Merge pull request #88 from hpcloud/317-ghe

TEAMFOUR-317 - Add Github Enterprise support

Author: sean-sq-chen

github_oauth.go

@@ -67,6 +67,13 @@ func main() {
 	}
 	log.Println("Encryption key set.")
 
+	portalConfig.VCSClientMap, err = getVCSClients(portalConfig)
+	if err != nil || len(portalConfig.VCSClientMap) == 0 {
+		log.Printf("Exiting. No VCS clients found: %v", err)
+		os.Exit(1)
+	}
+	log.Printf("VCSClientMap: %v\n", portalConfig.VCSClientMap)
+
 	// Establish a Postgresql connection pool
 	var databaseConnectionPool *sql.DB
 	databaseConnectionPool, err = initConnPool()
@@ -321,20 +328,20 @@ func (p *portalProxy) registerRoutes(e *echo.Echo) {
 	// Version info
 	sessionGroup.GET("/version", p.getVersions)
 
-	// GitHub Requests
-	ghGroup := sessionGroup.Group("/github")
+	// VCS Requests
+	vcsGroup := sessionGroup.Group("/vcs")
 
-	// Initiate OAuth flow against GitHub on behalf of a user
-	ghGroup.GET("/oauth/auth", p.handleGitHubAuth)
+	// Initiate OAuth flow against VCS on behalf of a user
+	vcsGroup.GET("/oauth/auth", p.handleVCSAuth)
 
-	// GitHub OAuth callback/response
-	ghGroup.GET("/oauth/callback", p.handleGitHubCallback)
+	// VCS OAuth callback/response
+	vcsGroup.GET("/oauth/callback", p.handleVCSAuthCallback)
 
-	// Verify existence of GitHub token in Session
-	ghGroup.GET("/oauth/verify", p.verifyGitHubAuthToken)
+	// Verify existence of VCS token in Session
+	vcsGroup.GET("/oauth/verify", p.verifyVCSOAuthToken)
 
-	// Proxy the rest to Github API
-	ghGroup.Any("/*", p.github)
+	// Proxy the rest to VCS API
+	vcsGroup.Any("/*", p.vcsProxy)
 
 	// This is used for passthru of HCF/HCE requests
 	group := sessionGroup.Group("/proxy")

main.go

@@ -34,8 +34,6 @@ type CNSIRequest struct {
 	Error    error
 }
 
-const gitHubAPIURL = "https://api.github.com/"
-
 func getEchoURL(c echo.Context) url.URL {
 	log.Println("getEchoURL")
 	u := c.Request().URL().(*standard.URL).URL
@@ -204,8 +202,8 @@ func (p *portalProxy) proxy(c echo.Context) error {
 	log.Println(" ")
 
 	// if the following header is found, add the GH Oauth code to the body
-	if header.Get("x-cnap-github-token-required") != "" {
-		log.Println("--- x-cnap-github-token-required HEADER FOUND.....")
+	if header.Get("x-cnap-vcs-token-required") != "" {
+		log.Println("--- x-cnap-vcs-token-required HEADER FOUND.....")
 		body, err = p.addTokenToPayload(c, body)
 		if err != nil {
 			log.Printf("Unable to add token to HCE payload: %+v\n", err)
@@ -270,9 +268,12 @@ func (p *portalProxy) proxy(c echo.Context) error {
 func (p *portalProxy) addTokenToPayload(c echo.Context, body []byte) ([]byte, error) {
 	log.Println("addTokenToPayload")
 
-	token := p.getGitHubAuthToken(c)
-
-	log.Printf("Token: %+v\n", token)
+	token, ok := p.getVCSOAuthToken(c)
+	if !ok {
+		msg := "Unable to retrieve VCS OAuth token to add to payload"
+		log.Println(msg)
+		return nil, fmt.Errorf(msg)
+	}
 
 	var projData map[string]interface{}
 	if err := json.Unmarshal(body, &projData); err != nil {
@@ -327,44 +328,38 @@ End:
 	}
 }
 
-func (p *portalProxy) github(c echo.Context) error {
-
-	log.Println("github passthru ...")
-	log.Printf("GitHub API URL: %s", gitHubAPIURL)
+func (p *portalProxy) vcsProxy(c echo.Context) error {
+	log.Println("VCS proxy passthru ...")
 
