platform.go

/*
2019 © Postgres.ai
*/

// Package platform provides a Platform service.
package platform

import (
"context"
"errors"
"fmt"
"net/url"

"gitlab.com/postgres-ai/database-lab/v3/pkg/client/platform"
"gitlab.com/postgres-ai/database-lab/v3/pkg/log"
)

// PersonalTokenVerifier declares an interface of a struct for Platform Personal Token verification.
typePersonalTokenVerifierinterface {
IsAllowedToken(ctx context.Context, tokenstring) bool
IsPersonalTokenEnabled() bool
}

// Config provides configuration for the Platform service.
typeConfigstruct {
URLstring`yaml:"url"`
OrgKeystring`yaml:"orgKey"`
ProjectNamestring`yaml:"projectName"`
AccessTokenstring`yaml:"accessToken"`
EnablePersonalTokenbool`yaml:"enablePersonalTokens"`
EnableTelemetrybool`yaml:"enableTelemetry"`
}

// Service defines a Platform service.
typeServicestruct {
Client*platform.Client
cfgConfig
tokenToken
}

// Token defines verified Platform Token.
typeTokenstruct {
OrganizationIDuint
}

// New creates a new platform service.
funcNew(ctx context.Context, cfgConfig, instanceIDstring) (*Service, error) {
s:=&Service{cfg: cfg}

client, err:=platform.NewClient(platform.ClientConfig{
URL: s.cfg.URL,
OrgKey: s.cfg.OrgKey,
ProjectName: s.cfg.ProjectName,
AccessToken: s.cfg.AccessToken,
InstanceID: instanceID,
 })
iferr!=nil {
varcvWarning*platform.ConfigValidationWarning
iferrors.As(err, &cvWarning) {
log.Warn(err)

s.Client=client

returns, nil
 }

returnnil, fmt.Errorf("failed to create new Platform Client: %w", err)
 }

s.Client=client

ifs.cfg.AccessToken!="" {
platformToken, err:=client.CheckPlatformToken(ctx, platform.TokenCheckRequest{Token: s.cfg.AccessToken})
iferr!=nil {
returnnil, err
 }

ifplatformToken.OrganizationID==0 {
returnnil, errors.New("invalid organization ID associated with the given Platform Access Token")
 }

s.token=Token{
OrganizationID: platformToken.OrganizationID,
 }
 }

returns, nil
}

// Reload reloads service configuration.
func (s*Service) Reload(newService*Service) {
*s=*newService
}

// IsAllowedToken checks if the Platform Personal Token is allowed.
func (s*Service) IsAllowedToken(ctx context.Context, personalTokenstring) bool {
if!s.IsPersonalTokenEnabled() {
returnfalse
 }

platformToken, err:=s.Client.CheckPlatformToken(ctx, platform.TokenCheckRequest{Token: personalToken})
iferr!=nil {
returnfalse
 }

if!platformToken.Personal {
log.Dbg("Non-personal token given")

returnfalse
 }

returns.isAllowedOrganization(platformToken.OrganizationID)
}

// IsPersonalTokenEnabled checks if the Platform Personal Token is enabled.
func (s*Service) IsPersonalTokenEnabled() bool {
returns.cfg.EnablePersonalToken
}

// isAllowedOrganization checks if organization is associated to the current Platform service.
func (s*Service) isAllowedOrganization(organizationIDuint) bool {
returnorganizationID!=0&&organizationID==s.token.OrganizationID
}

// IsTelemetryEnabled checks if the Platform Telemetry is enabled.
func (s*Service) IsTelemetryEnabled() bool {
returns.cfg.EnableTelemetry
}

// OriginURL reports the origin Platform hostname.
func (s*Service) OriginURL() string {
parsedURL, err:=url.Parse(s.cfg.URL)
iferr!=nil {
log.Dbg("Cannot parse Platform URL")
 }

platformURL:= url.URL{Scheme: parsedURL.Scheme, Host: parsedURL.Host}

returnplatformURL.String()
}

// AccessToken returns Platform AccessToken.
func (s*Service) AccessToken() string {
returns.cfg.AccessToken
}

// Token returns verified Platform Token.
func (s*Service) Token() Token {
returns.token
}

// OrgKey returns the organization key of the instance.
func (s*Service) OrgKey() string {
returns.cfg.OrgKey
}