Refactor: Secure internet into a different type but with interface

author: jwijenbergh <jeroenwijenbergh@protonmail.com> 2022-05-03 14:10:40 +0200
committer: jwijenbergh <jeroenwijenbergh@protonmail.com> 2022-05-03 14:10:40 +0200
commit: 43604f7ffcbbf5b06ae481d2af7e66f6423f183f (patch)
tree: 6eb74ed54929edcfac61e5ca55078ab6670e0081 /internal/server.go
parent: 466450f0c47bdc614e66326d90e5fc6fb56ae732 (diff)
1 files changed, 266 insertions, 100 deletions
diff --git a/internal/server.go b/internal/server.go
index 489719e..7500a26 100644
--- a/internal/server.go
+++ b/internal/server.go
@@ -2,114 +2,225 @@ package internal
 
 import (
 	"encoding/json"
-	"errors"
 	"fmt"
 )
 
-type Server struct {
-	BaseURL     string            `json:"base_url"`
+// The base type for servers
+type ServerBase struct {
+	URL         string            `json:"base_url"`
 	Endpoints   ServerEndpoints   `json:"endpoints"`
-	OAuth       OAuth             `json:"oauth"`
 	Profiles    ServerProfileInfo `json:"profiles"`
 	ProfilesRaw string            `json:"profiles_raw"`
 	Logger      *FileLogger       `json:"-"`
 	FSM         *FSM              `json:"-"`
 }
 
-type Servers struct {
-	List       map[string]*Server `json:"list"`
-	Current    string             `json:"current"`
-	SecureHome string             `json:"secure_home"`
+// An instute access server
+type InstituteAccessServer struct {
+	// An instute access server has its own OAuth
+	OAuth OAuth `json:"oauth"`
+
+	// Embed the server base
+	Base ServerBase `json:"base"`
+}
+
+// A secure internet server which has its own OAuth tokens
+// It specifies the current location url it is connected to
+type SecureInternetHomeServer struct {
+	OAuth OAuth `json:"oauth"`
+
+	// The home server has a list of info for each configured server
+	BaseMap map[string]*ServerBase `json:"base_map"`
+
+	// We have the home url and the current url
+	HomeURL    string `json:"home_url"`
+	CurrentURL string `json:"current_url"`
 }
 
-func (servers *Servers) GetCurrentServer() (*Server, error) {
-	if servers.List == nil {
+type InstituteServers struct {
+	Map        map[string]*InstituteAccessServer `json:"map"`
+	CurrentURL string                            `json:"current_url"`
+}
+
+func (servers *Servers) GetCurrentServer() (Server, error) {
+	if servers.IsSecureInternet {
+		return &servers.SecureInternetHomeServer, nil
+	}
+	currentInstitute := servers.InstituteServers.CurrentURL
+	institutes := servers.InstituteServers.Map
+	if institutes == nil {
 		return nil, &ServerGetCurrentNoMapError{}
 	}
-	server, exists := servers.List[servers.Current]
+	institute, exists := institutes[currentInstitute]
 
-	if !exists || server == nil {
+	if !exists || institute == nil {
 		return nil, &ServerGetCurrentNotFoundError{}
 	}
-	return server, nil
+	return institute, nil
 }
 
-func (server *Server) CancelOAuth() {
-	server.OAuth.Cancel()
+type Servers struct {
+	InstituteServers         InstituteServers         `json:"institute_servers"`
+	SecureInternetHomeServer SecureInternetHomeServer `json:"secure_internet_home"`
+	IsSecureInternet         bool                     `json:"is_secure_internet"`
 }
 
-func (server *Server) Init(url string, fsm *FSM, logger *FileLogger) error {
-	server.BaseURL = url
-	server.FSM = fsm
-	server.Logger = logger
-	server.OAuth.Init(fsm, logger)
-	endpointsErr := server.GetEndpoints()
-	if endpointsErr != nil {
-		return &ServerInitializeError{URL: url, Err: endpointsErr}
+type Server interface {
+	// Gets the current OAuth object
+	GetOAuth() *OAuth
+
+	// Gets the server base
+	GetBase() (*ServerBase, error)
+
+	// initialize method
+	init(url string, fsm *FSM, logger *FileLogger) error
+}
+
+// For an institute, we can simply get the OAuth
+func (institute *InstituteAccessServer) GetOAuth() *OAuth {
+	return &institute.OAuth
+}
+
+func (secure *SecureInternetHomeServer) GetOAuth() *OAuth {
+	return &secure.OAuth
+}
+
+func (institute *InstituteAccessServer) GetBase() (*ServerBase, error) {
+	return &institute.Base, nil
+}
+
+func (server *SecureInternetHomeServer) GetBase() (*ServerBase, error) {
+	if server.BaseMap == nil {
+		return nil, &ServerSecureInternetMapNotFoundError{}
 	}
-	return nil
+
+	base, exists := server.BaseMap[server.CurrentURL]
+
+	if !exists {
+		return nil, &ServerSecureInternetBaseNotFoundError{Current: server.CurrentURL}
+	}
+	return base, nil
 }
 
