We use cookies to ensure you get the best experience on our website
首页 发现 帮助
注册 登录
0ct0pu5
/
crowdsec
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: cc1ab8c50d
分支列表 标签列表
crowdsec
/
cmd
/
crowdsec-cli
/
lapi.go

lapi.go 5.7 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178 
  1. package main
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"fmt"
    6. 

  6. 	"io/ioutil"
    7. 

  7. 	"net/url"
    8. 

  8. 	"strings"
    9. 

  9. 

  10. 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
    11. 

  11. 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
    12. 

  12. 	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
    13. 

  13. 	"github.com/crowdsecurity/crowdsec/pkg/cwversion"
    14. 

  14. 	"github.com/crowdsecurity/crowdsec/pkg/models"
    15. 

  15. 	"github.com/go-openapi/strfmt"
    16. 

  16. 	log "github.com/sirupsen/logrus"
    17. 

  17. 	"github.com/spf13/cobra"
    18. 

  18. 	"gopkg.in/yaml.v2"
    19. 

  19. )
    20. 

  20. 

  21. var LAPIURLPrefix string = "v1"
    22. 

  22. var lapiUser string
    23. 

  23. 

  24. func NewLapiCmd() *cobra.Command {
    25. 

  25. 	var cmdLapi = &cobra.Command{
    26. 

  26. 		Use:               "lapi [action]",
    27. 

  27. 		Short:             "Manage interaction with Local API (LAPI)",
    28. 

  28. 		Args:              cobra.MinimumNArgs(1),
    29. 

  29. 		DisableAutoGenTag: true,
    30. 

  30. 		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
    31. 

  31. 			if err := csConfig.LoadAPIClient(); err != nil {
    32. 

  32. 				return fmt.Errorf("loading api client: %s", err.Error())
    33. 

  33. 			}
    34. 

  34. 			if csConfig.API.Client == nil {
    35. 

  35. 				log.Fatalln("There is no API->client configuration")
    36. 

  36. 			}
    37. 

  37. 			if csConfig.API.Client.Credentials == nil {
    38. 

  38. 				log.Fatalf("no configuration for Local API (LAPI) in '%s'", *csConfig.FilePath)
    39. 

  39. 			}
    40. 

  40. 			return nil
    41. 

  41. 		},
    42. 

  42. 	}
    43. 

  43. 

  44. 	var cmdLapiRegister = &cobra.Command{
    45. 

  45. 		Use:   "register",
    46. 

  46. 		Short: "Register a machine to Local API (LAPI)",
    47. 

  47. 		Long: `Register you machine to the Local API (LAPI).
    48. 

  48. Keep in mind the machine needs to be validated by an administrator on LAPI side to be effective.`,
    49. 

  49. 		Args:              cobra.MinimumNArgs(0),
    50. 

  50. 		DisableAutoGenTag: true,
    51. 

  51. 		Run: func(cmd *cobra.Command, args []string) {
    52. 

  52. 			var err error
    53. 

  53. 			if lapiUser == "" {
    54. 

  54. 				lapiUser, err = generateID()
    55. 

  55. 				if err != nil {
    56. 

  56. 					log.Fatalf("unable to generate machine id: %s", err)
    57. 

  57. 				}
    58. 

  58. 			}
    59. 

  59. 			password := strfmt.Password(generatePassword(passwordLength))
    60. 

  60. 			if apiURL == "" {
    61. 

  61. 				if csConfig.API.Client != nil && csConfig.API.Client.Credentials != nil && csConfig.API.Client.Credentials.URL != "" {
    62. 

  62. 					apiURL = csConfig.API.Client.Credentials.URL
    63. 

  63. 				} else {
    64. 

  64. 					log.Fatalf("No Local API URL. Please provide it in your configuration or with the -u parameter")
    65. 

  65. 				}
    66. 

  66. 			}
    67. 

  67. 			/*URL needs to end with /, but user doesn't care*/
    68. 

  68. 			if !strings.HasSuffix(apiURL, "/") {
    69. 

  69. 				apiURL += "/"
    70. 

  70. 			}
    71. 

  71. 			/*URL needs to start with http://, but user doesn't care*/
    72. 

  72. 			if !strings.HasPrefix(apiURL, "http://") && !strings.HasPrefix(apiURL, "https://") {
    73. 

  73. 				apiURL = "http://" + apiURL
    74. 

  74. 			}
    75. 

  75. 			apiurl, err := url.Parse(apiURL)
    76. 

  76. 			if err != nil {
    77. 

  77. 				log.Fatalf("parsing api url: %s", err)
    78. 

  78. 			}
    79. 

  79. 			_, err = apiclient.RegisterClient(&apiclient.Config{
    80. 

  80. 				MachineID:     lapiUser,
    81. 

  81. 				Password:      password,
    82. 

  82. 				UserAgent:     fmt.Sprintf("crowdsec/%s", cwversion.VersionStr()),
    83. 

  83. 				URL:           apiurl,
    84. 

  84. 				VersionPrefix: LAPIURLPrefix,
    85. 

  85. 			}, nil)
    86. 

  86. 

  87. 			if err != nil {
    88. 

  88. 				log.Fatalf("api client register: %s", err)
    89. 

  89. 			}
    90. 

  90. 

  91. 			log.Printf("Successfully registered to Local API (LAPI)")
    92. 

  92. 

  93. 			var dumpFile string
    94. 

