feat: add configurable broker

packetframe · Jul 6, 2022 · cd27371 · cd27371
1 parent 54f9e0a
commit cd27371
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 141 deletions.
diff --git a/Caddyfile b/Caddyfile
@@ -1,6 +1,6 @@
 localhost {
     route * {
-        packetframe_httpgate always
+        packetframe_httpgate https://httpgate-broker.packetframe.com always
         respond "test"
     }
 }
diff --git a/httpgate/broker/main.go b/httpgate/broker/main.go
diff --git a/httpgate/broker_api.go b/httpgate/broker_api.go
@@ -7,10 +7,8 @@ import (
 	"strings"
 )
 
-const broker = "http://localhost:8080"
-
 // newHash requests a new hash from the broker
-func newHash() (string, error) {
+func newHash(broker string) (string, error) {
 	resp, err := http.Get(broker + "/new")
 	if err != nil {
 		return "", err
@@ -26,7 +24,7 @@ func newHash() (string, error) {
 }
 
 // validate verifies a token/hash against the broker
-func validate(httpGate string) (bool, error) {
+func validate(broker, httpGate string) (bool, error) {
 	parts := strings.Split(httpGate, ":")
 	if len(parts) != 2 {
 		return false, fmt.Errorf("invalid token")

diff --git a/httpgate/main.go b/httpgate/main.go
@@ -25,7 +25,8 @@ func init() {
 // HTTPGate represents the HTTP gate module
 type HTTPGate struct {
 	// Client challenge intensity mode
-	Mode string `json:"mode,omitempty"`
+	Mode   string `json:"mode,omitempty"`
+	Broker string `json:"broker,omitempty"`
 
 	indexTemplate *template.Template
 	logger        *zap.Logger
@@ -65,6 +66,9 @@ func (p *HTTPGate) Validate() error {
 	default:
 		return fmt.Errorf("invalid mode: %s", p.Mode)
 	}
+	if p.Broker == "" {
+		return fmt.Errorf("broker is required")
+	}
 	return nil
 }
 
@@ -83,7 +87,7 @@ func (p HTTPGate) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyht
 	forceChallenge := false
 
 	if httpGate != "" {
-		ok, err := validate(httpGate)
+		ok, err := validate(p.Broker, httpGate)
 		if err != nil {
 			p.internalServerError(err)
 			return next.ServeHTTP(w, r) // fail open
@@ -102,7 +106,7 @@ func (p HTTPGate) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyht
 	}
 
 	if forceChallenge || p.shouldChallenge(r) {
-		h, err := newHash()
+		h, err := newHash(p.Broker)
 		if err != nil {
 			p.internalServerError(err)
 			return next.ServeHTTP(w, r) // fail open
@@ -126,6 +130,9 @@ func (p *HTTPGate) UnmarshalCaddyfile(_ *caddyfile.Dispenser) error {
 func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
 	var p HTTPGate
 	for h.Next() {
+		if !h.Args(&p.Broker) {
+			return nil, h.ArgErr()
+		}
 		if !h.Args(&p.Mode) {
 			return nil, h.ArgErr()
 		}