github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/internal/enforcer/proxy/rpcserver.go (about) 1 package enforcerproxy 2 3 import ( 4 "context" 5 "errors" 6 "fmt" 7 "time" 8 9 "go.aporeto.io/enforcerd/trireme-lib/collector" 10 "go.aporeto.io/enforcerd/trireme-lib/common" 11 "go.aporeto.io/enforcerd/trireme-lib/controller/internal/enforcer/utils/rpcwrapper" 12 ) 13 14 // ProxyRPCServer This struct is a receiver for Statsserver and maintains a handle to the RPC ProxyRPCServer. 15 type ProxyRPCServer struct { 16 collector collector.EventCollector 17 rpchdl rpcwrapper.RPCServer 18 secret string 19 tokenIssuer common.ServiceTokenIssuer 20 ctx context.Context 21 } 22 23 // PostStats is the function called from the remoteenforcer when it has new flow events to publish. 24 func (r *ProxyRPCServer) PostStats(req rpcwrapper.Request, resp *rpcwrapper.Response) error { 25 26 if !r.rpchdl.ProcessMessage(&req, r.secret) { 27 return errors.New("message sender cannot be verified") 28 } 29 30 payload := req.Payload.(rpcwrapper.StatsPayload) 31 32 for _, record := range payload.Flows { 33 r.collector.CollectFlowEvent(record) 34 } 35 payload.Flows = nil 36 37 for _, record := range payload.Users { 38 r.collector.CollectUserEvent(record) 39 } 40 payload.Users = nil 41 42 return nil 43 } 44 45 // RetrieveToken propagates the master request to the token retriever and returns a token. 46 func (r *ProxyRPCServer) RetrieveToken(req rpcwrapper.Request, resp *rpcwrapper.Response) error { 47 48 if !r.rpchdl.ProcessMessage(&req, r.secret) { 49 return errors.New("message sender cannot be verified") 50 } 51 52 payload, ok := req.Payload.(rpcwrapper.TokenRequestPayload) 53 if !ok { 54 return errors.New("invalid request payload for token request") 55 } 56 57 subctx, cancel := context.WithTimeout(r.ctx, time.Second*60) 58 defer cancel() 59 60 token, err := r.tokenIssuer.Issue(subctx, payload.ContextID, payload.ServiceTokenType, payload.Audience, payload.Validity) 61 if err != nil { 62 resp.Status = "error" 63 return fmt.Errorf("control plane failed to issue token: %s", err) 64 } 65 66 resp.Status = "ok" 67 resp.Payload = &rpcwrapper.TokenResponsePayload{ 68 Token: token, 69 } 70 71 return nil 72 } 73 74 // PostReportEvent posts report events to the listener. 75 func (r *ProxyRPCServer) PostReportEvent(req rpcwrapper.Request, resp *rpcwrapper.Response) error { 76 77 if !r.rpchdl.ProcessMessage(&req, r.secret) { 78 return errors.New("message sender cannot be verified") 79 } 80 81 switch req.PayloadType { 82 case rpcwrapper.PingReport: 83 pingReport := req.Payload.(*collector.PingReport) 84 r.collector.CollectPingEvent(pingReport) 85 86 case rpcwrapper.PacketReport: 87 debugReport := req.Payload.(*collector.PacketReport) 88 r.collector.CollectPacketEvent(debugReport) 89 90 case rpcwrapper.CounterReport: 91 counterReport := req.Payload.(*collector.CounterReport) 92 r.collector.CollectCounterEvent(counterReport) 93 94 case rpcwrapper.DNSReport: 95 dnsReport := req.Payload.(*collector.DNSRequestReport) 96 r.collector.CollectDNSRequests(dnsReport) 97 98 case rpcwrapper.ConnectionExceptionReport: 99 connectionReport := req.Payload.(*collector.ConnectionExceptionReport) 100 r.collector.CollectConnectionExceptionReport(connectionReport) 101 102 default: 103 return fmt.Errorf("unsupported report type: %v", req.PayloadType) 104 } 105 106 req.Payload = nil 107 return nil 108 }