  94. 			if outputFile != "" {
    95. 

  95. 				dumpFile = outputFile
    96. 

  96. 			} else if csConfig.API.Client.CredentialsFilePath != "" {
    97. 

  97. 				dumpFile = csConfig.API.Client.CredentialsFilePath
    98. 

  98. 			} else {
    99. 

  99. 				dumpFile = ""
    100. 

  100. 			}
    101. 

  101. 			apiCfg := csconfig.ApiCredentialsCfg{
    102. 

  102. 				Login:    lapiUser,
    103. 

  103. 				Password: password.String(),
    104. 

  104. 				URL:      apiURL,
    105. 

  105. 			}
    106. 

  106. 			apiConfigDump, err := yaml.Marshal(apiCfg)
    107. 

  107. 			if err != nil {
    108. 

  108. 				log.Fatalf("unable to marshal api credentials: %s", err)
    109. 

  109. 			}
    110. 

  110. 			if dumpFile != "" {
    111. 

  111. 				err = ioutil.WriteFile(dumpFile, apiConfigDump, 0644)
    112. 

  112. 				if err != nil {
    113. 

  113. 					log.Fatalf("write api credentials in '%s' failed: %s", dumpFile, err)
    114. 

  114. 				}
    115. 

  115. 				log.Printf("Local API credentials dumped to '%s'", dumpFile)
    116. 

  116. 			} else {
    117. 

  117. 				fmt.Printf("%s\n", string(apiConfigDump))
    118. 

  118. 			}
    119. 

  119. 			log.Warningf(ReloadMessage())
    120. 

  120. 		},
    121. 

  121. 	}
    122. 

  122. 	cmdLapiRegister.Flags().StringVarP(&apiURL, "url", "u", "", "URL of the API (ie. http://127.0.0.1)")
    123. 

  123. 	cmdLapiRegister.Flags().StringVarP(&outputFile, "file", "f", "", "output file destination")
    124. 

  124. 	cmdLapiRegister.Flags().StringVar(&lapiUser, "machine", "", "Name of the machine to register with")
    125. 

  125. 	cmdLapi.AddCommand(cmdLapiRegister)
    126. 

  126. 

  127. 	var cmdLapiStatus = &cobra.Command{
    128. 

  128. 		Use:               "status",
    129. 

  129. 		Short:             "Check authentication to Local API (LAPI)",
    130. 

  130. 		Args:              cobra.MinimumNArgs(0),
    131. 

  131. 		DisableAutoGenTag: true,
    132. 

  132. 		Run: func(cmd *cobra.Command, args []string) {
    133. 

  133. 			var err error
    134. 

  134. 

  135. 			password := strfmt.Password(csConfig.API.Client.Credentials.Password)
    136. 

  136. 			apiurl, err := url.Parse(csConfig.API.Client.Credentials.URL)
    137. 

  137. 			login := csConfig.API.Client.Credentials.Login
    138. 

  138. 			if err != nil {
    139. 

  139. 				log.Fatalf("parsing api url ('%s'): %s", apiurl, err)
    140. 

  140. 			}
    141. 

  141. 			if err := csConfig.LoadHub(); err != nil {
    142. 

  142. 				log.Fatalf(err.Error())
    143. 

  143. 			}
    144. 

  144. 

  145. 			if err := cwhub.GetHubIdx(csConfig.Hub); err != nil {
    146. 

  146. 				log.Fatalf("Failed to load hub index : %s", err)
    147. 

  147. 				log.Infoln("Run 'sudo cscli hub update' to get the hub index")
    148. 

  148. 			}
    149. 

  149. 			scenarios, err := cwhub.GetUpstreamInstalledScenariosAsString()
    150. 

  150. 			if err != nil {
    151. 

  151. 				log.Fatalf("failed to get scenarios : %s", err.Error())
    152. 

  152. 			}
    153. 

  153. 

  154. 			Client, err = apiclient.NewDefaultClient(apiurl,
    155. 

  155. 				LAPIURLPrefix,
    156. 

  156. 				fmt.Sprintf("crowdsec/%s", cwversion.VersionStr()),
    157. 

  157. 				nil)
    158. 

  158. 			if err != nil {
    159. 

  159. 				log.Fatalf("init default client: %s", err)
    160. 

  160. 			}
    161. 

  161. 			t := models.WatcherAuthRequest{
    162. 

  162. 				MachineID: &login,
    163. 

  163. 				Password:  &password,
    164. 

  164. 				Scenarios: scenarios,
    165. 

  165. 			}
    166. 

  166. 			log.Infof("Loaded credentials from %s", csConfig.API.Client.CredentialsFilePath)
    167. 

  167. 			log.Infof("Trying to authenticate with username %s on %s", login, apiurl)
    168. 

  168. 			_, err = Client.Auth.AuthenticateWatcher(context.Background(), t)
    169. 

  169. 			if err != nil {
    170. 

  170. 				log.Fatalf("Failed to authenticate to Local API (LAPI) : %s", err)
    171. 

  171. 			} else {
    172. 

  172. 				log.Infof("You can successfully interact with Local API (LAPI)")
    173. 

  173. 			}
    174. 

  174. 		},
    175. 

  175. 	}
    176. 

  176. 	cmdLapi.AddCommand(cmdLapiStatus)
    177. 

  177. 	return cmdLapi
    178. 

  178. }
    179.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5