acme: new HTTP and TLS challenges implementations.

2020-10-29 15:40:04 +01:00 · 2020-10-29 15:40:04 +01:00 · 05333b9579
commit 05333b9579
parent 49cdb67ddc
13 changed files with 398 additions and 254 deletions
--- a/pkg/server/service/internalhandler.go
+++ b/pkg/server/service/internalhandler.go
@ -6,8 +6,6 @@ import (
 	"fmt"
 	"net/http"
 	"strings"
-
-	"github.com/traefik/traefik/v2/pkg/config/runtime"
 )

 type serviceManager interface {
@ -22,22 +20,19 @@ type InternalHandlers struct {
 	rest       http.Handler
 	prometheus http.Handler
 	ping       http.Handler
+	acmeHTTP   http.Handler
 	serviceManager
 }

 // NewInternalHandlers creates a new InternalHandlers.
-func NewInternalHandlers(api func(configuration *runtime.Configuration) http.Handler, configuration *runtime.Configuration, rest, metricsHandler, pingHandler, dashboard http.Handler, next serviceManager) *InternalHandlers {
-	var apiHandler http.Handler
-	if api != nil {
-		apiHandler = api(configuration)
-	}
-
+func NewInternalHandlers(next serviceManager, apiHandler, rest, metricsHandler, pingHandler, dashboard, acmeHTTP http.Handler) *InternalHandlers {
 	return &InternalHandlers{
 		api:            apiHandler,
 		dashboard:      dashboard,
 		rest:           rest,
 		prometheus:     metricsHandler,
 		ping:           pingHandler,
+		acmeHTTP:       acmeHTTP,
 		serviceManager: next,
 	}
 }
@ -63,6 +58,12 @@ func (m *InternalHandlers) get(serviceName string) (http.Handler, error) {
 			rw.WriteHeader(http.StatusTeapot)
 		}), nil

+	case "acme-http@internal":
+		if m.acmeHTTP == nil {
+			return nil, errors.New("HTTP challenge is not enabled")
+		}
+		return m.acmeHTTP, nil
+
 	case "api@internal":
 		if m.api == nil {
 			return nil, errors.New("api is not enabled")
--- a/pkg/server/service/managerfactory.go
+++ b/pkg/server/service/managerfactory.go
@ -21,16 +21,18 @@ type ManagerFactory struct {
 	dashboardHandler http.Handler
 	metricsHandler   http.Handler
 	pingHandler      http.Handler
+	acmeHTTPHandler  http.Handler

 	routinesPool *safe.Pool
 }

 // NewManagerFactory creates a new ManagerFactory.
-func NewManagerFactory(staticConfiguration static.Configuration, routinesPool *safe.Pool, metricsRegistry metrics.Registry, roundTripperManager *RoundTripperManager) *ManagerFactory {
+func NewManagerFactory(staticConfiguration static.Configuration, routinesPool *safe.Pool, metricsRegistry metrics.Registry, roundTripperManager *RoundTripperManager, acmeHTTPHandler http.Handler) *ManagerFactory {
 	factory := &ManagerFactory{
 		metricsRegistry:     metricsRegistry,
 		routinesPool:        routinesPool,
 		roundTripperManager: roundTripperManager,
+		acmeHTTPHandler:     acmeHTTPHandler,
 	}

 	if staticConfiguration.API != nil {
@ -62,5 +64,11 @@ func NewManagerFactory(staticConfiguration static.Configuration, routinesPool *s
 // Build creates a service manager.
 func (f *ManagerFactory) Build(configuration *runtime.Configuration) *InternalHandlers {
 	svcManager := NewManager(configuration.Services, f.metricsRegistry, f.routinesPool, f.roundTripperManager)
-	return NewInternalHandlers(f.api, configuration, f.restHandler, f.metricsHandler, f.pingHandler, f.dashboardHandler, svcManager)
+
+	var apiHandler http.Handler
+	if f.api != nil {
+		apiHandler = f.api(configuration)
+	}
+
+	return NewInternalHandlers(svcManager, apiHandler, f.restHandler, f.metricsHandler, f.pingHandler, f.dashboardHandler, f.acmeHTTPHandler)
 }