forked from vmware-archive/govcloudair
-
Notifications
You must be signed in to change notification settings - Fork 1
/
api.go
404 lines (317 loc) · 11.2 KB
/
api.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
/*
* Copyright 2014 VMware, Inc. All rights reserved. Licensed under the Apache v2 License.
*/
// Package govcloudair provides a simple binding for vCloud Air REST APIs.
package govcloudair
import (
"encoding/xml"
"fmt"
"io"
"io/ioutil"
"net/http"
"net/url"
"os"
"time"
types "github.com/vmware/govcloudair/types/v56"
)
// Client provides a client to vCloud Air, values can be populated automatically using the Authenticate method.
type Client struct {
VAToken string // vCloud Air authorization token
VAEndpoint url.URL // vCloud Air API endpoint
Region string // Region where the compute resource lives.
VCDToken string // Access Token (authorization header)
VCDAuthHeader string // Authorization header
VCDVDCHREF url.URL // HREF of the backend VDC you're using
Http http.Client // HttpClient is the client to use. Default will be used if not provided.
}
// VCHS API
type services struct {
Service []struct {
Region string `xml:"region,attr"`
ServiceID string `xml:"serviceId,attr"`
ServiceType string `xml:"serviceType,attr"`
Type string `xml:"type,attr"`
HREF string `xml:"href,attr"`
} `xml:"Service"`
}
type session struct {
Link []*types.Link `xml:"Link"`
}
type computeResources struct {
VdcRef []struct {
Status string `xml:"status,attr"`
Name string `xml:"name,attr"`
Type string `xml:"type,attr"`
HREF string `xml:"href,attr"`
Link []*types.Link `xml:"Link"`
} `xml:"VdcRef"`
}
type vCloudSession struct {
VdcLink []struct {
AuthorizationToken string `xml:"authorizationToken,attr"`
AuthorizationHeader string `xml:"authorizationHeader,attr"`
Name string `xml:"name,attr"`
HREF string `xml:"href,attr"`
} `xml:"VdcLink"`
}
//
func (c *Client) vaauthorize(user, pass string) (u url.URL, err error) {
if user == "" {
user = os.Getenv("VCLOUDAIR_USERNAME")
}
if pass == "" {
pass = os.Getenv("VCLOUDAIR_PASSWORD")
}
s := c.VAEndpoint
s.Path += "/vchs/sessions"
// No point in checking for errors here
req := c.NewRequest(map[string]string{}, "POST", s, nil)
// Set Basic Authentication Header
req.SetBasicAuth(user, pass)
// Add the Accept header for vCA
req.Header.Add("Accept", "application/xml;version=5.6")
resp, err := checkResp(c.Http.Do(req))
if err != nil {
return url.URL{}, err
}
defer resp.Body.Close()
// Store the authentication header
c.VAToken = resp.Header.Get("X-Vchs-Authorization")
session := new(session)
if err = decodeBody(resp, session); err != nil {
return url.URL{}, fmt.Errorf("error decoding session response: %s", err)
}
// Loop in the session struct to find right service and compute resource.
for _, s := range session.Link {
if s.Type == "application/xml;class=vnd.vmware.vchs.servicelist" && s.Rel == "down" {
u, err := url.ParseRequestURI(s.HREF)
return *u, err
}
}
return url.URL{}, fmt.Errorf("couldn't find a Service List in current session")
}
func (c *Client) vaacquireservice(s url.URL, cid string) (u url.URL, err error) {
if cid == "" {
cid = os.Getenv("VCLOUDAIR_COMPUTEID")
}
req := c.NewRequest(map[string]string{}, "GET", s, nil)
// Add the Accept header for vCA
req.Header.Add("Accept", "application/xml;version=5.6")
// Set Authorization Header for vCA
req.Header.Add("x-vchs-authorization", c.VAToken)
resp, err := checkResp(c.Http.Do(req))
if err != nil {
return url.URL{}, fmt.Errorf("error processing compute action: %s", err)
}
services := new(services)
if err = decodeBody(resp, services); err != nil {
return url.URL{}, fmt.Errorf("error decoding services response: %s", err)
}
// Loop in the Services struct to find right service and compute resource.
