Finish wasmo integration

MAIF · Nov 29, 2023 · f673a9e · f673a9e
1 parent dcf2912
commit f673a9e
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 9 deletions.
diff --git a/src/main/scala/io/otoroshi/wasm4s/scaladsl/ApikeyHelper.scala b/src/main/scala/io/otoroshi/wasm4s/scaladsl/ApikeyHelper.scala
@@ -1,10 +1,44 @@
 package io.otoroshi.wasm4s.scaladsl
 
+import com.auth0.jwt.algorithms.Algorithm
 import io.otoroshi.wasm4s.scaladsl.implicits._
+import play.api.libs.json._
+
+import java.nio.charset.StandardCharsets
 
 object ApikeyHelper {
-  def generate(settings: WasmoSettings): String = {
+
+  def generate(settings: WasmoSettings): (String, String) = {
+    if (settings.legacyAuth) {
+      generateJwt(settings)
+    } else {
+      generateBasicAuth(settings)
+    }
+  }
+
+  def generateBasicAuth(settings: WasmoSettings): (String, String) = {
     val token = s"${settings.clientId}:${settings.clientSecret}".base64
-    s"Basic $token"
+    ("Authorization", s"Basic $token")
+  }
+
+  def generateJwt(settings: WasmoSettings): (String, String) = {
+    val header = Json.obj(
+      "typ" -> "JWT",
+      "alg" -> "HS512"
+    )
+    val payload = Json.obj(
+      "iss" -> "otoroshi"
+    )
+    ("Otoroshi-User", sign(header, payload, settings.clientId))
+  }
+
+  private def sign(headerJson: JsObject, payloadJson: JsObject, tokenSecret: String): String = {
+    val header: String = org.apache.commons.codec.binary.Base64.encodeBase64URLSafeString(Json.toBytes(headerJson))
+    val payload: String = org.apache.commons.codec.binary.Base64.encodeBase64URLSafeString(Json.toBytes(payloadJson))
+    val signatureBytes: Array[Byte] =
+      Algorithm.HMAC512(tokenSecret).sign(header.getBytes(StandardCharsets.UTF_8), payload.getBytes(StandardCharsets.UTF_8))
+
+    val signature: String = org.apache.commons.codec.binary.Base64.encodeBase64URLSafeString(signatureBytes)
+    String.format("%s.%s.%s", header, payload, signature)
   }
 }
diff --git a/src/main/scala/io/otoroshi/wasm4s/scaladsl/wasm.scala b/src/main/scala/io/otoroshi/wasm4s/scaladsl/wasm.scala
@@ -212,15 +212,15 @@ object WasmSourceKind {
         }
     }
   }
-  case object WasmManager extends WasmSourceKind {
-    def name: String = "WasmManager"
+  case object Wasmo extends WasmSourceKind {
+    def name: String = "Wasmo"
     def getWasm(path: String, opts: JsValue)(implicit
         ic: WasmIntegrationContext,
         ec: ExecutionContext
     ): Future[Either[JsValue, ByteString]] = {
       ic.wasmoSettings.flatMap {
-        case Some(settings @ WasmoSettings(url, clientId, clientSecret, kind)) => {
-          val apikey = ApikeyHelper.generate(settings)
+        case Some(settings @ WasmoSettings(url, _, _, kind, _)) => {
+          val (apikeyHeader, apikey) = ApikeyHelper.generate(settings)
           val wasmoUrl = s"$url/wasm/$path"
           val followRedirect = opts.select("follow_redirect").asOpt[Boolean].getOrElse(true)
           val timeout = opts.select("timeout").asOpt[Long].map(_.millis).getOrElse(5.seconds)
@@ -230,7 +230,7 @@ object WasmSourceKind {
             .withRequestTimeout(timeout)
             .withHttpHeaders(
               "Accept"     -> "application/json",
-              "Authorization"       -> apikey,
+              apikeyHeader          -> apikey,
               "kind"                -> kind.getOrElse("*")
             )
             .get()
@@ -293,8 +293,8 @@ object WasmSourceKind {
   def apply(value: String): WasmSourceKind = value.toLowerCase match {
     case "base64"      => Base64
     case "http"        => Http
-    case "wasmmanager" => WasmManager
-    case "wasmo"       => WasmManager
+    case "wasmmanager" => Wasmo
+    case "wasmo"       => Wasmo
     case "local"       => Local
     case "file"        => File
     case _             => Unknown

diff --git a/src/main/scala/io/otoroshi/wasm4s/scaladsl/wasmo.scala b/src/main/scala/io/otoroshi/wasm4s/scaladsl/wasmo.scala
@@ -10,6 +10,7 @@ case class WasmoSettings(
   clientId: String = "admin-api-apikey-id",
   clientSecret: String = "admin-api-apikey-secret",
   pluginsFilter: Option[String] = Some("*"),
+  legacyAuth: Boolean = false,
 ) {
   def json: JsValue = WasmoSettings.format.writes(this)
 }
@@ -21,6 +22,7 @@ object WasmoSettings {
         "url"           -> o.url,
         "clientId"      -> o.clientId,
         "clientSecret"  -> o.clientSecret,
+        "legacyAuth"  -> o.legacyAuth,
         "pluginsFilter" -> o.pluginsFilter.map(JsString).getOrElse(JsNull).as[JsValue],
       )
 
@@ -30,6 +32,7 @@ object WasmoSettings {
           url = (json \ "url").asOpt[String].getOrElse("http://localhost:5001"),
           clientId = (json \ "clientId").asOpt[String].getOrElse("admin-api-apikey-id"),
           clientSecret = (json \ "clientSecret").asOpt[String].getOrElse("admin-api-apikey-secret"),
+          legacyAuth = (json \ "legacyAuth").asOpt[Boolean].getOrElse(false),
           pluginsFilter = (json \ "pluginsFilter").asOpt[String].getOrElse("*").some,
         )
       } match {