From 03e1ed5037dea8d9beae919905df031882c41969 Mon Sep 17 00:00:00 2001
From: Alisa Dinaburg <alisa-d@inbox.ru>
Date: Fri, 8 Nov 2019 18:48:00 +0200
Subject: [PATCH] rest gateway fixes

---
 config.yaml.sample |  2 ++
 config/configs.go  |  3 +++
 main.go            |  3 ++-
 server/server.go   | 29 +++++++++++++++++++++++++----
 4 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/config.yaml.sample b/config.yaml.sample
index f89eed8..728fa2d 100644
--- a/config.yaml.sample
+++ b/config.yaml.sample
@@ -6,6 +6,8 @@
 dataStorageUrl: localhost:7777
 grpcListenAddress: localhost:7877
 restListenAddress: localhost:7878
+# This one using by rest-gateway. Must contain the same domain name with issued certificate
+grpcURL: key-storage-agent:7877
 
 # VIAM Variables
 viamUUID: viam-system
diff --git a/config/configs.go b/config/configs.go
index 9f83514..aa5f7c6 100644
--- a/config/configs.go
+++ b/config/configs.go
@@ -29,6 +29,7 @@ var MaxMessageSize int
 
 var GrpcListenAddress string
 var RestListenAddress string
+var GrpcURL string
 var DataStorageUrl string
 var EntitiesManagerUrl string
 var CertDir string
@@ -41,6 +42,7 @@ func SetConfigValues(configFile, etcdURL string) {
 	viper.SetDefault("restListenAddress", "localhost:7878")
 	viper.SetDefault("dataStorageUrl", "localhost:7777")
 	viper.SetDefault("entitiesManagerUrl", "localhost:7779")
+	viper.SetDefault("grpcURL", "key-storage-agent:7877")
 
 	viper.SetDefault("viamUUID", "viam-system")
 	viper.SetDefault("viamSession", "viam-session")
@@ -122,6 +124,7 @@ func SetConfigValues(configFile, etcdURL string) {
 	}
 
 	GrpcListenAddress = viper.GetString("grpcListenAddress")
+	GrpcURL = viper.GetString("grpcURL")
 	RestListenAddress = viper.GetString("restListenAddress")
 
 	DataStorageUrl = viper.GetString("dataStorageUrl")
diff --git a/main.go b/main.go
index 4b937e1..75743bb 100644
--- a/main.go
+++ b/main.go
@@ -42,6 +42,7 @@ func main() {
 
 	grpcAddress := config.GrpcListenAddress
 	restAddress := config.RestListenAddress
+	grpcURL := config.GrpcURL
 	dataStorageAddress := config.DataStorageUrl
 	certPem := config.CertificatePEM
 	keyPem := config.PrivateKeyPEM
@@ -62,7 +63,7 @@ func main() {
 
 	// fire the REST server in a goroutine
 	go func() {
-		err := server.StartRESTServer(restAddress, grpcAddress, certPem)
+		err := server.StartRESTServer(restAddress, grpcURL, certPem, keyPem)
 		if err != nil {
 			log.Fatalf("failed to start gRPC server: %s", err)
 		}
diff --git a/server/server.go b/server/server.go
index 8c00656..8ee39c1 100644
--- a/server/server.go
+++ b/server/server.go
@@ -54,6 +54,9 @@ func credMatcher(headerName string) (mdName string, ok bool) {
 	if headerName == "Session" {
 		return headerName, true
 	}
+	if headerName == "Uuid" {
+		return headerName, true
+	}
 	return "", false
 }
 
@@ -177,7 +180,8 @@ func StartGRPCServer(address string, certPEM, privateKeyPEM, caCertPEM, vereignC
 	return nil
 }
 
-func StartRESTServer(address, grpcAddress string, certPEM []byte) error {
+func StartRESTServer(address, grpcURL string, certPEM, keyPEM []byte) error {
+	log.Println("grpcAddress: ", grpcURL)
 	ctx := context.Background()
 	ctx, cancel := context.WithCancel(ctx)
 	defer cancel()
@@ -200,14 +204,31 @@ func StartRESTServer(address, grpcAddress string, certPEM []byte) error {
 	opts := []grpc.DialOption{grpc.WithTransportCredentials(creds)}
 
 	// Register RedisStorageServer
-	err = api.RegisterKeyStorageHandlerFromEndpoint(ctx, mux, grpcAddress, opts)
+	err = api.RegisterKeyStorageHandlerFromEndpoint(ctx, mux, grpcURL, opts)
 	if err != nil {
 		log.Printf("Error: %v", err)
 		return fmt.Errorf("could not register service RedisStorageServer: %s", err)
 	}
 
-	log.Printf("starting HTTP/1.1 REST server on %s", address)
-	http.ListenAndServe(address, mux)
+	// server certificate
+	certificate, err := tls.X509KeyPair(certPEM, keyPEM)
+	if err != nil {
+		log.Printf("Error: %v", err)
+		return fmt.Errorf("could not load server key pair: %s", err)
+	}
+
+	serverTLSConfig := &tls.Config{
+		Certificates: []tls.Certificate{certificate},
+	}
+
+	tlsServer := &http.Server{
+		Addr: address,
+		Handler: mux,
+		TLSConfig: serverTLSConfig,
+	}
+
+	log.Printf("starting HTTP/1.1 REST server on %s", address)	
+	tlsServer.ListenAndServeTLS("","")
 
 	return nil
 }
-- 
GitLab