move to ubiquiti-clients, add edgeos

pkg/edgeos/api.go

@@ -0,0 +1,205 @@
+package edgeos
+
+import (
+	"context"
+	"errors"
+	"sync"
+)
+
+// GetConfig retrieves the complete device configuration from /api/edge/get.json for a specific device.
+func (c *Client) GetConfig(ctx context.Context, host string) (*ConfigData, error) {
+	d, err := c.getDeviceByHost(host)
+	if err != nil {
+		return nil, err
+	}
+
+	var out ConfigResponse
+	if err := d.do(ctx, "GET", "/api/edge/get.json", nil, &out); err != nil {
+		return nil, err
+	}
+
+	if !out.Success {
+		return nil, errors.New("config request unsuccessful")
+	}
+
+	return &out.GET, nil
+}
+
+// GetAllConfigs retrieves device configuration for all devices.
+func (c *Client) GetAllConfigs(ctx context.Context) (map[string]*ConfigData, error) {
+	results := make(map[string]*ConfigData)
+	var (
+		mu   sync.Mutex
+		wg   sync.WaitGroup
+		errs error
+	)
+
+	c.mu.RLock()
+	hosts := make([]string, 0, len(c.devices))
+	for h := range c.devices {
+		hosts = append(hosts, h)
+	}
+	c.mu.RUnlock()
+
+	for _, host := range hosts {
+		wg.Go(func() {
+			res, err := c.GetConfig(ctx, host)
+			if err != nil {
+				mu.Lock()
+				errs = errors.Join(errs, err)
+				mu.Unlock()
+				return
+			}
+			mu.Lock()
+			results[host] = res
+			mu.Unlock()
+		})
+	}
+	wg.Wait()
+	return results, errs
+}
+
+// GetAuthInfo retrieves the authentication info for a specific device.
+func (c *Client) GetAuthInfo(ctx context.Context, host string) (*AuthResponse, error) {
+	d, err := c.getDeviceByHost(host)
+	if err != nil {
+		return nil, err
+	}
+
+	d.mu.Lock()
+	authInfo := d.authInfo
+	d.mu.Unlock()
+
+	if authInfo == nil {
+		if err := d.login(ctx); err != nil {
+			return nil, err
+		}
+		d.mu.Lock()
+		authInfo = d.authInfo
+		d.mu.Unlock()
+	}
+
+	return authInfo, nil
+}
+
+// GetAllAuthInfo retrieves authentication info for all devices.
+func (c *Client) GetAllAuthInfo(ctx context.Context) (map[string]*AuthResponse, error) {
+	results := make(map[string]*AuthResponse)
+	var (
+		mu   sync.Mutex
+		wg   sync.WaitGroup
+		errs error
+	)
+
+	c.mu.RLock()
+	hosts := make([]string, 0, len(c.devices))
+	for h := range c.devices {
+		hosts = append(hosts, h)
+	}
+	c.mu.RUnlock()
+
+	for _, host := range hosts {
+		wg.Go(func() {
+			res, err := c.GetAuthInfo(ctx, host)
+			if err != nil {
+				mu.Lock()
+				errs = errors.Join(errs, err)
+				mu.Unlock()
+				return
+			}
+			mu.Lock()
+			results[host] = res
+			mu.Unlock()
+		})
+	}
+	wg.Wait()
+	return results, errs
+}
+
+// GetInterfaces retrieves the interfaces for a specific device from the config data.
+func (c *Client) GetInterfaces(ctx context.Context, host string) (*InterfacesConfig, error) {
+	config, err := c.GetConfig(ctx, host)
+	if err != nil {
+		return nil, err
+	}
+
+	return &config.Interfaces, nil
+}
+
+// GetAllInterfaces retrieves interfaces for all devices.
+func (c *Client) GetAllInterfaces(ctx context.Context) (map[string]*InterfacesConfig, error) {
+	results := make(map[string]*InterfacesConfig)
+	var (
+		mu   sync.Mutex
+		wg   sync.WaitGroup
+		errs error
+	)
+
+	c.mu.RLock()
+	hosts := make([]string, 0, len(c.devices))
+	for h := range c.devices {
+		hosts = append(hosts, h)
+	}
+	c.mu.RUnlock()
+
+	for _, host := range hosts {
+		wg.Go(func() {
+			res, err := c.GetInterfaces(ctx, host)
+			if err != nil {
+				mu.Lock()
+				errs = errors.Join(errs, err)
+				mu.Unlock()
+				return
+			}
+			mu.Lock()
+			results[host] = res
+			mu.Unlock()
+		})
+	}
+	wg.Wait()
+	return results, errs
+}
+
+// GetSystem retrieves the system info for a specific device from the config data.
+func (c *Client) GetSystem(ctx context.Context, host string) (*SystemConfig, error) {
+	config, err := c.GetConfig(ctx, host)
+	if err != nil {
+		return nil, err
+	}
+
+	return &config.System, nil
+}
+
+// GetAllSystems retrieves system info for all devices.
+func (c *Client) GetAllSystems(ctx context.Context) (map[string]*SystemConfig, error) {
+	results := make(map[string]*SystemConfig)
+	var (
+		mu   sync.Mutex
+		wg   sync.WaitGroup
+		errs error
+	)
+
+	c.mu.RLock()
+	hosts := make([]string, 0, len(c.devices))
+	for h := range c.devices {
+		hosts = append(hosts, h)
+	}
+	c.mu.RUnlock()
+
+	for _, host := range hosts {
+		wg.Go(func() {
+			res, err := c.GetSystem(ctx, host)
+			if err != nil {
+				mu.Lock()
+				errs = errors.Join(errs, err)
+				mu.Unlock()
+				return
+			}
+			mu.Lock()
+			results[host] = res
+			mu.Unlock()
+		})
+	}
+	wg.Wait()
+	return results, errs
+}

