list network interface

Author: emosbaugh

api/api.go

@@ -9,28 +9,36 @@ import (
 	"github.com/sirupsen/logrus"
 
 	"github.com/replicatedhq/embedded-cluster/api/controllers/auth"
+	"github.com/replicatedhq/embedded-cluster/api/controllers/console"
 	"github.com/replicatedhq/embedded-cluster/api/controllers/install"
 	"github.com/replicatedhq/embedded-cluster/api/types"
 )
 
 type API struct {
-	installController install.Controller
 	authController    auth.Controller
+	consoleController console.Controller
+	installController install.Controller
 	configChan        chan<- *types.InstallationConfig
 	logger            logrus.FieldLogger
 }
 
 type APIOption func(*API)
 
-func WithInstallController(installController install.Controller) APIOption {
+func WithAuthController(authController auth.Controller) APIOption {
 	return func(a *API) {
-		a.installController = installController
+		a.authController = authController
 	}
 }
 
-func WithAuthController(authController auth.Controller) APIOption {
+func WithConsoleController(consoleController console.Controller) APIOption {
 	return func(a *API) {
-		a.authController = authController
+		a.consoleController = consoleController
+	}
+}
+
+func WithInstallController(installController install.Controller) APIOption {
+	return func(a *API) {
+		a.installController = installController
 	}
 }
 
@@ -52,14 +60,6 @@ func New(password string, opts ...APIOption) (*API, error) {
 		opt(api)
 	}
 
-	if api.installController == nil {
-		installController, err := install.NewInstallController()
-		if err != nil {
-			return nil, fmt.Errorf("new install controller: %w", err)
-		}
-		api.installController = installController
-	}
-
 	if api.authController == nil {
 		authController, err := auth.NewAuthController(password)
 		if err != nil {
@@ -68,6 +68,22 @@ func New(password string, opts ...APIOption) (*API, error) {
 		api.authController = authController
 	}
 
+	if api.consoleController == nil {
+		consoleController, err := console.NewConsoleController()
+		if err != nil {
+			return nil, fmt.Errorf("new console controller: %w", err)
+		}
+		api.consoleController = consoleController
+	}
+
+	if api.installController == nil {
+		installController, err := install.NewInstallController()
+		if err != nil {
+			return nil, fmt.Errorf("new install controller: %w", err)
+		}
+		api.installController = installController
+	}
+
 	if api.logger == nil {
 		api.logger = NewDiscardLogger()
 	}
@@ -88,6 +104,9 @@ func (a *API) RegisterRoutes(router *mux.Router) {
 	installRouter.HandleFunc("/config", a.setInstallConfig).Methods("POST")
 	installRouter.HandleFunc("/status", a.setInstallStatus).Methods("POST")
 	installRouter.HandleFunc("/status", a.getInstallStatus).Methods("GET")
+
+	consoleRouter := authenticatedRouter.PathPrefix("/console").Subrouter()
+	consoleRouter.HandleFunc("/available-network-interfaces", a.getListAvailableNetworkInterfaces).Methods("GET")
 }
 
 func handleError(w http.ResponseWriter, err error) {

api/auth.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"errors"
 	"net/http"
+	"strings"
 
 	"github.com/replicatedhq/embedded-cluster/api/controllers/auth"
 	"github.com/replicatedhq/embedded-cluster/api/types"
@@ -14,19 +15,32 @@ type AuthRequest struct {
 }
 
 type AuthResponse struct {
-	SessionToken string `json:"sessionToken"`
+	Token string `json:"token"`
 }
 
 func (a *API) authMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		sessionToken := r.Header.Get("Authorization")
-		if sessionToken == "" {
-			types.NewUnauthorizedError(errors.New("authorization header is required")).JSON(w)
+		token := r.Header.Get("Authorization")
+		if token == "" {
+			err := errors.New("authorization header is required")
+			a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+				Error("failed to authenticate")
+			types.NewUnauthorizedError(err).JSON(w)
+			return
+		} else if !strings.HasPrefix(token, "Bearer ") {
+			err := errors.New("authorization header must start with Bearer ")
+			a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+				Error("failed to authenticate")
+			types.NewUnauthorizedError(err).JSON(w)
 			return
 		}
 
-		err := a.authController.ValidateToken(r.Context(), sessionToken)
+		token = token[len("Bearer "):]
+
+		err := a.authController.ValidateToken(r.Context(), token)
 		if err != nil {
+			a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+				Error("failed to validate token")
 			types.NewUnauthorizedError(err).JSON(w)
 			return
 		}
@@ -39,21 +53,25 @@ func (a *API) postAuthLogin(w http.ResponseWriter, r *http.Request) {
 	var request AuthRequest
 	err := json.NewDecoder(r.Body).Decode(&request)
 	if err != nil {
+		a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+			Error("failed to decode auth request")
 		types.NewBadRequestError(err).JSON(w)
 		return
 	}
 
