This commit is contained in:
geek 2018-04-11 22:08:41 +09:00
parent 37fe2d08d0
commit 33dfa4bdcc
14 changed files with 195 additions and 30 deletions

22
Dockerfile Normal file
View File

@ -0,0 +1,22 @@
FROM alpine:3.7
# grab su-exec for easy step-down from root
RUN apk add --no-cache curl
COPY _docker/config/* /etc/overflow/config/
COPY _docker/bin/* /usr/local/overflow/bin/
RUN mkdir -p /etc/overflow/config; \
mkdir -p /usr/local/overflow/bin; \
mkdir -p /var/overflow/logs; \
chmod +x /usr/local/overflow/bin/docker-entrypoint.sh /usr/local/overflow/bin/member_gateway_rest;
ENV TINI_VERSION='0.17.0'
# Use tini as subreaper in Docker container to adopt zombie processes
RUN curl -fsSL https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-static-amd64 -o /bin/tini && chmod +x /bin/tini
EXPOSE 80
ENTRYPOINT ["/bin/tini", "--"]
CMD ["/usr/local/overflow/bin/docker-entrypoint.sh"]

View File

@ -0,0 +1,4 @@
#!/bin/sh
set -e
exec /usr/local/overflow/bin/member_gateway_rest -config-dir=/etc/overflow/config

BIN
_docker/bin/member_gateway_rest Executable file

Binary file not shown.

View File

@ -0,0 +1,30 @@
{
"serverHandler": {
"name": "Member Gateway REST",
"network": "tcp4",
"address": ":80",
"concurrency": 262144,
"keepAlive": 60,
"handshakeTimeout": 60,
"maxMessageSize": 8192,
"readBufferSize": 1024,
"writeBufferSize": 1024,
"readTimeout": 0,
"writeTimeout": 0,
"pongTimeout": 60,
"pingTimeout": 10,
"pingPeriod": 10,
"enableCompression": false
},
"external": {
"grpc": {
"network": "tcp4",
"address": "192.168.1.50:50006"
},
"redis": {
"network": "tcp4",
"address": "192.168.1.50:6379"
}
}
}

