From a6e66b316f3b9d1d7057cfababf2f3901d5672fa Mon Sep 17 00:00:00 2001
From: Sebastien Laithier <sebastien.laithier@infolegale.fr>
Date: Tue, 9 May 2023 17:33:13 +0200
Subject: [PATCH] Basic http server, started working on vault

---
 Vault/configuration.go | 61 ++++++++++++++++++++++++++++++++++++++++++
 go.mod                 |  3 +++
 main.go                | 25 +++++++++++++++++
 3 files changed, 89 insertions(+)
 create mode 100644 Vault/configuration.go
 create mode 100644 go.mod
 create mode 100644 main.go

diff --git a/Vault/configuration.go b/Vault/configuration.go
new file mode 100644
index 0000000..d3ecf77
--- /dev/null
+++ b/Vault/configuration.go
@@ -0,0 +1,61 @@
+package Vault
+
+import (
+    "fmt"
+    "os"
+    vault "github.com/hashicorp/vault/api"
+    auth "github.com/hashicorp/vault/api/auth/approle"
+)
+
+// getVarnishList retrieve the list of varnish servers to send PURGE to.
+// It uses the AppRole authentication method.
+func getVarnishList() (string, error) {
+	config := vault.DefaultConfig() // modify for more granular configuration
+
+	client, err := vault.NewClient(config)
+	if err != nil {
+		return "", fmt.Errorf("unable to initialize Vault client: %w", err)
+	}
+
+        // Get roleID and secretID from ENV vars
+	roleID := os.Getenv("APPROLE_ROLE_ID")
+	if roleID == "" {
+		return "", fmt.Errorf("no role ID was provided in APPROLE_ROLE_ID env var")
+	}
+	secretID := os.Getenv("APPROLE_SECRET_ID")
+	if secretID == "" {
+		return "", fmt.Errorf("no secret ID was provided in APPROLE_SECRET_ID env var")
+	}
+
+	appRoleAuth, err := auth.NewAppRoleAuth(
+		roleID,
+		secretID,
+		auth.WithWrappingToken(), // Only required if the secret ID is response-wrapped.
+	)
+	if err != nil {
+		return "", fmt.Errorf("unable to initialize AppRole auth method: %w", err)
+	}
+
+	authInfo, err := client.Auth().Login(context.Background(), appRoleAuth)
+	if err != nil {
+		return "", fmt.Errorf("unable to login to AppRole auth method: %w", err)
+	}
+	if authInfo == nil {
+		return "", fmt.Errorf("no auth info was returned after login")
+	}
+
+	// get secret from the default mount path for KV v2 in dev mode, "secret"
+	secret, err := client.KVv2("app").Get(context.Background(), "http-broadcaster/stg/varnish_list")
+	if err != nil {
+		return "", fmt.Errorf("unable to read secret: %w", err)
+	}
+
+	// data map can contain more than one key-value pair,
+	// in this case we're just grabbing one of them
+	value, ok := secret.Data["list"].(string)
+	if !ok {
+		return "", fmt.Errorf("value type assertion failed: %T %#v", secret.Data["list"], secret.Data["list"])
+	}
+
+	return value, nil
+}
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..b7924ef
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,3 @@
+module http-broadcaster
+
+go 1.13
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..df87605
--- /dev/null
+++ b/main.go
@@ -0,0 +1,25 @@
+package main
+
+import (
+    "io"
+    "log"
+    "net/http"
+)
+
+// Declaring non-existing HTTP method
+const (
+    MethodPurge         = "PURGE"
+    VaultStgRoleId      = ""
+    VaultStgSecretId    = ""
+)
+
+// PurgeHandler handles PURGE request to broadcast it to all varnish instances
+func PurgeHandler(w http.ResponseWriter, r *http.Request) {
+    url := r.URL.String()
+    io.WriteString(w, url)
+}
+
+func main() {
+    http.HandleFunc("/", PurgeHandler)
+    log.Fatal(http.ListenAndServe(":6081",nil))
+}