Ilia Denisov
146 lines
5.1 KiB
Go
146 lines
5.1 KiB
Go
package grpcapi
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"crypto/sha256"
|
|
"errors"
|
|
"strings"
|
|
"time"
|
|
|
|
"galaxy/gateway/internal/authn"
|
|
"galaxy/gateway/internal/clock"
|
|
"galaxy/gateway/internal/downstream"
|
|
gatewayv1 "galaxy/gateway/proto/galaxy/gateway/v1"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/status"
|
|
)
|
|
|
|
// commandRoutingService translates the verified authenticated request context
|
|
// into an internal downstream command and signs successful unary responses.
|
|
type commandRoutingService struct {
|
|
gatewayv1.UnimplementedEdgeGatewayServer
|
|
|
|
subscribeDelegate gatewayv1.EdgeGatewayServer
|
|
router downstream.Router
|
|
responseSigner authn.ResponseSigner
|
|
clock clock.Clock
|
|
downstreamTimeout time.Duration
|
|
}
|
|
|
|
// ExecuteCommand builds a verified downstream command, routes it by exact
|
|
// message_type, executes it, and signs the resulting unary response.
|
|
func (s commandRoutingService) ExecuteCommand(ctx context.Context, _ *gatewayv1.ExecuteCommandRequest) (*gatewayv1.ExecuteCommandResponse, error) {
|
|
command, err := authenticatedCommandFromContext(ctx)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
client, err := s.router.Route(command.MessageType)
|
|
switch {
|
|
case err == nil:
|
|
case errors.Is(err, downstream.ErrRouteNotFound):
|
|
return nil, status.Error(codes.Unimplemented, "message_type is not routed")
|
|
case errors.Is(err, downstream.ErrDownstreamUnavailable):
|
|
return nil, status.Error(codes.Unavailable, "downstream service is unavailable")
|
|
default:
|
|
return nil, status.Error(codes.Internal, "downstream route resolution failed")
|
|
}
|
|
|
|
downstreamCtx, cancel := context.WithTimeout(ctx, s.downstreamTimeout)
|
|
defer cancel()
|
|
|
|
result, err := client.ExecuteCommand(downstreamCtx, command)
|
|
switch {
|
|
case err == nil:
|
|
case errors.Is(err, downstream.ErrDownstreamUnavailable),
|
|
errors.Is(err, context.DeadlineExceeded),
|
|
errors.Is(err, context.Canceled):
|
|
return nil, status.Error(codes.Unavailable, "downstream service is unavailable")
|
|
default:
|
|
return nil, status.Error(codes.Internal, "downstream execution failed")
|
|
}
|
|
|
|
if strings.TrimSpace(result.ResultCode) == "" {
|
|
return nil, status.Error(codes.Internal, "downstream response is invalid")
|
|
}
|
|
|
|
responseTimestampMS := s.clock.Now().UTC().UnixMilli()
|
|
payloadHash := sha256.Sum256(result.PayloadBytes)
|
|
signature, err := s.responseSigner.SignResponse(authn.ResponseSigningFields{
|
|
ProtocolVersion: command.ProtocolVersion,
|
|
RequestID: command.RequestID,
|
|
TimestampMS: responseTimestampMS,
|
|
ResultCode: result.ResultCode,
|
|
PayloadHash: payloadHash[:],
|
|
})
|
|
if err != nil {
|
|
return nil, status.Error(codes.Unavailable, "response signer is unavailable")
|
|
}
|
|
|
|
return &gatewayv1.ExecuteCommandResponse{
|
|
ProtocolVersion: command.ProtocolVersion,
|
|
RequestId: command.RequestID,
|
|
TimestampMs: responseTimestampMS,
|
|
ResultCode: result.ResultCode,
|
|
PayloadBytes: bytes.Clone(result.PayloadBytes),
|
|
PayloadHash: bytes.Clone(payloadHash[:]),
|
|
Signature: signature,
|
|
}, nil
|
|
}
|
|
|
|
// SubscribeEvents delegates to the authenticated streaming service
|
|
// implementation selected during server construction.
|
|
func (s commandRoutingService) SubscribeEvents(req *gatewayv1.SubscribeEventsRequest, stream grpc.ServerStreamingServer[gatewayv1.GatewayEvent]) error {
|
|
return s.subscribeDelegate.SubscribeEvents(req, stream)
|
|
}
|
|
|
|
// newCommandRoutingService constructs the final authenticated service that
|
|
// owns verified unary routing while preserving the delegated streaming path.
|
|
func newCommandRoutingService(subscribeDelegate gatewayv1.EdgeGatewayServer, router downstream.Router, responseSigner authn.ResponseSigner, clk clock.Clock, downstreamTimeout time.Duration) gatewayv1.EdgeGatewayServer {
|
|
return commandRoutingService{
|
|
subscribeDelegate: subscribeDelegate,
|
|
router: router,
|
|
responseSigner: responseSigner,
|
|
clock: clk,
|
|
downstreamTimeout: downstreamTimeout,
|
|
}
|
|
}
|
|
|
|
func authenticatedCommandFromContext(ctx context.Context) (downstream.AuthenticatedCommand, error) {
|
|
envelope, ok := parsedEnvelopeFromContext(ctx)
|
|
if !ok {
|
|
return downstream.AuthenticatedCommand{}, status.Error(codes.Internal, "authenticated request context is incomplete")
|
|
}
|
|
|
|
record, ok := resolvedSessionFromContext(ctx)
|
|
if !ok {
|
|
return downstream.AuthenticatedCommand{}, status.Error(codes.Internal, "authenticated request context is incomplete")
|
|
}
|
|
|
|
return downstream.AuthenticatedCommand{
|
|
ProtocolVersion: envelope.ProtocolVersion,
|
|
UserID: record.UserID,
|
|
DeviceSessionID: record.DeviceSessionID,
|
|
MessageType: envelope.MessageType,
|
|
TimestampMS: envelope.TimestampMS,
|
|
RequestID: envelope.RequestID,
|
|
TraceID: envelope.TraceID,
|
|
PayloadBytes: bytes.Clone(envelope.PayloadBytes),
|
|
}, nil
|
|
}
|
|
|
|
type unavailableResponseSigner struct{}
|
|
|
|
func (unavailableResponseSigner) SignResponse(authn.ResponseSigningFields) ([]byte, error) {
|
|
return nil, errors.New("response signer is unavailable")
|
|
}
|
|
|
|
func (unavailableResponseSigner) SignEvent(authn.EventSigningFields) ([]byte, error) {
|
|
return nil, errors.New("response signer is unavailable")
|
|
}
|
|
|
|
var _ gatewayv1.EdgeGatewayServer = commandRoutingService{}
|