View File

@ -0,0 +1,51 @@
-----BEGIN RSA PRIVATE KEY-----
MIIJKgIBAAKCAgEAsmcQLI5ZQQThoePzL4dTwuAxqGPIfNCqTirQxZesyXTOEX3o
QFLkd3s6dNHmFQIj1jVsFXDML5wRvv7YeI4a9wOrH+QR62KEzB6aT/yxSsVhNrLx
kQ35Xd9keGmfyMRNr72iiP8Hrm+7O0x2vlGUQp8+jMCzDVNlFvE5V9iqjSv4Q/AH
rURg5fH8JBIMZnhcz/kmNgWg2NByTFDiQXRjwBY5ts4Ylk8mZdAuumyiseXjE4l2
JxdJJyRGqbx70wrC76MgTUvXEyw3MPSDGvN67PFYIJJwq5VpRNHeBMkNoPRWX6eE
9M1VNY+/rXuUGdg2ZxBzykAUjhjR9Iq/hawPZR78TaJ/w5wCVb7L6xIDqXb2Jqhl
FA4LHZmiDcR/m9Y2wI1DJkBeZpdxF1m19d5sxs3vNNKzNVquKEz1QBfKnLvPxBXK
pUT+zliCdzu1D/VU+veqDtKI8dmmGflc5lXeDUYfPc7Kt4XLEZDSTBQlMgtkgE94
ZcCJu6zdM3DrjPTh9OP5sG+/B5/KRYqZb4YpPGQ0TkXCaJjBtBEOM1FTk9/uhU/9
b6lFbgc/quCkmz8Vxe5sJ98tXMi/F5q5n8ba90AKaLUUwhTAxWV69NXweYtIMtKI
j7AuI7IuK64iIyW+CE6BAl0QOlMtgF2/EqKWltvmbYpb+YgWOYJwa8F8pj0CAwEA
AQKCAgEApv52U17ECWqqUkHwB1Njgo0droQIzVz9rcHCPtNleAYQRqtW1a9CEN2W
sHcyKgQgy4iiLceyOfabXe9rbh2G/CXA708rvuwvZmpXA/yDcHwmLW9/U8qC2+4a
O+STHvkxxwl5tUcUR6Jq3m0K0cfHQj2R7WsLr7OacslGZgZ4T0ETWXS7muLg2R2U
aadDWD/ekQalT/ggwhMMiodD4wUxwkKLr6Rnu3tHdBJVS0gZWvDXiBgqMxlG7o60
XnoCZmAybOKDgBc3sci3uOmIN5gmPtkDJyossVBgg3z3l/8i9MECgPNsL0JtOn/e
amO9FBwhgIQT/wPQudpd3cxqzpNqrCsCI6twWxWnvkmjGQ/ia2eSHwPnt5gzu+du
FEt4ZNHJCYvPsd5Q18dr433M4aQxTB7ba7YCELy4Q3wBXXpwGDvf6+fo9GY0rJ41
O7sCE2g2O9kGct12dD2saUZagXnHYJB3A9uSIMZ09o/mN2MZsIVx/umfbWWWcjug
iLqHWTAXeR27LTGjcPiNCVDM95+G71e76k+mLRyKYzQrmREeU6tXKUhXi2IDMAZm
tFKB2toLyoFrJLbTeVU8pv+PQK2iv5r7kQg14h2aaid3OyGubcvBGfORTuDR+rFF
2wn6kBUooP0J3xKhzCnaIB8qtQGpOKd+WJtKW/WgtvT2TOjdoAECggEBANub/8+v
mH/+OPPzA+9DgInynukt3knF+KVtZ9yEJYvrBP8eFYOIecPG000SRvfAoDJuqYc0
yhfTWdDs1Yiw39SmP3ACgObBBRiEXXmWh1x9alytc0UTX1fh9mf5PocuxvWLtHCH
SZ89lzs6Znu8di3aUWwMF7oU+ZF1TgAC9YUpS+SqRG6rV2RJ+TiJWJdS3BaQzhLe
S7Ul4No7DByPnsTAJG82YARGi6EyBQA04kYB49dO+kAXNyQ6qNR89tchV9IAA6qz
kR2ExgoA9c6kZUsexkS2ir1iuwjYUmHxhadJFUTGVzbgOcAbSBmUNEINM0CPgddi
ttPaKMo80kUlKj0CggEBAM/3CkWa99j+T+oyoyLNiIWqfdktZaguDv+yxGV4rWx/
rntRs6Dj0isTQYe3wgaeD7A6N618gS7etjI7q/wiw/0rknxyxLvQOTFLs/OWYcLs
smsnbHBvMnWcjKaH50DUrBAQDP39vOcBIkeEwP4AcUnJXJW6T8HI9nqBqMCJ1MHv
n16Fd6bnKM8AdiB6O8mLcPWVAN9aVy8CbL0G3EWV289+yDz9ftuxkOApfvIHfaHx
EbuvE2xTIaANXcF6h1CK0izejXQLu/J7tE0j+G5oIe3bblIQvQmxVEzTKgv+S9qC
6WqVBNFN0/Dll+HWrCYSP0XyRk5QzlN3lDSUCg+5LAECggEBALAkJoEZEVMPv/SC
pVRCKxX6ANV8Ub+QR0fAQb7QSyE3htFs+sp+K1QI5C/8CenrmVH6CoWEpNeJUI/P
ddHmNBFmqpkXmPX8OS8Z87NzNezMNwRQppTv3dgqSC3K7wkUTsZhoH9lM3rCtsrt
o4d5eLx8UDQ+WsWIz0eI89/0f6KnpdSpcKvnR/gLkRZ0qxbsgdSjnnXp0IVh9UB0
fdlmpGygxFhjH44uWw4WhYZN5HNMTsfB89x2AmdPmVydQor4lmy8UDSZRDqN5R3e
+Ukd+JTRASvZ0dvnFacZgrJGOvIbHzEDeK5uGEPqXeEOSv/zgHk24Wi1J3kykObs
86Y8Ee0CggEAZNrywVTpU/Ppf7O1CADTb7eCNtvcTBaiMYFZ27gNquu1C5tQ2PsD
ht5czlvgneLzysxBCkKyR6+8floQC0Q09ke2T+I85LSTuAN1rvFEUgsGcA77eP+E
YiNc1rpb/UXmeBfApUDz5rfXDwYjrks6pcUgwIBNg7ZZSoos88skQjVafbWOlIPQ
d6tKnm+JJTIZww/TD365f1PWtkloc9q8ckGTDHkHl7Xig8O8C9Z0KCBIMFQ0wDkE
uqEg0d8BVp8sVJRN13SFXpB9nVePeMPJiJf9RZFWjCfSsTtLTeuyj7MjTgwc/QCY
g2BlKyI39HKu+tYHIJ3xoesBFgqhYoS0AQKCAQEA0E3oLbrGvq5U3SlDXmVzRNV6
7vDhl9H7KJvNA4+C9XPDAyPNtzS1hYYlELSV4EW/G1GY9Mm0VSxLQrVMyhSCN/Ih
Tj7t4xfAevjYoI2XtXwjmjxKYznaL2t99g8NAzeK27Pa/z0J9tm9Uxm2akweGqsI
gJ6u7daFksV9JXQtbQ9nRmBQ1E7mYxjsTEDdPSEl+S4M4UjTE38OLpRZRv49vSNZ
wFjOnrpEETJY/eMhyyUgR2LNM2hrvd95QvykLpzVFguNQlsqCxWL8D81RSdSmDF9
xdYsAuVTkhDWXwJ8hV95QxlurTu4rJgLBQA5gfxi20m8dWlO5KsMGyYqak3oWg==
-----END RSA PRIVATE KEY-----

