[GitHub] incubator-trafficcontrol pull request #562: Will not try to download lua fil...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/562 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #562: Will not try to download lua fil...
GitHub user dg4prez opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/562 Will not try to download lua files referenced in remap.config This ignores lua files when processing the remap.config, and does not attempt to download them. They will still be downloaded if added as a take and bake parameter file. You can merge this pull request into a Git repository by running: $ git pull https://github.com/dg4prez/incubator-trafficcontrol ort_skip_missing_files Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/562.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #562 commit 12c70068b0b987ba526b610d8eaf34780ffd2c82 Author: Derek GelinasDate: 2017-05-09T20:47:50Z Will not try to download lua files referenced in remap.config --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #557: [TC-278] postinstall -defaults o...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/557 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #555: run dispersion sleep after updat...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/555 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #554: add some sorting to parent confi...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/554 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #553: prevents DB update error when us...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/553 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #551: API GW phase 0 (depends on PR #5...
Github user rob05c commented on a diff in the pull request: https://github.com/apache/incubator-trafficcontrol/pull/551#discussion_r115551147 --- Diff: traffic_ops/experimental/webfront/webfront.go --- @@ -122,188 +145,311 @@ func main() { Logger.Fatal(http.ListenAndServeTLS(":" + strconv.Itoa(int(config.ListenPort)), "server.pem", "server.key", s)) } -func validateToken(tokenString string) (*jwt.Token, error) { - - tokenString = strings.Replace(tokenString, "Bearer ", "", 1) - token, err := jwt.ParseWithClaims(tokenString, {}, func(token *jwt.Token) (interface{}, error) { - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - return []byte(os.Args[2]), nil - }) - return token, err -} - -// NewServer constructs a Server that reads rules from file with a period -// specified by poll. +// NewServer constructs a Server that reads Rules from file with a period +// specified by poll func NewServer(file string, poll time.Duration) (*Server, error) { s := new(Server) if err := s.loadRules(file); err != nil { - Logger.Fatal("Error loading rules file: ", err) + Logger.Fatal(fmt.Errorf("Load rules failed: %s", err)) } go s.refreshRules(file, poll) return s, nil } -// ServeHTTP matches the Request with a Rule and, if found, serves the -// request with the Rule's handler. If the rule's secure field is true, it will -// only allow access if the request has a valid JWT bearer token. -func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { +// loadRules tests whether file has been modified since its last invocation +// and, if so, loads the rule set from file. +func (s *Server) loadRules(file string) error { - rule := s.getRule(r) - if rule == nil { - Logger.Printf("%v %v No mapping in rules file!", r.Method, r.URL.RequestURI()) - http.Error(w, "Not found", http.StatusNotFound) - return + fi, err := os.Stat(file) + if err != nil { + return err } - isAuthorized := false + mtime := fi.ModTime() + if !mtime.After(s.last) && s.Rules != nil { + return nil // no change + } - if rule.Secure { - tokenValid := false - token, err := validateToken(r.Header.Get("Authorization")) + Rules, err := parseRules(file) + if err != nil { + return err + } - if err == nil { - tokenValid = true - } else { - Logger.Println("Token Error:", err.Error()) + s.mu.Lock() + s.last = mtime + s.Rules = Rules + s.mu.Unlock() + return nil +} + +// refreshRules polls file periodically and refreshes the Server's rule set +// if the file has been modified. +func (s *Server) refreshRules(file string, poll time.Duration) { + for { + if err := s.loadRules(file); err != nil { + Logger.Printf("Refresh rules failed: %s", err) } + time.Sleep(poll) + } +} - if !tokenValid { - Logger.Printf("%v %v Valid token required, but none found!", r.Method, r.URL.RequestURI()) - w.WriteHeader(http.StatusForbidden) - return +// parseRules reads rule definitions from file, constructs the rule handlers, +// and returns the resultant rules. +func parseRules(file string) ([]*FwdRule, error) { + + f, err := os.Open(file) + if err != nil { + return nil, err + } + defer f.Close() + + Logger.Printf("Loading rules file: %s", file) + + var rules []*FwdRule + if err := json.NewDecoder(f).Decode(); err != nil { + return nil, err + } + + for _, r := range rules { + + if r.Auth { + r.routes, err = parseRoutes(r.RoutesFile) + if err != nil { + Logger.Printf("Skip rule %s ERROR: %s", r.Path, err) + continue + } } - claims, ok := token.Claims.(*Claims) - if !ok { - Logger.Printf("%v %v Valid token found, but cannot parse claims!", r.Method, r.URL.RequestURI()) - w.WriteHeader(http.StatusForbidden) - return + r.handler, err = makeHandler(r) + if err != nil { + Logger.Printf("Skip rule %s
[GitHub] incubator-trafficcontrol pull request #560: Updated Contribution.md and adde...
