Added and updated imports

README.md

@@ -29,6 +29,10 @@ when it can't connect to or ping the database.
 [MsgPack](https://msgpack.org/index.html) is used multiple time in Svalinn, 
 specifically [ugorji's implementation](https://github.com/ugorji/go).
 
+Svalinn utilizes the [bascule](https://github.com/xmidt-org/bascule) and 
+[wrp-listener](https://github.com/xmidt-org/wrp-listener) packages for webhook 
+registration and request authentication.
+
 ### Registering for events
 
 Whether or not Svalinn registers to a webhook for events is determined by the 
@@ -38,17 +42,23 @@ than 0, the registerer will register at the interval given.
 When the registerer contacts the webhook, it includes the following information:
 * **URL:** where to send the events
 * **Content type:** what to set as the message's content type and how to send 
-  events to Svalinn.  Svalinn requests for a `wrp`, which will come as a 
-  `MsgPack`.
+  events to Svalinn.  Svalinn by default requests for a `wrp`, which will come 
+  as a `MsgPack`.
 * **Secret:** the secret the webhook should use when sending events to Svalinn.
-  Svalinn uses it to validate the message.
+  Svalinn uses it to validate the message. If this is an empty string, Svalinn 
+  doesn't authenticate the messages it receives against a hash of the message.
+* **Retries:** the number of times to retry if sending an event fails.
+* **Alternative URLs:** other URLs to try if sending an event fails.
 * **Device IDs:** list of regular expressions to match device id type against.
-  Currently, Svalinn sets this as `[".*"]`
+  Currently, this defaults to `[".*"]`.
 * **Events:** list of regular expressions for the webhook to use to determine 
   which events to send to Svalinn.
 
-The registerer sends an Authorization header with its request, and determines 
-what that should be based on configuration.
+The registerer sends an authorization header with its request, and determines 
+what that should be based on configuration values.  It's possible to not send 
+any authorization header.
+
+Registering is done using the wrp-listener package.
 
 ### Inserting events into the database
 
@@ -59,10 +69,14 @@ then inserted as part of a [batch insert](#Batch-Insertion) into the database.
 #### Validation
 
 In order to ensure that the event was sent from a trusted source, Svalinn 
-gets a SHA1 hash from the `X-Webpa-Signature` Header, then creates its own hash 
-using the secret that it sends when registering and the body of the request.  
-If the two hashes match, the event is considered valid and is decoded from 
-`MsgPack` into the `wrp.Message` struct: our event!
+gets a SHA1 hash from a request header (the header name is configurable) then 
+creates its own hash using the secret that it sends when registering and the 
+body of the request.  If the two hashes match, the event is considered valid.  
+This validation is done using bascule middleware, and is bypassed if the 
+configurable header and secret are empty strings.
+
+If the request passes through the middleware successfully, the body is decoded 
+from `MsgPack` into the `wrp.Message` struct: our event!
 
 Now that the event has been verified and decoded, Svalinn attempts to add it to 
 the parsing queue.  If the queue is full, Svalinn returns the `Too Many Requests`

secret_test.go → acquirer.go

@@ -18,16 +18,20 @@
 package main
 
 import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
+	"github.com/xmidt-org/bascule/acquire"
 )
 
-func TestConstantSecret(t *testing.T) {
-	assert := assert.New(t)
-	expectedSecret := "test secret"
-	cs := NewConstantSecret(expectedSecret)
-	secret, err := cs.GetSecret()
-	assert.Nil(err)
-	assert.Equal(expectedSecret, secret)
+// determineTokenAcquirer always returns a valid TokenAcquirer
+func determineTokenAcquirer(config WebhookConfig) acquire.Acquirer {
+	defaultAcquirer := &acquire.DefaultAcquirer{}
+	if config.JWT.AuthURL != "" && config.JWT.Buffer != 0 && config.JWT.Timeout != 0 {
+		acquirer := acquire.NewJWTAcquirer(config.JWT)
+		return &acquirer
+	}
+
+	if config.Basic != "" {
+		return acquire.NewBasicAcquirer(config.Basic)
+	}
+
+	return defaultAcquirer
 }

