diff --git a/.gitignore b/.gitignore index 6d98420..a76edee 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,5 @@ *.pdf target/ +go_client/openapi.json +crates/storage-sled/sled_db \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index 583f214..3f652ec 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -76,13 +76,13 @@ dependencies = [ [[package]] name = "async-trait" -version = "0.1.79" +version = "0.1.80" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507401cad91ec6a857ed5513a2073c82a9b9048762b885bb98655b306964681" +checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.60", ] [[package]] @@ -175,6 +175,10 @@ dependencies = [ [[package]] name = "base" version = "0.1.0" +dependencies = [ + "serde", + "serde_json", +] [[package]] name = "bitflags" @@ -196,9 +200,9 @@ checksum = "514de17de45fdb8dc022b1a7975556c53c86f9f0aa5f534b98977b171857c2c9" [[package]] name = "cc" -version = "1.0.92" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2678b2e3449475e95b0aa6f9b506a28e61b3dc8996592b983695e8ebb58a8b41" +checksum = "17f6e324229dc011159fcc089755d1e2e216a90d43a7dea6853ca740b84f35e7" [[package]] name = "cfg-if" @@ -404,9 +408,9 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "hyper" -version = "1.2.0" +version = "1.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "186548d73ac615b32a73aafe38fb4f56c0d340e110e5a200bcadbaf2e199263a" +checksum = "fe575dd17d0862a9a33781c8c4696a55c320909004a67a00fb286ba8b1bc496d" dependencies = [ "bytes", "futures-channel", @@ -619,7 +623,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.60", ] [[package]] @@ -660,9 +664,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e835ff2298f5721608eb1a980ecaee1aef2c132bf95ecc026a11b7bf3c01c02e" +checksum = "3d1597b0c024618f09a9c3b8655b7e430397a36d23fdafec26d6965e9eec3eba" dependencies = [ "unicode-ident", ] @@ -749,29 +753,29 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "serde" -version = "1.0.197" +version = "1.0.198" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fb1c873e1b9b056a4dc4c0c198b24c3ffa059243875552b2bd0933b1aee4ce2" +checksum = "9846a40c979031340571da2545a4e5b7c4163bdae79b301d5f86d03979451fcc" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.197" +version = "1.0.198" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7eb0b34b42edc17f6b7cac84a52a1c5f0e1bb2227e997ca9011ea3dd34e8610b" +checksum = "e88edab869b01783ba905e7d0153f9fc1a6505a96e4ad3018011eedb838566d9" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.60", ] [[package]] name = "serde_json" -version = "1.0.115" +version = "1.0.116" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd" +checksum = "3e17db7126d17feb94eb3fad46bf1a96b034e8aacbc2e775fe81505f8b0b2813" dependencies = [ "itoa", "ryu", @@ -810,6 +814,7 @@ dependencies = [ "serde", "serde_json", "tokio", + "tower", "utoipa", ] @@ -874,9 +879,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.58" +version = "2.0.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44cfb93f38070beee36b3fef7d4f5a16f27751d94b187b666a5cc5e9b0d30687" +checksum = "909518bc7b1c9b779f1bbf07f2929d35af9f0f37e47c6e9ef7f9dddc1e1821f3" dependencies = [ "proc-macro2", "quote", @@ -922,7 +927,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.58", + "syn 2.0.60", ] [[package]] @@ -1007,7 +1012,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.58", + "syn 2.0.60", ] [[package]] @@ -1059,7 +1064,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.4", + "windows-targets 0.52.5", ] [[package]] @@ -1079,17 +1084,18 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7dd37b7e5ab9018759f893a1952c9420d060016fc19a472b4bb20d1bdd694d1b" +checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" dependencies = [ - "windows_aarch64_gnullvm 0.52.4", - "windows_aarch64_msvc 0.52.4", - "windows_i686_gnu 0.52.4", - "windows_i686_msvc 0.52.4", - "windows_x86_64_gnu 0.52.4", - "windows_x86_64_gnullvm 0.52.4", - "windows_x86_64_msvc 0.52.4", + "windows_aarch64_gnullvm 0.52.5", + "windows_aarch64_msvc 0.52.5", + "windows_i686_gnu 0.52.5", + "windows_i686_gnullvm", + "windows_i686_msvc 0.52.5", + "windows_x86_64_gnu 