openziti · ekoby · Feb 23, 2024 · Dec 12, 2023 · Feb 23, 2024 · Feb 23, 2024
@@ -43,7 +43,7 @@ typedef struct ziti_controller_s {
 
     ziti_version version;
 
-    char *api_session_token;
+    bool has_token;
     char *instance_id;
 
     ziti_ctrl_redirect_cb redirect_cb;
@@ -52,6 +52,8 @@ typedef struct ziti_controller_s {
 
 int ziti_ctrl_init(uv_loop_t *loop, ziti_controller *ctrl, const char *url, tls_context *tls);
 
+int ziti_ctrl_set_token(ziti_controller *ctrl, const char *access_token);
+
 int ziti_ctrl_cancel(ziti_controller *ctrl);
 
 void ziti_ctrl_set_page_size(ziti_controller *ctrl, unsigned int size);

@@ -90,7 +90,7 @@
    return ZITI_WTF;
 }

 #define CTRL_LOG(lvl, fmt, ...) ZITI_LOG(lvl, "ctrl[%s] " fmt, ctrl->client->host, ##__VA_ARGS__)

 #define MAKE_RESP(ctrl, cb, parser, ctx) prepare_resp(ctrl, (ctrl_resp_cb_t)(cb), (body_parse_fn)(parser), ctx)

@@ -247,7 +247,7 @@
 }
 
 void ziti_ctrl_clear_api_session(ziti_controller *ctrl) {
-    FREE(ctrl->api_session_token);
+    ctrl->has_token = false;
     if (ctrl->client) {
         CTRL_LOG(DEBUG, "clearing api session token for ziti_controller");
         tlsuv_http_header(ctrl->client, "zt-session", NULL);
@@ -263,9 +263,8 @@
 
     if (s) {
         CTRL_LOG(DEBUG, "authenticated successfully session[%s]", s->id);
-        FREE(resp->ctrl->api_session_token);
-        resp->ctrl->api_session_token = strdup(s->token);
-        tlsuv_http_header(resp->ctrl->client, "zt-session", s->token);
+        ctrl->has_token = true;
+        tlsuv_http_header(ctrl->client, "zt-session", s->token);
     }
     ctrl_default_cb(s, e, resp);
 }
@@ -274,8 +273,8 @@
     ziti_controller *ctrl = resp->ctrl;
     CTRL_LOG(DEBUG, "logged out");
 
-    FREE(resp->ctrl->api_session_token);
-    tlsuv_http_header(resp->ctrl->client, "zt-session", NULL);
+    ctrl->has_token = false;
+    tlsuv_http_header(ctrl->client, "zt-session", NULL);
     ctrl_default_cb(s, e, resp);
 }
 
@@ -326,7 +325,7 @@
                    uv_timeval64_t now;
                    uv_gettimeofday(&now);
                    uint64_t elapsed = (now.tv_sec * 1000000 + now.tv_usec) - (resp->start.tv_sec * 1000000 + resp->start.tv_usec);
                    CTRL_LOG(DEBUG, "completed %s[%s] in %ld.%03ld s", req->method, req->path, elapsed / 1000000, (elapsed / 1000) % 1000);
                    if (resp->paging) {
                        bool last_page = cr.meta.pagination.total <= cr.meta.pagination.offset + cr.meta.pagination.limit;
                        if (cr.meta.pagination.total > resp->total) {
@@ -354,7 +353,7 @@
                            return;
                        }
                        elapsed = (now.tv_sec * 1000000 + now.tv_usec) - (resp->all_start.tv_sec * 1000000 + resp->all_start.tv_usec);
                        CTRL_LOG(DEBUG, "completed paging request GET[%s] in %ld.%03ld s", resp->base_path, elapsed / 1000000, (elapsed / 1000) % 1000);
                        resp_obj = resp->resp_array;
                    }
                }
@@ -406,14 +405,34 @@
     tlsuv_http_idle_keepalive(ctrl->client, ZITI_CTRL_KEEPALIVE);
     tlsuv_http_connect_timeout(ctrl->client, ZITI_CTRL_TIMEOUT);
     tlsuv_http_header(ctrl->client, "Accept", "application/json");
-    ctrl->api_session_token = NULL;
+    ctrl->has_token = false;
     ctrl->instance_id = NULL;
 
     CTRL_LOG(DEBUG, "ziti controller client initialized");
 
     return ZITI_OK;
 }
 
+int ziti_ctrl_set_token(ziti_controller *ctrl, const char *token) {
+    if (token == NULL) {
+        tlsuv_http_header(ctrl->client, "Authorization", NULL);
+        ctrl->has_token = false;
+        return 0;
+    }
+
+    string_buf_t *b = new_string_buf();
+    string_buf_fmt(b, "Bearer %s", token);
+    char *header = string_buf_to_string(b, NULL);
+
+    ctrl->has_token = true;
+    tlsuv_http_header(ctrl->client, "Authorization", header);
+
+    free(header);
+    delete_string_buf(b);
+
+    return ZITI_OK;
+}
+
 void ziti_ctrl_set_page_size(ziti_controller *ctrl, unsigned int size) {
     ctrl->page_size = size;
 }
@@ -433,7 +452,6 @@
 
