UnimusAPI/handler.go

package main

import (
	"bufio"
	"bytes"
	"crypto/sha256"
	"crypto/tls"
	"encoding/json"
	"fmt"
	"github.com/dgrijalva/jwt-go"
	"github.com/labstack/echo"
	"golang.org/x/crypto/ssh"
	"io/ioutil"
	"log"
	"net/http"
	"net/url"
	"regexp"
	"strings"
)

type handler struct{}
type userInfo struct {
	Error     interface{} `json:"error"`
	ID        int         `json:"id"`
	Principal string      `json:"principal"`
	Result    struct {
		Result struct {
			Cn               []string `json:"cn"`
			Displayname      []string `json:"displayname"`
			Dn               string   `json:"dn"`
			Gecos            []string `json:"gecos"`
			Gidnumber        []string `json:"gidnumber"`
			Givenname        []string `json:"givenname"`
			HasKeytab        bool     `json:"has_keytab"`
			HasPassword      bool     `json:"has_password"`
			Homedirectory    []string `json:"homedirectory"`
			Initials         []string `json:"initials"`
			Ipauniqueid      []string `json:"ipauniqueid"`
			Krbcanonicalname []string `json:"krbcanonicalname"`
			Krbextradata     []struct {
				Base64 string `json:"__base64__"`
			} `json:"krbextradata"`
			Krblastfailedauth []struct {
				Datetime string `json:"__datetime__"`
			} `json:"krblastfailedauth"`
			Krblastpwdchange []struct {
				Datetime string `json:"__datetime__"`
			} `json:"krblastpwdchange"`
			Krbloginfailedcount   []string `json:"krbloginfailedcount"`
			Krbpasswordexpiration []struct {
				Datetime string `json:"__datetime__"`
			} `json:"krbpasswordexpiration"`
			Krbprincipalname      []string `json:"krbprincipalname"`
			Krbpwdpolicyreference []string `json:"krbpwdpolicyreference"`
			Loginshell            []string `json:"loginshell"`
			Mail                  []string `json:"mail"`
			MemberofGroup         []string `json:"memberof_group"`
			Mepmanagedentry       []string `json:"mepmanagedentry"`
			Mobile                []string `json:"mobile"`
			Nsaccountlock         bool     `json:"nsaccountlock"`
			Objectclass           []string `json:"objectclass"`
			Pager                 []string `json:"pager"`
			Preserved             bool     `json:"preserved"`
			Sn                    []string `json:"sn"`
			Telephonenumber       []string `json:"telephonenumber"`
			UID                   []string `json:"uid"`
			Uidnumber             []string `json:"uidnumber"`
		} `json:"result"`
		Summary interface{} `json:"summary"`
		Value   string      `json:"value"`
	} `json:"result"`
	Version string `json:"version"`
}

type ServiceList struct {
	TotalCount    string `json:"TotalCount,omitempty"`
	ActiveCount   string `json:"ActiveCount,omitempty"`
	ActiveVMCount string `json:"ActiveVMCount,omitempty"`
	TotalVMCount  string `json:"TotalVMCount,omitempty"`
}
type user_findResult struct {
	Error     interface{} `json:"error"`
	ID        int         `json:"id"`
	Principal string      `json:"principal"`
	Result    struct {
		Count  int `json:"count"`
		Result []struct {
			Dn               string   `json:"dn"`
			Gidnumber        []string `json:"gidnumber"`
			Givenname        []string `json:"givenname"`
			Homedirectory    []string `json:"homedirectory"`
			Krbcanonicalname []string `json:"krbcanonicalname"`
			Krbprincipalname []string `json:"krbprincipalname"`
			Loginshell       []string `json:"loginshell"`
			Mail             []string `json:"mail"`
			Nsaccountlock    bool     `json:"nsaccountlock"`
			Sn               []string `json:"sn"`
			Telephonenumber  []string `json:"telephonenumber"`
			UID              []string `json:"uid"`
			Uidnumber        []string `json:"uidnumber"`
		} `json:"result"`
		Summary   string `json:"summary"`
		Truncated bool   `json:"truncated"`
	} `json:"result"`
	Version string `json:"version"`
}

var User = userInfo{}

func (h *handler) login(c echo.Context) error {
	username := c.FormValue("username")
	password := c.FormValue("password")
	_url := URL + "/ipa/session/login_password"
	method := "POST"
	params := url.Values{}
	params.Add("user", username)
	params.Add("password", password)
	payload := strings.NewReader(params.Encode())
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, _url, payload)
	audit("Recieved Login request from: " + RealIP)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Add("Accept", "text/plain")
	res, err := client.Do(req)
	cockie := res.Cookies()
	token := cockie[0].Raw
	ba := basicAuth(username, password)
	token = token + "Basic " + ba + ";"
	//fmt.Println("Token:", token)
	defer res.Body.Close()
	fmt.Println(res.StatusCode)
	if res.StatusCode == 200 {
		User = getUserInfo(token, username)
		//fmt.Println(user.Result)
		tokens, err := generateTokenPair(User, token)
		if err != nil {
			return err
		}

		return c.JSON(http.StatusOK, tokens)
	}

	return echo.ErrUnauthorized
}

func getUserInfo(token string, username string) userInfo {
	//fmt.Println("Checking for User: ", username)
	url := URL + "/ipa/session/json"
	method := "POST"
	_json := fmt.Sprintf(`
{
    "method": "user_show",
    "params": [
        [
            "%s"
        ],
        {
            "all": true,
            "version": "2.215"
        }
    ],
    "id": 0
}
`, username)