GitHub user ashish-timilsina opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/560 Updated Contribution.md and added a new folder for cdn scripts You can merge this pull request into a Git repository by running: $ git pull https://github.com/ashish-timilsina/incubator-trafficcontrol master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/560.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #560 commit a553ed50fdfbdcfabc70b74e2890944dbeb3c250 Author: at9418Date: 2017-03-10T18:51:47Z Organized the sections commit 4fa93ae4d7e6c76f654cccb0be6cdf72fdb631f8 Author: at9418 Date: 2017-03-10T18:57:37Z Update CONTRIBUTING.md commit 09a32e3fe44d474858f2fb0b98d414be0945f407 Author: Ashish Timilsina Date: 2017-03-13T13:36:55Z Update CONTRIBUTING.md commit 2684eb2524654be45992571af9d107e49236bd61 Author: Ashish Timilsina Date: 2017-03-13T13:43:14Z Update CONTRIBUTING.md commit 665f971e397ed62f3f17c17d545a99afa779ef36 Author: Ashish Timilsina Date: 2017-03-13T14:01:01Z Update CONTRIBUTING.md commit cc2bb2e8e832a7730eb6be9c314a93af7e7e Author: Ashish Timilsina Date: 2017-03-13T14:08:29Z Update CONTRIBUTING.md commit cafd28193b151c1d3ac180044e0975739b4d1149 Author: Ashish Timilsina Date: 2017-05-09T15:39:26Z Merge remote-tracking branch 'apache/master' commit eabd04bc5e96a0573214357cd13bffd25b6be56b Author: Ashish Timilsina Date: 2017-05-09T16:01:15Z added mojokey script commit b8ce5bc25cbf16f2bf3a74b7d9b93f4869834057 Author: Ashish Timilsina Date: 2017-05-09T16:04:51Z updated readme commit 5119b4f37c2d1476b2c92d7dc64092ee77318b6b Author: Ashish Timilsina Date: 2017-05-09T16:36:08Z updated contribution page --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #537: made changes to support seeds cleanup
Github user dewrich commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/537 In reference to JIRA: https://issues.apache.org/jira/browse/TC-279 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Commented] (TC-64) TO experimental SPA application
[ https://issues.apache.org/jira/browse/TC-64?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16002843#comment-16002843 ] ASF GitHub Bot commented on TC-64: -- GitHub user mitchell852 opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/559 [TC-64] - to exp - changes mount point for ssl certs You can merge this pull request into a Git repository by running: $ git pull https://github.com/mitchell852/incubator-trafficcontrol tc-64-docker-compose Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/559.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #559 commit a6acc476564be0ca237b2a92f498b9b4d8efd254 Author: Jeremy MitchellDate: 2017-05-09T15:08:09Z changes mount point for ssl certs > TO experimental SPA application > --- > > Key: TC-64 > URL: https://issues.apache.org/jira/browse/TC-64 > Project: Traffic Control > Issue Type: Improvement > Components: Traffic Ops, Traffic Ops API >Reporter: Jeremy Mitchell >Assignee: Jeremy Mitchell >Priority: Minor > > At the 2016 Traffic Control summit, a prototype of a SPA application > developed by [~mitchell...@apache.org] using AngularJS was demo'd that works > entirely on top of the TO API. > This issue is a placeholder for any work done to this prototype / > experimental UI. The goal is to replicate the functionality of the current > MVC TO UI. nothing more, nothing less. > This will require some additions to the TO API. look for issues regarding > each API addition. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[GitHub] incubator-trafficcontrol pull request #559: [TC-64] - to exp - changes mount...
