commit cc3ebcb0578941ce614d9459e784e88f399c0b9d
author giolekva <giolekva@gmail.com> Fri Dec 17 10:52:17 2021 +0400
committer giolekva <giolekva@gmail.com> Fri Dec 17 10:52:17 2021 +0400
tree 5a19f7ff69ab39b5f26740d2f87601eadcb0ee3f
parent 90c2003eaedcad4eb675c2e25d54a6fd82615627

VPN: API server returnes config template while client app merges private key into it

core/client/cmd/pcloud/client.go

diff --git a/core/client/cmd/pcloud/client.go b/core/client/cmd/pcloud/client.go
index aa1a3c3..b48db76 100644
--- a/core/client/cmd/pcloud/client.go
+++ b/core/client/cmd/pcloud/client.go
@@ -4,18 +4,22 @@
 	"bytes"
 	"crypto/rand"
 	"crypto/tls"
+	"encoding/base64"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"io"
 	"net/http"
 
+	"github.com/slackhq/nebula/cert"
 	"golang.org/x/crypto/curve25519"
+	"sigs.k8s.io/yaml"
 )
 
 type VPNClient interface {
 	Address() string
 	Sign(message []byte) ([]byte, error)
-	Join(apiAddr string, message, signature []byte) (interface{}, error)
+	Join(apiAddr string, message, signature []byte) ([]byte, error)
 }
 
 type directVPNClient struct {
@@ -69,14 +73,14 @@
 }
 
 type joinResp struct {
+	cfgYamlB64 string
 }
 
-func (c *directVPNClient) Join(apiAddr string, message, signature []byte) (interface{}, error) {
+func (c *directVPNClient) Join(apiAddr string, message, signature []byte) ([]byte, error) {
 	if c.addr != "" {
 		return nil, errors.New("Already joined")
 	}
-	c.addr = apiAddr
-	pubKey, _, err := x25519Keypair()
+	pubKey, privKey, err := x25519Keypair()
 	if err != nil {
 		return nil, err
 	}
@@ -84,7 +88,7 @@
 		message,
 		signature,
 		"test",
-		pubKey,
+		cert.MarshalX25519PublicKey(pubKey),
 		"111.0.0.13/24",
 	}
 	var data bytes.Buffer
@@ -97,15 +101,30 @@
 			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
 		},
 	}
-	r, err := client.Post(c.addr+"/api/join", "application/json", &data)
+	r, err := client.Post(apiAddr+"/api/join", "application/json", &data)
 	if err != nil {
 		return nil, err
 	}
-	resp := &joinResp{}
-	if err := json.NewDecoder(r.Body).Decode(resp); err != nil {
+	var cfgYamlB bytes.Buffer
+	_, err = io.Copy(&cfgYamlB,
+		base64.NewDecoder(base64.StdEncoding, r.Body))
+	if err != nil {
 		return nil, err
 	}
-	return nil, nil
+	cfgYaml := cfgYamlB.Bytes()
+	fmt.Println(string(cfgYaml))
+	var cfgMap map[string]interface{}
+	if err := yaml.Unmarshal(cfgYaml, &cfgMap); err != nil {
+		return nil, err
+	}
+	var pki map[string]interface{}
+	var ok bool
+	if pki, ok = cfgMap["pki"].(map[string]interface{}); !ok {
+		panic("Must not reach")
+	}
+	pki["key"] = string(cert.MarshalX25519PrivateKey(privKey))
+	c.addr = apiAddr
+	return yaml.Marshal(cfgMap)
 }
 
 func x25519Keypair() ([]byte, []byte, error) {
@@ -114,5 +133,6 @@
 		return nil, nil, err
 	}
 	curve25519.ScalarBaseMult(&pubkey, &privkey)
+	fmt.Println()
 	return pubkey[:], privkey[:], nil
 }