-	sessionToken, err := a.authController.Authenticate(r.Context(), request.Password)
+	token, err := a.authController.Authenticate(r.Context(), request.Password)
 	if errors.Is(err, auth.ErrInvalidPassword) {
 		types.NewUnauthorizedError(err).JSON(w)
 		return
 	} else if err != nil {
+		a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+			Error("failed to authenticate")
 		types.NewInternalServerError(err).JSON(w)
 		return
 	}
 
 	response := AuthResponse{
-		SessionToken: sessionToken,
+		Token: token,
 	}
 
 	json.NewEncoder(w).Encode(response)

api/console.go

@@ -0,0 +1,30 @@
+package api
+
+import (
+	"encoding/json"
+	"net/http"
+)
+
+type getListAvailableNetworkInterfacesResponse struct {
+	NetworkInterfaces []string `json:"networkInterfaces"`
+}
+
+func (a *API) getListAvailableNetworkInterfaces(w http.ResponseWriter, r *http.Request) {
+	interfaces, err := a.consoleController.ListAvailableNetworkInterfaces()
+	if err != nil {
+		a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+			Error("failed to list available network interfaces")
+		handleError(w, err)
+		return
+	}
+
+	a.logger.WithFields(logrusFieldsFromRequest(r)).
+		WithField("interfaces", interfaces).
+		Info("got available network interfaces")
+
+	response := getListAvailableNetworkInterfacesResponse{
+		NetworkInterfaces: interfaces,
+	}
+
+	json.NewEncoder(w).Encode(response)
+}

api/controllers/auth/controller.go

@@ -51,7 +51,7 @@ func (c *AuthController) Authenticate(ctx context.Context, password string) (str
 }
 
 func (c *AuthController) ValidateToken(ctx context.Context, token string) error {
-	_, err := verifyToken(token)
+	_, err := validateToken(token)
 	if err != nil {
 		return err
 	}

api/controllers/auth/token.go

@@ -21,7 +21,7 @@ func getToken(name string) (string, error) {
 	return tokenString, err
 }
 
-func verifyToken(tokenString string) (jwt.Claims, error) {
+func validateToken(tokenString string) (jwt.Claims, error) {
 	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (any, error) {
 		return signingKey, nil
 	}, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}))

api/controllers/console/controller.go

@@ -0,0 +1,39 @@
+package console
+
+import (
+	"github.com/replicatedhq/embedded-cluster/api/pkg/utils"
+)
+
+type Controller interface {
+	ListAvailableNetworkInterfaces() ([]string, error)
+}
+
+type ConsoleController struct {
+	utils.NetUtils
+}
+
+type ConsoleControllerOption func(*ConsoleController)
+
+func WithNetUtils(netUtils utils.NetUtils) ConsoleControllerOption {
+	return func(c *ConsoleController) {
+		c.NetUtils = netUtils
+	}
+}
+
+func NewConsoleController(opts ...ConsoleControllerOption) (*ConsoleController, error) {
+	controller := &ConsoleController{}
+
+	for _, opt := range opts {
+		opt(controller)
+	}
+
+	if controller.NetUtils == nil {
+		controller.NetUtils = utils.NewNetUtils()
+	}
+
+	return controller, nil
+}
+
+func (c *ConsoleController) ListAvailableNetworkInterfaces() ([]string, error) {
+	return c.NetUtils.ListValidNetworkInterfaces()
+}

api/install.go

@@ -23,7 +23,11 @@ func (a *API) getInstall(w http.ResponseWriter, r *http.Request) {
 
 	w.Header().Set("Content-Type", "application/json")
 	w.WriteHeader(http.StatusOK)
-	json.NewEncoder(w).Encode(install)
+	err = json.NewEncoder(w).Encode(install)
+	if err != nil {
+		a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+			Error("failed to encode installation")
+	}
 }
 
 func (a *API) setInstallConfig(w http.ResponseWriter, r *http.Request) {
@@ -72,13 +76,19 @@ func (a *API) setInstallStatus(w http.ResponseWriter, r *http.Request) {
 func (a *API) getInstallStatus(w http.ResponseWriter, r *http.Request) {
 	status, err := a.installController.ReadStatus(r.Context())
 	if err != nil {
+		a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+			Error("failed to get installation status")
 		handleError(w, err)
 		return
 	}
 
 	w.Header().Set("Content-Type", "application/json")
 	w.WriteHeader(http.StatusOK)
-	json.NewEncoder(w).Encode(status)
+	err = json.NewEncoder(w).Encode(status)
+	if err != nil {
+		a.logger.WithFields(logrusFieldsFromRequest(r)).WithError(err).
+			Error("failed to encode installation status")
+	}
 }
 
 func logrusFieldsFromRequest(r *http.Request) logrus.Fields {

api/integration/auth_controller_test.go

@@ -26,7 +26,7 @@ func TestAuthLoginAndTokenValidation(t *testing.T) {
 	// Create an install controller
 	installController, err := install.NewInstallController(
 		install.WithInstallationManager(installation.NewInstallationManager(
-			installation.WithNetUtils(&mockNetUtils{iface: "eth0"}),
+			installation.WithNetUtils(&mockNetUtils{ifaces: []string{"eth0", "eth1"}}),
 		)),
 	)
 	require.NoError(t, err)
@@ -69,11 +69,11 @@ func TestAuthLoginAndTokenValidation(t *testing.T) {
 		require.NoError(t, err)
 
 		// Validate that we got a session token
-		assert.NotEmpty(t, loginResponse.SessionToken)
+		assert.NotEmpty(t, loginResponse.Token)
 
 		// Now use this token to access a protected route
 		getInstallReq := httptest.NewRequest(http.MethodGet, "/install", nil)
-		getInstallReq.Header.Set("Authorization", loginResponse.SessionToken)
+		getInstallReq.Header.Set("Authorization", "Bearer "+loginResponse.Token)
 		getInstallRec := httptest.NewRecorder()
 
 		// Serve the request
@@ -119,7 +119,7 @@ func TestAuthLoginAndTokenValidation(t *testing.T) {
 	// Test access to protected route with invalid token
 	t.Run("access protected route with invalid token", func(t *testing.T) {
 		req := httptest.NewRequest(http.MethodGet, "/install", nil)
-		req.Header.Set("Authorization", "invalid-token")
+		req.Header.Set("Authorization", "Bearer "+"invalid-token")
 		rec := httptest.NewRecorder()
 
 		// Serve the request

api/integration/console_test.go

@@ -0,0 +1 @@
+package integration