GitHub user mitchell852 opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/559 [TC-64] - to exp - changes mount point for ssl certs You can merge this pull request into a Git repository by running: $ git pull https://github.com/mitchell852/incubator-trafficcontrol tc-64-docker-compose Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/559.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #559 commit a6acc476564be0ca237b2a92f498b9b4d8efd254 Author: Jeremy MitchellDate: 2017-05-09T15:08:09Z changes mount point for ssl certs --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Created] (TC-279) Postinstall Sample Profiles out of date
Dewayne Richardson created TC-279: - Summary: Postinstall Sample Profiles out of date Key: TC-279 URL: https://issues.apache.org/jira/browse/TC-279 Project: Traffic Control Issue Type: Improvement Components: Traffic Ops Affects Versions: 2.1.0 Reporter: Dewayne Richardson Priority: Minor Fix For: 2.1.0 The existing sample profiles need to be update and the process documented -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[GitHub] incubator-trafficcontrol pull request #558: [TC-64] - to exp ui - hooks up r...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/558 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Commented] (TC-64) TO experimental SPA application
[ https://issues.apache.org/jira/browse/TC-64?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16002714#comment-16002714 ] ASF GitHub Bot commented on TC-64: -- GitHub user mitchell852 opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/558 [TC-64] - to exp ui - hooks up routing methods component You can merge this pull request into a Git repository by running: $ git pull https://github.com/mitchell852/incubator-trafficcontrol tc-64-to-exp-dashboard Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/558.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #558 commit 405b74b4c54ffa0ce037de9d7dd178de73acfcb3 Author: Jeremy MitchellDate: 2017-05-09T02:22:36Z updates libraries, rewrites https redirect and mounts directory to access ssl certs from docker commit 5d5c1895e3eccfd3e2765269098691c69dcd78f4 Author: Jeremy Mitchell Date: 2017-05-09T13:51:39Z hooks up routing methods component > TO experimental SPA application > --- > > Key: TC-64 > URL: https://issues.apache.org/jira/browse/TC-64 > Project: Traffic Control > Issue Type: Improvement > Components: Traffic Ops, Traffic Ops API >Reporter: Jeremy Mitchell >Assignee: Jeremy Mitchell >Priority: Minor > > At the 2016 Traffic Control summit, a prototype of a SPA application > developed by [~mitchell...@apache.org] using AngularJS was demo'd that works > entirely on top of the TO API. > This issue is a placeholder for any work done to this prototype / > experimental UI. The goal is to replicate the functionality of the current > MVC TO UI. nothing more, nothing less. > This will require some additions to the TO API. look for issues regarding > each API addition. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[GitHub] incubator-trafficcontrol pull request #558: [TC-64] - to exp ui - hooks up r...
GitHub user mitchell852 opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/558 [TC-64] - to exp ui - hooks up routing methods component You can merge this pull request into a Git repository by running: $ git pull https://github.com/mitchell852/incubator-trafficcontrol tc-64-to-exp-dashboard Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/558.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #558 commit 405b74b4c54ffa0ce037de9d7dd178de73acfcb3 Author: Jeremy MitchellDate: 2017-05-09T02:22:36Z updates libraries, rewrites https redirect and mounts directory to access ssl certs from docker commit 5d5c1895e3eccfd3e2765269098691c69dcd78f4 Author: Jeremy Mitchell Date: 2017-05-09T13:51:39Z hooks up routing methods component --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #551: API GW phase 0 (depends on PR #5...