for _, s := range services.Service {
if s.ServiceID == cid {
c.Region = s.Region
u, err := url.ParseRequestURI(s.HREF)
return *u, err
}
}
return url.URL{}, fmt.Errorf("couldn't find a Compute Resource in current service list")
}
func (c *Client) vaacquirecompute(s url.URL, vid string) (u url.URL, err error) {
if vid == "" {
vid = os.Getenv("VCLOUDAIR_VDCID")
}
req := c.NewRequest(map[string]string{}, "GET", s, nil)
// Add the Accept header for vCA
req.Header.Add("Accept", "application/xml;version=5.6")
// Set Authorization Header
req.Header.Add("x-vchs-authorization", c.VAToken)
// TODO: wrap into checkresp to parse error
resp, err := checkResp(c.Http.Do(req))
if err != nil {
return url.URL{}, fmt.Errorf("error processing compute action: %s", err)
}
computeresources := new(computeResources)
if err = decodeBody(resp, computeresources); err != nil {
return url.URL{}, fmt.Errorf("error decoding computeresources response: %s", err)
}
// Iterate through the ComputeResources struct searching for the right
// backend server
for _, s := range computeresources.VdcRef {
if s.Name == vid {
for _, t := range s.Link {
if t.Name == vid {
u, err := url.ParseRequestURI(t.HREF)
return *u, err
}
}
}
}
return url.URL{}, fmt.Errorf("couldn't find a VDC Resource in current Compute list")
}
func (c *Client) vagetbackendauth(s url.URL, cid string) error {
if cid == "" {
cid = os.Getenv("VCLOUDAIR_COMPUTEID")
}
req := c.NewRequest(map[string]string{}, "POST", s, nil)
// Add the Accept header for vCA
req.Header.Add("Accept", "application/xml;version=5.6")
// Set Authorization Header
req.Header.Add("x-vchs-authorization", c.VAToken)
// TODO: wrap into checkresp to parse error
resp, err := checkResp(c.Http.Do(req))
if err != nil {
return fmt.Errorf("error processing backend url action: %s", err)
}
defer resp.Body.Close()
vcloudsession := new(vCloudSession)
if err = decodeBody(resp, vcloudsession); err != nil {
return fmt.Errorf("error decoding vcloudsession response: %s", err)
}
// Get the backend session information
for _, s := range vcloudsession.VdcLink {
if s.Name == cid {
// Fetch the authorization token
c.VCDToken = s.AuthorizationToken
// Fetch the authorization header
c.VCDAuthHeader = s.AuthorizationHeader
u, err := url.ParseRequestURI(s.HREF)
if err != nil {
return fmt.Errorf("error decoding href: %s", err)
}
c.VCDVDCHREF = *u
return nil
}
}
return fmt.Errorf("error finding the right backend resource")
}
// NewClient returns a new empty client to authenticate against the vCloud Air
// service, the vCloud Air endpoint can be overridden by setting the
// VCLOUDAIR_ENDPOINT environment variable.
func NewClient() (*Client, error) {
var u *url.URL
var err error
if os.Getenv("VCLOUDAIR_ENDPOINT") != "" {
u, err = url.ParseRequestURI(os.Getenv("VCLOUDAIR_ENDPOINT"))
if err != nil {
return &Client{}, fmt.Errorf("cannot parse endpoint coming from VCLOUDAIR_ENDPOINT")
}
} else {
// Implicitly trust this URL parse.
u, _ = url.ParseRequestURI("https://vchs.vmware.com/api")
}
Client := Client{
VAEndpoint: *u,
// Patching things up as we're hitting several TLS timeouts.
