Mainflux.mainflux/manager/client/client.go

// Package client provides a manager service client intended for internal
// service communication.
package client

import (
	"errors"
	"fmt"
	"net/http"
	"time"

	"github.com/mainflux/mainflux/manager"
	"github.com/sony/gobreaker"
)

const (
	timeout         = time.Second * 5
	maxFailedReqs   = 3
	maxFailureRatio = 0.6
)

var (
	// ErrServiceUnreachable indicates that the service instance is not available.
	ErrServiceUnreachable = errors.New("manager service unavailable")

	// ErrUnauthorizedAccess indicates missing or invalid credentials provided
	// when accessing a protected resource.
	ErrUnauthorizedAccess = manager.ErrUnauthorizedAccess
)

// ManagerClient provides an access to the manager service authorization
// endpoints.
type ManagerClient struct {
	url string
	cb  *gobreaker.CircuitBreaker
}

// NewClient instantiates the manager service client given its base URL.
func NewClient(url string) ManagerClient {
	st := gobreaker.Settings{
		Name: "Manager",
		ReadyToTrip: func(counts gobreaker.Counts) bool {
			fr := float64(counts.TotalFailures) / float64(counts.Requests)
			return counts.Requests >= maxFailedReqs && fr >= maxFailureRatio
		},
	}

	mc := ManagerClient{
		url: url,
		cb:  gobreaker.NewCircuitBreaker(st),
	}

	return mc
}

// VerifyToken tries to extract an identity from the provided token.
func (mc ManagerClient) VerifyToken(token string) (string, error) {
	url := fmt.Sprintf("%s/access-grant", mc.url)
	return mc.makeRequest(url, token)
}

// CanAccess checks whether or not the client having a provided token has
// access to the specified channel.
func (mc ManagerClient) CanAccess(channel, token string) (string, error) {
	url := fmt.Sprintf("%s/channels/%s/access-grant", mc.url, channel)
	return mc.makeRequest(url, token)
}

func (mc ManagerClient) makeRequest(url, token string) (string, error) {
	response, err := mc.cb.Execute(func() (interface{}, error) {
		hc := &http.Client{
			Timeout: timeout,
		}

		mgReq, err := http.NewRequest("GET", url, nil)
		if err != nil {
			return "", ErrServiceUnreachable
		}

		mgReq.Header.Set("Authorization", token)

		res, err := hc.Do(mgReq)
		if err != nil {
			return "", ErrServiceUnreachable
		}
		defer res.Body.Close()

		if res.StatusCode != http.StatusOK {
			return ErrUnauthorizedAccess, nil
		}

		return res.Header.Get("X-client-id"), nil
	})

	if err != nil {
		return "", err
	}

	id, ok := response.(string)
	if !ok {
		return "", manager.ErrUnauthorizedAccess
	}

	return id, nil
}
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`// Package client provides a manager service client intended for internal`
			`// service communication.`
			`package client`

			`import (`
			`"errors"`
Fix manager client implementation Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-29 11:09:08 +01:00			`"fmt"`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`"net/http"`
			`"time"`

			`"github.com/mainflux/mainflux/manager"`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`"github.com/sony/gobreaker"`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`)`

Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`const (`
			`timeout = time.Second * 5`
			`maxFailedReqs = 3`
			`maxFailureRatio = 0.6`
			`)`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00
Fix 403 errors handling Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-26 20:50:31 +01:00			`var (`
			`// ErrServiceUnreachable indicates that the service instance is not available.`
			`ErrServiceUnreachable = errors.New("manager service unavailable")`

			`// ErrUnauthorizedAccess indicates missing or invalid credentials provided`
			`// when accessing a protected resource.`
			`ErrUnauthorizedAccess = manager.ErrUnauthorizedAccess`
			`)`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00
Fix code linting Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-13 18:23:47 +01:00			`// ManagerClient provides an access to the manager service authorization`
			`// endpoints.`
Add HTTP auth check (#128) * Add HTTP auth check Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Add HTTP auth via Manager Client Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Change the way manager client is injected Instead of relying on modifying service structure, manager client is injected through handler factory method, and store as a variable in that module. Signed-off-by: Dejan Mijic <dejan@mainflux.com> * Update dockerignore Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-07 14:42:38 +01:00			`type ManagerClient struct {`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`url string`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`cb *gobreaker.CircuitBreaker`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`}`

Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`// NewClient instantiates the manager service client given its base URL.`
Add HTTP auth check (#128) * Add HTTP auth check Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Add HTTP auth via Manager Client Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Change the way manager client is injected Instead of relying on modifying service structure, manager client is injected through handler factory method, and store as a variable in that module. Signed-off-by: Dejan Mijic <dejan@mainflux.com> * Update dockerignore Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-07 14:42:38 +01:00			`func NewClient(url string) ManagerClient {`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`st := gobreaker.Settings{`
			`Name: "Manager",`
			`ReadyToTrip: func(counts gobreaker.Counts) bool {`
			`fr := float64(counts.TotalFailures) / float64(counts.Requests)`
			`return counts.Requests >= maxFailedReqs && fr >= maxFailureRatio`
			`},`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`}`

Add HTTP auth check (#128) * Add HTTP auth check Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Add HTTP auth via Manager Client Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Change the way manager client is injected Instead of relying on modifying service structure, manager client is injected through handler factory method, and store as a variable in that module. Signed-off-by: Dejan Mijic <dejan@mainflux.com> * Update dockerignore Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-07 14:42:38 +01:00			`mc := ManagerClient{`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`url: url,`
			`cb: gobreaker.NewCircuitBreaker(st),`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`}`

Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`return mc`
			`}`

Fix code linting Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-13 18:23:47 +01:00			`// VerifyToken tries to extract an identity from the provided token.`
Add HTTP auth check (#128) * Add HTTP auth check Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Add HTTP auth via Manager Client Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Change the way manager client is injected Instead of relying on modifying service structure, manager client is injected through handler factory method, and store as a variable in that module. Signed-off-by: Dejan Mijic <dejan@mainflux.com> * Update dockerignore Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-07 14:42:38 +01:00			`func (mc ManagerClient) VerifyToken(token string) (string, error) {`
Fix manager client implementation Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-29 11:09:08 +01:00			`url := fmt.Sprintf("%s/access-grant", mc.url)`
			`return mc.makeRequest(url, token)`
			`}`

Fix code linting Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-13 18:23:47 +01:00			`// CanAccess checks whether or not the client having a provided token has`
			`// access to the specified channel.`
Add HTTP auth check (#128) * Add HTTP auth check Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Add HTTP auth via Manager Client Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Change the way manager client is injected Instead of relying on modifying service structure, manager client is injected through handler factory method, and store as a variable in that module. Signed-off-by: Dejan Mijic <dejan@mainflux.com> * Update dockerignore Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-07 14:42:38 +01:00			`func (mc ManagerClient) CanAccess(channel, token string) (string, error) {`
Fix manager client implementation Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-29 11:09:08 +01:00			`url := fmt.Sprintf("%s/channels/%s/access-grant", mc.url, channel)`
			`return mc.makeRequest(url, token)`
			`}`

Add HTTP auth check (#128) * Add HTTP auth check Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Add HTTP auth via Manager Client Signed-off-by: Drasko DRASKOVIC <drasko.draskovic@gmail.com> * Change the way manager client is injected Instead of relying on modifying service structure, manager client is injected through handler factory method, and store as a variable in that module. Signed-off-by: Dejan Mijic <dejan@mainflux.com> * Update dockerignore Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-07 14:42:38 +01:00			`func (mc ManagerClient) makeRequest(url, token string) (string, error) {`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`response, err := mc.cb.Execute(func() (interface{}, error) {`
			`hc := &http.Client{`
			`Timeout: timeout,`
			`}`

Fix manager client implementation Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-29 11:09:08 +01:00			`mgReq, err := http.NewRequest("GET", url, nil)`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`if err != nil {`
			`return "", ErrServiceUnreachable`
			`}`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00
Fix manager client implementation Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-29 11:09:08 +01:00			`mgReq.Header.Set("Authorization", token)`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00
			`res, err := hc.Do(mgReq)`
			`if err != nil {`
			`return "", ErrServiceUnreachable`
			`}`
Close response body properly (#143) 2018-01-13 18:15:41 +01:00			`defer res.Body.Close()`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00
			`if res.StatusCode != http.StatusOK {`
Fix 403 errors handling Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-26 20:50:31 +01:00			`return ErrUnauthorizedAccess, nil`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`}`

Fix manager client implementation Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-29 11:09:08 +01:00			`return res.Header.Get("X-client-id"), nil`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`})`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00
			`if err != nil {`
Add circuit breaker toward the manager service Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-12 11:11:01 +01:00			`return "", err`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`}`

Fix code linting Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-13 18:23:47 +01:00			`id, ok := response.(string)`
			`if !ok {`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`return "", manager.ErrUnauthorizedAccess`
			`}`
Fix code linting Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2018-01-13 18:23:47 +01:00
			`return id, nil`
Add authentication client Implemented a HTTP client toward the manager service. The client is intended to be used as a library that will generate requests to the '/identity' endpoint of a manager service instance selected through provided URL. Signed-off-by: Dejan Mijic <dejan@mainflux.com> 2017-12-11 15:11:45 +01:00			`}`