-func (server *Server) EnsureTokens() error {
-	if server.OAuth.NeedsRelogin() {
-		server.Logger.Log(LOG_INFO, "OAuth: Tokens are invalid, relogging in")
-		return server.Login()
+func (institute *InstituteAccessServer) init(url string, fsm *FSM, logger *FileLogger) error {
+	institute.Base.URL = url
+	institute.Base.FSM = fsm
+	institute.Base.Logger = logger
+	endpoints, endpointsErr := getEndpoints(url)
+	if endpointsErr != nil {
+		return &ServerInitializeError{URL: url, Err: endpointsErr}
 	}
+	institute.OAuth.Init(endpoints.API.V3.Authorization, endpoints.API.V3.Token, fsm, logger)
+	institute.Base.Endpoints = *endpoints
 	return nil
 }
 
-func (servers *Servers) EnsureServer(url string, fsm *FSM, logger *FileLogger, makeCurrent bool) (*Server, error) {
-	if url == "" {
-		return nil, &ServerEnsureServerEmptyURLError{}
+func (secure *SecureInternetHomeServer) init(url string, fsm *FSM, logger *FileLogger) error {
+	// Initialize the base map if it is non-nil
+	if secure.BaseMap == nil {
+		secure.BaseMap = make(map[string]*ServerBase)
 	}
-	if servers.List == nil {
-		servers.List = make(map[string]*Server)
+
+	// Add it if not present
+	base, exists := secure.BaseMap[url]
+
+	if !exists || base == nil {
+		// Create the base to be added to the map
+		base = &ServerBase{}
+		base.URL = url
+		endpoints, endpointsErr := getEndpoints(url)
+		if endpointsErr != nil {
+			return &ServerInitializeError{URL: url, Err: endpointsErr}
+		}
+		base.Endpoints = *endpoints
 	}
 
-	server, exists := servers.List[url]
+	// Pass the fsm and logger
+	base.FSM = fsm
+	base.Logger = logger
+
+	// Ensure it is in the map
+	secure.BaseMap[url] = base
 
-	if !exists || server == nil {
-		server = &Server{}
+	// Set the home url if it is not set yet
+	if secure.HomeURL == "" {
+		secure.HomeURL = url
+		// Make sure oauth contains our endpoints
+		secure.OAuth.Init(base.Endpoints.API.V3.Authorization, base.Endpoints.API.V3.Token, fsm, logger)
+	} else { // Else just pass in the fsm and logger
+		secure.OAuth.Update(fsm, logger)
 	}
-	serverInitErr := server.Init(url, fsm, logger)
 
-	if serverInitErr != nil {
-		return nil, &ServerEnsureServerError{Err: serverInitErr}
+	// Set the current url
+	secure.CurrentURL = url
+	return nil
+}
+
+func Login(server Server) error {
+	return server.GetOAuth().Login("org.eduvpn.app.linux")
+}
+
+func EnsureTokens(server Server) error {
+	base, baseErr := server.GetBase()
+
+	if baseErr != nil {
+		return &ServerEnsureTokensError{Err: baseErr}
 	}
-	servers.List[url] = server
+	if server.GetOAuth().NeedsRelogin() {
+		base.Logger.Log(LOG_INFO, "OAuth: Tokens are invalid, relogging in")
+		loginErr := Login(server)
 
-	if makeCurrent {
-		servers.Current = url
+		if loginErr != nil {
+			return &ServerEnsureTokensError{Err: loginErr}
+		}
 	}
-	return server, nil
+	return nil
 }
 
-func (servers *Servers) getSecureInternetHome() (*Server, error) {
-	server, exists := servers.List[servers.SecureHome]
+func NeedsRelogin(server Server) bool {
+	return server.GetOAuth().NeedsRelogin()
+}
+
+func CancelOAuth(server Server) {
+	server.GetOAuth().Cancel()
+}
+
+func (servers *Servers) EnsureServer(url string, isSecureInternet bool, fsm *FSM, logger *FileLogger) (Server, error) {
+	// Intialize the secure internet server
+	// This calls the init method which takes care of the rest
+	if isSecureInternet {
+		initErr := servers.SecureInternetHomeServer.init(url, fsm, logger)
+
+		if initErr != nil {
+			return nil, &ServerEnsureServerError{Err: initErr}
+		}
 
-	if !exists || server == nil {
-		return nil, &ServerGetSecureInternetHomeError{}
+		servers.IsSecureInternet = true
+		return &servers.SecureInternetHomeServer, nil
 	}
 
