1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

//! Web server handler implementation using axum.

#![forbid(unsafe_code)]
#![warn(missing_docs)]

use anyhow::Result;
use axum::extract::{Extension, Path};
use axum::http::{Request, StatusCode};
use axum::middleware;
use axum::response::Response;
use axum::routing::get;
use axum::{response::Html, Json, Router};
use serde_json::Value;
use tracing::{error, warn};

use self::state::State;

pub mod cache;
pub mod resolver;
pub mod state;
pub mod storage;
pub mod template;

/// Authorization token validation.
async fn auth<B>(
    req: Request<B>,
    next: middleware::Next<B>,
    secret: String,
) -> Result<Response, StatusCode> {
    let auth_header = req
        .headers()
        .get("X-Cadre-Secret")
        .and_then(|header| header.to_str().ok());

    // Checks auth header against secret.
    match auth_header {
        Some(auth_header) if auth_header == secret => Ok(next.run(req).await),
        _ => Err(StatusCode::UNAUTHORIZED),
    }
}

/// Web server for handling requests.
pub fn server(state: State, secret: String) -> Router {
    Router::new()
        .route("/t/:env", get(get_template_handler).put(put_handler))
        .route("/c", get(list_configs_handler))
        .route("/c/:env", get(get_config_handler))
        .layer(Extension(state))
        .route_layer(middleware::from_fn(move |req, next| {
            auth(req, next, secret.clone())
        }))
        .route("/ping", get(|| async { "cadre ok" }))
        .route("/", get(|| async { Html(include_str!("index.html")) }))
}

async fn get_template_handler(
    Extension(state): Extension<State>,
    Path(env): Path<String>,
) -> Result<Json<Value>, StatusCode> {
    match state.read_template(&env).await {
        Ok(value) => Ok(Json(value)),
        Err(err) => {
            warn!(%env, ?err, "problem getting template");
            Err(StatusCode::NOT_FOUND)
        }
    }
}

async fn get_config_handler(
    Extension(state): Extension<State>,
    Path(env): Path<String>,
) -> Result<Json<Value>, StatusCode> {
    match state.load_config(&env).await {
        Ok(value) => Ok(Json(value)),
        Err(err) => {
            warn!(%env, ?err, "problem reading config");
            Err(StatusCode::NOT_FOUND)
        }
    }
}

async fn list_configs_handler(
    Extension(state): Extension<State>,
) -> Result<Json<Vec<String>>, StatusCode> {
    match state.list_configs().await {
        Ok(value) => Ok(Json(value)),
        Err(err) => {
            warn!(?err, "problem reading all configs");
            Err(StatusCode::NOT_FOUND)
        }
    }
}

async fn put_handler(
    Extension(state): Extension<State>,
    Path(env): Path<String>,
    body: Json<Value>,
) -> Result<(), StatusCode> {
    match state.write_template(&env, &body).await {
        Ok(_) => Ok(()),
        Err(err) => {
            error!(?err, "could not put config");
            Err(StatusCode::INTERNAL_SERVER_ERROR)
        }
    }
}