TUN-5482: Refactor tunnelstore client related packages for more coherent package

2025-07-27 21:40:02 +00:00 · 2021-12-27 14:56:50 +00:00
parent 834c0eaeed
commit 6822e4f8ab
27 changed files with 1056 additions and 1025 deletions
--- a/cfapi/base_client.go
+++ b/cfapi/base_client.go
@@ -0,0 +1,186 @@
+package cfapi
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/pkg/errors"
+	"github.com/rs/zerolog"
+	"golang.org/x/net/http2"
+)
+
+const (
+	defaultTimeout  = 15 * time.Second
+	jsonContentType = "application/json"
+)
+
+var (
+	ErrUnauthorized = errors.New("unauthorized")
+	ErrBadRequest   = errors.New("incorrect request parameters")
+	ErrNotFound     = errors.New("not found")
+	ErrAPINoSuccess = errors.New("API call failed")
+)
+
+type RESTClient struct {
+	baseEndpoints *baseEndpoints
+	authToken     string
+	userAgent     string
+	client        http.Client
+	log           *zerolog.Logger
+}
+
+type baseEndpoints struct {
+	accountLevel  url.URL
+	zoneLevel     url.URL
+	accountRoutes url.URL
+	accountVnets  url.URL
+}
+
+var _ Client = (*RESTClient)(nil)
+
+func NewRESTClient(baseURL, accountTag, zoneTag, authToken, userAgent string, log *zerolog.Logger) (*RESTClient, error) {
+	if strings.HasSuffix(baseURL, "/") {
+		baseURL = baseURL[:len(baseURL)-1]
+	}
+	accountLevelEndpoint, err := url.Parse(fmt.Sprintf("%s/accounts/%s/tunnels", baseURL, accountTag))
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to create account level endpoint")
+	}
+	accountRoutesEndpoint, err := url.Parse(fmt.Sprintf("%s/accounts/%s/teamnet/routes", baseURL, accountTag))
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to create route account-level endpoint")
+	}
+	accountVnetsEndpoint, err := url.Parse(fmt.Sprintf("%s/accounts/%s/teamnet/virtual_networks", baseURL, accountTag))
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to create virtual network account-level endpoint")
+	}
+	zoneLevelEndpoint, err := url.Parse(fmt.Sprintf("%s/zones/%s/tunnels", baseURL, zoneTag))
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to create account level endpoint")
+	}
+	httpTransport := http.Transport{
+		TLSHandshakeTimeout:   defaultTimeout,
+		ResponseHeaderTimeout: defaultTimeout,
+	}
+	http2.ConfigureTransport(&httpTransport)
+	return &RESTClient{
+		baseEndpoints: &baseEndpoints{
+			accountLevel:  *accountLevelEndpoint,
+			zoneLevel:     *zoneLevelEndpoint,
+			accountRoutes: *accountRoutesEndpoint,
+			accountVnets:  *accountVnetsEndpoint,
+		},
+		authToken: authToken,
+		userAgent: userAgent,
+		client: http.Client{
+			Transport: &httpTransport,
+			Timeout:   defaultTimeout,
+		},
+		log: log,
+	}, nil
+}
+
+func (r *RESTClient) sendRequest(method string, url url.URL, body interface{}) (*http.Response, error) {
+	var bodyReader io.Reader
+	if body != nil {
+		if bodyBytes, err := json.Marshal(body); err != nil {
+			return nil, errors.Wrap(err, "failed to serialize json body")
+		} else {
+			bodyReader = bytes.NewBuffer(bodyBytes)
+		}
+	}
+
+	req, err := http.NewRequest(method, url.String(), bodyReader)
+	if err != nil {
+		return nil, errors.Wrapf(err, "can't create %s request", method)
+	}
+	req.Header.Set("User-Agent", r.userAgent)
+	if bodyReader != nil {
+		req.Header.Set("Content-Type", jsonContentType)
+	}
+	req.Header.Add("X-Auth-User-Service-Key", r.authToken)
+	req.Header.Add("Accept", "application/json;version=1")
+	return r.client.Do(req)
+}
+
+func parseResponse(reader io.Reader, data interface{}) error {
+	// Schema for Tunnelstore responses in the v1 API.
+	// Roughly, it's a wrapper around a particular result that adds failures/errors/etc
+	var result response
+	// First, parse the wrapper and check the API call succeeded
+	if err := json.NewDecoder(reader).Decode(&result); err != nil {
+		return errors.Wrap(err, "failed to decode response")
+	}
+	if err := result.checkErrors(); err != nil {
+		return err
+	}
+	if !result.Success {
+		return ErrAPINoSuccess
+	}
+	// At this point we know the API call succeeded, so, parse out the inner
+	// result into the datatype provided as a parameter.
+	if err := json.Unmarshal(result.Result, &data); err != nil {
+		return errors.Wrap(err, "the Cloudflare API response was an unexpected type")
+	}
+	return nil
+}
+
+type response struct {
+	Success  bool            `json:"success,omitempty"`
+	Errors   []apiErr        `json:"errors,omitempty"`
+	Messages []string        `json:"messages,omitempty"`
+	Result   json.RawMessage `json:"result,omitempty"`
+}
+
+func (r *response) checkErrors() error {
+	if len(r.Errors) == 0 {
+		return nil
+	}
+	if len(r.Errors) == 1 {
+		return r.Errors[0]
+	}
+	var messages string
+	for _, e := range r.Errors {
+		messages += fmt.Sprintf("%s; ", e)
+	}
+	return fmt.Errorf("API errors: %s", messages)
+}
+
+type apiErr struct {
+	Code    json.Number `json:"code,omitempty"`
+	Message string      `json:"message,omitempty"`
+}
+
+func (e apiErr) Error() string {
+	return fmt.Sprintf("code: %v, reason: %s", e.Code, e.Message)
+}
+
+func (r *RESTClient) statusCodeToError(op string, resp *http.Response) error {
+	if resp.Header.Get("Content-Type") == "application/json" {
+		var errorsResp response
+		if json.NewDecoder(resp.Body).Decode(&errorsResp) == nil {
+			if err := errorsResp.checkErrors(); err != nil {
+				return errors.Errorf("Failed to %s: %s", op, err)
+			}
+		}
+	}
+
+	switch resp.StatusCode {
+	case http.StatusOK:
+		return nil
+	case http.StatusBadRequest:
+		return ErrBadRequest
+	case http.StatusUnauthorized, http.StatusForbidden:
+		return ErrUnauthorized
+	case http.StatusNotFound:
+		return ErrNotFound
+	}
+	return errors.Errorf("API call to %s failed with status %d: %s", op,
+		resp.StatusCode, http.StatusText(resp.StatusCode))
+}