2021-11-29 13:06:50 +00:00
|
|
|
package openamt
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
2022-10-17 18:29:12 +00:00
|
|
|
"io"
|
2021-11-29 13:06:50 +00:00
|
|
|
"net/http"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
portainer "github.com/portainer/portainer/api"
|
2023-02-09 19:13:35 +00:00
|
|
|
"github.com/portainer/portainer/api/crypto"
|
|
|
|
|
2023-10-24 16:55:11 +00:00
|
|
|
"github.com/segmentio/encoding/json"
|
2022-01-23 19:48:04 +00:00
|
|
|
"golang.org/x/sync/errgroup"
|
2021-11-29 13:06:50 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2022-01-23 19:48:04 +00:00
|
|
|
DefaultCIRAConfigName = "ciraConfigDefault"
|
|
|
|
DefaultProfileName = "profileAMTDefault"
|
|
|
|
|
|
|
|
httpClientTimeout = 5 * time.Minute
|
|
|
|
|
|
|
|
powerOnState portainer.PowerState = 2
|
|
|
|
powerOffState portainer.PowerState = 8
|
|
|
|
restartState portainer.PowerState = 5
|
2021-11-29 13:06:50 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// Service represents a service for managing an OpenAMT server.
|
|
|
|
type Service struct {
|
|
|
|
httpsClient *http.Client
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewService initializes a new service.
|
2022-01-23 19:48:04 +00:00
|
|
|
func NewService() *Service {
|
2023-02-09 19:13:35 +00:00
|
|
|
tlsConfig := crypto.CreateTLSConfiguration()
|
|
|
|
tlsConfig.InsecureSkipVerify = true
|
|
|
|
|
2021-11-29 13:06:50 +00:00
|
|
|
return &Service{
|
|
|
|
httpsClient: &http.Client{
|
2022-01-23 19:48:04 +00:00
|
|
|
Timeout: httpClientTimeout,
|
2021-11-29 13:06:50 +00:00
|
|
|
Transport: &http.Transport{
|
2023-02-09 19:13:35 +00:00
|
|
|
TLSClientConfig: tlsConfig,
|
2021-11-29 13:06:50 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type openAMTError struct {
|
|
|
|
ErrorMsg string `json:"message"`
|
|
|
|
Errors []struct {
|
|
|
|
ErrorMsg string `json:"msg"`
|
|
|
|
} `json:"errors"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func parseError(responseBody []byte) error {
|
|
|
|
var errorResponse openAMTError
|
|
|
|
err := json.Unmarshal(responseBody, &errorResponse)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(errorResponse.Errors) > 0 {
|
|
|
|
return errors.New(errorResponse.Errors[0].ErrorMsg)
|
|
|
|
}
|
|
|
|
if errorResponse.ErrorMsg != "" {
|
|
|
|
return errors.New(errorResponse.ErrorMsg)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-01-23 19:48:04 +00:00
|
|
|
func (service *Service) Configure(configuration portainer.OpenAMTConfiguration) error {
|
|
|
|
token, err := service.Authorization(configuration)
|
2021-11-29 13:06:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-01-23 19:48:04 +00:00
|
|
|
configuration.MPSToken = token
|
2021-11-29 13:06:50 +00:00
|
|
|
|
|
|
|
ciraConfig, err := service.createOrUpdateCIRAConfig(configuration, DefaultCIRAConfigName)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-01-23 19:48:04 +00:00
|
|
|
_, err = service.createOrUpdateAMTProfile(configuration, DefaultProfileName, ciraConfig.ConfigName)
|
2021-11-29 13:06:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err = service.createOrUpdateDomain(configuration)
|
|
|
|
|
2022-10-14 21:09:07 +00:00
|
|
|
return err
|
2021-11-29 13:06:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (service *Service) executeSaveRequest(method string, url string, token string, payload []byte) ([]byte, error) {
|
|
|
|
req, err := http.NewRequest(method, url, bytes.NewBuffer(payload))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))
|
|
|
|
|
|
|
|
response, err := service.httpsClient.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-03-27 18:14:16 +00:00
|
|
|
defer response.Body.Close()
|
|
|
|
|
2022-10-17 18:29:12 +00:00
|
|
|
responseBody, readErr := io.ReadAll(response.Body)
|
2021-11-29 13:06:50 +00:00
|
|
|
if readErr != nil {
|
|
|
|
return nil, readErr
|
|
|
|
}
|
|
|
|
|
|
|
|
if response.StatusCode < 200 || response.StatusCode > 300 {
|
|
|
|
errorResponse := parseError(responseBody)
|
|
|
|
if errorResponse != nil {
|
|
|
|
return nil, errorResponse
|
|
|
|
}
|
2022-01-23 19:48:04 +00:00
|
|
|
return nil, fmt.Errorf("unexpected status code %s", response.Status)
|
2021-11-29 13:06:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return responseBody, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (service *Service) executeGetRequest(url string, token string) ([]byte, error) {
