/
main.go
115 lines (103 loc) · 2.53 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package main
import (
"context"
"encoding/json"
"flag"
"fmt"
"io"
"net/http"
"sync"
"time"
"github.com/letsencrypt/boulder/akamai"
"github.com/letsencrypt/boulder/cmd"
)
func main() {
listenAddr := flag.String("listen", "localhost:6789", "Address to listen on")
secret := flag.String("secret", "", "Akamai client secret")
flag.Parse()
v3Purges := [][]string{}
mu := sync.Mutex{}
http.HandleFunc("/debug/get-purges", func(w http.ResponseWriter, r *http.Request) {
mu.Lock()
defer mu.Unlock()
body, err := json.Marshal(struct {
V3 [][]string
}{V3: v3Purges})
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
w.Write(body)
})
http.HandleFunc("/debug/reset-purges", func(w http.ResponseWriter, r *http.Request) {
mu.Lock()
defer mu.Unlock()
v3Purges = [][]string{}
w.WriteHeader(http.StatusOK)
})
http.HandleFunc("/ccu/", func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
w.WriteHeader(http.StatusMethodNotAllowed)
fmt.Println("Wrong method:", r.Method)
return
}
mu.Lock()
defer mu.Unlock()
var purgeRequest struct {
Objects []string `json:"objects"`
}
body, err := io.ReadAll(r.Body)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
fmt.Println("Can't read body:", err)
return
}
if err = akamai.CheckSignature(*secret, "http://"+*listenAddr, r, body); err != nil {
w.WriteHeader(http.StatusUnauthorized)
fmt.Println("Bad signature:", err)
return
}
if err = json.Unmarshal(body, &purgeRequest); err != nil {
w.WriteHeader(http.StatusBadRequest)
fmt.Println("Can't unmarshal:", err)
return
}
if len(purgeRequest.Objects) == 0 {
w.WriteHeader(http.StatusBadRequest)
fmt.Println("Bad parameters:", purgeRequest)
return
}
v3Purges = append(v3Purges, purgeRequest.Objects)
respObj := struct {
PurgeID string
HTTPStatus int
EstimatedSeconds int
}{
PurgeID: "welcome-to-the-purge",
HTTPStatus: http.StatusCreated,
EstimatedSeconds: 153,
}
w.WriteHeader(http.StatusCreated)
resp, err := json.Marshal(respObj)
if err != nil {
return
}
w.Write(resp)
})
s := http.Server{
ReadTimeout: 30 * time.Second,
Addr: *listenAddr,
}
go func() {
err := s.ListenAndServe()
if err != nil && err != http.ErrServerClosed {
cmd.FailOnError(err, "Running TLS server")
}
}()
defer func() {
ctx, cancel := context.WithTimeout(context.Background(), time.Second)
defer cancel()
_ = s.Shutdown(ctx)
}()
cmd.WaitForSignal()
}