-	return server, nil
-}
+	instituteServers := &servers.InstituteServers
 
-func (servers *Servers) EnsureSecureHome(server *Server) {
-	if servers.SecureHome == "" {
-		servers.SecureHome = server.BaseURL
+	if instituteServers.Map == nil {
+		instituteServers.Map = make(map[string]*InstituteAccessServer)
 	}
-}
 
-func (servers *Servers) CopySecureInternetOAuth(server *Server) error {
-	secureHome, secureHomeErr := servers.getSecureInternetHome()
+	institute, exists := instituteServers.Map[url]
 
-	if secureHomeErr != nil {
-		return &ServerCopySecureInternetOAuthError{Err: secureHomeErr}
+	// initialize the server if it doesn't exist yet
+	if !exists {
+		institute = &InstituteAccessServer{}
 	}
 
-	// Forward token properties
-	server.OAuth = secureHome.OAuth
-	return nil
+	// Set the current server
+	instituteServers.CurrentURL = url
+	instituteInitErr := institute.init(url, fsm, logger)
+	if instituteInitErr != nil {
+		return nil, &ServerEnsureServerError{Err: instituteInitErr}
+	}
+	instituteServers.Map[url] = institute
+	servers.IsSecureInternet = false
+	return institute, nil
 }
 
 type ServerProfile struct {
@@ -141,33 +252,22 @@ type ServerEndpoints struct {
 	V string `json:"v"`
 }
 
-func (server *Server) Login() error {
-	return server.OAuth.Login("org.eduvpn.app.linux", server.Endpoints.API.V3.Authorization, server.Endpoints.API.V3.Token)
-}
-
-func (server *Server) NeedsRelogin() bool {
-	// Check if OAuth needs relogin
-	return server.OAuth.NeedsRelogin()
-}
-
-func (server *Server) GetEndpoints() error {
-	url := server.BaseURL + "/.well-known/vpn-user-portal"
+func getEndpoints(baseURL string) (*ServerEndpoints, error) {
+	url := fmt.Sprintf("%s/.well-known/vpn-user-portal", baseURL)
 	_, body, bodyErr := HTTPGet(url)
 
 	if bodyErr != nil {
-		return &ServerGetEndpointsError{Err: bodyErr}
+		return nil, &ServerGetEndpointsError{Err: bodyErr}
 	}
 
-	endpoints := ServerEndpoints{}
-	jsonErr := json.Unmarshal(body, &endpoints)
+	endpoints := &ServerEndpoints{}
+	jsonErr := json.Unmarshal(body, endpoints)
 
 	if jsonErr != nil {
-		return &ServerGetEndpointsError{Err: jsonErr}
+		return nil, &ServerGetEndpointsError{Err: jsonErr}
 	}
 
-	server.Endpoints = endpoints
-
-	return nil
+	return endpoints, nil
 }
 
 func (profile *ServerProfile) supportsWireguard() bool {
@@ -179,9 +279,14 @@ func (profile *ServerProfile) supportsWireguard() bool {
 	return false
 }
 
-func (server *Server) getCurrentProfile() (*ServerProfile, error) {
-	profileID := server.Profiles.Current
-	for _, profile := range server.Profiles.Info.ProfileList {
+func getCurrentProfile(server Server) (*ServerProfile, error) {
+	base, baseErr := server.GetBase()
+
+	if baseErr != nil {
+		return nil, &ServerGetCurrentProfileError{Err: baseErr}
+	}
+	profileID := base.Profiles.Current
+	for _, profile := range base.Profiles.Info.ProfileList {
 		if profile.ID == profileID {
 			return &profile, nil
 		}
@@ -189,53 +294,68 @@ func (server *Server) getCurrentProfile() (*ServerProfile, error) {
 	return nil, &ServerGetCurrentProfileNotFoundError{ProfileID: profileID}
 }
 
-func (server *Server) getConfigWithProfile() (string, error) {
-	if !server.FSM.HasTransition(HAS_CONFIG) {
-		return "", &FSMWrongStateTransitionError{Got: server.FSM.Current, Want: HAS_CONFIG}
+func getConfigWithProfile(server Server) (string, error) {
+	base, baseErr := server.GetBase()
+
+	if baseErr != nil {
+		return "", &ServerGetConfigWithProfileError{Err: baseErr}
+	}
+	if !base.FSM.HasTransition(HAS_CONFIG) {
+		return "", &FSMWrongStateTransitionError{Got: base.FSM.Current, Want: HAS_CONFIG}
 	}
-	profile, profileErr := server.getCurrentProfile()
+	profile, profileErr := getCurrentProfile(server)
 
 	if profileErr != nil {
 		return "", &ServerGetConfigWithProfileError{Err: profileErr}
 	}
 
 	if profile.supportsWireguard() {
-		return server.WireguardGetConfig()
+		return WireguardGetConfig(server)
 	}
-	return server.OpenVPNGetConfig()
+	return OpenVPNGetConfig(server)
 }
 