pkg/edgeos/client.go

@@ -0,0 +1,244 @@
+/*
+Package edgeos provides a client for interacting with Ubiquiti EdgeOS devices
+via their REST API. It supports authentication, session management, and
+retrieval of system and interface configuration from one or more devices.
+*/
+package edgeos
+
+import (
+	"bytes"
+	"context"
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"sync"
+)
+
+// Client handles communication with EdgeOS devices.
+type Client struct {
+	mu      sync.RWMutex
+	devices map[string]*deviceClient
+}
+
+type deviceClient struct {
+	config   Config
+	client   *http.Client
+	cookies  []*http.Cookie
+	authInfo *AuthResponse
+	mu       sync.Mutex
+}
+
+func newDeviceClient(cfg Config) *deviceClient {
+	if cfg.Scheme == "" {
+		cfg.Scheme = "https"
+	}
+
+	var tr http.RoundTripper
+	if cfg.Transport != nil {
+		tr = cfg.Transport
+	} else {
+		defaultTr := http.DefaultTransport.(*http.Transport).Clone()
+		if defaultTr.TLSClientConfig == nil {
+			defaultTr.TLSClientConfig = &tls.Config{}
+		}
+		defaultTr.TLSClientConfig.InsecureSkipVerify = cfg.Insecure
+		tr = defaultTr
+	}
+
+	client := &http.Client{
+		Transport: tr,
+		Timeout:   cfg.Timeout,
+	}
+
+	return &deviceClient{
+		config: cfg,
+		client: client,
+	}
+}
+
+// MustNew creates a new Client with the given configurations.
+// It panics if a configuration is invalid (though currently we just accept all).
+func MustNew(ctx context.Context, configs []Config) *Client {
+	devices := make(map[string]*deviceClient)
+
+	for _, cfg := range configs {
+		devices[cfg.Host] = newDeviceClient(cfg)
+	}
+
+	return &Client{
+		devices: devices,
+	}
+}
+
+// Add adds a new device to the client.
+// It returns an error if a device with the same host already exists.
+func (c *Client) Add(cfg *Config) error {
+	if cfg == nil {
+		return fmt.Errorf("config cannot be nil")
+	}
+
+	d := newDeviceClient(*cfg)
+
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if _, ok := c.devices[cfg.Host]; ok {
+		return fmt.Errorf("device already exists: %s", cfg.Host)
+	}
+
+	c.devices[cfg.Host] = d
+	return nil
+}
+
+// Del removes a device from the client.
+// It returns an error if the device does not exist.
+func (c *Client) Del(host string) error {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+
+	if _, ok := c.devices[host]; !ok {
+		return fmt.Errorf("device not found: %s", host)
+	}
+
+	delete(c.devices, host)
+	return nil
+}
+
+func (c *Client) getDeviceByHost(host string) (*deviceClient, error) {
+	c.mu.RLock()
+	defer c.mu.RUnlock()
+
+	d, ok := c.devices[host]
+	if !ok {
+		return nil, fmt.Errorf("device not found: %s", host)
+	}
+	return d, nil
+}
+
+func (d *deviceClient) login(ctx context.Context) error {
+	d.mu.Lock()
+	defer d.mu.Unlock()
+