acquirer_test.go

@@ -0,0 +1,75 @@
+/**
+ * Copyright 2019 Comcast Cable Communications Management, LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package main
+
+import (
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/xmidt-org/bascule/acquire"
+)
+
+func TestDetermineTokenAcquirer(t *testing.T) {
+	defaultAcquirer := &acquire.DefaultAcquirer{}
+	goodBasicAcquirer := acquire.NewBasicAcquirer("test basic")
+	options := acquire.JWTAcquirerOptions{
+		AuthURL: "/test",
+		Timeout: 10 * time.Minute,
+		Buffer:  5 * time.Second,
+	}
+	tests := []struct {
+		description           string
+		jwtConfig             acquire.JWTAcquirerOptions
+		basicVal              string
+		expectJWT             bool
+		expectedTokenAcquirer acquire.Acquirer
+	}{
+		{
+			description: "Sat Success",
+			jwtConfig:   options,
+			expectJWT:   true,
+		},
+		{
+			description:           "Basic Success",
+			basicVal:              "test basic",
+			expectedTokenAcquirer: goodBasicAcquirer,
+		},
+		{
+			description:           "Default Success",
+			expectedTokenAcquirer: defaultAcquirer,
+		},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.description, func(t *testing.T) {
+			assert := assert.New(t)
+			config := WebhookConfig{
+				JWT:   tc.jwtConfig,
+				Basic: tc.basicVal,
+			}
+			tokenAcquirer := determineTokenAcquirer(config)
+			if tc.expectJWT {
+				assert.NotEqual(goodBasicAcquirer, tokenAcquirer)
+				assert.NotEqual(defaultAcquirer, tokenAcquirer)
+			} else {
+				assert.Equal(tc.expectedTokenAcquirer, tokenAcquirer)
+			}
+		})
+	}
+}

go.mod

@@ -7,13 +7,15 @@ require (
 	github.com/c9s/goprocinfo v0.0.0-20190309065803-0b2ad9ac246b // indirect
 	github.com/go-kit/kit v0.8.0
 	github.com/goph/emperror v0.17.2
-	github.com/gorilla/mux v1.7.0
+	github.com/gorilla/mux v1.7.3
 	github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da
 	github.com/spf13/pflag v1.0.3
 	github.com/spf13/viper v1.4.0
 	github.com/stretchr/testify v1.3.0
+	github.com/xmidt-org/bascule v0.3.1
 	github.com/xmidt-org/codex-db v0.1.2
 	github.com/xmidt-org/voynicrypto v0.1.1
 	github.com/xmidt-org/webpa-common v1.3.0
 	github.com/xmidt-org/wrp-go v1.2.0
+	github.com/xmidt-org/wrp-listener v0.1.1
 )

