diff --git a/main/config/config.go b/main/config/config.go index fb957849..c9070a9d 100644 --- a/main/config/config.go +++ b/main/config/config.go @@ -52,22 +52,26 @@ var IsDevelopment bool // configuration of the client type Config struct { - Devices map[string]string `json:"devices"` // maps UUIDs to backend auth tokens (mandatory) - Secret16Base64 string `json:"secret" envconfig:"secret"` // 16 bytes secret used to encrypt the key store (mandatory) LEGACY - Secret32Base64 string `json:"secret32" envconfig:"secret32"` // 32 byte secret used to encrypt the key store (mandatory) - RegisterAuth string `json:"registerAuth"` // auth token needed for new identity registration - Env string `json:"env"` // the ubirch backend environment [dev, demo, prod], defaults to 'prod' - Dsn DSN `json:"DSN"` // "data source name" for database connection - CSR_Country string `json:"CSR_country"` // subject country for public key Certificate Signing Requests - CSR_Organization string `json:"CSR_organization"` // subject organization for public key Certificate Signing Requests - TCP_addr string `json:"TCP_addr"` // the TCP address for the server to listen on, in the form "host:port", defaults to ":8080" - TLS bool `json:"TLS"` // enable serving HTTPS endpoints, defaults to 'false' - TLS_CertFile string `json:"TLSCertFile"` // filename of TLS certificate file name, defaults to "cert.pem" - TLS_KeyFile string `json:"TLSKeyFile"` // filename of TLS key file name, defaults to "key.pem" - CORS bool `json:"CORS"` // enable CORS, defaults to 'false' - CORS_Origins []string `json:"CORS_origins"` // list of allowed origin hosts, defaults to ["*"] - Debug bool `json:"debug"` // enable extended debug output, defaults to 'false' - LogTextFormat bool `json:"logTextFormat"` // log in text format for better human readability, default format is JSON + Devices map[string]string `json:"devices"` // maps UUIDs to backend auth tokens (mandatory) + Secret16Base64 string `json:"secret" envconfig:"secret"` // 16 bytes secret used to encrypt the key store (mandatory) LEGACY + Secret32Base64 string `json:"secret32" envconfig:"secret32"` // 32 byte secret used to encrypt the key store (mandatory) + RegisterAuth string `json:"registerAuth"` // auth token needed for new identity registration + Env string `json:"env"` // the ubirch backend environment [dev, demo, prod], defaults to 'prod' + DsnInitContainer bool `json:"DSN_InitDb" envconfig:"DSN_InitDb"` // flag to determine if a database should be used for context management + DsnHost string `json:"DSN_Host" envconfig:"DSN_Host"` // database host name + DsnUser string `json:"DSN_User" envconfig:"DSN_User"` // database user name + DsnPassword string `json:"DSN_Password" envconfig:"DSN_Password"` // database password + DsnDb string `json:"DSN_Database" envconfig:"DSN_Database"` // database name + CSR_Country string `json:"CSR_country"` // subject country for public key Certificate Signing Requests + CSR_Organization string `json:"CSR_organization"` // subject organization for public key Certificate Signing Requests + TCP_addr string `json:"TCP_addr"` // the TCP address for the server to listen on, in the form "host:port", defaults to ":8080" + TLS bool `json:"TLS"` // enable serving HTTPS endpoints, defaults to 'false' + TLS_CertFile string `json:"TLSCertFile"` // filename of TLS certificate file name, defaults to "cert.pem" + TLS_KeyFile string `json:"TLSKeyFile"` // filename of TLS key file name, defaults to "key.pem" + CORS bool `json:"CORS"` // enable CORS, defaults to 'false' + CORS_Origins []string `json:"CORS_origins"` // list of allowed origin hosts, defaults to ["*"] + Debug bool `json:"debug"` // enable extended debug output, defaults to 'false' + LogTextFormat bool `json:"logTextFormat"` // log in text format for better human readability, default format is JSON SecretBytes16 []byte // the decoded 16 byte key store secret (set automatically) LEGACY SecretBytes32 []byte // the decoded 32 byte key store secret for database (set automatically) KeyService string // key service URL (set automatically) @@ -77,14 +81,6 @@ type Config struct { ConfigDir string // directory where config and protocol ctx are stored (set automatically) } -type DSN struct { //postgres://username:Password@hostname:5432/database?sslmode=disable", - InitContainer bool `json:"initDb"` - Host string `json:"Host"` - User string `json:"User"` - Password string `json:"Password"` - Db string `json:"database"` -} - func (c *Config) Load(configDir, filename string) error { c.ConfigDir = configDir diff --git a/main/config/example.env b/main/config/example.env index 855f3697..8f9d6441 100644 --- a/main/config/example.env +++ b/main/config/example.env @@ -3,7 +3,11 @@ UBIRCH_SECRET=MTIzNDU2Nzg5MDEyMzQ1Ng== UBIRCH_SECRET32=sdSjtMh6C2oNgsiVcPx89RgcNYl8L6R9PhWU3iGIL+k= UBIRCH_REGISTERAUTH=S3GyUaoZ8CuElP8NM/NzSTPdO3ABREIsJT1Hie8esb8= UBIRCH_ENV=prod -UBIRCH_DSN=postgres://username:password@hostname:5432/database?sslmode=disable +UBIRCH_DSN_INITDB=true +UBIRCH_DSN_HOST=database-host-name +UBIRCH_DSN_USER=database-user-name +UBIRCH_DSN_PASSWORD=database-password +UBIRCH_DSN_DATABASE=database-name UBIRCH_CSR_COUNTRY=DE UBIRCH_CSR_ORGANIZATION=ubirch GmbH UBIRCH_TCP_ADDR=:8080 diff --git a/main/config/example_config.json b/main/config/example_config.json index 4dc43a5e..df197f31 100644 --- a/main/config/example_config.json +++ b/main/config/example_config.json @@ -2,9 +2,15 @@ "devices": { "b07c32c6-4525-43f8-ab94-9383bf585ef0": "ad3e073b-9ead-437c-9e09-853e9a508dca" }, - "secret": "1kjZItJ/GTq8YXW86JfTfHWRuvzCbuqvOA9nNMYMbBY=", + "secret": "MTIzNDU2Nzg5MDEyMzQ1Ng==", + "secret32": "sdSjtMh6C2oNgsiVcPx89RgcNYl8L6R9PhWU3iGIL+k=", + "registerAuth": "S3GyUaoZ8CuElP8NM/NzSTPdO3ABREIsJT1Hie8esb8=", "env": "prod", - "DSN": "postgres://username:password@hostname:5432/database?sslmode=disable", + "DSN_InitDb": true, + "DSN_Host": "database-host-name", + "DSN_User": "database-user-name", + "DSN_Password": "database-password", + "DSN_Database": "database-name", "CSR_country": "DE", "CSR_organization": "ubirch GmbH", "TCP_addr": ":8080", diff --git a/main/handlers/context_manager.go b/main/handlers/context_manager.go index d037d782..31a215f4 100644 --- a/main/handlers/context_manager.go +++ b/main/handlers/context_manager.go @@ -31,8 +31,8 @@ type ContextManager interface { } func GetCtxManager(c config.Config) (ContextManager, error) { - if c.Dsn.Db != "" && c.Dsn.User != "" { - return NewSqlDatabaseInfo(c.Dsn) + if c.DsnInitContainer { + return NewSqlDatabaseInfo(c) } else { return nil, fmt.Errorf("file-based context management is not supported in the current version. " + "Please set DSN parameters in the configuration and conntect to a database or downgrade to a version < 2.0.0") diff --git a/main/handlers/database.go b/main/handlers/database.go index 453b1fe7..b6227816 100644 --- a/main/handlers/database.go +++ b/main/handlers/database.go @@ -40,9 +40,9 @@ var _ ContextManager = (*DatabaseManager)(nil) // NewSqlDatabaseInfo takes a database connection string, returns a new initialized // database. -func NewSqlDatabaseInfo(dsn config.DSN) (*DatabaseManager, error) { +func NewSqlDatabaseInfo(conf config.Config) (*DatabaseManager, error) { dataSourceName := fmt.Sprintf("host=%s user=%s password=%s port=%d dbname=%s sslmode=disable", - dsn.Host, dsn.User, dsn.Password, vars.PostgreSqlPort, dsn.Db) + conf.DsnHost, conf.DsnUser, conf.DsnPassword, vars.PostgreSqlPort, conf.DsnDb) pg, err := sql.Open(vars.PostgreSql, dataSourceName) if err != nil { @@ -112,9 +112,6 @@ func (dm *DatabaseManager) GetAuthToken(uid uuid.UUID) (string, error) { err := dm.db.QueryRow("SELECT auth_token FROM identity WHERE uid = $1", uid.String()). Scan(&authToken) if err != nil { - //if err.Error() == pq.ErrorCode("53300").Name() { - // - //} return "", err } diff --git a/main/handlers/init_db.go b/main/handlers/init_db.go index 93667f64..8b41e76d 100644 --- a/main/handlers/init_db.go +++ b/main/handlers/init_db.go @@ -38,7 +38,7 @@ func Migrate(c config.Config) error { return err } - dbManager, err := NewSqlDatabaseInfo(c.Dsn) + dbManager, err := NewSqlDatabaseInfo(c) if err != nil { return err }