|
|
|
|
req, err := http.NewRequest(http.MethodGet, url, nil)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))
|
|
|
|
|
|
|
|
response, err := service.httpsClient.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2023-03-27 18:14:16 +00:00
|
|
|
defer response.Body.Close()
|
|
|
|
|
2022-10-17 18:29:12 +00:00
|
|
|
responseBody, readErr := io.ReadAll(response.Body)
|
2021-11-29 13:06:50 +00:00
|
|
|
if readErr != nil {
|
|
|
|
return nil, readErr
|
|
|
|
}
|
|
|
|
|
|
|
|
if response.StatusCode < 200 || response.StatusCode > 300 {
|
|
|
|
if response.StatusCode == http.StatusNotFound {
|
|
|
|
return nil, nil
|
|
|
|
}
|
2023-03-27 18:14:16 +00:00
|
|
|
|
2021-11-29 13:06:50 +00:00
|
|
|
errorResponse := parseError(responseBody)
|
|
|
|
if errorResponse != nil {
|
|
|
|
return nil, errorResponse
|
|
|
|
}
|
2023-03-27 18:14:16 +00:00
|
|
|
|
2022-01-23 19:48:04 +00:00
|
|
|
return nil, fmt.Errorf("unexpected status code %s", response.Status)
|
2021-11-29 13:06:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return responseBody, nil
|
|
|
|
}
|
2022-01-23 19:48:04 +00:00
|
|
|
|
|
|
|
func (service *Service) DeviceInformation(configuration portainer.OpenAMTConfiguration, deviceGUID string) (*portainer.OpenAMTDeviceInformation, error) {
|
|
|
|
token, err := service.Authorization(configuration)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
configuration.MPSToken = token
|
|
|
|
|
|
|
|
var g errgroup.Group
|
|
|
|
var resultDevice *Device
|
|
|
|
var resultPowerState *DevicePowerState
|
|
|
|
var resultEnabledFeatures *DeviceEnabledFeatures
|
|
|
|
|
|
|
|
g.Go(func() error {
|
|
|
|
device, err := service.getDevice(configuration, deviceGUID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if device == nil {
|
|
|
|
return fmt.Errorf("device %s not found", deviceGUID)
|
|
|
|
}
|
|
|
|
resultDevice = device
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
g.Go(func() error {
|
|
|
|
powerState, err := service.getDevicePowerState(configuration, deviceGUID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
resultPowerState = powerState
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
g.Go(func() error {
|
|
|
|
enabledFeatures, err := service.getDeviceEnabledFeatures(configuration, deviceGUID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
resultEnabledFeatures = enabledFeatures
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
if err := g.Wait(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
deviceInformation := &portainer.OpenAMTDeviceInformation{
|
|
|
|
GUID: resultDevice.GUID,
|
|
|
|
HostName: resultDevice.HostName,
|
|
|
|
ConnectionStatus: resultDevice.ConnectionStatus,
|
|
|
|
}
|
|
|
|
if resultPowerState != nil {
|
|
|
|
deviceInformation.PowerState = resultPowerState.State
|
|
|
|
}
|
|
|
|
if resultEnabledFeatures != nil {
|
|
|
|
deviceInformation.EnabledFeatures = &portainer.OpenAMTDeviceEnabledFeatures{
|
|
|
|
Redirection: resultEnabledFeatures.Redirection,
|
|
|
|
KVM: resultEnabledFeatures.KVM,
|
|
|
|
SOL: resultEnabledFeatures.SOL,
|
|
|
|
IDER: resultEnabledFeatures.IDER,
|
|
|
|
UserConsent: resultEnabledFeatures.UserConsent,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return deviceInformation, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (service *Service) ExecuteDeviceAction(configuration portainer.OpenAMTConfiguration, deviceGUID string, action string) error {
|
|
|
|
parsedAction, err := parseAction(action)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
token, err := service.Authorization(configuration)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
configuration.MPSToken = token
|
|
|
|
|
2022-10-14 21:09:07 +00:00
|
|
|
return service.executeDeviceAction(configuration, deviceGUID, int(parsedAction))
|
2022-01-23 19:48:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (service *Service) EnableDeviceFeatures(configuration portainer.OpenAMTConfiguration, deviceGUID string, features portainer.OpenAMTDeviceEnabledFeatures) (string, error) {
|
|
|
|
token, err := service.Authorization(configuration)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
configuration.MPSToken = token
|
|
|
|
|
|
|
|
err = service.enableDeviceFeatures(configuration, deviceGUID, features)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
|
|
|
|
return token, nil
|
|
|
|
}
|