0.52.5", + "windows_x86_64_gnullvm 0.52.5", + "windows_x86_64_msvc 0.52.5", ] [[package]] @@ -1100,9 +1106,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcf46cf4c365c6f2d1cc93ce535f2c8b244591df96ceee75d8e83deb70a9cac9" +checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" [[package]] name = "windows_aarch64_msvc" @@ -1112,9 +1118,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da9f259dd3bcf6990b55bffd094c4f7235817ba4ceebde8e6d11cd0c5633b675" +checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" [[package]] name = "windows_i686_gnu" @@ -1124,9 +1130,15 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b474d8268f99e0995f25b9f095bc7434632601028cf86590aea5c8a5cb7801d3" +checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" [[package]] name = "windows_i686_msvc" @@ -1136,9 +1148,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1515e9a29e5bed743cb4415a9ecf5dfca648ce85ee42e15873c3cd8610ff8e02" +checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" [[package]] name = "windows_x86_64_gnu" @@ -1148,9 +1160,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5eee091590e89cc02ad514ffe3ead9eb6b660aedca2183455434b93546371a03" +checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" [[package]] name = "windows_x86_64_gnullvm" @@ -1160,9 +1172,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77ca79f2451b49fa9e2af39f0747fe999fcda4f5e241b2898624dca97a1f2177" +checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" [[package]] name = "windows_x86_64_msvc" @@ -1172,6 +1184,6 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.4" +version = "0.52.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32b752e52a2da0ddfbdbcc6fceadfeede4c939ed16d13e648833a61dfb611ed8" +checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" diff --git a/Cargo.toml b/Cargo.toml index 64bdfa1..5d1e5aa 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,6 +9,8 @@ log = "0.4.21" env_logger = "0.11.3" tokio = "1.37.0" axum = "0.7.5" +tower = "0.4.13" +utoipa = "4.2.0" [workspace.lints.clippy] uninlined_format_args = "warn" diff --git a/Justfile b/Justfile new file mode 100644 index 0000000..5c66e48 --- /dev/null +++ b/Justfile @@ -0,0 +1,26 @@ + +build_tests: + podman build -t rvault-go-tests -f Containerfile ./go_client + +run_tests: build_tests + podman run --rm -it --net=host rvault-go-tests + +build_server: + cargo build + +start_server: build_server + RUST_LOG=server=trace cargo run + +# watch_server: +# RUST_LOG=server=trace cargo watch -x run + +# test_server: build_server build_tests +# just start_server & sleep 1 && podman run --rm -it --net=host rvault-go-tests + +check: + cargo fmt --check + cargo clippy --all-targets --all-features + cargo test + +kill_junk: + fuser -k 8200/tcp diff --git a/crates/base/Cargo.toml b/crates/base/Cargo.toml index 959fde7..56e8d6d 100644 --- a/crates/base/Cargo.toml +++ b/crates/base/Cargo.toml @@ -7,3 +7,5 @@ edition = "2021" workspace = true [dependencies] +serde = { version = "1.0.198", features = ["derive"] } +serde_json = "1.0.116" diff --git a/crates/base/src/lib.rs b/crates/base/src/lib.rs index 7d12d9a..3412ed7 100644 --- a/crates/base/src/lib.rs +++ b/crates/base/src/lib.rs @@ -12,3 +12,22 @@ mod tests { assert_eq!(result, 4); } } + +use serde_json::Result; +use serde::{Serialize, Deserialize}; + +#[derive(Serialize, Deserialize)] +pub struct TempSecret { + pub content: String, + pub version: i64 +} + +/// serialize secret to JSON byte vector +pub fn serialize_secret_json(secret: &TempSecret) -> Result> { + serde_json::to_vec(&secret) +} + +// /// deserialize JSON byte vector to secret +// pub fn deserialize_secret_struct(raw: &String) -> Result { +// serde_json::from_str(raw) +// } diff --git a/crates/server/Cargo.toml b/crates/server/Cargo.toml index 265dfe0..2573a29 100644 --- a/crates/server/Cargo.toml +++ b/crates/server/Cargo.toml @@ -13,6 +13,7 @@ workspace = true log = { workspace = true } env_logger = { workspace = true } tokio = { workspace = true, features=["full"] } +tower = { workspace = true, features = []} axum = { workspace = true } utoipa = { version = "4", features = ["axum_extras"] } serde = "1.0.197" diff --git a/crates/server/src/auth.rs b/crates/server/src/auth.rs index 7dfb82a..8f69e48 100644 --- a/crates/server/src/auth.rs +++ b/crates/server/src/auth.rs @@ -1,10 +1,11 @@ use axum::Router; -use self::token::token_auth_router; - // route prefix: `/auth/token/` -mod token; +// mod token; + +// use self::token::token_auth_router; pub fn auth_router() -> Router { - Router::new().nest("/token", token_auth_router()) + Router::new() + // .nest("/token", token_auth_router()) } diff --git a/crates/server/src/identity.rs b/crates/server/src/identity.rs index 8b13789..7fdf6e6 100644 --- a/crates/server/src/identity.rs +++ b/crates/server/src/identity.rs @@ -1 +1,5 @@ +use axum::Router; +pub fn identity_router() -> Router { + Router::new() +} diff --git a/crates/server/src/main.rs b/crates/server/src/main.rs index 9ada5e5..8aeb036 100644 --- a/crates/server/src/main.rs +++ b/crates/server/src/main.rs @@ -1,25 +1,42 @@ -use axum::{extract::Request, routing::{get, post}, Router}; -use log; -use std::env; +use axum::{ + extract::Request, + http::StatusCode, + routing::{get, trace}, + Router, +}; +use log::*; +use std::{env, net::SocketAddr, str::FromStr}; +use tokio::net::TcpListener; + +mod auth; +mod identity; +mod secrets; +mod sys; use serde::Deserialize; use serde_json; #[tokio::main] async fn main() { - env::set_var("RUST_LOG", "trace"); + // To be configured via environment variables env_logger::init(); - + + // Listen on all IPv4 and IPv6 interfaces on port 8200 + let listen_addr = env::var("LISTEN_ADDR").unwrap_or("[::]:8200".to_string()); // Do not change + let listen_addr = SocketAddr::from_str(&listen_addr).expect("Failed to parse LISTEN_ADDR"); + // build our application with routes let app = Router::new() .route("/", get(root)) - .route("/v1/secret/data/foo", post(foo)) - .route_service("/v1/secret/data/bar", post(bar)) + .nest("/v1/auth", auth::auth_router()) + .nest("/v1/identity", identity::identity_router()) + .nest("/v1/sys", sys::sys_router()) + .nest("/v1", secrets::secrets_router()) // mountable secret backends .route("/v1/kw_mount_path/data/foo", post(baz)) - .fallback(fallback); - + .fallback(fallback_route_unknown); - // run our app with hyper, listening globally on port 8200 - let listener = tokio::net::TcpListener::bind("127.0.0.1:8200").await.unwrap(); + warn!("Listening on: {}", listen_addr.to_string()); + // Start listening + let listener = TcpListener::bind(listen_addr).await.unwrap(); axum::serve(listener, app).await.unwrap(); } @@ -38,26 +55,19 @@ async fn baz(body: String) -> String{ String::from("RoutingTest baz successful") } -/// Test function foo for routing -/// Returns body of request -async fn foo(body: String) -> String { - log::debug!("{:?}", body.as_str()); - String::from("RoutingTest foo successful") +async fn fallback_route_unknown(req: Request) -> (StatusCode, &'static str) { + log::error!( + "Route not found: {} {}, payload {:?}", + req.method(), + req.uri(), + req.body() + ); + + (StatusCode::NOT_FOUND, "Route not implemented") } -/// Test function bar for routing -async fn bar(req: Request)-> String { - log::debug!("{:?}", req); - String::from("RoutingTest bar successful") -} - -async fn fallback(req: Request)-> String { - log::debug!("{:?}", req); - String::from("Fallback triggered") -} - -// basic handler that responds with a static string +/// basic handler that responds with a static string async fn root() -> &'static str { - log::info!("Hello world"); + info!("Hello world"); "Hello, World!" } diff --git a/crates/server/src/secrets.rs b/crates/server/src/secrets.rs index 8b13789..b92e736 100644 --- a/crates/server/src/secrets.rs +++ b/crates/server/src/secrets.rs @@ -1 +1,50 @@ +use std::convert::Infallible; +use axum::{ + body::Body, + http::{Request, StatusCode}, + middleware::map_request, + response::Response, + routing::*, + Router, +}; +use tower::{service_fn, util::BoxService, Service}; + +pub fn secrets_router() -> Router { + // let middleware = tower::util::MapRequestLayer::new(handler); + + Router::new().layer(map_request(handler)) +} + +// async fn handler(Host(hostname): Host, request: Request) -> &'static str { +// TODO: Find a solution for this mess +async fn handler(request: Request) -> Result, StatusCode> { + // let path: Vec<&str> = request.uri().path().split('/').clone().collect(); + // log::info!