Commit 52ca752
cmd/gtwy/main.go
@@ -1,55 +1,18 @@
package main
import (
- "fmt"
"log"
"net/http"
- "net/http/httputil"
- "strings"
- "github.com/casbin/casbin/v2"
"github.com/xlgmokha/x/pkg/env"
- "github.com/xlgmokha/x/pkg/x"
"gitlab.com/mokhax/spike/pkg/cfg"
+ "gitlab.com/mokhax/spike/pkg/prxy"
"gitlab.com/mokhax/spike/pkg/srv"
)
-func NewRouter(routes map[string]string) http.Handler {
- authz := x.Must(casbin.NewEnforcer("model.conf", "policy.csv"))
-
- return &httputil.ReverseProxy{
- Director: func(r *http.Request) {
- segments := strings.SplitN(r.Host, ":", 2)
- host := segments[0]
- destinationHost := routes[host]
-
- log.Printf("%v (from: %v to: %v)\n", r.URL, host, destinationHost)
-
- subject := "71cbc18e-bd41-4229-9ad2-749546a2a4a7" // TODO:: unpack sub claim in JWT
- if x.Must(authz.Enforce(subject, host, r.Method, r.URL.Path)) {
- r.URL.Scheme = "http" // TODO:: use TLS
- r.Host = destinationHost
- r.URL.Host = destinationHost
- } else {
- log.Println("UNAUTHORIZED") // TODO:: Return forbidden, unauthorized or not found status code
- }
- },
- Transport: http.DefaultTransport,
- FlushInterval: -1,
- ErrorLog: nil,
- ModifyResponse: func(r *http.Response) error {
- r.Header.Add("Via", fmt.Sprintf("%v gtwy", r.Proto))
- return nil
- },
- ErrorHandler: func(w http.ResponseWriter, r *http.Request, err error) {
- log.Println(err)
- },
- }
-}
-
func main() {
mux := http.NewServeMux()
- mux.Handle("/", NewRouter(map[string]string{
+ mux.Handle("/", prxy.New(map[string]string{
"idp.example.com": "localhost:8282",
"ui.example.com": "localhost:8283",
"api.example.com": "localhost:8284",
pkg/prxy/prxy.go
@@ -0,0 +1,45 @@
+package prxy
+
+import (
+ "fmt"
+ "log"
+ "net/http"
+ "net/http/httputil"
+ "strings"
+
+ "github.com/casbin/casbin/v2"
+ "github.com/xlgmokha/x/pkg/x"
+)
+
+func New(routes map[string]string) http.Handler {
+ authz := x.Must(casbin.NewEnforcer("model.conf", "policy.csv"))
+
+ return &httputil.ReverseProxy{
+ Director: func(r *http.Request) {
+ segments := strings.SplitN(r.Host, ":", 2)
+ host := segments[0]
+ destinationHost := routes[host]
+
+ log.Printf("%v (from: %v to: %v)\n", r.URL, host, destinationHost)
+
+ subject := "71cbc18e-bd41-4229-9ad2-749546a2a4a7" // TODO:: unpack sub claim in JWT
+ if x.Must(authz.Enforce(subject, host, r.Method, r.URL.Path)) {
+ r.URL.Scheme = "http" // TODO:: use TLS
+ r.Host = destinationHost
+ r.URL.Host = destinationHost
+ } else {
+ log.Println("UNAUTHORIZED") // TODO:: Return forbidden, unauthorized or not found status code
+ }
+ },
+ Transport: http.DefaultTransport,
+ FlushInterval: -1,
+ ErrorLog: nil,
+ ModifyResponse: func(r *http.Response) error {
+ r.Header.Add("Via", fmt.Sprintf("%v gtwy", r.Proto))
+ return nil
+ },
+ ErrorHandler: func(w http.ResponseWriter, r *http.Request, err error) {
+ log.Println(err)
+ },
+ }
+}