go.sum

@@ -9,6 +9,8 @@ github.com/InVisionApp/go-health v2.1.0+incompatible/go.mod h1:/+Gv1o8JUsrjC6pi6
 github.com/InVisionApp/go-logger v1.0.1 h1:WFL19PViM1mHUmUWfsv5zMo379KSWj2MRmBlzMFDRiE=
 github.com/InVisionApp/go-logger v1.0.1/go.mod h1:+cGTDSn+P8105aZkeOfIhdd7vFO5X1afUHcjvanY0L8=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
+github.com/SermoDigital/jose v0.9.2-0.20161205224733-f6df55f235c2 h1:koK7z0nSsRiRiBWwa+E714Puh+DO+ZRdIyAXiXzL+lg=
+github.com/SermoDigital/jose v0.9.2-0.20161205224733-f6df55f235c2/go.mod h1:ARgCUhI1MHQH+ONky/PAtmVHQrP5JlGY0F3poXOp/fA=
 github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 github.com/VividCortex/gohistogram v1.0.0 h1:6+hBz+qvs0JOrrNhhmR7lFxo5sINxBCGXrdtl/UvroE=
@@ -40,6 +42,7 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3 h1:tkum0XDgfR0jcVVXuTsYv/erY2NnEDqwRojbxR1rBYA=
 github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
@@ -79,12 +82,13 @@ github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5a
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
+github.com/goph/emperror v0.17.1/go.mod h1:+ZbQ+fUNO/6FNiUo0ujtMjhgad9Xa6fQL9KhH4LNHic=
 github.com/goph/emperror v0.17.2 h1:yLapQcmEsO0ipe9p5TaN22djm3OFV/TfM/fcYP0/J18=
 github.com/goph/emperror v0.17.2/go.mod h1:+ZbQ+fUNO/6FNiUo0ujtMjhgad9Xa6fQL9KhH4LNHic=
 github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
 github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/mux v1.7.0 h1:tOSd0UKHQd6urX6ApfOn4XdBMY6Sh1MfxV3kmaazO+U=
-github.com/gorilla/mux v1.7.0/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
+github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
 github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
@@ -105,6 +109,8 @@ github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/
 github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/jtacoma/uritemplates v1.0.0 h1:xwx5sBF7pPAb0Uj8lDC1Q/aBPpOFyQza7OC705ZlLCo=
+github.com/jtacoma/uritemplates v1.0.0/go.mod h1:IhIICdE9OcvgUnGwTtJxgBQ+VrTrti5PcbLVSJianO8=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
 github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da h1:5y58+OCjoHCYB8182mpf/dEsq0vwTKPOo4zGfH0xW9A=
 github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da/go.mod h1:oLH0CmIaxCGXD67VKGR5AacGXZSMznlmeqM8RzPrcY8=
@@ -197,6 +203,8 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1
 github.com/ugorji/go v1.1.4 h1:j4s+tAvLfL3bZyefP2SEWmhBzmuIlH/eqNuPdFPgngw=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
+github.com/xmidt-org/bascule v0.3.1 h1:I6qUJE6RHsfGEnwHQdbF47nFBcqOUfNqzhDTbuGj42o=
+github.com/xmidt-org/bascule v0.3.1/go.mod h1:fx2JeJAwEoepVcE3Fgd6JQSBvUAccyuFDzMmct1eWYw=
 github.com/xmidt-org/capacityset v0.1.1/go.mod h1:rJ00PZmbkdroZMiL0DOMzgkrwJddVfR1I5LmRX6YG2Y=
 github.com/xmidt-org/codex-db v0.1.2 h1:zyKN1i808G61fnlJAm3cdKbTZIcejigHf4UaVcV7Cic=
 github.com/xmidt-org/codex-db v0.1.2/go.mod h1:sNfUvP41CMKncMmLvysGW35oZw8toeurxZoK97pEHuA=
@@ -208,6 +216,8 @@ github.com/xmidt-org/webpa-common v1.3.0 h1:AembEPW16kQpUWqZ8Kn1uxjdWDuCzccqFGNW
 github.com/xmidt-org/webpa-common v1.3.0/go.mod h1:oCpKzOC+9h2vYHVzAU/06tDTQuBN4RZz+rhgIXptpOI=
 github.com/xmidt-org/wrp-go v1.2.0 h1:jkn+7GcFhP8MPHJiAhI2EKI95u03wybF+MP2VdmUogU=
 github.com/xmidt-org/wrp-go v1.2.0/go.mod h1:Kw0jjKWw5e94bh5r45HYKGC1wN8IrfeZlXy298PT/2s=
+github.com/xmidt-org/wrp-listener v0.1.1 h1:1PvRUkQX4456qqds3E+cSLdyfyf0gIp/d0omIx1doEw=
+github.com/xmidt-org/wrp-listener v0.1.1/go.mod h1:TQJs1YbA4E7L0RaRLZxzwgYyFvM/SeIet+62dtFatYk=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=