	payload := strings.NewReader(_json)
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	}
	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(method, url, payload)
	//fmt.Println("Request URI: ",req)
	if err != nil {
		fmt.Println(err)
	}
	req.Header.Add("Referer", URL+"/ipa")
	req.Header.Add("Content-Type", "application/json")
	req.Header.Add("Accept", "text/plain")
	req.Header.Add("Cookie", token)
	res, err := client.Do(req)
	body, err := ioutil.ReadAll(res.Body)
	defer res.Body.Close()
	user := userInfo{}
	err = json.Unmarshal(body, &user)
	if err != nil {
		fmt.Println(err)
	}
	//fmt.Println("Getting Data for User: ", user.Result.Result.Uidnumber)
	return user
}
func (h *handler) token(c echo.Context) error {
	user := c.Get("user").(*jwt.Token)
	claims := user.Claims.(jwt.MapClaims)
	_sha256 := sha256.Sum256([]byte(string(claims["name"].(string))))
	var hashChannel_ = make(chan []byte, 1)
	hashChannel_ <- _sha256[:]
	token := decrypt(<-hashChannel_, claims["IPAToken"].(string))
	username := claims["name"].(string)
	//fmt.Println("User: ",username)
	//fmt.Println("Token : ",token)
	_user := getUserInfo(token, username)
	//fmt.Println("User: ", _user.Result.Summary)
	newtokens, err := generateTokenPair(_user, token)
	if err != nil {
		return err
	}
	return c.JSON(http.StatusOK, newtokens)
}
func IntStringParser(str string) []string {

	re := regexp.MustCompile(`\s{1,}`)
	return strings.Split(re.ReplaceAllString(str, ","), ",")
}
func Connect(user, pass, host string, cmd string) bytes.Buffer {
	cipher := ssh.Config{
		Ciphers: []string{"aes128-cbc", "3des-cbc", "aes192-cbc", "aes256-cbc"},
	}
	config := &ssh.ClientConfig{
		User: user,
		Auth: []ssh.AuthMethod{
			ssh.Password(pass),
		},
		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
		Config:          cipher,
	}
	conn, err := ssh.Dial("tcp", host, config)
	// time.Sleep(1)
	if err != nil {
		log.Fatal("Failed to dial: ", err)
	}
	sess, err := conn.NewSession()
	if err != nil {
		log.Fatal("Failed to create session: ", err)
	}
	stdin, err := sess.StdinPipe()
	if err != nil {
		log.Fatal("Failed to create session: ", err)
	}
	var bout bytes.Buffer
	var berr bytes.Buffer
	sess.Stdout = &bout
	sess.Stderr = &berr
	sess.Shell()
	fmt.Fprintf(stdin, "%s\n", "terminal length 0")
	fmt.Fprintf(stdin, "%s\n", cmd)
	fmt.Fprintf(stdin, "\nexit\n")
	fmt.Fprintf(stdin, "exit\n")
	sess.Wait()
	sess.Close()
	// scanner := bufio.NewScanner(&bout)
	// for scanner.Scan() {
	// fmt.Println(scanner.Text())
	// }
	// fmt.Println(bout.String())
	return bout
}

func (h *handler) findMAC(c echo.Context) error {
	//user := c.Get("user").(*jwt.Token)
	//claims := user.Claims.(jwt.MapClaims)
	//name := claims["name"].(string)
	HOSTNAMEPORT := c.FormValue("HOSTNAMEPORT")
	SERVERURI := c.FormValue("SERVERURI")
	result1 := Connect("rancid", "JDACy6wK*yW%meQ", HOSTNAMEPORT, "sh int status")
	intDesc := SERVERURI
	var IntString string
	scanner := bufio.NewScanner(&result1)
	var IntName string
	var IntMAC string
	// var IntName, IntStatus, IntVLAN, IntDuplex, IntSpeed, IntType string
	for scanner.Scan() {
		if strings.Contains(scanner.Text(), intDesc) {
			IntString = scanner.Text()
			IntName = IntStringParser(IntString)[0]
			break
		}
	}
	result1 = Connect("rancid", "JDACy6wK*yW%meQ", HOSTNAMEPORT, "sh mac address-table int "+IntName)
	scanner = bufio.NewScanner(&result1)
	for scanner.Scan() {
		if strings.Contains(scanner.Text(), IntName) {
			if strings.Contains(scanner.Text(), "mac") {
				continue
			}
			//fmt.Println(scanner.Text())
			IntString = scanner.Text()
			//fmt.Println("len: ", len(IntStringParser(IntString)) )
			if len(IntStringParser(IntString)) < 3 {
				id, code := uuidgen("findMAC")
				resp := _response{
					Origin:  "findMAC",
					Message: "",
					Code:    code,
					Uuid:    id,
				}
				return c.JSON(http.StatusNotFound, resp)
			}
			IntMAC = IntStringParser(IntString)[2]
		}
	}
	//fmt.Println(IntMAC)
	//return c.String(http.StatusOK, "Welcome "+IntMAC+"!")
	id, code := uuidgen("findMAC")

	resp := _response{
		Origin:  "findMAC",
		Message: macParser(IntMAC),
		Code:    code,
		Uuid:    id,
	}
	return c.JSON(http.StatusOK, resp)
}

func macParser(str string) string {
	if len(str) < 12 {
		return "ERROR"
	}
	_str := strings.Split(str, ".")
	__str := _str[0] + _str[1] + _str[2]

	___str := __str[0:2] + ":" + __str[2:4] + ":" + __str[4:6] + ":" + __str[6:8] + ":" + __str[8:10] + ":" + __str[10:12]

	return strings.ToUpper(___str)
}