GitHub Gateway Working

Author: biilmann

api/api.go

@@ -7,7 +7,6 @@ import (
 
 	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/go-chi/chi"
-	"github.com/netlify/git-gateway/api/gateways"
 	"github.com/netlify/git-gateway/conf"
 	"github.com/netlify/git-gateway/storage"
 	"github.com/netlify/git-gateway/storage/dial"
@@ -72,11 +71,12 @@ func NewAPIWithVersion(ctx context.Context, globalConfig *conf.GlobalConfigurati
 	r.Get("/health", api.HealthCheck)
 
 	r.Route("/", func(r *router) {
+
 		if globalConfig.MultiInstanceMode {
 			r.Use(api.loadJWSSignatureHeader)
 			r.Use(api.loadInstanceConfig)
 		}
-		r.Mount("/github", &gateways.GitHubGateway{})
+		r.With(api.requireAuthentication).Mount("/github", NewGitHubGateway())
 	})
 
 	if globalConfig.MultiInstanceMode {
@@ -122,6 +122,7 @@ func NewAPIFromConfigFile(filename string, version string) (*API, error) {
 		return nil, err
 	}
 
+	logrus.Infof("Config is: %v", config)
 	ctx, err := WithInstanceConfig(context.Background(), config, "")
 	if err != nil {
 		logrus.Fatalf("Error loading instance config: %+v", err)
@@ -144,13 +145,3 @@ func WithInstanceConfig(ctx context.Context, config *conf.Configuration, instanc
 
 	return ctx, nil
 }
-
-func (a *API) getConfig(ctx context.Context) *conf.Configuration {
-	obj := ctx.Value(configKey)
-	if obj == nil {
-		return nil
-	}
-
-	config := obj.(*conf.Configuration)
-	return config
-}

api/auth.go

@@ -33,7 +33,7 @@ func (a *API) extractBearerToken(w http.ResponseWriter, r *http.Request) (string
 
 func (a *API) parseJWTClaims(bearer string, r *http.Request) (context.Context, error) {
 	ctx := r.Context()
-	config := a.getConfig(ctx)
+	config := getConfig(ctx)
 
 	p := jwt.Parser{ValidMethods: []string{jwt.SigningMethodHS256.Name}}
 	token, err := p.ParseWithClaims(bearer, &GatewayClaims{}, func(token *jwt.Token) (interface{}, error) {

api/context.go

@@ -2,26 +2,33 @@ package api
 
 import (
 	"context"
+	"net/url"
 
 	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/netlify/git-gateway/conf"
 	"github.com/netlify/git-gateway/models"
 )
 
+type Role struct {
+	Name string
+}
+
 type contextKey string
 
 func (c contextKey) String() string {
 	return "git-gateway api context key " + string(c)
 }
 
 const (
-	tokenKey      = contextKey("jwt")
-	requestIDKey  = contextKey("request_id")
-	configKey     = contextKey("config")
-	instanceIDKey = contextKey("instance_id")
-	instanceKey   = contextKey("instance")
-	signatureKey  = contextKey("signature")
-	netlifyIDKey  = contextKey("netlify_id")
+	accessTokenKey = contextKey("access_token")
+	tokenKey       = contextKey("jwt")
+	requestIDKey   = contextKey("request_id")
+	configKey      = contextKey("config")
+	instanceIDKey  = contextKey("instance_id")
+	instanceKey    = contextKey("instance")
+	proxyTargetKey = contextKey("target")
+	signatureKey   = contextKey("signature")
+	netlifyIDKey   = contextKey("netlify_id")
 )
 
 // withToken adds the JWT token to the context.
@@ -47,6 +54,11 @@ func getClaims(ctx context.Context) *GatewayClaims {
 	return token.Claims.(*GatewayClaims)
 }
 
+// TODO: actually get this from the config rather than hardcoding
+func getRoles(ctx context.Context) []Role {
+	return []Role{Role{Name: "admin"}, Role{Name: "cms"}}
+}
+
 func withRequestID(ctx context.Context, id string) context.Context {
 	return context.WithValue(ctx, requestIDKey, id)
 }
@@ -60,6 +72,16 @@ func getRequestID(ctx context.Context) string {
 	return obj.(string)
 }
 
+func getConfig(ctx context.Context) *conf.Configuration {
+	obj := ctx.Value(configKey)
+	if obj == nil {
+		return nil
+	}
+
+	config := obj.(*conf.Configuration)
+	return config
+}
+
 func withConfig(ctx context.Context, config *conf.Configuration) context.Context {
 	return context.WithValue(ctx, configKey, config)
 }
@@ -68,6 +90,30 @@ func withInstanceID(ctx context.Context, id string) context.Context {
 	return context.WithValue(ctx, instanceIDKey, id)
 }
 
+func withProxyTarget(ctx context.Context, target *url.URL) context.Context {
+	return context.WithValue(ctx, proxyTargetKey, target)
+}
+
+func getProxyTarget(ctx context.Context) *url.URL {
+	obj := ctx.Value(proxyTargetKey)
+	if obj == nil {
+		return nil
+	}
+	return obj.(*url.URL)
+}
+
+func withAccessToken(ctx context.Context, token string) context.Context {
+	return context.WithValue(ctx, accessTokenKey, token)
+}
+
+func getAccessToken(ctx context.Context) string {
+	obj := ctx.Value(accessTokenKey)
+	if obj == nil {
+		return ""
+	}
+	return obj.(string)
+}
+
 func getInstanceID(ctx context.Context) string {
 	obj := ctx.Value(instanceIDKey)
 	if obj == nil {

api/gateways/github.go

@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"strings"
 
 	"github.com/pborman/uuid"
 	"github.com/pkg/errors"
@@ -27,3 +28,16 @@ func sendJSON(w http.ResponseWriter, status int, obj interface{}) error {
 	_, err = w.Write(b)
 	return err
 }
+
+// From https://golang.org/src/net/http/httputil/reverseproxy.go?s=2298:2359#L72
+func singleJoiningSlash(a, b string) string {
+	aslash := strings.HasSuffix(a, "/")
+	bslash := strings.HasPrefix(b, "/")
+	switch {
+	case aslash && bslash:
+		return a + b[1:]
+	case !aslash && !bslash:
+		return a + "/" + b
+	}
+	return a + b
+}

api/helpers.go

@@ -8,16 +8,10 @@ import (
 	"github.com/netlify/netlify-commons/nconf"
 )
 
-type Role struct {
-	Name string `json:"name"`
-	// TODO: fine grained permissions
-}
-
 type GitHubConfig struct {
-	AccessToken string `json:"access_token"`
-	Endpoint    string `json:"endpoint"`
-	Repo        string `json:"repo"` // Should be "owner/repo" format
-	Roles       []Role `json:"roles"`
+	AccessToken string `envconfig:"ACCESS_TOKEN" json:"access_token"`
+	Endpoint    string `envconfig:"ENDPOINT" json:"endpoint"`
+	Repo        string `envconfig:"REPO" json:"repo"` // Should be "owner/repo" format
 }
 
 // DBConfiguration holds all the database related configuration.
@@ -50,7 +44,7 @@ type GlobalConfiguration struct {
 // Configuration holds all the per-instance configuration.
 type Configuration struct {
 	JWT    JWTConfiguration `json:"jwt"`
-	GitHub GitHubConfig     `json:"github,omitempty"`
+	GitHub GitHubConfig     `envconfig:"GITHUB" json:"github"`
 }
 
 func loadEnvironment(filename string) error {