google · google-oss-robot · Sep 16, 2020 · Sep 15, 2020 · Sep 16, 2020 · Sep 16, 2020
@@ -0,0 +1,112 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"os"
+	"strconv"
+
+	"github.com/google/exposure-notifications-verification-server/pkg/buildinfo"
+	"github.com/google/exposure-notifications-verification-server/pkg/config"
+	"github.com/google/exposure-notifications-verification-server/pkg/controller/middleware"
+	"github.com/google/exposure-notifications-verification-server/pkg/controller/redirect"
+	"github.com/google/exposure-notifications-verification-server/pkg/render"
+
+	"github.com/google/exposure-notifications-server/pkg/logging"
+	"github.com/google/exposure-notifications-server/pkg/observability"
+	"github.com/google/exposure-notifications-server/pkg/server"
+
+	"github.com/gorilla/handlers"
+	"github.com/gorilla/mux"
+	"github.com/sethvargo/go-signalcontext"
+)
+
+func main() {
+	ctx, done := signalcontext.OnInterrupt()
+
+	debug, _ := strconv.ParseBool(os.Getenv("LOG_DEBUG"))
+	logger := logging.NewLogger(debug)
+	logger = logger.With("build_id", buildinfo.BuildID)
+	logger = logger.With("build_tag", buildinfo.BuildTag)
+
+	ctx = logging.WithLogger(ctx, logger)
+
+	err := realMain(ctx)
+	done()
+
+	if err != nil {
+		logger.Fatal(err)
+	}
+	logger.Info("successful shutdown")
+}
+
+func realMain(ctx context.Context) error {
+	logger := logging.FromContext(ctx)
+
+	config, err := config.NewRedirectConfig(ctx)
+	if err != nil {
+		return fmt.Errorf("failed to process config: %w", err)
+	}
+
+	// Setup monitoring
+	logger.Info("configuring observability exporter")
+	oeConfig := config.ObservabilityExporterConfig()
+	oe, err := observability.NewFromEnv(ctx, oeConfig)
+	if err != nil {
+		return fmt.Errorf("unable to create ObservabilityExporter provider: %w", err)
+	}
+	if err := oe.StartExporter(); err != nil {
+		return fmt.Errorf("error initializing observability exporter: %w", err)
+	}
+	defer oe.Close()
+	logger.Infow("observability exporter", "config", oeConfig)
+
+	// Create the router
+	r := mux.NewRouter()
+
+	// Create the renderer
+	h, err := render.New(ctx, config.AssetsPath, config.DevMode)
+	if err != nil {
+		return fmt.Errorf("failed to create renderer: %w", err)
+	}
+
+	// Install common security headers
+	r.Use(middleware.SecureHeaders(ctx, config.DevMode, "html"))
+
+	// Enable debug headers
+	processDebug := middleware.ProcessDebug(ctx)
+	r.Use(processDebug)
+
+	{
+		redirectController := redirect.New(ctx, config, h)
+		r.Handle("/v", redirectController.HandleIndex()).Methods("GET")
+	}
+
+	// Wrap the main router in the mutating middleware method. This cannot be
+	// inserted as middleware because gorilla processes the method before
+	// middleware.
+	mux := http.NewServeMux()
+	mux.Handle("/", middleware.MutateMethod(ctx)(r))
+
+	srv, err := server.New(config.Port)
+	if err != nil {
+		return fmt.Errorf("failed to create server: %w", err)
+	}
+	logger.Infow("server listening", "port", config.Port)
+	return srv.ServeHTTPHandler(ctx, handlers.CombinedLoggingHandler(os.Stdout, mux))
+}
@@ -0,0 +1,57 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package config
+
+import (
+	"context"
+
+	"github.com/google/exposure-notifications-verification-server/pkg/ratelimit"
+
+	"github.com/google/exposure-notifications-server/pkg/observability"
+
+	"github.com/sethvargo/go-envconfig"
+)
+
+// RedirectConfig represents the environment based config for the redirect server.
+type RedirectConfig struct {
+	Observability observability.Config
+
+	Port string `env:"PORT,default=8080"`
+
+	AssetsPath string `env:"KO_DATA_PATH"`
+
+	// If Dev mode is true, cookies aren't required to be sent over secure channels.
+	// This includes CSRF protection base cookie. You want this false in production (the default).
+	DevMode bool `env:"DEV_MODE"`
+
+	RedirectFrom []string `env:"REDIRECT_FROM"`
+	RedirectTo   []string `env:"REDIRECT_TO"`
+
+	// Rate limiting configuration
+	RateLimit ratelimit.Config
+}
+
+// NewRedirectConfig initializes and validates a RedirectConfig struct.
+func NewRedirectConfig(ctx context.Context) (*RedirectConfig, error) {
+	var config RedirectConfig
+	if err := ProcessWith(ctx, &config, envconfig.OsLookuper()); err != nil {
+		return nil, err
+	}
+	return &config, nil
+}
+
+func (c *RedirectConfig) ObservabilityExporterConfig() *observability.Config {
+	return &c.Observability
+}
@@ -0,0 +1,38 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+package redirect
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+
+	"github.com/google/exposure-notifications-verification-server/pkg/controller"
+)
+
+func (c *Controller) HandleIndex() http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		//ctx := r.Context()
+
+		idx := strings.Index(r.RequestURI, "/v?")
+		if idx < 0 {
+			controller.InternalError(w, r, c.h, fmt.Errorf("don't do that."))
+			return
+		}
+		keep := r.RequestURI[idx:]
+		sendTo := fmt.Sprintf("ens:/%s", keep)
+
+		http.Redirect(w, r, sendTo, http.StatusSeeOther)
+	})
+}
@@ -0,0 +1,44 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package redirect defines the controller for the deep link redirector.
+package redirect
+
+import (
+	"context"
+
+	"github.com/google/exposure-notifications-verification-server/pkg/config"
+	"github.com/google/exposure-notifications-verification-server/pkg/render"
+
+	"github.com/google/exposure-notifications-server/pkg/logging"
+
+	"go.uber.org/zap"
+)
+
+type Controller struct {
+	config *config.RedirectConfig
+	h      *render.Renderer
+	logger *zap.SugaredLogger
+}
+
+// New creates a new login controller.
+func New(ctx context.Context, config *config.RedirectConfig, h *render.Renderer) *Controller {
+	logger := logging.FromContext(ctx).Named("login")
+
+	return &Controller{
+		config: config,
+		h:      h,
+		logger: logger,
+	}
+}