preliminary integration of webhooks validator

deploy/packaging/tr1d1um_spruce.yaml

@@ -122,6 +122,44 @@ log:
 # webhookStore provides configuration for storing and obtaining webhook
 # information using argus.
 webhook:
+  # validation provides options for validating the webhook's URL and TTL.
+  validation:
+
+    # url will check the webhook's Config.URL, FailureURL, and Config.AlternativeURLs
+    url:
+      # httpsOnly will allow only URLs with https schemes through if true
+      httpsOnly: false
+
+      # allowLoopback will disallow any canonical or IP loopback address if false
+      allowLoopback: false
+
+      # allowIP will disallow any IP addresses through if false
+      allowIP: true
+
+      # allowSpecialUseHosts, if false, will disallow URLs that contain any string in invalidHosts or any string
+      # in SpecialUseHosts in webhookValidationConfig.go 
+      allowSpecialUseHosts: true
+
+      # allowSpecialUseIPs, if false, will disallow URLs that contain any string in invalidSubnets
+      # or any string in SpecialUseIPs in webhookValidationConfig.go
+      allowSpecialUseIPs: true
+
+      # invalidHosts is a slice that contains strings of hosts that we do not want allowed in URLs
+      # if allowSpecialUseHosts is false
+      invalidHosts: []
+
+      # invalidSubnets is a slice of strings of IPs that will be disallows in URLs if allowSpecialUseIPs 
+      # is false
+      invalidSubnets: []
+
+    # ttl is the webhook's time to live.
+    ttl:
+      # max is the length of time a webhook is allowed to live.
+      max: 1m
+
+      # jitter is the amount of additional time given to the webhook's TTL to account for
+      # any variations in delivery.
+      jitter: 10s
   # JWTParserType establishes which parser type will be used by the JWT token
   # acquirer used by Argus. Options include 'simple' and 'raw'.
   # Simple: parser assumes token payloads have the following structure: https://github.com/xmidt-org/bascule/blob/c011b128d6b95fa8358228535c63d1945347adaa/acquire/bearer.go#L77

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.7.1
 	github.com/stretchr/testify v1.7.0
-	github.com/xmidt-org/ancla v0.2.1
+	github.com/xmidt-org/ancla v0.2.2-0.20210909164415-26b889e7d9ec
 	github.com/xmidt-org/bascule v0.10.2
 	github.com/xmidt-org/candlelight v0.0.5
 	github.com/xmidt-org/webpa-common/v2 v2.0.1

go.sum

@@ -673,6 +673,8 @@ github.com/vmware/govmomi v0.18.0/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59b
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xmidt-org/ancla v0.2.1 h1:Pwvkfhj636rbAdZCZHyAbmdPct1jx/hK/QOFcPUeAFM=
 github.com/xmidt-org/ancla v0.2.1/go.mod h1:ouFTJFAgisn3DpLAdtkTbOOkYyprkO9ZbXqpAmin/Gg=
+github.com/xmidt-org/ancla v0.2.2-0.20210909164415-26b889e7d9ec h1:eG6mr5GhaKG+6d94EkGpvnd+jh6aHUwWupnmVTwdO/M=
+github.com/xmidt-org/ancla v0.2.2-0.20210909164415-26b889e7d9ec/go.mod h1:ouFTJFAgisn3DpLAdtkTbOOkYyprkO9ZbXqpAmin/Gg=
 github.com/xmidt-org/argus v0.3.9/go.mod h1:mDFS44R704gl9Fif3gkfAyvnZa53SvMepmXjYWABPvk=
 github.com/xmidt-org/argus v0.3.10-0.20201105190057-402fede05764/go.mod h1:lnMCVB/i0gOlUOOd2WbzDDgzTEqP5TipzQ8xKIw+N/I=
 github.com/xmidt-org/argus v0.3.10-0.20201217204602-66f69b12c498/go.mod h1:lnMCVB/i0gOlUOOd2WbzDDgzTEqP5TipzQ8xKIw+N/I=

main.go

@@ -181,7 +181,19 @@ func tr1d1um(arguments []string) (exitCode int) {
 		}
 		defer stopWatch()
 
-		addWebhookHandler := ancla.NewAddWebhookHandler(svc, ancla.HandlerConfig{MetricsProvider: metricsRegistry})
+		var webhookValidationConfig ancla.ValidatorConfig
+		err = v.UnmarshalKey(webhookConfigKey+".validation", &webhookValidationConfig)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to initialize webhook validation config: %s\n", err.Error())
+			return 1
+		}
+		builtValidators, err := ancla.BuildValidators(webhookValidationConfig)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to initialize webhook validators: %s\n", err.Error())
+			return 1
+		}
+
+		addWebhookHandler := ancla.NewAddWebhookHandler(svc, ancla.HandlerConfig{MetricsProvider: metricsRegistry, V: builtValidators})
 		getAllWebhooksHandler := ancla.NewGetAllWebhooksHandler(svc)
 
 		APIRouter.Handle("/hook", authenticate.Then(addWebhookHandler)).Methods(http.MethodPost)

tr1d1um.yaml

@@ -123,6 +123,46 @@ log:
 # information using Argus.
 # Optional: if key is not supplied, webhooks would be disabled.
 webhook:
+
+  # validation provides options for validating the webhook's URL and TTL.
+  validation:
+
+    # url will check the webhook's Config.URL, FailureURL, and Config.AlternativeURLs
+    url:
+      # httpsOnly will allow only URLs with https schemes through if true
+      httpsOnly: false
+
+      # allowLoopback will disallow any canonical or IP loopback address if false
+      allowLoopback: true
+
+      # allowIP will disallow any IP addresses through if false
+      allowIP: true
+
+      # allowSpecialUseHosts, if false, will disallow URLs that contain any string in invalidHosts or any string
+      # in SpecialUseHosts in webhookValidationConfig.go 
+      allowSpecialUseHosts: true
+
+      # allowSpecialUseIPs, if false, will disallow URLs that contain any string in invalidSubnets
+      # or any string in SpecialUseIPs in webhookValidationConfig.go
+      allowSpecialUseIPs: true
+
+      # invalidHosts is a slice that contains strings of hosts that we do not want allowed in URLs
+      # if allowSpecialUseHosts is false
+      invalidHosts: []
+
+      # invalidSubnets is a slice of strings of IPs that will be disallows in URLs if allowSpecialUseIPs 
+      # is false
+      invalidSubnets: []
+
+    # ttl is the webhook's time to live.
+    ttl:
+      # max is the length of time a webhook is allowed to live.
+      max: 1m
+
+      # jitter is the amount of additional time given to the webhook's TTL to account for
+      # any variations in delivery.
+      jitter: 10s
+
   # JWTParserType establishes which parser type will be used by the JWT token
   # acquirer used by Argus. Options include 'simple' and 'raw'.
   # Simple: parser assumes token payloads have the following structure: https://github.com/xmidt-org/bascule/blob/c011b128d6b95fa8358228535c63d1945347adaa/acquire/bearer.go#L77