bottin/util.go

165 lines
3.2 KiB
Go
Raw Normal View History

2020-01-26 17:42:04 +00:00
package main
import (
"encoding/json"
"fmt"
"strings"
2020-01-26 20:22:51 +00:00
"time"
2020-01-26 17:42:04 +00:00
2020-01-26 20:22:51 +00:00
uuid "github.com/google/uuid"
2020-01-26 17:42:04 +00:00
consul "github.com/hashicorp/consul/api"
2020-02-01 14:05:44 +00:00
log "github.com/sirupsen/logrus"
2020-01-26 17:42:04 +00:00
)
func dnToConsul(dn string) (string, error) {
if strings.Contains(dn, "/") {
return "", fmt.Errorf("DN %s contains a /", dn)
}
rdns := strings.Split(dn, ",")
// Reverse rdns
for i, j := 0, len(rdns)-1; i < j; i, j = i+1, j-1 {
rdns[i], rdns[j] = rdns[j], rdns[i]
}
return strings.Join(rdns, "/"), nil
}
2020-01-26 20:03:18 +00:00
func consulToDN(key string) (string, string, error) {
2020-01-26 17:42:04 +00:00
path := strings.Split(key, "/")
dn := ""
for _, cpath := range path {
if cpath == "" {
continue
}
kv := strings.Split(cpath, "=")
if len(kv) == 2 && kv[0] == "attribute" {
2020-01-26 20:03:18 +00:00
return dn, kv[1], nil
2020-01-26 17:42:04 +00:00
}
if dn != "" {
dn = "," + dn
}
dn = cpath + dn
}
2020-01-26 20:03:18 +00:00
return "", "", fmt.Errorf("Consul key %s does not end with attribute=something", key)
2020-01-26 17:42:04 +00:00
}
func parseValue(value []byte) ([]string, error) {
val := []string{}
err := json.Unmarshal(value, &val)
if err == nil {
return val, nil
}
val2 := ""
err = json.Unmarshal(value, &val2)
if err == nil {
return []string{val2}, nil
}
return nil, fmt.Errorf("Not a string or list of strings: %s", value)
}
func parseConsulResult(data []*consul.KVPair) (map[string]Entry, error) {
aggregator := map[string]Entry{}
for _, kv := range data {
2020-01-26 20:03:18 +00:00
dn, attr, err := consulToDN(kv.Key)
if err != nil {
continue
}
2020-01-26 17:42:04 +00:00
if _, exists := aggregator[dn]; !exists {
aggregator[dn] = Entry{}
}
value, err := parseValue(kv.Value)
if err != nil {
return nil, err
}
aggregator[dn][attr] = value
}
return aggregator, nil
}
type DNComponent struct {
Type string
Value string
}
func parseDN(dn string) ([]DNComponent, error) {
rdns := strings.Split(dn, ",")
ret := []DNComponent{}
for _, rdn := range rdns {
splits := strings.Split(rdn, "=")
if len(splits) != 2 {
return nil, fmt.Errorf("Wrong DN component: %s (expected type=value)", rdn)
}
ret = append(ret, DNComponent{
Type: strings.TrimSpace(splits[0]),
Value: strings.TrimSpace(splits[1]),
2020-01-26 17:42:04 +00:00
})
}
return ret, nil
}
2020-01-26 20:22:51 +00:00
func canonicalDN(dn string) (string, error) {
path, err := parseDN(dn)
if err != nil {
return "", err
}
ret := ""
for _, c := range path {
if ret != "" {
ret = ret + ","
}
ret = ret + c.Type + "=" + c.Value
}
return ret, nil
}
2020-01-26 20:22:51 +00:00
func checkRestrictedAttr(attr string) error {
RESTRICTED_ATTRS := []string{
ATTR_MEMBEROF,
ATTR_ENTRYUUID,
ATTR_CREATORSNAME,
ATTR_CREATETIMESTAMP,
ATTR_MODIFIERSNAME,
ATTR_MODIFYTIMESTAMP,
}
if strings.EqualFold(attr, ATTR_MEMBEROF) {
return fmt.Errorf("memberOf cannot be defined directly, membership must be specified in the group itself")
}
for _, s := range RESTRICTED_ATTRS {
if strings.EqualFold(attr, s) {
return fmt.Errorf("Attribute %s is restricted and may only be set by the system", s)
}
}
return nil
}
func genTimestamp() string {
return time.Now().Format("20060102150405Z")
}
func genUuid() string {
uuid, err := uuid.NewRandom()
if err != nil {
log.Panicf("UUID generation error: %s", err)
}
return uuid.String()
}
func valueMatch(attr, val1, val2 string) bool {
if strings.EqualFold(attr, ATTR_USERPASSWORD) {
return val1 == val2
} else {
return strings.EqualFold(val1, val2)
}
}