-func (server *Server) askForProfileID() error {
-	if !server.FSM.HasTransition(ASK_PROFILE) {
-		return &FSMWrongStateTransitionError{Got: server.FSM.Current, Want: ASK_PROFILE}
+func askForProfileID(server Server) error {
+	base, baseErr := server.GetBase()
+
+	if baseErr != nil {
+		return &ServerAskForProfileIDError{Err: baseErr}
 	}
-	server.FSM.GoTransitionWithData(ASK_PROFILE, server.ProfilesRaw, false)
+	if !base.FSM.HasTransition(ASK_PROFILE) {
+		return &FSMWrongStateTransitionError{Got: base.FSM.Current, Want: ASK_PROFILE}
+	}
+	base.FSM.GoTransitionWithData(ASK_PROFILE, base.ProfilesRaw, false)
 	return nil
 }
 
-func (server *Server) GetConfig() (string, error) {
-	if !server.FSM.InState(REQUEST_CONFIG) {
-		return "", errors.New(fmt.Sprintf("cannot get a config, invalid state %s", server.FSM.Current.String()))
+func GetConfig(server Server) (string, error) {
+	base, baseErr := server.GetBase()
+
+	if baseErr != nil {
+		return "", &ServerGetConfigError{Err: baseErr}
+	}
+	if !base.FSM.InState(REQUEST_CONFIG) {
+		return "", &FSMWrongStateError{Got: base.FSM.Current, Want: REQUEST_CONFIG}
 	}
-	infoErr := server.APIInfo()
+	infoErr := APIInfo(server)
 
 	if infoErr != nil {
 		return "", &ServerGetConfigError{Err: infoErr}
 	}
 
 	// Set the current profile if there is only one profile
-	if len(server.Profiles.Info.ProfileList) == 1 {
-		server.Profiles.Current = server.Profiles.Info.ProfileList[0].ID
-		return server.getConfigWithProfile()
+	if len(base.Profiles.Info.ProfileList) == 1 {
+		base.Profiles.Current = base.Profiles.Info.ProfileList[0].ID
+		return getConfigWithProfile(server)
 	}
 
-	profileErr := server.askForProfileID()
+	profileErr := askForProfileID(server)
 
 	if profileErr != nil {
 		return "", &ServerGetConfigError{Err: profileErr}
 	}
 
-	return server.getConfigWithProfile()
+	return getConfigWithProfile(server)
 }
 
 type ServerGetCurrentProfileNotFoundError struct {
@@ -318,3 +438,49 @@ type ServerInitializeError struct {
 func (e *ServerInitializeError) Error() string {
 	return fmt.Sprintf("failed initializing server with url %s and error %v", e.URL, e.Err)
 }
+
+type ServerInstituteBaseNotFoundError struct {
+	Err error
+}
+
+func (e *ServerInstituteBaseNotFoundError) Error() string {
+	return "institute base not found"
+}
+
+type ServerSecureInternetMapNotFoundError struct{}
+
+func (e *ServerSecureInternetMapNotFoundError) Error() string {
+	return "secure internet map not found"
+}
+
+type ServerSecureInternetBaseNotFoundError struct {
+	Current string
+}
+
+func (e *ServerSecureInternetBaseNotFoundError) Error() string {
+	return fmt.Sprintf("secure internet base not found with current: %s", e.Current)
+}
+
+type ServerGetCurrentProfileError struct {
+	Err error
+}
+
+func (e *ServerGetCurrentProfileError) Error() string {
+	return fmt.Sprintf("failed getting current profile with error: %v", e.Err)
+}
+
+type ServerAskForProfileIDError struct {
+	Err error
+}
+
+func (e *ServerAskForProfileIDError) Error() string {
+	return fmt.Sprintf("ask for profile ID error: %v", e.Err)
+}
+
+type ServerEnsureTokensError struct {
+	Err error
+}
+
+func (e *ServerEnsureTokensError) Error() string {
+	return fmt.Sprintf("failed ensuring tokens with error: %v", e.Err)
+}
author	jwijenbergh <jeroenwijenbergh@protonmail.com>	2022-05-03 14:10:40 +0200
committer	jwijenbergh <jeroenwijenbergh@protonmail.com>	2022-05-03 14:10:40 +0200
commit	43604f7ffcbbf5b06ae481d2af7e66f6423f183f (patch)
tree	6eb74ed54929edcfac61e5ca55078ab6670e0081 /internal/server.go
parent	466450f0c47bdc614e66326d90e5fc6fb56ae732 (diff)