From 6b74e3853ff183f63b6cd9b94331446a39d562a6 Mon Sep 17 00:00:00 2001 From: nsfisis Date: Thu, 8 Aug 2024 20:21:02 +0900 Subject: feat(worker): re-enable authentication between api-server and worker --- backend/auth/jwt.go | 8 ++++++ backend/taskqueue/processor.go | 55 +++++++++++++++++++++++++++++++++++++----- 2 files changed, 57 insertions(+), 6 deletions(-) (limited to 'backend') diff --git a/backend/auth/jwt.go b/backend/auth/jwt.go index e1852da..510656b 100644 --- a/backend/auth/jwt.go +++ b/backend/auth/jwt.go @@ -33,6 +33,14 @@ func NewJWT(user *db.User) (string, error) { return token.SignedString([]byte("TODO")) } +func NewAnonymousJWT() (string, error) { + claims := jwt.RegisteredClaims{ + ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 5)), + } + token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) + return token.SignedString([]byte("TODO")) +} + func NewShortLivedJWT(claims *JWTClaims) (string, error) { newClaims := &JWTClaims{ UserID: claims.UserID, diff --git a/backend/taskqueue/processor.go b/backend/taskqueue/processor.go index cf90cbc..149ab67 100644 --- a/backend/taskqueue/processor.go +++ b/backend/taskqueue/processor.go @@ -7,6 +7,7 @@ import ( "fmt" "net/http" + "github.com/nsfisis/iosdc-japan-2024-albatross/backend/auth" "github.com/nsfisis/iosdc-japan-2024-albatross/backend/db" ) @@ -62,10 +63,24 @@ func (p *processor) doProcessTaskCompileSwiftToWasm( if err != nil { return nil, fmt.Errorf("json.Marshal failed: %v", err) } - res, err := http.Post("http://worker:80/api/swiftc", "application/json", bytes.NewBuffer(reqJSON)) + req, err := http.NewRequest("POST", "http://worker:80/api/swiftc", bytes.NewBuffer(reqJSON)) if err != nil { - return nil, fmt.Errorf("http.Post failed: %v", err) + return nil, fmt.Errorf("http.NewRequest failed: %v", err) } + req.Header.Set("Content-Type", "application/json") + jwt, err := auth.NewAnonymousJWT() + if err != nil { + return nil, fmt.Errorf("auth.NewAnonymousJWT failed: %v", err) + } + req.Header.Set("Authorization", "Bearer "+jwt) + + client := &http.Client{} + res, err := client.Do(req) + if err != nil { + return nil, fmt.Errorf("client.Do failed: %v", err) + } + defer res.Body.Close() + resData := swiftcResponseData{} if err := json.NewDecoder(res.Body).Decode(&resData); err != nil { return nil, fmt.Errorf("json.Decode failed: %v", err) @@ -99,10 +114,24 @@ func (p *processor) doProcessTaskCompileWasmToNativeExecutable( if err != nil { return nil, fmt.Errorf("json.Marshal failed: %v", err) } - res, err := http.Post("http://worker:80/api/wasmc", "application/json", bytes.NewBuffer(reqJSON)) + req, err := http.NewRequest("POST", "http://worker:80/api/wasmc", bytes.NewBuffer(reqJSON)) + if err != nil { + return nil, fmt.Errorf("http.NewRequest failed: %v", err) + } + req.Header.Set("Content-Type", "application/json") + jwt, err := auth.NewAnonymousJWT() + if err != nil { + return nil, fmt.Errorf("auth.NewAnonymousJWT failed: %v", err) + } + req.Header.Set("Authorization", "Bearer "+jwt) + + client := &http.Client{} + res, err := client.Do(req) if err != nil { - return nil, fmt.Errorf("http.Post failed: %v", err) + return nil, fmt.Errorf("client.Do failed: %v", err) } + defer res.Body.Close() + resData := wasmcResponseData{} if err := json.NewDecoder(res.Body).Decode(&resData); err != nil { return nil, fmt.Errorf("json.Decode failed: %v", err) @@ -138,10 +167,24 @@ func (p *processor) doProcessTaskRunTestcase( if err != nil { return nil, fmt.Errorf("json.Marshal failed: %v", err) } - res, err := http.Post("http://worker:80/api/testrun", "application/json", bytes.NewBuffer(reqJSON)) + req, err := http.NewRequest("POST", "http://worker:80/api/testrun", bytes.NewBuffer(reqJSON)) + if err != nil { + return nil, fmt.Errorf("http.NewRequest failed: %v", err) + } + req.Header.Set("Content-Type", "application/json") + jwt, err := auth.NewAnonymousJWT() if err != nil { - return nil, fmt.Errorf("http.Post failed: %v", err) + return nil, fmt.Errorf("auth.NewAnonymousJWT failed: %v", err) } + req.Header.Set("Authorization", "Bearer "+jwt) + + client := &http.Client{} + res, err := client.Do(req) + if err != nil { + return nil, fmt.Errorf("client.Do failed: %v", err) + } + defer res.Body.Close() + resData := testrunResponseData{} if err := json.NewDecoder(res.Body).Decode(&resData); err != nil { return nil, fmt.Errorf("json.Decode failed: %v", err) -- cgit v1.2.3-70-g09d2