github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/accessstrategy/access_strategy.go

github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/accessstrategy/access_strategy.go (about)

     1  package accessstrategy
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  	"regexp"
     7  
     8  	validation "github.com/go-ozzo/ozzo-validation/v4"
     9  
    10  	"github.com/pkg/errors"
    11  )
    12  
    13  var supportedAccessStrategies = map[Type]bool{
    14  	OpenAccessStrategy:    true,
    15  	CMPmTLSAccessStrategy: true,
    16  }
    17  
    18  // UnsupportedErr is an error produced when execution of unsupported access strategy takes place.
    19  var UnsupportedErr = errors.New("unsupported access strategy")
    20  
    21  const (
    22  	// OpenAccessStrategy is an AccessStrategyType indicating that the ORD document is not secured
    23  	OpenAccessStrategy Type = "open"
    24  
    25  	// CMPmTLSAccessStrategy is an AccessStrategyType indicating that the ORD document trusts CMP's client certificate.
    26  	CMPmTLSAccessStrategy Type = "sap:cmp-mtls:v1"
    27  
    28  	// CustomAccessStrategy is an AccessStrategyType indicating that not a standard ORD security mechanism is used for the ORD document
    29  	CustomAccessStrategy Type = "custom"
    30  
    31  	// MinDescriptionLength represents the minimal accepted length of the Description field
    32  	MinDescriptionLength = 1
    33  	// MaxDescriptionLength represents the minimal accepted length of the Description field
    34  	MaxDescriptionLength = 5000
    35  )
    36  
    37  // AccessStrategies is a slice of AccessStrategy objects
    38  type AccessStrategies []AccessStrategy
    39  
    40  // AccessStrategy is an ORD object
    41  type AccessStrategy struct {
    42  	Type              Type   `json:"type"`
    43  	CustomType        Type   `json:"customType"`
    44  	CustomDescription string `json:"customDescription"`
    45  }
    46  
    47  // Type represents the possible type of the AccessStrategy
    48  type Type string
    49  
    50  // Validate validates a given access strategy
    51  func (as AccessStrategy) Validate() error {
    52  	const CustomTypeRegex = "^([a-z0-9-]+(?:[.][a-z0-9-]+)*):([a-zA-Z0-9._\\-]+):v([0-9]+)$"
    53  	return validation.ValidateStruct(&as,
    54  		validation.Field(&as.Type, validation.Required, validation.In(OpenAccessStrategy, CMPmTLSAccessStrategy, CustomAccessStrategy), validation.When(as.CustomType != "", validation.In(CustomAccessStrategy))),
    55  		validation.Field(&as.CustomType, validation.When(as.CustomType != "", validation.Match(regexp.MustCompile(CustomTypeRegex)))),
    56  		validation.Field(&as.CustomDescription, validation.When(as.Type != "custom", validation.Empty).Else(validation.Length(MinDescriptionLength, MaxDescriptionLength))),
    57  	)
    58  }
    59  
    60  // GetSupported returns the first AccessStrategy in the slice that is supported by CMP
    61  func (as AccessStrategies) GetSupported() (Type, bool) {
    62  	for _, v := range as {
    63  		if v.Type.isSupported() {
    64  			return v.Type, true
    65  		}
    66  		if v.Type == CustomAccessStrategy && v.CustomType.isSupported() {
    67  			return v.CustomType, true
    68  		}
    69  	}
    70  	return "", false
    71  }
    72  
    73  // IsSupported checks if the given AccessStrategy is supported by CMP
    74  func (a Type) isSupported() bool {
    75  	_, ok := supportedAccessStrategies[a]
    76  	return ok
    77  }
    78  
    79  // Executor defines an interface for execution of different access strategies
    80  //go:generate mockery --name=Executor --output=automock --outpkg=automock --case=underscore --disable-version-string
    81  type Executor interface {
    82  	Execute(ctx context.Context, client *http.Client, url, tnt string) (*http.Response, error)
    83  }