+	reqUrl := fmt.Sprintf("%s://%s/api/login2", d.config.Scheme, d.config.Host)
+
+	data := url.Values{}
+	data.Set("username", d.config.Username)
+	data.Set("password", d.config.Password)
+
+	req, err := http.NewRequestWithContext(ctx, "POST", reqUrl, strings.NewReader(data.Encode()))
+	if err != nil {
+		return err
+	}
+
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Set("Accept", "application/json")
+	req.Header.Set("Origin", fmt.Sprintf("%s://%s", d.config.Scheme, d.config.Host))
+
+	resp, err := d.client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	respPayload, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("login failed [%d]: %s", resp.StatusCode, string(respPayload))
+	}
+
+	var authResp AuthResponse
+	if err := json.Unmarshal(respPayload, &authResp); err != nil {
+		return fmt.Errorf("failed to parse auth response: %w", err)
+	}
+
+	if !authResp.Authenticated {
+		return fmt.Errorf("authentication failed for user %s", d.config.Username)
+	}
+
+	d.authInfo = &authResp
+	d.cookies = resp.Cookies()
+
+	return nil
+}
+
+func (d *deviceClient) do(ctx context.Context, method, path string, body any, out any) error {
+	err := d.doRequest(ctx, method, path, body, out)
+	if err == nil {
+		return nil
+	}
+
+	if strings.Contains(err.Error(), "status 401") || strings.Contains(err.Error(), "unauthorized") {
+		if loginErr := d.login(ctx); loginErr != nil {
+			return fmt.Errorf("re-login failed: %w", loginErr)
+		}
+		return d.doRequest(ctx, method, path, body, out)
+	}
+
+	return err
+}
+
+func (d *deviceClient) doRequest(ctx context.Context, method, path string, body any, out any) error {
+	reqUrl := fmt.Sprintf("%s://%s%s", d.config.Scheme, d.config.Host, path)
+
+	var reqBody io.Reader
+	if body != nil {
+		b, err := json.Marshal(body)
+		if err != nil {
+			return err
+		}
+		reqBody = bytes.NewBuffer(b)
+	}
+
+	req, err := http.NewRequestWithContext(ctx, method, reqUrl, reqBody)
+	if err != nil {
+		return err
+	}
+
+	d.mu.Lock()
+	cookies := d.cookies
+	d.mu.Unlock()
+
+	if len(cookies) > 0 {
+		cookieURL, _ := url.Parse(reqUrl)
+		for _, cookie := range cookies {
+			if cookie.Domain == "" || strings.HasSuffix(cookieURL.Host, cookie.Domain) {
+				req.AddCookie(cookie)
+			}
+		}
+	}
+
+	if body != nil {
+		req.Header.Set("Content-Type", "application/json")
+	}
+	req.Header.Set("Accept", "application/json")
+
+	resp, err := d.client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode == http.StatusUnauthorized {
+		return fmt.Errorf("status 401")
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		b, _ := io.ReadAll(resp.Body)
+		return fmt.Errorf("request failed: status %d, body: %s", resp.StatusCode, string(b))
+	}
+
+	if out != nil {
+		if err := json.NewDecoder(resp.Body).Decode(out); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