View File

@ -0,0 +1,14 @@
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsmcQLI5ZQQThoePzL4dT
wuAxqGPIfNCqTirQxZesyXTOEX3oQFLkd3s6dNHmFQIj1jVsFXDML5wRvv7YeI4a
9wOrH+QR62KEzB6aT/yxSsVhNrLxkQ35Xd9keGmfyMRNr72iiP8Hrm+7O0x2vlGU
Qp8+jMCzDVNlFvE5V9iqjSv4Q/AHrURg5fH8JBIMZnhcz/kmNgWg2NByTFDiQXRj
wBY5ts4Ylk8mZdAuumyiseXjE4l2JxdJJyRGqbx70wrC76MgTUvXEyw3MPSDGvN6
7PFYIJJwq5VpRNHeBMkNoPRWX6eE9M1VNY+/rXuUGdg2ZxBzykAUjhjR9Iq/hawP
ZR78TaJ/w5wCVb7L6xIDqXb2JqhlFA4LHZmiDcR/m9Y2wI1DJkBeZpdxF1m19d5s
xs3vNNKzNVquKEz1QBfKnLvPxBXKpUT+zliCdzu1D/VU+veqDtKI8dmmGflc5lXe
DUYfPc7Kt4XLEZDSTBQlMgtkgE94ZcCJu6zdM3DrjPTh9OP5sG+/B5/KRYqZb4Yp
PGQ0TkXCaJjBtBEOM1FTk9/uhU/9b6lFbgc/quCkmz8Vxe5sJ98tXMi/F5q5n8ba
90AKaLUUwhTAxWV69NXweYtIMtKIj7AuI7IuK64iIyW+CE6BAl0QOlMtgF2/EqKW
ltvmbYpb+YgWOYJwa8F8pj0CAwEAAQ==
-----END PUBLIC KEY-----

8
build.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
rm ./_docker/bin/member_gateway_rest
CGO_ENABLED=0 go build -a --installsuffix cgo --ldflags="-s" -o ./_docker/bin/member_gateway_rest
docker build -t docker.loafle.net/overflow/member_gateway_rest:1.0.0 .
#docker push docker.loafle.net/overflow/member_gateway_rest:1.0.0

View File

@ -3,9 +3,13 @@ package config
import (
occe "git.loafle.net/overflow/commons-go/config/external"
ogrs "git.loafle.net/overflow/gateway_rest/server"
"crypto/rsa"
)
type Config struct {
ServerHandler *ogrs.ServerHandlers `json:"serverHandler"`
External *occe.External `json:"external"`
VerifyKey *rsa.PublicKey
SignKey *rsa.PrivateKey
}

11
docker-compose.yml Normal file
View File

@ -0,0 +1,11 @@
version: "3"
services:
member_gateway_rest:
image: docker.loafle.net/overflow/member_gateway_rest:1.0.0
container_name: member_gateway_rest
# volumes:
# - /service/redis/data/var/redis:/data
# - /service/redis/data/usr/local/etc/redis/redis.conf:/usr/local/etc/redis/redis.conf
ports:
- "19080:80"

View File

@ -11,3 +11,4 @@ import:
- package: git.loafle.net/overflow/commons-go
- package: github.com/dgrijalva/jwt-go
version: ^3.2.0
- package: git.loafle.net/commons/cors-go

29
main.go
View File

@ -14,6 +14,9 @@ import (
"git.loafle.net/overflow/member_gateway_rest/config"
"git.loafle.net/overflow/member_gateway_rest/server"
"git.loafle.net/overflow/member_gateway_rest/service"
"io/ioutil"
"path"
"github.com/dgrijalva/jwt-go"
)
var (
@ -35,6 +38,8 @@ func main() {
logging.Logger().Panic(err)
}
loadKey(*configDir, _config)
service.InitPackage()
defer func() {
service.DestroyPackage()
@ -65,3 +70,27 @@ func main() {
logging.Logger().Errorf("error: %v", err)
}
}
func loadKey(configDir string, _config *config.Config) {
signBytes, err := ioutil.ReadFile(path.Join(configDir, "overFlow-private.key"))
if nil != err {
logging.Logger().Panic(err)
}
_config.SignKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)
if nil != err {
logging.Logger().Panic(err)
}
verifyBytes, err := ioutil.ReadFile(path.Join(configDir, "overFlow-public.pem"))
if nil != err {
logging.Logger().Panic(err)
}
_config.VerifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
if nil != err {
logging.Logger().Panic(err)
}
}