 	var (
-		uri     *url.URL
-		headers http.Header
+		uri         *url.URL
+		vcsEndpoint string
 	)
 
 	uri = makeRequestURI(c)
-	log.Printf("URI: %+v\n", uri)
 
-	headers = getEchoHeaders(c)
-	log.Printf("Headers: %+v\n", headers)
+	vcsEndpoint = c.Request().Header().Get("x-cnap-vcs-api-url")
 
-	url := fmt.Sprintf("%s%s", gitHubAPIURL, uri)
-	log.Printf("URL: %s", url)
+	url := fmt.Sprintf("%s/%s", vcsEndpoint, uri)
+	log.Printf("VCS Endpoint URL: %s", url)
 
-	token := p.getGitHubAuthToken(c)
-	tokenHeader := fmt.Sprintf("token %s", token)
+	token, ok := p.getVCSOAuthToken(c)
+	if !ok {
+		msg := fmt.Sprintf("Token not found for endpoint %s", vcsEndpoint)
+		return echo.NewHTTPError(http.StatusBadRequest, msg)
+	}
 
-	// set the token in the header
-	log.Printf("Headers before GH call: %+v\n", headers)
+	tokenHeader := fmt.Sprintf("token %s", token)
 
-	// Perform the request against GitHub
-	client := &http.Client{
-		Timeout: time.Duration(p.Config.HTTPClientTimeoutInSecs) * time.Second,
-	}
+	// Perform the request against the VCS endpoint
 	req, err := http.NewRequest("GET", url, nil)
 	log.Printf("Request: %+v\n", req)
 	req.Header.Add("Authorization", tokenHeader)
-	resp, err := client.Do(req)
+	resp, err := httpClient.Do(req)
 	if err != nil {
-		log.Printf("Response from GitHub contained an error: %v", err)
+		log.Printf("Response from VCS contained an error: %v", err)
 	}
 
-	log.Printf("Response from GitHub: %+v\n", resp)
 	body, _ := ioutil.ReadAll(resp.Body)
 	defer resp.Body.Close()
 

passthrough.go

@@ -1,5 +1,7 @@
 package main
 
+import "golang.org/x/oauth2"
+
 type portalConfig struct {
 	HTTPClientTimeoutInSecs int64    `ucp:"HTTP_CLIENT_TIMEOUT_IN_SECS"`
 	SkipTLSVerification     bool     `ucp:"SKIP_TLS_VERIFICATION"`
@@ -16,11 +18,10 @@ type portalConfig struct {
 	HCPIdentityPort         string   `ucp:"HCP_IDENTITY_PORT"`
 	AllowedOrigins          []string `ucp:"ALLOWED_ORIGINS"`
 	SessionStoreSecret      string   `ucp:"SESSION_STORE_SECRET"`
-	GitHubOauthClientID     string   `ucp:"GITHUB_OAUTH_CLIENT_ID"`
-	GitHubOAuthClientSecret string   `ucp:"GITHUB_OAUTH_CLIENT_SECRET"`
-	GitHubOAuthState        string   `ucp:"GITHUB_OAUTH_STATE"`
+	VCSClients              string   `ucp:"VCS_CLIENTS"`
 	EncryptionKeyVolume     string   `ucp:"ENCRYPTION_KEY_VOLUME"`
 	EncryptionKeyFilename   string   `ucp:"ENCRYPTION_KEY_FILENAME"`
 	EncryptionKey           string   `ucp:"ENCRYPTION_KEY"`
 	EncryptionKeyInBytes    []byte
+	VCSClientMap            map[VCSClientMapKey]oauth2.Config
 }

portal_config.go

@@ -59,6 +59,18 @@ func (p *portalProxy) setSessionValues(c echo.Context, values map[string]interfa
 	return p.SessionStore.Save(req, res, session)
 }
 
+func (p *portalProxy) unsetSessionValue(c echo.Context, sessionKey string) error {
+	log.Println("unsetSessionValues")
+
+	req := c.Request().(*standard.Request).Request
+	res := c.Response().(*standard.Response).ResponseWriter
+	session, _ := p.SessionStore.Get(req, portalSessionName)
+
+	delete(session.Values, sessionKey)
+
+	return p.SessionStore.Save(req, res, session)
+}
+
 func (p *portalProxy) clearSession(c echo.Context) error {
 	log.Println("clearSession")