diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 4e79bbdb..a04aea68 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -220,18 +220,8 @@ jobs: make xz-utils cpio wget zip unzip p7zip git mercurial bzr texinfo help2man cmake --no-install-recommends sudo ln -s /usr/include/asm-generic/ /usr/include/asm - - name: Install MacOSX compiler - run: | - cd / - git clone https://github.com/tpoechtrager/osxcross.git - cd osxcross && git checkout 88cb6e8d0d7675cae7c8a2d66c11f58237101df0 && cd ../ - wget https://s3.dockerproject.org/darwin/v2/MacOSX10.11.sdk.tar.xz - mv MacOSX10.11.sdk.tar.xz /osxcross/tarballs/ - OSX_VERSION_MIN=10.10 UNATTENDED=1 LD_LIBRARY_PATH=/osxcross/target/lib /osxcross/build.sh - - name: Setting ENV's run: | - echo "::add-path::/osxcross/target/bin" echo "::add-path::$(go env GOPATH)/bin" echo "::add-path::/opt/hostedtoolcache/node/10.20.1/x64/bin" echo ::set-env name=VERSION::$(cat version.txt) diff --git a/Makefile b/Makefile index c7d3e9b4..30b9ac1f 100644 --- a/Makefile +++ b/Makefile @@ -163,7 +163,6 @@ build-win: build-darwin: GO111MODULE="on" GOOS=darwin GOARCH=amd64 go build -a -ldflags "-s -w -X main.VERSION=${VERSION}" -o releases/statping-darwin-amd64/statping --tags "darwin" ./cmd - GO111MODULE="on" GOOS=darwin GOARCH=386 go build -a -ldflags "-s -w -X main.VERSION=${VERSION}" -o releases/statping-darwin-386/statping --tags "darwin" ./cmd build-linux: CGO_ENABLED=1 GO111MODULE="on" GOOS=linux GOARCH=amd64 \ diff --git a/frontend/src/components/Service/ServiceBlock.vue b/frontend/src/components/Service/ServiceBlock.vue index 88264a69..3141d8cd 100644 --- a/frontend/src/components/Service/ServiceBlock.vue +++ b/frontend/src/components/Service/ServiceBlock.vue @@ -32,7 +32,7 @@
-
+
-
+
diff --git a/handlers/api_test.go b/handlers/api_test.go index 791af5a5..c997665f 100644 --- a/handlers/api_test.go +++ b/handlers/api_test.go @@ -235,6 +235,7 @@ func TestMainApiRoutes(t *testing.T) { URL: "/metrics", Method: "GET", BeforeTest: SetTestENV, + AfterTest: UnsetTestENV, ExpectedStatus: 200, ExpectedContains: []string{ `Statping Totals`, @@ -242,6 +243,21 @@ func TestMainApiRoutes(t *testing.T) { `Golang Metrics`, }, }, + { + Name: "Test API Key Authentication", + URL: "/metrics?api=" + core.App.ApiSecret, + Method: "GET", + BeforeTest: UnsetTestENV, + ExpectedStatus: 200, + }, + { + Name: "Test API Header Authentication", + URL: "/metrics", + Method: "GET", + HttpHeaders: []string{"Authorization=" + core.App.ApiSecret}, + BeforeTest: UnsetTestENV, + ExpectedStatus: 200, + }, } for _, v := range tests { diff --git a/handlers/dashboard.go b/handlers/dashboard.go index 2aa9dc71..3500d5a3 100644 --- a/handlers/dashboard.go +++ b/handlers/dashboard.go @@ -132,29 +132,6 @@ func logsLineHandler(w http.ResponseWriter, r *http.Request) { } } -//func exportHandler(w http.ResponseWriter, r *http.Request) { -// var notifiers []*notifier.Notification -// for _, v := range core.CoreApp.Notifications { -// notifier := v.