View File

@ -5,6 +5,8 @@ import (
oge "git.loafle.net/overflow/gateway/external"
ogrs "git.loafle.net/overflow/gateway_rest/server"
"git.loafle.net/overflow/member_gateway_rest/config"
"github.com/valyala/fasthttp"
ccf "git.loafle.net/commons/cors-go/fasthttp"
)
type ServerHandler interface {
@ -15,6 +17,7 @@ type ServerHandlers struct {
ogrs.ServerHandlers
Config *config.Config
corsHandler ccf.Cors
}
func (sh *ServerHandlers) Init(serverCtx cs.ServerCtx) error {
@ -23,6 +26,8 @@ func (sh *ServerHandlers) Init(serverCtx cs.ServerCtx) error {
}
oge.InitPackage(sh.Config.External)
sh.corsHandler = ccf.AllowAll()
return nil
}
@ -47,3 +52,7 @@ func (sh *ServerHandlers) Destroy(serverCtx cs.ServerCtx) {
sh.ServerHandlers.Destroy(serverCtx)
}
func (sh *ServerHandlers) CheckOrigin(ctx *fasthttp.RequestCtx) bool {
return sh.corsHandler.Handle(ctx)
}

View File

@ -11,6 +11,10 @@ import (
func NewServer(_config *config.Config) *cswf.Server {
cdr.RegisterResource("VerifyKey", _config.VerifyKey)
cdr.RegisterResource("SignKey", _config.SignKey)
services, err := cdr.GetInstancesByAnnotationType(oca.RESTServiceAnnotationType)
if nil != err {
logging.Logger().Panic(err)

View File

@ -5,56 +5,34 @@ import (
"crypto/rsa"
"encoding/json"
"fmt"
"io/ioutil"
"reflect"
"time"
cda "git.loafle.net/commons/di-go/annotation"
cdr "git.loafle.net/commons/di-go/registry"
logging "git.loafle.net/commons/logging-go"
"git.loafle.net/commons/logging-go"
"git.loafle.net/commons/server-go"
_ "git.loafle.net/overflow/commons-go/annotation"
"git.loafle.net/overflow/gateway/external/grpc"
"github.com/valyala/fasthttp"
jwt "github.com/dgrijalva/jwt-go"
"github.com/dgrijalva/jwt-go"
"net/url"
)
var (
verifyKey *rsa.PublicKey
signKey *rsa.PrivateKey
)
var MemberServiceType = reflect.TypeOf((*MemberService)(nil))
func init() {
func init() {
cdr.RegisterType(MemberServiceType)
signBytes, err := ioutil.ReadFile("overFlow-private.key")
if nil != err {
panic(err)
}
signKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)
if nil != err {
panic(err)
}
verifyBytes, err := ioutil.ReadFile("overFlow-public.pem")
if nil != err {
panic(err)
}
verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
if nil != err {
panic(err)
}
}
type MemberService struct {
cda.TypeAnnotation `annotation:"@overflow:RESTService()"`
VerifyKey *rsa.PublicKey `annotation:"@Resource(name='VerifyKey')"`
SignKey *rsa.PrivateKey `annotation:"@Resource(name='SignKey')"`
_Signin cda.MethodAnnotation `annotation:"@overflow:RequestMapping(method='POST', entry='/account/signin', params='[signinID, signinPW]')"`
_SigninByCookie cda.MethodAnnotation `annotation:"@overflow:RequestMapping(method='POST', entry='/account/signin_cookie', params='[authToken]')"`
_Signup cda.MethodAnnotation `annotation:"@overflow:RequestMapping(method='POST', entry='/account/signup', params='[member, pw]')"`
@ -102,7 +80,7 @@ func (ms *MemberService) Signin(servletCtx server.ServletCtx, ctx *fasthttp.Requ
claims["sub"] = signinID
/* Sign the token with our secret */
tokenString, err := token.SignedString(signKey)
tokenString, err := token.SignedString(ms.SignKey)
if nil != err {
return err
}
@ -137,7 +115,7 @@ func (ms *MemberService) SigninByCookie(servletCtx server.ServletCtx, ctx *fasth
}
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
return verifyKey, nil
return ms.VerifyKey, nil
})
if nil != err {
return err