Github user amiryesh commented on a diff in the pull request: https://github.com/apache/incubator-trafficcontrol/pull/551#discussion_r115421714 --- Diff: traffic_ops/experimental/webfront/webfront.go --- @@ -122,188 +145,311 @@ func main() { Logger.Fatal(http.ListenAndServeTLS(":" + strconv.Itoa(int(config.ListenPort)), "server.pem", "server.key", s)) } -func validateToken(tokenString string) (*jwt.Token, error) { - - tokenString = strings.Replace(tokenString, "Bearer ", "", 1) - token, err := jwt.ParseWithClaims(tokenString, {}, func(token *jwt.Token) (interface{}, error) { - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - return []byte(os.Args[2]), nil - }) - return token, err -} - -// NewServer constructs a Server that reads rules from file with a period -// specified by poll. +// NewServer constructs a Server that reads Rules from file with a period +// specified by poll func NewServer(file string, poll time.Duration) (*Server, error) { --- End diff -- Added as TODO --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #551: API GW phase 0 (depends on PR #5...
Github user amiryesh commented on a diff in the pull request: https://github.com/apache/incubator-trafficcontrol/pull/551#discussion_r115421632 --- Diff: traffic_ops/experimental/webfront/webfront.go --- @@ -122,188 +145,311 @@ func main() { Logger.Fatal(http.ListenAndServeTLS(":" + strconv.Itoa(int(config.ListenPort)), "server.pem", "server.key", s)) } -func validateToken(tokenString string) (*jwt.Token, error) { - - tokenString = strings.Replace(tokenString, "Bearer ", "", 1) - token, err := jwt.ParseWithClaims(tokenString, {}, func(token *jwt.Token) (interface{}, error) { - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - return []byte(os.Args[2]), nil - }) - return token, err -} - -// NewServer constructs a Server that reads rules from file with a period -// specified by poll. +// NewServer constructs a Server that reads Rules from file with a period +// specified by poll func NewServer(file string, poll time.Duration) (*Server, error) { s := new(Server) if err := s.loadRules(file); err != nil { - Logger.Fatal("Error loading rules file: ", err) + Logger.Fatal(fmt.Errorf("Load rules failed: %s", err)) } go s.refreshRules(file, poll) return s, nil } -// ServeHTTP matches the Request with a Rule and, if found, serves the -// request with the Rule's handler. If the rule's secure field is true, it will -// only allow access if the request has a valid JWT bearer token. -func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { +// loadRules tests whether file has been modified since its last invocation +// and, if so, loads the rule set from file. +func (s *Server) loadRules(file string) error { - rule := s.getRule(r) - if rule == nil { - Logger.Printf("%v %v No mapping in rules file!", r.Method, r.URL.RequestURI()) - http.Error(w, "Not found", http.StatusNotFound) - return + fi, err := os.Stat(file) + if err != nil { + return err } - isAuthorized := false + mtime := fi.ModTime() + if !mtime.After(s.last) && s.Rules != nil { + return nil // no change + } - if rule.Secure { - tokenValid := false - token, err := validateToken(r.Header.Get("Authorization")) + Rules, err := parseRules(file) + if err != nil { + return err + } - if err == nil { - tokenValid = true - } else { - Logger.Println("Token Error:", err.Error()) + s.mu.Lock() + s.last = mtime + s.Rules = Rules + s.mu.Unlock() + return nil +} + +// refreshRules polls file periodically and refreshes the Server's rule set +// if the file has been modified. +func (s *Server) refreshRules(file string, poll time.Duration) { + for { + if err := s.loadRules(file); err != nil { + Logger.Printf("Refresh rules failed: %s", err) } + time.Sleep(poll) + } +} - if !tokenValid { - Logger.Printf("%v %v Valid token required, but none found!", r.Method, r.URL.RequestURI()) - w.WriteHeader(http.StatusForbidden) - return +// parseRules reads rule definitions from file, constructs the rule handlers, +// and returns the resultant rules. +func parseRules(file string) ([]*FwdRule, error) { + + f, err := os.Open(file) + if err != nil { + return nil, err + } + defer f.Close() + + Logger.Printf("Loading rules file: %s", file) + + var rules []*FwdRule + if err := json.NewDecoder(f).Decode(); err != nil { + return nil, err + } + + for _, r := range rules { + + if r.Auth { + r.routes, err = parseRoutes(r.RoutesFile) + if err != nil { + Logger.Printf("Skip rule %s ERROR: %s", r.Path, err) + continue + } } - claims, ok := token.Claims.(*Claims) - if !ok { - Logger.Printf("%v %v Valid token found, but cannot parse claims!", r.Method, r.URL.RequestURI()) - w.WriteHeader(http.StatusForbidden) - return + r.handler, err = makeHandler(r) + if err != nil { + Logger.Printf("Skip rule %s
[GitHub] incubator-trafficcontrol pull request #551: API GW phase 0 (depends on PR #5...