(notifier.Notifier) -// notifiers = append(notifiers, notifier.Select()) -// } -// -// export, _ := core.ExportSettings() -// -// mime := http.DetectContentType(export) -// fileSize := len(string(export)) -// -// w.Header().Set("Content-Type", mime) -// w.Header().Set("Content-Disposition", "attachment; filename=export.json") -// w.Header().Set("Expires", "0") -// w.Header().Set("Content-Transfer-Encoding", "binary") -// w.Header().Set("Content-Length", strconv.Itoa(fileSize)) -// w.Header().Set("Content-Control", "private, no-transform, no-store, must-revalidate") -// -// http.ServeContent(w, r, "export.json", utils.Now(), bytes.NewReader(export)) -// -//} - type JwtClaim struct { Username string `json:"username"` Admin bool `json:"admin"` diff --git a/handlers/groups_test.go b/handlers/groups_test.go index b7c535b5..e52d7032 100644 --- a/handlers/groups_test.go +++ b/handlers/groups_test.go @@ -1,6 +1,7 @@ package handlers import ( + "github.com/statping/statping/types/core" "github.com/statping/statping/types/groups" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -113,6 +114,21 @@ func TestGroupAPIRoutes(t *testing.T) { ExpectedStatus: 200, BeforeTest: SetTestENV, }, + { + Name: "Statping View Private Group with API Key", + URL: "/api/groups/2?api=" + core.App.ApiSecret, + Method: "GET", + ExpectedStatus: 200, + BeforeTest: UnsetTestENV, + }, + { + Name: "Statping View Private Group with API Header", + URL: "/api/groups/2", + Method: "GET", + HttpHeaders: []string{"Authorization=" + core.App.ApiSecret}, + ExpectedStatus: 200, + BeforeTest: UnsetTestENV, + }, { Name: "Statping Reorder Groups", URL: "/api/reorder/groups", diff --git a/handlers/services_test.go b/handlers/services_test.go index adedce0e..4bef36a4 100644 --- a/handlers/services_test.go +++ b/handlers/services_test.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/pkg/errors" "github.com/statping/statping/types" + "github.com/statping/statping/types/core" "github.com/statping/statping/types/services" "github.com/statping/statping/utils" "github.com/stretchr/testify/assert" @@ -108,6 +109,21 @@ func TestApiServiceRoutes(t *testing.T) { ExpectedStatus: 200, BeforeTest: SetTestENV, }, + { + Name: "Statping Private Service with API Key", + URL: "/api/services/6?api=" + core.App.ApiSecret, + Method: "GET", + ExpectedStatus: 200, + BeforeTest: UnsetTestENV, + }, + { + Name: "Statping Private Service with API Header", + URL: "/api/services/6?api=" + core.App.ApiSecret, + Method: "GET", + HttpHeaders: []string{"Authorization=" + core.App.ApiSecret}, + ExpectedStatus: 200, + BeforeTest: UnsetTestENV, + }, { Name: "Statping Service 1 with Private responses", URL: "/api/services/1", diff --git a/notifiers/command_test.go b/notifiers/command_test.go index 7cd4cbba..8207c76b 100644 --- a/notifiers/command_test.go +++ b/notifiers/command_test.go @@ -11,7 +11,6 @@ import ( ) func TestCommandNotifier(t *testing.T) { - t.SkipNow() db, err := database.OpenTester() require.Nil(t, err) db.AutoMigrate(¬ifications.Notification{}) diff --git a/notifiers/pushover_test.go b/notifiers/pushover_test.go index c8f17642..202a9d75 100644 --- a/notifiers/pushover_test.go +++ b/notifiers/pushover_test.go @@ -16,7 +16,6 @@ var ( ) func TestPushoverNotifier(t *testing.T) { - t.SkipNow() db, err := database.OpenTester() require.Nil(t, err) db.AutoMigrate(¬ifications.Notification{}) diff --git a/notifiers/telegram_test.go b/notifiers/telegram_test.go index ce3480c0..dffe0719 100644 --- a/notifiers/telegram_test.go +++ b/notifiers/telegram_test.go @@ -25,7 +25,6 @@ func init() { } func TestTelegramNotifier(t *testing.T) { - t.SkipNow() db, err := database.OpenTester() require.Nil(t, err) db.AutoMigrate(¬ifications.Notification{}) diff --git a/notifiers/twilio.go b/notifiers/twilio.go index fd1c36cb..e3ec3aaf 100644 --- a/notifiers/twilio.go +++ b/notifiers/twilio.go @@ -62,15 +62,17 @@ var Twilio = &twilio{¬ifications.Notification{ // Send will send a HTTP Post to the Twilio SMS API. It accepts type: string func (t *twilio) sendMessage(message string) (string, error) { - twilioUrl := fmt.Sprintf("https://api.twilio.com/2010-04-01/Accounts/%v/Messages.json", t.GetValue("api_key")) + twilioUrl := fmt.Sprintf("https://api.twilio.com/2010-04-01/Accounts/%v/Messages.json", t.ApiKey) v := url.Values{} v.Set("To", "+"+t.Var1) v.Set("From", "+"+t.Var2) v.Set("Body", message) - rb := *strings.NewReader(v.Encode()) + rb := strings.NewReader(v.Encode()) - contents, _, err := utils.HttpRequest(twilioUrl, "POST", "application/x-www-form-urlencoded", nil, &rb, time.Duration(10*time.Second), true) + authHeader := utils.Base64(fmt.Sprintf("%s:%s", t.ApiKey, t.ApiSecret)) + + contents, _, err := utils.HttpRequest(twilioUrl, "POST", "application/x-www-form-urlencoded", []string{"Authorization=Basic " + authHeader}, rb, 10*time.Second, true) success, _ := twilioSuccess(contents) if !success { errorOut := twilioError(contents) diff --git a/notifiers/twilio_test.go b/notifiers/twilio_test.go index c13e8ba0..6a517ded 100644 --- a/notifiers/twilio_test.go +++ b/notifiers/twilio_test.go @@ -21,29 +21,25 @@ var ( func init() { TWILIO_SID = os.Getenv("TWILIO_SID") TWILIO_SECRET = os.Getenv("TWILIO_SECRET") - TWILIO_FROM = os.Getenv("TWILIO_FROM") - TWILIO_TO = os.Getenv("TWILIO_TO") } func TestTwilioNotifier(t *testing.T) { - t.SkipNow() - db, err := database.OpenTester() require.Nil(t, err) db.AutoMigrate(¬ifications.Notification{}) notifications.SetDB(db) - if TWILIO_SID == "" || TWILIO_SECRET == "" || TWILIO_FROM == "" { - t.Log("twilio notifier testing skipped, missing TWILIO_SID environment variable") + if TWILIO_SID == "" || TWILIO_SECRET == "" { + t.Log("twilio notifier testing skipped, missing TWILIO_SID and TWILIO_SECRET environment variable") t.SkipNow() } t.Run("Load Twilio", func(t *testing.T) { Twilio.ApiKey = TWILIO_SID Twilio.ApiSecret = TWILIO_SECRET - Twilio.Var1 = TWILIO_TO - Twilio.Var2 = TWILIO_FROM - Twilio.Delay = time.Duration(100 * time.Millisecond) + Twilio.Var1 = "15005550006" + Twilio.Var2 = "15005550006" + Twilio.Delay = 100 * time.Millisecond Twilio.Enabled = null.NewNullBool(true) Add(Twilio) diff --git a/utils/encryption.go b/utils/encryption.go index 68561f4c..5fe29726 100644 --- a/utils/encryption.go +++ b/utils/encryption.go @@ -2,6 +2,7 @@ package utils import ( "crypto/sha256" + "encoding/base64" "fmt" "golang.org/x/crypto/bcrypt" "math/rand" @@ -22,6 +23,10 @@ func NewSHA256Hash() string { return fmt.Sprintf("%x", sha256.Sum256(d)) } +func Base64(s string) string { + return base64.StdEncoding.EncodeToString([]byte(s)) +} + var characterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") // RandomString generates a random string of n length