worker:80/api/testrun", "application/json", bytes.NewBuffer(reqJSON))
+	req, err := http.NewRequest("POST", "http://worker:80/api/testrun", bytes.NewBuffer(reqJSON))
+	if err != nil {
+		return nil, fmt.Errorf("http.NewRequest failed: %v", err)
+	}
+	req.Header.Set("Content-Type", "application/json")
+	jwt, err := auth.NewAnonymousJWT()
 	if err != nil {
-		return nil, fmt.Errorf("http.Post failed: %v", err)
+		return nil, fmt.Errorf("auth.NewAnonymousJWT failed: %v", err)
 	}
+	req.Header.Set("Authorization", "Bearer "+jwt)
+
+	client := &http.Client{}
+	res, err := client.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("client.Do failed: %v", err)
+	}
+	defer res.Body.Close()
+
 	resData := testrunResponseData{}
 	if err := json.NewDecoder(res.Body).Decode(&resData); err != nil {
 		return nil, fmt.Errorf("json.Decode failed: %v", err)
diff --git a/worker/go.mod b/worker/go.mod
index 30b58c1..ebf2a9b 100644
--- a/worker/go.mod
+++ b/worker/go.mod
@@ -4,6 +4,7 @@ go 1.22.3
 
 require (
 	github.com/golangci/golangci-lint v1.59.1
+	github.com/labstack/echo-jwt/v4 v4.2.0
 	github.com/labstack/echo/v4 v4.12.0
 )
 
@@ -65,6 +66,7 @@ require (
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect
 	github.com/golangci/gofmt v0.0.0-20231018234816-f50ced29576e // indirect
diff --git a/worker/go.sum b/worker/go.sum
index ba7b029..0d10fb5 100644
--- a/worker/go.sum
+++ b/worker/go.sum
@@ -195,6 +195,8 @@ github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14j
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
+github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@@ -339,6 +341,8 @@ github.com/kunwardeep/paralleltest v1.0.10 h1:wrodoaKYzS2mdNVnc4/w31YaXFtsc21PCT
 github.com/kunwardeep/paralleltest v1.0.10/go.mod h1:2C7s65hONVqY7Q5Efj5aLzRCNLjw2h4eMc9EcypGjcY=
 github.com/kyoh86/exportloopref v0.1.11 h1:1Z0bcmTypkL3Q4k+IDHMWTcnCliEZcaPiIe0/ymEyhQ=
 github.com/kyoh86/exportloopref v0.1.11/go.mod h1:qkV4UF1zGl6EkF1ox8L5t9SwyeBAZ3qLMd6up458uqA=
+github.com/labstack/echo-jwt/v4 v4.2.0 h1:odSISV9JgcSCuhgQSV/6Io3i7nUmfM/QkBeR5GVJj5c=
+github.com/labstack/echo-jwt/v4 v4.2.0/go.mod h1:MA2RqdXdEn4/uEglx0HcUOgQSyBaTh5JcaHIan3biwU=
 github.com/labstack/echo/v4 v4.12.0 h1:IKpw49IMryVB2p1a4dzwlhP1O2Tf2E0Ir/450lH+kI0=
 github.com/labstack/echo/v4 v4.12.0/go.mod h1:UP9Cr2DJXbOK3Kr9ONYzNowSh7HP0aG0ShAyycHSJvM=
 github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0=
diff --git a/worker/main.go b/worker/main.go
index 51c0eb1..8134a56 100644
--- a/worker/main.go
+++ b/worker/main.go
@@ -4,7 +4,7 @@ import (
 	"log"
 	"net/http"
 
-	// echojwt "github.com/labstack/echo-jwt/v4"
+	echojwt "github.com/labstack/echo-jwt/v4"
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
 )
@@ -19,10 +19,9 @@ func main() {
 	e.Use(middleware.Logger())
 	e.Use(middleware.Recover())
 
-	// TODO: temporarily disabled
-	// e.Use(echojwt.WithConfig(echojwt.Config{
-	// 	SigningKey: []byte("TODO"),
-	// }))
+	e.Use(echojwt.WithConfig(echojwt.Config{
+		SigningKey: []byte("TODO"),
+	}))
 
 	e.POST("/api/swiftc", handleSwiftCompile)
 	e.POST("/api/wasmc", handleWasmCompile)