Github user amiryesh commented on a diff in the pull request: https://github.com/apache/incubator-trafficcontrol/pull/551#discussion_r115421286 --- Diff: traffic_ops/experimental/auth/auth.go --- @@ -132,83 +150,197 @@ func InitializeDatabase(username, password, dbname, server string, port uint) (* return db, nil } -func handler(w http.ResponseWriter, r *http.Request) { +func LegacyTOLogin(login Login, legacyLoginURL string, w http.ResponseWriter) (*http.Response, error) { - Logger.Println(r.Method, r.URL.Scheme, r.Host, r.URL.RequestURI()) + // TODO(amiry) - Legacy token expiration should be longer than JWT expiration - if r.Method == "POST" { - var login Login - tmUserlist := []TmUser{} - body, err := ioutil.ReadAll(r.Body) - if err != nil { - Logger.Println("Error reading body: ", err.Error()) - http.Error(w, "Error reading body: "+err.Error(), http.StatusBadRequest) - return - } - - err = json.Unmarshal(body, ) - if err != nil { - Logger.Println("Invalid JSON: ", err.Error()) - http.Error(w, "Invalid JSON: "+err.Error(), http.StatusBadRequest) - return - } - - stmt, err := db.PrepareNamed("SELECT role,local_passwd FROM tm_user WHERE username=:username") - if err != nil { - Logger.Println("Database error: ", err.Error()) - http.Error(w, "Database error: "+err.Error(), http.StatusInternalServerError) - return - } - - err = stmt.Select(, login) - if err != nil { - Logger.Println("Database error: ", err.Error()) - http.Error(w, "Database error: "+err.Error(), http.StatusInternalServerError) - return - } + legacyLogin := LegacyLogin{ login.Username, login.Password } - hasher := sha1.New() - hasher.Write([]byte(login.Password)) - hashedPassword := fmt.Sprintf("%x", hasher.Sum(nil)) + body, err := json.Marshal(legacyLogin) +if err != nil { + Logger.Println("JSON marshal error: ", err.Error()) +return nil, err +} - if len(tmUserlist) == 0 || tmUserlist[0].Password != string(hashedPassword) { - Logger.Printf("Invalid username/password, username %s", login.Username) - http.Error(w, "Invalid username/password", http.StatusUnauthorized) - return - } - - Logger.Printf("User %s authenticated", login.Username) - - claims := Claims { - []string{"read-ds", "write-ds", "read-cg"}, // TODO(amiry) - Adding hardcoded capabilities as a POC. - // Need to read from TO role tables when tables are ready - jwt.StandardClaims { - Subject: login.Username, - ExpiresAt: time.Now().Add(time.Hour * 24).Unix(), // TODO(amiry) - We will need to use shorter expiration, - // and use refresh tokens to extend access - }, - } - - token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) + req, err := http.NewRequest("POST", legacyLoginURL, bytes.NewBuffer(body)) + client := {} +resp, err := client.Do(req) + if err != nil { + Logger.Println("Legacy Login error: ", err.Error(), " Legacy URL: ", legacyLoginURL) + return nil, err; + } - tokenString, err := token.SignedString([]byte(os.Args[2])) - if err != nil { - Logger.Println(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } + return resp, err +} - js, err := json.Marshal(TokenResponse{Token: tokenString}) - if err != nil { - Logger.Println(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) +func makeHandler(config *Config) (func(http.ResponseWriter, *http.Request), error) { + + return func (w http.ResponseWriter, r *http.Request) { + + Logger.Println(r.Method, r.URL.Scheme, r.Host, r.URL.RequestURI()) + + if r.Method == "POST" { + + var login Login +