("path, {:?}", path[1]); + + let root = service_fn(|req: Request| async move { + let res = Response::new("Hello, World!".to_string()); + Ok::<_, Infallible>(res) + }); + let root = BoxService::new(root); + + let mut routes = vec!["/abc", "/def"]; + routes.sort_unstable_by(|a, b| a.len().cmp(&b.len())); + + let mut app = Router::new(); + app.as_service().call(request).await.unwrap(); + + // match path[1] { + // "test" => { + // log::info!("test route"); + // // TODO: Nest another Router here + // return Ok(Request::new(Body::empty())); + // } + // _ => { + // log::info!("default"); + // return Err(StatusCode::NOT_FOUND); + // } + // } + + Err(StatusCode::IM_A_TEAPOT) +} diff --git a/crates/server/src/sys.rs b/crates/server/src/sys.rs index 8b13789..64aeaca 100644 --- a/crates/server/src/sys.rs +++ b/crates/server/src/sys.rs @@ -1 +1,5 @@ +use axum::Router; +pub fn sys_router() -> Router { + Router::new() +} diff --git a/crates/storage-sled/Cargo.toml b/crates/storage-sled/Cargo.toml index 8786e88..3b3fc55 100644 --- a/crates/storage-sled/Cargo.toml +++ b/crates/storage-sled/Cargo.toml @@ -8,5 +8,4 @@ workspace = true [dependencies] base = { path = "../base" } - sled = "0.34.7" diff --git a/crates/storage-sled/src/lib.rs b/crates/storage-sled/src/lib.rs index 7d12d9a..49b849e 100644 --- a/crates/storage-sled/src/lib.rs +++ b/crates/storage-sled/src/lib.rs @@ -11,4 +11,39 @@ mod tests { let result = add(2, 2); assert_eq!(result, 4); } + #[test] + fn test_sled() { + let db: sled::Db = sled::open("sled_db").unwrap(); + update_secret(db, "foo", TempSecret{version: 1, content: "foo".to_string()}); + } } + +use sled::Db; +use base::{serialize_secret_json, TempSecret}; + +/// [TODO] Currently no proper versioning +/// inserts a secret. If there was already a secret in the given path, the version is incremented +fn update_secret(db: Db, path: &str, mut secret: TempSecret) { + if let Ok(Some(_)) = db.get(path) { // Idiomatic way. Ok(Some(_)) is true when something was found + secret.version += 1; + print!("something was found \n") + } + // if let secret_json = serialize_secret_json(&secret) { + // let _res = db.insert(path, secret_json); // maybe this can be handled cleaner + match serialize_secret_json(&secret) { + Ok(secret_json) => { + match db.insert(path, secret_json) { + Ok(_) => println!("Secret inserted"), + Err(e) => eprintln!("Failed to insert secret: {}", e), + } + } + Err(e) => eprintln!("Failed to serialize secret: {}", e), + } +} + +// /// read and return a secret from the DB +// /// if there is no secret, return None +// fn get_secret(db: Db, path: &str) -> Option{ +// let raw_secret = db.get(path); +// return None +// } diff --git a/go_client/tests/secret_test.go b/go_client/tests/secret_test.go index 43ac26e..ac3bff7 100644 --- a/go_client/tests/secret_test.go +++ b/go_client/tests/secret_test.go @@ -13,6 +13,7 @@ import ( var client *vault.Client var ctx context.Context +var mountpath = "" func TestMain(m *testing.M) { ctx = context.Background() @@ -36,6 +37,7 @@ func TestMain(m *testing.M) { os.Exit(exitCode) } +// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#create-update-secret // @Philip der Path steht in der KvV2Write Methode func TestWriteSecret(t *testing.T) { // Path foo @@ -44,7 +46,7 @@ func TestWriteSecret(t *testing.T) { "password1": "abc123", "password2": "correct horse battery staple", }}, - vault.WithMountPath("kw_mount_path"), + vault.WithMountPath(mountpath), ) if err != nil { log.Fatal("kv2: Failed to write secret:\n\t", err) @@ -57,7 +59,7 @@ func TestWriteSecret(t *testing.T) { "password1": "secure123", "password2": "second password", }}, - vault.WithMountPath("kw_mount_path"), + vault.WithMountPath(mountpath), ) if err != nil { log.Fatal("kv2: Failed to write secret:\n\t", err)