Sesame-Server/Sources/App/configure.swift
2023-01-31 19:10:57 +01:00

70 lines
2.3 KiB
Swift
Executable File

import Vapor
import Clairvoyant
var deviceManager: DeviceManager!
enum ServerError: Error {
case invalidAuthenticationFileContent
case invalidAuthenticationToken
}
// configures your application
public func configure(_ app: Application) throws {
let storageFolder = URL(fileURLWithPath: app.directory.resourcesDirectory)
let logFolder = storageFolder.appendingPathComponent("logs")
let accessManager = AccessTokenManager([])
let monitor = MetricObserver(
logFolder: logFolder,
accessManager: accessManager,
logMetricId: "sesame.log")
MetricObserver.standard = monitor
let status = Metric<ServerStatus>("sesame.status")
status.update(.initializing)
monitor.registerRoutes(app)
let configUrl = storageFolder.appendingPathComponent("config.json")
let config = try Config(loadFrom: configUrl)
config.authenticationTokens.map { $0.data(using: .utf8)! }.forEach(accessManager.add)
app.http.server.configuration.port = config.port
let keyFile = storageFolder.appendingPathComponent(config.keyFileName)
let (deviceKey, remoteKey) = try loadKeys(at: keyFile)
deviceManager = DeviceManager(deviceKey: deviceKey, remoteKey: remoteKey, deviceTimeout: config.deviceTimeout)
try routes(app)
// Gracefully shut down by closing potentially open socket
DispatchQueue.global(qos: .utility).asyncAfter(deadline: .now() + .seconds(5)) {
_ = app.server.onShutdown.always { _ in
deviceManager.removeDeviceConnection()
}
}
status.update(.nominal)
}
private func loadKeys(at url: URL) throws -> (deviceKey: Data, remoteKey: Data) {
let authContent: [Data] = try String(contentsOf: url)
.trimmingCharacters(in: .whitespacesAndNewlines)
.components(separatedBy: "\n")
.map { $0.trimmingCharacters(in: .whitespacesAndNewlines) }
.map {
guard let key = Data(fromHexEncodedString: $0) else {
throw ServerError.invalidAuthenticationToken
}
guard key.count == SHA256.byteCount else {
throw ServerError.invalidAuthenticationToken
}
return key
}
guard authContent.count == 2 else {
throw ServerError.invalidAuthenticationFileContent
}
return (deviceKey: authContent[0], remoteKey: authContent[1])
}