Merge pull request smallstep#858 from smallstep/panos/api/read

api/read: initial implementation of the package

Author: azazeal

api/api.go

@@ -20,6 +20,7 @@ import (
 
 	"github.com/go-chi/chi"
 	"github.com/pkg/errors"
+
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/config"
 	"github.com/smallstep/certificates/authority/provisioner"

api/api_test.go

@@ -28,15 +28,17 @@ import (
 
 	"github.com/go-chi/chi"
 	"github.com/pkg/errors"
+	"golang.org/x/crypto/ssh"
+
+	"go.step.sm/crypto/jose"
+	"go.step.sm/crypto/x509util"
+
 	"github.com/smallstep/assert"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/provisioner"
 	"github.com/smallstep/certificates/errs"
 	"github.com/smallstep/certificates/logging"
 	"github.com/smallstep/certificates/templates"
-	"go.step.sm/crypto/jose"
-	"go.step.sm/crypto/x509util"
-	"golang.org/x/crypto/ssh"
 )
 
 const (

api/errors.go

@@ -7,6 +7,7 @@ import (
 	"os"
 
 	"github.com/pkg/errors"
+
 	"github.com/smallstep/certificates/acme"
 	"github.com/smallstep/certificates/authority/admin"
 	"github.com/smallstep/certificates/errs"

api/read/read.go

@@ -0,0 +1,31 @@
+// Package read implements request object readers.
+package read
+
+import (
+	"encoding/json"
+	"io"
+
+	"google.golang.org/protobuf/encoding/protojson"
+	"google.golang.org/protobuf/proto"
+
+	"github.com/smallstep/certificates/errs"
+)
+
+// JSON reads JSON from the request body and stores it in the value
+// pointed by v.
+func JSON(r io.Reader, v interface{}) error {
+	if err := json.NewDecoder(r).Decode(v); err != nil {
+		return errs.BadRequestErr(err, "error decoding json")
+	}
+	return nil
+}
+
+// ProtoJSON reads JSON from the request body and stores it in the value
+// pointed by v.
+func ProtoJSON(r io.Reader, m proto.Message) error {
+	data, err := io.ReadAll(r)
+	if err != nil {
+		return errs.BadRequestErr(err, "error reading request body")
+	}
+	return protojson.Unmarshal(data, m)
+}

api/read/read_test.go

@@ -0,0 +1,46 @@
+package read
+
+import (
+	"io"
+	"reflect"
+	"strings"
+	"testing"
+
+	"github.com/smallstep/certificates/errs"
+)
+
+func TestJSON(t *testing.T) {
+	type args struct {
+		r io.Reader
+		v interface{}
+	}
+	tests := []struct {
+		name    string
+		args    args
+		wantErr bool
+	}{
+		{"ok", args{strings.NewReader(`{"foo":"bar"}`), make(map[string]interface{})}, false},
+		{"fail", args{strings.NewReader(`{"foo"}`), make(map[string]interface{})}, true},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := JSON(tt.args.r, &tt.args.v)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("JSON() error = %v, wantErr %v", err, tt.wantErr)
+			}
+
+			if tt.wantErr {
+				e, ok := err.(*errs.Error)
+				if ok {
+					if code := e.StatusCode(); code != 400 {
+						t.Errorf("error.StatusCode() = %v, wants 400", code)
+					}
+				} else {
+					t.Errorf("error type = %T, wants *Error", err)
+				}
+			} else if !reflect.DeepEqual(tt.args.v, map[string]interface{}{"foo": "bar"}) {
+				t.Errorf("JSON value = %v, wants %v", tt.args.v, map[string]interface{}{"foo": "bar"})
+			}
+		})
+	}
+}

api/rekey.go

@@ -3,6 +3,7 @@ package api
 import (
 	"net/http"
 
+	"github.com/smallstep/certificates/api/read"
 	"github.com/smallstep/certificates/errs"
 )
 
@@ -32,7 +33,7 @@ func (h *caHandler) Rekey(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var body RekeyRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}

api/revoke.go

@@ -4,11 +4,13 @@ import (
 	"context"
 	"net/http"
 
+	"golang.org/x/crypto/ocsp"
+
+	"github.com/smallstep/certificates/api/read"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/provisioner"
 	"github.com/smallstep/certificates/errs"
 	"github.com/smallstep/certificates/logging"
-	"golang.org/x/crypto/ocsp"
 )
 
 // RevokeResponse is the response object that returns the health of the server.
@@ -48,7 +50,7 @@ func (r *RevokeRequest) Validate() (err error) {
 // TODO: Add CRL and OCSP support.
 func (h *caHandler) Revoke(w http.ResponseWriter, r *http.Request) {
 	var body RevokeRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}

api/revoke_test.go

@@ -13,6 +13,7 @@ import (
 	"testing"
 
 	"github.com/pkg/errors"
+
 	"github.com/smallstep/assert"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/provisioner"

api/sign.go

@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"net/http"
 
+	"github.com/smallstep/certificates/api/read"
 	"github.com/smallstep/certificates/authority/config"
 	"github.com/smallstep/certificates/authority/provisioner"
 	"github.com/smallstep/certificates/errs"
@@ -49,7 +50,7 @@ type SignResponse struct {
 // information in the certificate request.
 func (h *caHandler) Sign(w http.ResponseWriter, r *http.Request) {
 	var body SignRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}

api/ssh.go

@@ -9,12 +9,14 @@ import (
 	"time"
 
 	"github.com/pkg/errors"
+	"golang.org/x/crypto/ssh"
+
+	"github.com/smallstep/certificates/api/read"
 	"github.com/smallstep/certificates/authority"
 	"github.com/smallstep/certificates/authority/config"
 	"github.com/smallstep/certificates/authority/provisioner"
 	"github.com/smallstep/certificates/errs"
 	"github.com/smallstep/certificates/templates"
-	"golang.org/x/crypto/ssh"
 )
 
 // SSHAuthority is the interface implemented by a SSH CA authority.
@@ -249,7 +251,7 @@ type SSHBastionResponse struct {
 // the request.
 func (h *caHandler) SSHSign(w http.ResponseWriter, r *http.Request) {
 	var body SSHSignRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}
@@ -393,7 +395,7 @@ func (h *caHandler) SSHFederation(w http.ResponseWriter, r *http.Request) {
 // and servers.
 func (h *caHandler) SSHConfig(w http.ResponseWriter, r *http.Request) {
 	var body SSHConfigRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}
@@ -425,7 +427,7 @@ func (h *caHandler) SSHConfig(w http.ResponseWriter, r *http.Request) {
 // SSHCheckHost is the HTTP handler that returns if a hosts certificate exists or not.
 func (h *caHandler) SSHCheckHost(w http.ResponseWriter, r *http.Request) {
 	var body SSHCheckPrincipalRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}
@@ -464,7 +466,7 @@ func (h *caHandler) SSHGetHosts(w http.ResponseWriter, r *http.Request) {
 // SSHBastion provides returns the bastion configured if any.
 func (h *caHandler) SSHBastion(w http.ResponseWriter, r *http.Request) {
 	var body SSHBastionRequest
-	if err := ReadJSON(r.Body, &body); err != nil {
+	if err := read.JSON(r.Body, &body); err != nil {
 		WriteError(w, errs.BadRequestErr(err, "error reading request body"))
 		return
 	}