package guest import ( "encoding/json" "errors" "net/http" "os" "regexp" "time" "github.com/golang-jwt/jwt/v5" ) var ( guestRegex = regexp.MustCompile(`^/guests/*$`) guestIDRegex = regexp.MustCompile(`^/guests/([0-9]+)$`) ) type GuestHandler struct { guestStore GuestStore } type GuestStore interface { Find(credentials Credentials) (Guest, error) Get() ([]Guest, error) Add(guest Guest) error Update(guest Guest) error } type appError struct { Error error Message string Code int } func NewGuestHandler(guestStore GuestStore) *GuestHandler { return &GuestHandler{ guestStore, } } func (guestHandler *GuestHandler) ServeHTTP(responseWriter http.ResponseWriter, request *http.Request) { switch { case request.Method == http.MethodOptions: responseWriter.WriteHeader(http.StatusOK) case request.Method == http.MethodPost && request.URL.Path == "/guests/login": guestHandler.handleLogIn(responseWriter, request) case request.Method == http.MethodPut && guestIDRegex.MatchString(request.URL.Path): guestHandler.handlePut(responseWriter, request) case request.Method == http.MethodGet && guestRegex.MatchString(request.URL.Path): guestHandler.handleGet(responseWriter, request) case request.Method == http.MethodPost && guestIDRegex.MatchString(request.URL.Path): guestHandler.handlePost(responseWriter, request) default: responseWriter.WriteHeader(http.StatusNotFound) } } func (guestHandler *GuestHandler) handleLogIn(responseWriter http.ResponseWriter, request *http.Request) { token, err := guestHandler.logIn(request) if err != nil { http.Error(responseWriter, err.Message, err.Code) } else { responseWriter.Write(token) } } func (guestHandler *GuestHandler) handlePut(responseWriter http.ResponseWriter, request *http.Request) { if err := guestHandler.putGuest(request); err != nil { http.Error(responseWriter, err.Message, err.Code) } else { responseWriter.WriteHeader(http.StatusOK) } } func (guestHandler *GuestHandler) handleGet(responseWriter http.ResponseWriter, request *http.Request) { guests, err := guestHandler.getGuests(request) if err != nil { http.Error(responseWriter, err.Message, err.Code) } else { responseWriter.Write(guests) } } func (guestHandler *GuestHandler) handlePost(responseWriter http.ResponseWriter, request *http.Request) { if err := guestHandler.postGuest(request); err != nil { http.Error(responseWriter, err.Message, err.Code) } else { responseWriter.WriteHeader(http.StatusOK) } } func (guestHandler *GuestHandler) logIn(request *http.Request) ([]byte, *appError) { credentials, err := guestHandler.decodeCredentials(request) if err != nil { return []byte{}, &appError{err, "failed to unmarshal credentials", http.StatusBadRequest} } guest, err := guestHandler.guestStore.Find(credentials) if err != nil { return []byte{}, &appError{err, "guest not found", http.StatusUnauthorized} } expirationTime := guestHandler.setExpirationTime() claims := guestHandler.createClaims(credentials, expirationTime) key, err := guestHandler.readGuestKey() if err != nil { return []byte{}, &appError{err, "failed to read secret key", http.StatusInternalServerError} } token, err := guestHandler.createToken(claims, key) if err != nil { return []byte{}, &appError{err, "failed to create token", http.StatusInternalServerError} } jsonBytes, err := guestHandler.marshalResponse(guest, token) if err != nil { return []byte{}, &appError{err, "failed to marshal response", http.StatusInternalServerError} } return jsonBytes, nil } func (guestHandler *GuestHandler) decodeCredentials(request *http.Request) (Credentials, error) { var credentials Credentials err := json.NewDecoder(request.Body).Decode(&credentials) defer request.Body.Close() return credentials, err } func (guestHandler *GuestHandler) setExpirationTime() time.Time { return time.Now().Add(15 * time.Minute) } func (guestHandler *GuestHandler) createClaims(credentials Credentials, expirationTime time.Time) *Claims { return &Claims{ Credentials: credentials, RegisteredClaims: jwt.RegisteredClaims{ ExpiresAt: jwt.NewNumericDate(expirationTime), }, } } func (guestHandler *GuestHandler) readGuestKey() ([]byte, error) { // TODO: use properties file return os.ReadFile("C:\\Users\\mhunt\\guest.pem") } func (guestHandler *GuestHandler) readAdminKey() ([]byte, error) { return os.ReadFile("C:\\Users\\mhunt\\admin.pem") } func (guestHandler *GuestHandler) createToken(claims *Claims, key []byte) (string, error) { token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) return token.SignedString(key) } func (guestHandler *GuestHandler) marshalResponse(guest Guest, token string) ([]byte, error) { loginResponse := guestHandler.createLoginResponse(guest, token) return json.Marshal(loginResponse) } func (guestHandler *GuestHandler) createLoginResponse(weddingGuest Guest, token string) *LoginResponse { return &LoginResponse{ Guest: weddingGuest, Token: token, } } func (guestHandler *GuestHandler) putGuest(request *http.Request) *appError { guestKey, err := guestHandler.readGuestKey() if err != nil { return &appError{err, "failed to read secret key", http.StatusInternalServerError} } if err := guestHandler.validateToken(request, guestKey); err != nil { return err } if guestHandler.findID(request) { return &appError{errors.New("id not found"), "id not found", http.StatusNotFound} } guest, err := guestHandler.decodeGuest(request) if err != nil { return &appError{err, "invalid guest", http.StatusBadRequest} } if err := guestHandler.guestStore.Update(guest); err != nil { return &appError{err, "failed to update guest", http.StatusInternalServerError} } return nil } func (guestHandler *GuestHandler) validateToken(request *http.Request, key []byte) *appError { authorizationHeader := guestHandler.getToken(request) claims := guestHandler.newClaims() token, err := guestHandler.parseWithClaims(authorizationHeader, claims, key) if err != nil { if err == jwt.ErrSignatureInvalid { return &appError{err, "invalid signature", http.StatusUnauthorized} } return &appError{err, "failed to parse claims", http.StatusBadRequest} } if !token.Valid { return &appError{err, "invalid token", http.StatusUnauthorized} } return nil } func (guestHandler *GuestHandler) getToken(request *http.Request) string { return request.Header.Get("Authorization") } func (guestHandler *GuestHandler) newClaims() *Claims { return &Claims{} } func (guestHandler *GuestHandler) parseWithClaims(token string, claims *Claims, key []byte) (*jwt.Token, error) { return jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (any, error) { return key, nil }) } func (guestHandler *GuestHandler) findID(request *http.Request) bool { matches := guestIDRegex.FindStringSubmatch(request.URL.Path) return len(matches) < 2 } func (guestHandler *GuestHandler) decodeGuest(request *http.Request) (Guest, error) { var guest Guest err := json.NewDecoder(request.Body).Decode(&guest) defer request.Body.Close() return guest, err } func (guestHandler *GuestHandler) getGuests(request *http.Request) ([]byte, *appError) { adminKey, err := guestHandler.readAdminKey() if err != nil { return []byte{}, &appError{err, "failed to read secret key", http.StatusInternalServerError} } if err := guestHandler.validateToken(request, adminKey); err != nil { return []byte{}, err } guests, err := guestHandler.guestStore.Get() if err != nil { return []byte{}, &appError{err, "failed to get guests", http.StatusInternalServerError} } jsonBytes, err := json.Marshal(guests) if err != nil { return []byte{}, &appError{err, "failed to marshal guests", http.StatusInternalServerError} } return jsonBytes, nil } func (guestHandler *GuestHandler) postGuest(request *http.Request) *appError { adminKey, err := guestHandler.readAdminKey() if err != nil { return &appError{err, "failed to read secret key", http.StatusInternalServerError} } if err := guestHandler.validateToken(request, adminKey); err != nil { return err } guest, err := guestHandler.decodeGuest(request) if err != nil { return &appError{err, "invalid guest", http.StatusBadRequest} } guests, err := guestHandler.guestStore.Get() if err != nil { return &appError{err, "failed to get guests", http.StatusInternalServerError} } if err := guestHandler.checkExistingGuests(guests, guest); err != nil { return &appError{err, "id already exists", http.StatusConflict} } if err := guestHandler.guestStore.Add(guest); err != nil { return &appError{err, "failed to add guest", http.StatusInternalServerError} } return nil } func (guestHandler *GuestHandler) checkExistingGuests(guests []Guest, newGuest Guest) error { for _, guest := range guests { if guest.ID == newGuest.ID { return errors.New("id already exists") } } return nil }