feat: routes and encryption

Author: hpsing

cmd/main.go

@@ -1,6 +1,7 @@
 package cmd
 
 import (
+	"fmt"
 	"identitysphere-api/pkg/handlers"
 	"identitysphere-api/services"
 	"identitysphere-api/store"
@@ -9,12 +10,31 @@ import (
 
 	_ "identitysphere-api/docs" // Swaggo generates docs in this package
 
+	"github.com/spf13/viper"
 	httpSwagger "github.com/swaggo/http-swagger"
 )
 
+func getConfig() {
+	// Set the base name of the config file, without the file extension.
+	viper.SetConfigName("config")
+	// Set the path to look for the config file in.
+	viper.AddConfigPath(".")
+	// Read in environment variables that match
+	viper.AutomaticEnv()
+	// If a config file is found, read it in.
+	if err := viper.ReadInConfig(); err == nil {
+		fmt.Println("Using config file:", viper.ConfigFileUsed())
+	} else {
+		fmt.Println("Error reading config file:", err)
+	}
+}
+
 func Start() {
+	getConfig()
+	dbPath := viper.GetString("service.badger_path")
+	secret := viper.GetString("service.db_encryption_key")
 	// Initialize the data store (e.g., database connection)
-	store, err := store.NewStore()
+	store, err := store.NewStore(dbPath, secret)
 	if err != nil {
 		log.Fatalf("Failed to initialize the database: %v", err)
 	}
@@ -31,7 +51,13 @@ func Start() {
 	// if err != nil {
 	// 	log.Fatalf("Failed to create policies: %v", err)
 	// }
+	apiKey := viper.GetString("api.x-api-key")
+	fmt.Println("=======================")
+	fmt.Println("\033[32m", "------x-api-key------", "\033[0m")
+	fmt.Println("\033[32m", apiKey, "\033[0m")
+	fmt.Println("=======================")
 	// Initialize handlers with services
+	m := handlers.NewMiddlewareService(apiKey)
 	appHandler := handlers.NewAppHandler(ssiService, store)
 	authProviderHandler := handlers.NewAuthProviderHandler(ssiService, store)
 	policyHandler := handlers.NewPolicyHandler(ssiService, store)
@@ -44,26 +70,32 @@ func Start() {
 		url, //The url pointing to API definition
 	))
 	// Set up routes
-	http.HandleFunc("/applications", handlers.ChainMiddleware(appHandler.HandleApplications, handlers.EnableCORS, handlers.LoggingMiddleware))
-	http.HandleFunc("/application/", appHandler.GetConfig)
-	http.HandleFunc("/auth-provider", handlers.EnableCORS(authProviderHandler.GetAuthConnectorHandler))
-	http.HandleFunc("/auth-provider/link", handlers.EnableCORS(authProviderHandler.LinkAuthProviderHandler))
-	http.HandleFunc("/auth-provider/unlink", handlers.EnableCORS(authProviderHandler.UnLinkAuthProviderHandler))
-	http.HandleFunc("/policies", handlers.EnableCORS(policyHandler.GetPolicyHandler))
-	http.HandleFunc("/create-policy", handlers.EnableCORS(policyHandler.CreatePolicyHandler))
-	http.HandleFunc("/attach-policy", handlers.EnableCORS(policyHandler.AttachPolicyHandler))
-	http.HandleFunc("/callback/", callbackHandler.HandleCallback)
-	http.HandleFunc("/me/", callbackHandler.HandleMe)
+	// application owner access
+	http.HandleFunc("/applications", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(appHandler.HandleApplications))
+
+	http.HandleFunc("/auth-provider", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(authProviderHandler.GetAuthConnectorHandler))
+	http.HandleFunc("/auth-provider/link", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(authProviderHandler.LinkAuthProviderHandler))
+	http.HandleFunc("/auth-provider/unlink", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(authProviderHandler.UnLinkAuthProviderHandler))
+
+	http.HandleFunc("/policies", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(policyHandler.GetPolicyHandler))
+	http.HandleFunc("/create-policy", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(policyHandler.CreatePolicyHandler))
+	http.HandleFunc("/attach-policy", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(policyHandler.AttachPolicyHandler))
+
+	http.HandleFunc("/grant-access", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(authHandler.GrandAccess))
+	http.HandleFunc("/revoke-access", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(authHandler.RevokeAccess))
+	http.HandleFunc("/revoke-credential", m.ChainMiddleware(m.XApiKeyMiddleware, m.LoggingMiddleware)(credentialHandler.RevokeOAuthCredential))
 
-	http.HandleFunc("/issue-credential", credentialHandler.IssueOAuthCredential)
-	http.HandleFunc("/revoke-credential", credentialHandler.RevokeOAuthCredential)
+	// application itself access
+	http.HandleFunc("/validate-access", m.ChainMiddleware(m.LoggingMiddleware)(authHandler.VerifyAccess))
+	http.HandleFunc("/issue-credential", m.ChainMiddleware(m.EnableCORS, m.LoggingMiddleware)(credentialHandler.IssueOAuthCredential))
+	// application user access
+	http.HandleFunc("/callback/", m.ChainMiddleware(m.EnableCORS, m.LoggingMiddleware)(callbackHandler.HandleCallback))
+	http.HandleFunc("/me/", m.ChainMiddleware(m.EnableCORS, m.LoggingMiddleware)(callbackHandler.HandleMe))
+	http.HandleFunc("/signup", m.ChainMiddleware(m.EnableCORS, m.LoggingMiddleware)(authHandler.SignUpHandler))
 
-	http.HandleFunc("/signup", authHandler.SignUpHandler)
-	http.HandleFunc("/signin", authHandler.SignInHandler)
+	http.HandleFunc("/get-access-token", m.ChainMiddleware(m.LoggingMiddleware)(authHandler.GetAccessToken))
+	http.HandleFunc("/request-access", m.ChainMiddleware(m.LoggingMiddleware)(authHandler.RequestAccess))
 
-	http.HandleFunc("/validate-access", authHandler.VerifyAccess)
-	http.HandleFunc("/grant-access", authHandler.GrandAccess)
-	http.HandleFunc("/revoke-access", authHandler.RevokeAccess)
 	// static web page for access_token
 	fs := http.FileServer(http.Dir("web"))
 	http.Handle("/web/", http.StripPrefix("/web/", fs))

config.yaml

@@ -0,0 +1,8 @@
+# config.yaml
+service:
+  badger_path: "./badger_db"
+  db_encryption_key: "badger"
+  jwt_encryption_key: "random"
+api:
+  x-api-key: "9dfccbf4-8c41-412f-841f-8cc10e4a26be"
+