github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/config/selfreg_config.go

github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/config/selfreg_config.go (about)

     1  package config
     2  
     3  import (
     4  	"time"
     5  
     6  	"github.com/kyma-incubator/compass/components/director/pkg/oauth"
     7  	"github.com/pkg/errors"
     8  	"github.com/tidwall/gjson"
     9  )
    10  
    11  // SelfRegConfig is configuration for the runtime self-registration flow
    12  type SelfRegConfig struct {
    13  	SelfRegisterDistinguishLabelKey string `envconfig:"APP_SELF_REGISTER_DISTINGUISH_LABEL_KEY"`
    14  	SelfRegisterLabelKey            string `envconfig:"APP_SELF_REGISTER_LABEL_KEY,optional"`
    15  	SelfRegisterLabelValuePrefix    string `envconfig:"APP_SELF_REGISTER_LABEL_VALUE_PREFIX,optional"`
    16  	SelfRegisterResponseKey         string `envconfig:"APP_SELF_REGISTER_RESPONSE_KEY,optional"`
    17  	SaaSAppNameLabelKey             string `envconfig:"APP_SELF_REGISTER_SAAS_APP_LABEL_KEY,optional"`
    18  	SelfRegisterPath                string `envconfig:"APP_SELF_REGISTER_PATH,optional"`
    19  	SelfRegisterNameQueryParam      string `envconfig:"APP_SELF_REGISTER_NAME_QUERY_PARAM,optional"`
    20  	SelfRegisterTenantQueryParam    string `envconfig:"APP_SELF_REGISTER_TENANT_QUERY_PARAM,optional"`
    21  	SelfRegisterRequestBodyPattern  string `envconfig:"APP_SELF_REGISTER_REQUEST_BODY_PATTERN,optional"`
    22  	SelfRegisterSecretPath          string `envconfig:"APP_SELF_REGISTER_SECRET_PATH"`
    23  	SelfRegSaaSAppSecretPath        string `envconfig:"APP_SELF_REGISTER_SAAS_APP_SECRET_PATH"`
    24  
    25  	OAuthMode      oauth.AuthMode `envconfig:"APP_SELF_REGISTER_OAUTH_MODE,default=oauth-mtls"`
    26  	OauthTokenPath string         `envconfig:"APP_SELF_REGISTER_OAUTH_TOKEN_PATH,optional"`
    27  
    28  	SkipSSLValidation bool `envconfig:"APP_SELF_REGISTER_SKIP_SSL_VALIDATION,default=false"`
    29  
    30  	ClientTimeout time.Duration `envconfig:"default=30s"`
    31  
    32  	InstanceClientIDPath     string                    `envconfig:"APP_SELF_REGISTER_INSTANCE_CLIENT_ID_PATH"`
    33  	InstanceClientSecretPath string                    `envconfig:"APP_SELF_REGISTER_INSTANCE_CLIENT_SECRET_PATH"`
    34  	InstanceURLPath          string                    `envconfig:"APP_SELF_REGISTER_INSTANCE_URL_PATH"`
    35  	InstanceTokenURLPath     string                    `envconfig:"APP_SELF_REGISTER_INSTANCE_TOKEN_URL_PATH"`
    36  	InstanceCertPath         string                    `envconfig:"APP_SELF_REGISTER_INSTANCE_X509_CERT_PATH"`
    37  	InstanceKeyPath          string                    `envconfig:"APP_SELF_REGISTER_INSTANCE_X509_KEY_PATH"`
    38  	RegionToInstanceConfig   map[string]InstanceConfig `envconfig:"-"`
    39  
    40  	SaaSAppNamePath     string            `envconfig:"APP_SELF_REGISTER_SAAS_APP_NAME_PATH"`
    41  	RegionToSaaSAppName map[string]string `envconfig:"-"`
    42  
    43  	ExternalClientCertSecretName string `envconfig:"APP_EXTERNAL_CLIENT_CERT_SECRET_NAME"`
    44  }
    45  
    46  // PrepareConfiguration take cares to build the self register configuration
    47  func (c *SelfRegConfig) PrepareConfiguration() error {
    48  	if err := c.MapInstanceConfigs(); err != nil {
    49  		return errors.Wrap(err, "while building region instances credentials")
    50  	}
    51  
    52  	if err := c.MapSaasAppNameToRegion(); err != nil {
    53  		return errors.Wrap(err, "while building SaaS application names map")
    54  	}
    55  
    56  	return nil
    57  }
    58  
    59  // MapInstanceConfigs parses the InstanceConfigs json string to map with key: region name and value: InstanceConfig for the instance in the region
    60  func (c *SelfRegConfig) MapInstanceConfigs() error {
    61  	secretData, err := ReadConfigFile(c.SelfRegisterSecretPath)
    62  	if err != nil {
    63  		return errors.Wrapf(err, "while getting destinations secret")
    64  	}
    65  
    66  	bindingsMap, err := ParseConfigToJSONMap(secretData)
    67  	if err != nil {
    68  		return err
    69  	}
    70  	c.RegionToInstanceConfig = make(map[string]InstanceConfig)
    71  	for region, config := range bindingsMap {
    72  		i := InstanceConfig{
    73  			ClientID:     gjson.Get(config.String(), c.InstanceClientIDPath).String(),
    74  			ClientSecret: gjson.Get(config.String(), c.InstanceClientSecretPath).String(),
    75  			URL:          gjson.Get(config.String(), c.InstanceURLPath).String(),
    76  			TokenURL:     gjson.Get(config.String(), c.InstanceTokenURLPath).String(),
    77  			Cert:         gjson.Get(config.String(), c.InstanceCertPath).String(),
    78  			Key:          gjson.Get(config.String(), c.InstanceKeyPath).String(),
    79  		}
    80  
    81  		if err := i.validate(c.OAuthMode); err != nil {
    82  			c.RegionToInstanceConfig = nil
    83  			return errors.Wrapf(err, "while validating instance for region: %q", region)
    84  		}
    85  
    86  		c.RegionToInstanceConfig[region] = i
    87  	}
    88  
    89  	return nil
    90  }
    91  
    92  // MapSaasAppNameToRegion parses json configuration to a map with key: region and value SaaS application name
    93  func (c *SelfRegConfig) MapSaasAppNameToRegion() error {
    94  	secretData, err := ReadConfigFile(c.SelfRegSaaSAppSecretPath)
    95  	if err != nil {
    96  		return errors.Wrapf(err, "while getting SaaS application names secret")
    97  	}
    98  
    99  	m, err := ParseConfigToJSONMap(secretData)
   100  	if err != nil {
   101  		return err
   102  	}
   103  
   104  	c.RegionToSaaSAppName = make(map[string]string, len(m))
   105  	for r, config := range m {
   106  		appName := gjson.Get(config.String(), c.SaaSAppNamePath).String()
   107  		c.RegionToSaaSAppName[r] = appName
   108  	}
   109  
   110  	return nil
   111  }