Http: http.Client{Transport: &http.Transport{TLSHandshakeTimeout: 120 * time.Second}},
}
return &Client, nil
}
// Authenticate is an helper function that performs a complete login in vCloud
// Air and in the backend vCloud Director instance.
func (c *Client) Authenticate(username, password, computeid, vdcid string) (Vdc, error) {
// Authorize
vaservicehref, err := c.vaauthorize(username, password)
if err != nil {
return Vdc{}, fmt.Errorf("error Authorizing: %s", err)
}
// Get Service
vacomputehref, err := c.vaacquireservice(vaservicehref, computeid)
if err != nil {
return Vdc{}, fmt.Errorf("error Acquiring Service: %s", err)
}
// Get Compute
vavdchref, err := c.vaacquirecompute(vacomputehref, vdcid)
if err != nil {
return Vdc{}, fmt.Errorf("error Acquiring Compute: %s", err)
}
// Get Backend Authorization
if err = c.vagetbackendauth(vavdchref, computeid); err != nil {
return Vdc{}, fmt.Errorf("error Acquiring Backend Authorization: %s", err)
}
v, err := c.retrieveVDC()
if err != nil {
return Vdc{}, fmt.Errorf("error Acquiring VDC: %s", err)
}
return v, nil
}
// NewRequest creates a new HTTP request and applies necessary auth headers if
// set.
func (c *Client) NewRequest(params map[string]string, method string, u url.URL, body io.Reader) *http.Request {
p := url.Values{}
// Build up our request parameters
for k, v := range params {
p.Add(k, v)
}
// Add the params to our URL
u.RawQuery = p.Encode()
// Build the request, no point in checking for errors here as we're just
// passing a string version of an url.URL struct and http.NewRequest returns
// error only if can't process an url.ParseRequestURI().
req, _ := http.NewRequest(method, u.String(), body)
if c.VCDAuthHeader != "" && c.VCDToken != "" {
// Add the authorization header
req.Header.Add(c.VCDAuthHeader, c.VCDToken)
// Add the Accept header for VCD
req.Header.Add("Accept", "application/*+xml;version=5.6")
}
return req
}
// Disconnect performs a disconnection from the vCloud Air API endpoint.
func (c *Client) Disconnect() error {
if c.VCDToken == "" && c.VCDAuthHeader == "" && c.VAToken == "" {
return fmt.Errorf("cannot disconnect, client is not authenticated")
}
s := c.VAEndpoint
s.Path += "/vchs/session"
req := c.NewRequest(map[string]string{}, "DELETE", s, nil)
// Add the Accept header for vCA
req.Header.Add("Accept", "application/xml;version=5.6")
// Set Authorization Header
req.Header.Add("x-vchs-authorization", c.VAToken)
if _, err := checkResp(c.Http.Do(req)); err != nil {
return fmt.Errorf("error processing session delete for vchs: %s", err)
}
return nil
}
// parseErr takes an error XML resp and returns a single string for use in error messages.
func parseErr(resp *http.Response) error {
errBody := new(types.Error)
// if there was an error decoding the body, just return that
if err := decodeBody(resp, errBody); err != nil {
return fmt.Errorf("error parsing error body for non-200 request: %s", err)
}
return fmt.Errorf("API Error: %d: %s", errBody.MajorErrorCode, errBody.Message)
}
// decodeBody is used to XML decode a response body
func decodeBody(resp *http.Response, out interface{}) error {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
// Unmarshal the XML.
if err = xml.Unmarshal(body, &out); err != nil {
return err
}
return nil
}
// checkResp wraps http.Client.Do() and verifies the request, if status code
// is 2XX it passes back the response, if it's a known invalid status code it
// parses the resultant XML error and returns a descriptive error, if the
// status code is not handled it returns a generic error with the status code.
func checkResp(resp *http.Response, err error) (*http.Response, error) {
if err != nil {
return resp, err
}
switch i := resp.StatusCode; {
// Valid request, return the response.
case i == 200 || i == 201 || i == 202 || i == 204:
return resp, nil
// Invalid request, parse the XML error returned and return it.
case i == 400 || i == 401 || i == 403 || i == 404 || i == 405 || i == 406 || i == 409 || i == 415 || i == 500 || i == 503 || i == 504:
return nil, parseErr(resp)
// Unhandled response.
default:
return nil, fmt.Errorf("unhandled API response, please report this issue, status code: %s", resp.Status)
}
}