-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
100 lines (94 loc) · 2.51 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package main
import (
"encoding/json"
"fmt"
"github.com/MicahParks/keyfunc"
"github.com/golang-jwt/jwt/v4"
"gopkg.in/alecthomas/kingpin.v2"
"io"
"net/http"
"os"
"strings"
)
/**
* @Author: yangyang
* @Date: 2022/12/8 17:28
* @Desc:
*/
func main() {
app := kingpin.New("jwks", "envoy remote jwks go.")
jwk := app.Command("jwks", "get jwks by file web server")
var configFile string
var port int
var address string
var b []byte
parseConfig := func(_ *kingpin.ParseContext) error {
f, err := os.Open(configFile)
if err != nil {
return err
}
defer f.Close()
b, err = io.ReadAll(f)
if err != nil {
return err
}
return nil
}
jwk.Flag("file-path", "jwks file path").Short('c').PlaceHolder("/path/to/file").Action(parseConfig).ExistingFileVar(&configFile)
jwk.Flag("port", "http port").Short('p').Default("8080").PlaceHolder("<port>").IntVar(&port)
jwk.Flag("address", "http address").Short('d').Default("0.0.0.0").PlaceHolder("<ipaddr>").StringVar(&address)
app.HelpFlag.Short('h')
args := os.Args[1:]
cmd := kingpin.MustParse(app.Parse(args))
switch cmd {
case jwk.FullCommand():
if configFile == "" {
fmt.Println("config file is must")
os.Exit(2)
}
http.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) {
writer.Write([]byte("success"))
})
http.HandleFunc("/jwks", func(writer http.ResponseWriter, request *http.Request) {
writer.Write(b)
})
http.HandleFunc("/valid", func(writer http.ResponseWriter, request *http.Request) {
message := json.RawMessage(b)
jwks, err := keyfunc.NewJSON(message)
if err != nil {
writer.Write([]byte(fmt.Sprintf("jwks valid fail: %s", err.Error())))
return
}
var token string
reqToken := request.Header.Get("Authorization")
if reqToken != "" {
splitToken := strings.Split(reqToken, "Bearer ")
if len(splitToken) == 2 {
token = splitToken[1]
}
}
if token == "" {
token = request.URL.Query().Get("access_token")
}
if token == "" {
writer.Write([]byte("token is empty"))
return
}
parse, err := jwt.Parse(token, jwks.Keyfunc)
if err != nil {
writer.Write([]byte(fmt.Sprintf("Failed to parse the JWT.\nError: %s", err.Error())))
return
}
if !parse.Valid {
writer.Write([]byte("The token is not valid."))
return
}
writer.Write([]byte("The token is valid."))
})
fmt.Println(fmt.Sprintf("listen address is :%s:%d", address, port))
http.ListenAndServe(fmt.Sprintf("%s:%d", address, port), nil)
default:
app.Usage(args)
os.Exit(2)
}
}