gocd-contrib#50 Add support for token based agent registration

barrowkwan · Dec 12, 2017 · 0114520 · 0114520
1 parent f61a900
commit 0114520
Show file tree

Hide file tree

Showing 2 changed files with 70 additions and 5 deletions.
diff --git a/agent/config.go b/agent/config.go
@@ -34,6 +34,7 @@ type Config struct {
 	ContextPath        string
 	WebSocketPath      string
 	RegistrationPath   string
+	TokenPath          string
 	WorkingDir         string
 	LogDir             string
 	ConfigDir          string
@@ -49,6 +50,8 @@ type Config struct {
 	AgentPrivateKeyFile string
 	AgentCertFile       string
 	AgentIdFile         string
+	AgentTokenFile      string
+	string
 	OutputDebugLog      bool
 }
 
@@ -79,6 +82,7 @@ func LoadConfig() *Config {
 		AgentPrivateKeyFile:              filepath.Join(configDir, "agent-private-key.pem"),
 		AgentCertFile:                    filepath.Join(configDir, "agent-cert.pem"),
 		AgentIdFile:                      filepath.Join(configDir, "agent-id"),
+		AgentTokenFile:                   filepath.Join(configDir, "token"),
 		AgentAutoRegisterKey:             os.Getenv("GOCD_AGENT_AUTO_REGISTER_KEY"),
 		AgentAutoRegisterResources:       os.Getenv("GOCD_AGENT_AUTO_REGISTER_RESOURCES"),
 		AgentAutoRegisterEnvironments:    os.Getenv("GOCD_AGENT_AUTO_REGISTER_ENVIRONMENTS"),
@@ -87,6 +91,7 @@ func LoadConfig() *Config {
 		OutputDebugLog:                   os.Getenv("DEBUG") != "",
 		WebSocketPath:                    readEnv("GOCD_SERVER_WEB_SOCKET_PATH", "/agent-websocket"),
 		RegistrationPath:                 readEnv("GOCD_SERVER_REGISTRATION_PATH", "/admin/agent"),
+		TokenPath:                        readEnv( "GOCD_SERVER_TOKEN_PATH", "/admin/agent/token"),
 		IpAddress:                        lookupIpAddress(serverUrl.Host),
 	}
 }
@@ -133,6 +138,10 @@ func (c *Config) RegistrationURL() (*url.URL, error) {
 	return c.MakeFullServerURL(c.RegistrationPath)
 }
 
+func (c *Config) TokenURL(agentID string) (*url.URL, error) {
+	return c.MakeFullServerURL(c.TokenPath + "?uuid=" + agentID)
+}
+
 func (c *Config) MakeFullServerURL(u string) (*url.URL, error) {
 	if strings.HasPrefix(u, "/") {
 		return url.Parse(Join("/", c.HttpsServerURL(), u))

diff --git a/agent/registration.go b/agent/registration.go
@@ -109,6 +109,9 @@ func Register() error {
 	if err := ReadGoServerCACert(); err != nil {
 		return err
 	}
+	if err := requestToken(); err != nil {
+		return err
+	}
 	if err := readAgentKeyAndCerts(registerData()); err != nil {
 		return err
 	}
@@ -131,6 +134,44 @@ func CleanRegistration() error {
 	return nil
 }
 
+
+func requestToken() error {
+	_, agentTokenErr := os.Stat(config.AgentTokenFile)
+	if agentTokenErr == nil {
+		return nil
+	}
+
+	client, err := GoServerRemoteClient(false)
+	if err != nil {
+		return err
+	}
+
+	url, err := config.TokenURL(AgentId)
+	if agentTokenErr != nil {
+		LogInfo( "fetching token from : %v", url.String())
+	}
+	resp, err := client.Get(url.String())
+
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode == http.StatusOK {
+		bodyBytes, err2 := ioutil.ReadAll(resp.Body)
+		if err2 == nil {
+			ioutil.WriteFile(config.AgentTokenFile, []byte(string(bodyBytes)), 0600)
+		}else{
+			LogInfo("Token fetched but cannot read body")
+			return err2
+		}
+	}else{
+		LogInfo("Cannot fetch token from : %v", url)
+		return err
+	}
+
+	return nil
+}
+
 func registerData() map[string]string {
 	return map[string]string{
 		"hostname":                      config.Hostname,
@@ -148,21 +189,36 @@ func registerData() map[string]string {
 }
 
 func readAgentKeyAndCerts(params map[string]string) error {
+	var token string
 	_, agentPrivateKeyFileErr := os.Stat(config.AgentPrivateKeyFile)
 	_, agentCertFileErr := os.Stat(config.AgentCertFile)
-	if agentPrivateKeyFileErr == nil && agentCertFileErr == nil {
+	_, agentTokenFileErr := os.Stat(config.AgentTokenFile)
+	if agentPrivateKeyFileErr == nil && agentCertFileErr == nil && agentTokenFileErr == nil {
 		return nil
 	}
 
+	client, err := GoServerRemoteClient(false)
+	if err != nil {
+		return err
+	}
+
+
+	if _, err := os.Stat(config.AgentTokenFile); err == nil {
+		data, err2 := ioutil.ReadFile(config.AgentTokenFile)
+		if err2 != nil {
+			logger.Error.Printf("failed to read token file(%v): %v", config.AgentTokenFile, err2)
+			return err2
+		} else {
+			token = string(data)
+		}
+	}
 	form := url.Values{}
 	for k, v := range params {
 		form.Add(k, v)
 	}
+	form.Add("token",token)
+
 
-	client, err := GoServerRemoteClient(false)
-	if err != nil {
-		return err
-	}
 
 	url, err := config.RegistrationURL()
 	LogInfo("fetching agent key and certificates from: %v", url)