github.com/choria-io/go-choria@v0.28.1-0.20240416190746-b3bf9c7d5a45/docs/content/previews/protov2/helper.rb (about) 1 #!/usr/bin/ruby 2 3 require "json" 4 require "yaml" 5 require "base64" 6 require "net/http" 7 require "openssl" 8 9 BROKERS = "nats://broker.example.net:4222" 10 ISSUER = "b3989a299278750427b00213693c2ca02146476a361667682446230842836da8" 11 12 def empty_reply 13 { 14 "defer" => false, 15 "msg" => "", 16 "certificate" => "", 17 "ca" => "", 18 "configuration" => {}, 19 "server_claims" => {} 20 } 21 end 22 23 def parse_input 24 input = STDIN.read 25 request = JSON.parse(input) 26 request["inventory"] = JSON.parse(request["inventory"]) 27 28 request 29 end 30 31 def validate!(request, reply) 32 if request["identity"] && request["identity"].length == 0 33 reply["msg"] = "No identity received in request" 34 reply["defer"] = true 35 return false 36 end 37 38 unless request["ed25519_pubkey"] 39 reply["msg"] = "No ed15519 public key received" 40 reply["defer"] = true 41 return false 42 end 43 44 unless request["ed25519_pubkey"] 45 reply["msg"] = "No ed15519 directory received" 46 reply["defer"] = true 47 return false 48 end 49 50 if request["ed25519_pubkey"]["directory"].length == 0 51 reply["msg"] = "No ed15519 directory received" 52 reply["defer"] = true 53 return false 54 end 55 56 true 57 end 58 59 def publish_reply(reply) 60 puts reply.to_json 61 end 62 63 def publish_reply!(reply) 64 publish_reply(reply) 65 exit 66 end 67 68 def set_config!(request, reply) 69 reply["configuration"].merge!( 70 "plugin.choria.middleware_hosts" => BROKERS, 71 "plugin.security.issuer.choria.public" => ISSUER, 72 "identity" => request["identity"], 73 "loglevel" => "info", 74 "plugin.choria.server.provision" => "false", 75 "rpcauthorization" => "1", 76 "rpcauthprovider" => "aaasvc", 77 "plugin.security.issuer.names" => "choria", 78 "plugin.security.provider" => "choria", 79 "plugin.security.choria.token_file" => File.join(request["ed25519_pubkey"]["directory"], "server.jwt"), 80 "plugin.security.choria.seed_file" => File.join(request["ed25519_pubkey"]["directory"], "server.seed") 81 ) 82 83 reply["server_claims"].merge!( 84 "exp" => 5*60*60*24*365, 85 "permissions" => { 86 "streams" => true 87 } 88 ) 89 end 90 91 reply = empty_reply 92 93 begin 94 request = parse_input 95 96 File.open("/tmp/request.json", "w") {|f| f.write(request.to_json)} 97 98 reply["msg"] = "Validating" 99 unless validate!(request, reply) 100 publish_reply!(reply) 101 end 102 103 reply["msg"] = "Config" 104 set_config!(request, reply) 105 106 reply["msg"] = "Done" 107 publish_reply!(reply) 108 rescue SystemExit 109 rescue Exception 110 reply["msg"] = "Unexpected failure during provisioning: %s: %s" % [$!.class, $!.to_s] 111 reply["defer"] = true 112 publish_reply!(reply) 113 end