add ability to store/create encrypted vcenter password
This commit is contained in:
61
server/handler/encryptData.go
Normal file
61
server/handler/encryptData.go
Normal file
@@ -0,0 +1,61 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (h *Handler) EncryptData(w http.ResponseWriter, r *http.Request) {
|
||||
//ctx := context.Background()
|
||||
var cipherText string
|
||||
|
||||
reqBody, err := io.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
h.Logger.Error("Invalid data received", "error", err)
|
||||
fmt.Fprintf(w, "Invalid data received")
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
} else {
|
||||
h.Logger.Debug("received input data", "length", len(reqBody))
|
||||
}
|
||||
|
||||
// get the json input
|
||||
var input map[string]string
|
||||
if err := json.Unmarshal(reqBody, &input); err != nil {
|
||||
h.Logger.Error("unable to unmarshal json", "error", err)
|
||||
prettyPrint(reqBody)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
json.NewEncoder(w).Encode(map[string]string{
|
||||
"status": "ERROR",
|
||||
"message": fmt.Sprintf("Unable to unmarshal JSON in request body: '%s'", err),
|
||||
})
|
||||
return
|
||||
} else {
|
||||
h.Logger.Debug("successfully decoded JSON")
|
||||
prettyPrint(input)
|
||||
}
|
||||
|
||||
//cipher, err := h.Secret.Encrypt()
|
||||
for k := range input {
|
||||
//h.Logger.Debug("foo", "key", k, "value", input[k])
|
||||
cipherText, err = h.Secret.Encrypt([]byte(input[k]))
|
||||
if err != nil {
|
||||
h.Logger.Error("Unable to encrypt", "error", err)
|
||||
} else {
|
||||
h.Logger.Debug("Encrypted plaintext", "length", len(input[k]), "ciphertext", cipherText)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(map[string]string{
|
||||
"status": "OK",
|
||||
"message": cipherText,
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// return the result
|
||||
|
||||
}
|
||||
@@ -5,6 +5,8 @@ import (
|
||||
"log/slog"
|
||||
"net/http"
|
||||
"vctp/db"
|
||||
"vctp/internal/secrets"
|
||||
"vctp/internal/vcenter"
|
||||
|
||||
"github.com/a-h/templ"
|
||||
)
|
||||
@@ -16,6 +18,8 @@ type Handler struct {
|
||||
BuildTime string
|
||||
SHA1Ver string
|
||||
GoVersion string
|
||||
VcCreds *vcenter.VcenterLogin
|
||||
Secret *secrets.Secrets
|
||||
}
|
||||
|
||||
func (h *Handler) html(ctx context.Context, w http.ResponseWriter, status int, t templ.Component) {
|
||||
|
||||
@@ -244,7 +244,7 @@ func (h *Handler) calculateNewDiskSize(event models.CloudEventReceived) float64
|
||||
var diskSize float64
|
||||
var totalDiskBytes int64
|
||||
h.Logger.Debug("connecting to vcenter")
|
||||
vc := vcenter.New(h.Logger)
|
||||
vc := vcenter.New(h.Logger, h.VcCreds)
|
||||
vc.Login(event.CloudEvent.Source)
|
||||
|
||||
vmObject, err := vc.FindVMByIDWithDatacenter(event.CloudEvent.Data.VM.VM.Value, event.CloudEvent.Data.Datacenter.Datacenter.Value)
|
||||
|
||||
@@ -94,13 +94,22 @@ func (h *Handler) VmMoveEvent(w http.ResponseWriter, r *http.Request) {
|
||||
result, err := h.Database.Queries().CreateUpdate(ctx, params)
|
||||
if err != nil {
|
||||
h.Logger.Error("unable to perform database insert", "error", err)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
fmt.Fprintf(w, "Error : %v\n", err)
|
||||
json.NewEncoder(w).Encode(map[string]string{
|
||||
"status": "ERROR",
|
||||
"message": fmt.Sprintf("Unable to insert move event into database: '%s'", err),
|
||||
})
|
||||
return
|
||||
|
||||
} else {
|
||||
h.Logger.Debug("created database record", "insert_result", result)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
fmt.Fprintf(w, "Processed update event: %v\n", result)
|
||||
//fmt.Fprintf(w, "Processed update event: %v\n", result)
|
||||
json.NewEncoder(w).Encode(map[string]string{
|
||||
"status": "OK",
|
||||
"message": fmt.Sprintf("Successfully processed move event"),
|
||||
})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,17 +5,21 @@ import (
|
||||
"net/http"
|
||||
"vctp/db"
|
||||
"vctp/dist"
|
||||
"vctp/internal/secrets"
|
||||
"vctp/internal/vcenter"
|
||||
"vctp/server/handler"
|
||||
"vctp/server/middleware"
|
||||
)
|
||||
|
||||
func New(logger *slog.Logger, database db.Database, buildTime string, sha1ver string, goVersion string) http.Handler {
|
||||
func New(logger *slog.Logger, database db.Database, buildTime string, sha1ver string, goVersion string, creds *vcenter.VcenterLogin, secret *secrets.Secrets) http.Handler {
|
||||
h := &handler.Handler{
|
||||
Logger: logger,
|
||||
Database: database,
|
||||
BuildTime: buildTime,
|
||||
SHA1Ver: sha1ver,
|
||||
GoVersion: goVersion,
|
||||
VcCreds: creds,
|
||||
Secret: secret,
|
||||
}
|
||||
|
||||
mux := http.NewServeMux()
|
||||
@@ -35,5 +39,8 @@ func New(logger *slog.Logger, database db.Database, buildTime string, sha1ver st
|
||||
mux.HandleFunc("/api/report/inventory", h.InventoryReportDownload)
|
||||
mux.HandleFunc("/api/report/updates", h.UpdateReportDownload)
|
||||
|
||||
// endpoint for encrypting vcenter credential
|
||||
mux.HandleFunc("/api/encrypt", h.EncryptData)
|
||||
|
||||
return middleware.NewLoggingMiddleware(logger, mux)
|
||||
}
|
||||
|
||||
@@ -21,6 +21,7 @@ type Server struct {
|
||||
disableTls bool
|
||||
tlsCertFilename string
|
||||
tlsKeyFilename string
|
||||
encryptionKey string
|
||||
}
|
||||
|
||||
// New creates a new server with the given logger, address and options.
|
||||
@@ -88,6 +89,13 @@ func WithRouter(handler http.Handler) Option {
|
||||
}
|
||||
}
|
||||
|
||||
// SetKey sets the encryption key we use when generating secrets
|
||||
func SetKey(key string) Option {
|
||||
return func(s *Server) {
|
||||
s.encryptionKey = key
|
||||
}
|
||||
}
|
||||
|
||||
// SetTls sets the disable tls value
|
||||
func SetTls(disableTls bool) Option {
|
||||
return func(s *Server) {
|
||||
|
||||
Reference in New Issue
Block a user