login first part

2026-04-15 06:58:11 +00:00 · 2022-01-10 07:39:54 +02:00
parent 52b78a7e73
commit f255df0198
2 changed files with 123 additions and 0 deletions
--- a/container-images/civ-adaptor-if.go
+++ b/container-images/civ-adaptor-if.go
@@ -0,0 +1,43 @@
+package containerimages
+
+import "time"
+
+type ContainerImageIdentifier struct {
+	Registry   string
+	Repository string
+	Tag        string
+	Hash       string
+}
+
+type ContainerImageScanStatus struct {
+	ImageID         ContainerImageIdentifier
+	IsScanAvailable bool
+	IsBomAvailable  bool
+	LastScanDate    time.Time
+}
+
+type ContainerImageVulnerability struct {
+	ImageID ContainerImageIdentifier
+	// TBD
+}
+
+type ContainerImageInformation struct {
+	ImageID ContainerImageIdentifier
+	Bom     []string
+	//ImageManifest Manifest // will use here Docker package definition
+}
+
+type IContainerImageVulnerabilityAdaptor interface {
+	// Credentials are coming from user input (CLI or configuration file) and they are abstracted at string to string map level
+	// so and example use would be like registry: "simpledockerregistry:80" and credentials like {"username":"joedoe","password":"abcd1234"}
+	Login(registry string, credentials map[string]string) error
+
+	// For "help" purposes
+	DescribeAdaptor() string
+
+	GetImagesScanStatus(imageIDs []ContainerImageIdentifier) ([]ContainerImageScanStatus, error)
+
+	GetImagesVulnerabilties(imageIDs []ContainerImageIdentifier) ([]ContainerImageVulnerability, error)
+
+	GetImagesInformation(imageIDs []ContainerImageIdentifier) ([]ContainerImageInformation, error)
+}
--- a/container-images/civ-armo-adaptor.go
+++ b/container-images/civ-armo-adaptor.go
@@ -0,0 +1,80 @@
+package containerimages
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+)
+
+type FeLoginData struct {
+	Secret   string `json:"secret"`
+	ClientId string `json:"clientId"`
+}
+
+type FeLoginResponse struct {
+	Token        string `json:"accessToken"`
+	RefreshToken string `json:"refreshToken"`
+	ExpiresIn    int32  `json:"expiresIn"`
+	Expires      string `json:"expires"`
+}
+
+type ArmoCivAdaptor struct {
+	registry  string
+	accountId string
+	clientId  string
+	accessKey string
+	feToken   FeLoginResponse
+}
+
+func CreateArmoAdaptor(registry string, credentials map[string]string) (*ArmoCivAdaptor, error) {
+	var accountId string
+	var accessKey string
+	var clientId string
+	var ok bool
+	if accountId, ok = credentials["accountId"]; !ok {
+		return nil, fmt.Errorf("Define accountId in credentials")
+	}
+	if clientId, ok = credentials["clientId"]; !ok {
+		return nil, fmt.Errorf("Define clientId in credentials")
+	}
+	if accessKey, ok = credentials["accessKey"]; !ok {
+		return nil, fmt.Errorf("Define accessKey in credentials")
+	}
+	return &ArmoCivAdaptor{registry: registry, accountId: accountId, clientId: clientId, accessKey: accessKey}, nil
+}
+
+func (armoCivAdaptor ArmoCivAdaptor) Login() error {
+	feLoginData := FeLoginData{ClientId: armoCivAdaptor.clientId, Secret: armoCivAdaptor.accessKey}
+	body, _ := json.Marshal(feLoginData)
+
+	resp, err := http.Post("https://eggauth.eudev3.cyberarmorsoft.com/frontegg/identity/resources/auth/v1/api-token", "application/json", bytes.NewBuffer(body))
+	if err != nil {
+		panic(err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode == http.StatusOK {
+		body, err := ioutil.ReadAll(resp.Body)
+		if err != nil {
+			return err
+		}
+		var feLoginResponse FeLoginResponse
+		err = json.Unmarshal(body, &feLoginResponse)
+		//fmt.Printf("Token: %s\n", feLoginResponse.Token)
+		//fmt.Printf("Body: %s\n", string(body))
+		if err != nil {
+			return err
+		}
+	} else {
+		body, err := ioutil.ReadAll(resp.Body)
+		if err != nil {
+			return fmt.Errorf("Error authenticating: %d", resp.StatusCode)
+
+		}
+		return fmt.Errorf("Error authenticating: %d - %s", resp.StatusCode, string(body))
+	}
+	fmt.Printf("Success!")
+	return nil
+}