 int ziti_ctrl_close(ziti_controller *ctrl) {
     free_ziti_version(&ctrl->version);
-    FREE(ctrl->api_session_token);
     FREE(ctrl->instance_id);
     FREE(ctrl->url);
     tlsuv_http_close(ctrl->client, on_http_close);
@@ -483,12 +501,12 @@
 }
 
 static bool verify_api_session(ziti_controller *ctrl, ctrl_resp_cb_t cb, void *ctx) {
-    if(ctrl->api_session_token == NULL) {
+    if(!ctrl->has_token) {
         CTRL_LOG(WARN, "no API session");
         ziti_error err = {
                 .err = ZITI_AUTHENTICATION_FAILED,
                .code = ERROR_CODE_UNAUTHORIZED,
                .message = ERROR_MSG_NO_API_SESSION_TOKEN,
        };
        cb(NULL, &err, ctx);
        return false;
@@ -545,7 +563,7 @@
 
     struct ctrl_resp *resp = MAKE_RESP(ctrl, cb, parse_ziti_edge_router_array, ctx);
     resp->paging = true;
-    resp->base_path = "/current-identity/edge-routers";
+        resp->base_path = "/current-identity/edge-routers";
     ctrl_paging_req(resp);
 }
 
@@ -554,13 +572,16 @@
                       void *ctx) {
     if(!verify_api_session(ctrl, (void (*)(void *, const ziti_error *, void *)) cb, ctx)) return;
 
-    char path[1024];
-    snprintf(path, sizeof(path), "/services?filter=name=\"%s\"", service_name);
+    char name_clause[1024];
+    snprintf(name_clause, sizeof(name_clause), "name=\"%s\"", service_name);
 
     struct ctrl_resp *resp = MAKE_RESP(ctrl, cb, parse_ziti_service_array, ctx);
     resp->ctrl_cb = (ctrl_cb_t) ctrl_service_cb;
 
-    start_request(ctrl->client, "GET", path, ctrl_resp_cb, resp);
+    tlsuv_http_req_t *req = start_request(ctrl->client, "GET", "/services", ctrl_resp_cb, resp);
+    tlsuv_http_req_query(req, 1, &(tlsuv_http_pair){
+        "filter", name_clause
+    });
 }
 
 void ziti_ctrl_get_session(
@@ -649,7 +670,7 @@
    } else {
        tlsuv_http_req_header(req, "Content-Type", "application/json");
        if (name != NULL) {
            ziti_identity id = {.name = name};
            size_t body_len;
            char *body = ziti_identity_to_json(&id, MODEL_JSON_COMPACT, &body_len);
            tlsuv_http_req_data(req, body, body_len, free_body_cb);
@@ -780,7 +801,7 @@
    snprintf(path, sizeof(path), "/current-identity/authenticators/%s/extend", authenticatorId);

    ziti_extend_cert_authenticator_req extend_req;
    extend_req.client_cert_csr = csr;

    size_t body_len;
    char *body = ziti_extend_cert_authenticator_req_to_json(&extend_req, 0, &body_len);
@@ -799,7 +820,7 @@
    snprintf(path, sizeof(path), "/current-identity/authenticators/%s/extend-verify", authenticatorId);

    ziti_verify_extend_cert_authenticator_req verify_req;
    verify_req.client_cert = client_cert;

    size_t body_len;
    char *body = ziti_verify_extend_cert_authenticator_req_to_json(&verify_req, 0, &body_len);

@@ -1,7 +1,7 @@

 find_program(EXPECTOR NAMES expect)
 if (NOT EXPECTOR)
    message(WARNING "expect not found: integration testing is not enabled")
    return()
 endif ()

@@ -9,8 +9,20 @@
 
 find_program(GOLANG_EXE NAMES go REQUIRED)
 
+set(test_client_json ${CMAKE_CURRENT_BINARY_DIR}/test-client.json)
+set(test_server_json ${CMAKE_CURRENT_BINARY_DIR}/test-server.json)
+set(test_service test-service)
+
+CONFIGURE_FILE(${CMAKE_CURRENT_SOURCE_DIR}/test-data.h.in
+        ${CMAKE_CURRENT_BINARY_DIR}/include/test-data.h
+        @ONLY
+)
+
 add_executable(integ-tests
         main.cpp)
+target_include_directories(integ-tests
+        PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/include
+        PRIVATE ${ziti-sdk_SOURCE_DIR}/inc_internal)
 target_link_libraries(integ-tests
         PRIVATE ziti
         PRIVATE Catch2::Catch2WithMain
@@ -22,7 +34,7 @@
     set_property(TARGET integ-tests PROPERTY CXX_STANDARD 14)
 endif ()
 
-set(ZITI_CLI_VER "v0.32.1" CACHE STRING "ziti version for integration tests")
+set(ZITI_CLI_VER "v0.32.2" CACHE STRING "ziti version for integration tests")
 add_custom_target(ziti-cli ALL
         COMMAND ${CMAKE_COMMAND} -E env GOBIN=${CMAKE_CURRENT_BINARY_DIR}
         ${GOLANG_EXE} install github.com/openziti/ziti/ziti@${ZITI_CLI_VER}

@@ -0,0 +1,18 @@
+
+// Copyright (c) 2024. NetFoundry Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+//
+// You may obtain a copy of the License at
+// https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#define TEST_CLIENT "@test_client_json@"
+#define TEST_SERVER "@test_server_json@"
+#define TEST_SERVICE "@test_service@"