pkg/edgeos/config.go

@@ -0,0 +1,17 @@
+package edgeos
+
+import (
+	"net/http"
+	"time"
+)
+
+type Config struct {
+	Host     string
+	Scheme   string
+	Insecure bool
+	Username string
+	Password string
+	Timeout  time.Duration
+	// Transport allows customizing the http transport (useful for testing or client middleware)
+	Transport http.RoundTripper
+}

pkg/edgeos/types.go

@@ -0,0 +1,100 @@
+package edgeos
+
+// AuthResponse represents the authentication response from login2 endpoint.
+type AuthResponse struct {
+	Username          string   `json:"username"`
+	PoE               bool     `json:"poe"`
+	StatsURL          string   `json:"statsUrl"`
+	Features          Features `json:"features"`
+	Level             string   `json:"level"`
+	Authenticated     bool     `json:"authenticated"`
+	Model             string   `json:"model"`
+	IsLicenseAccepted bool     `json:"isLicenseAccepted"`
+	ModelName         string   `json:"model_name"`
+	Ports             int      `json:"ports"`
+}
+
+// Features contains device feature information.
+type Features struct {
+	Model               string            `json:"model"`
+	PoECap              map[string]string `json:"poe_cap"`
+	Switch              SwitchFeatures    `json:"switch"`
+	SwitchIsVLANCapable bool              `json:"switchIsVLANCapable"`
+	PoE                 bool              `json:"poe"`
+	Ports               int               `json:"ports"`
+}
+
+// SwitchFeatures contains switch-specific features.
+type SwitchFeatures struct {
+	Ports []string `json:"ports"`
+}
+
+// ConfigResponse represents the response from /api/edge/get.json.
+type ConfigResponse struct {
+	SessionID string     `json:"SESSION_ID"`
+	GET       ConfigData `json:"GET"`
+	Success   bool       `json:"success"`
+}
+
+// ConfigData contains the full device configuration.
+type ConfigData struct {
+	Interfaces InterfacesConfig `json:"interfaces"`
+	System     SystemConfig     `json:"system"`
+}
+
+// InterfacesConfig represents the interfaces configuration.
+type InterfacesConfig struct {
+	Ethernet map[string]EthernetConfig `json:"ethernet,omitempty"`
+	Switch   map[string]SwitchConfig   `json:"switch,omitempty"`
+}
+
+// EthernetConfig represents an ethernet interface configuration.
+type EthernetConfig struct {
+	Description string    `json:"description,omitempty"`
+	Duplex      string    `json:"duplex,omitempty"`
+	Speed       string    `json:"speed,omitempty"`
+	PoE         *PoEState `json:"poe,omitempty"`
+}
+
+// PoEState represents PoE output state.
+type PoEState struct {
+	Output string `json:"output,omitempty"`
+}
+
+// SwitchConfig represents a switch interface configuration.
+type SwitchConfig struct {
+	Address    []string             `json:"address,omitempty"`
+	MTU        string               `json:"mtu,omitempty"`
+	SwitchPort *SwitchPortConfig    `json:"switch-port,omitempty"`
+	VIF        map[string]VIFConfig `json:"vif,omitempty"`
+}
+
+// SwitchPortConfig represents switch port configuration with VLAN awareness.
+type SwitchPortConfig struct {
+	Interface map[string]InterfaceVLAN `json:"interface,omitempty"`
+	VLANAware string                   `json:"vlan-aware,omitempty"`
+}
+
+// InterfaceVLAN represents VLAN configuration for an interface.
+type InterfaceVLAN struct {
+	VLAN VLANConfig `json:"vlan,omitempty"`
+}
+
+// VLANConfig represents VLAN ID configuration.
+type VLANConfig struct {
+	PVID string   `json:"pvid,omitempty"`
+	VID  []string `json:"vid,omitempty"`
+}
+
+// VIFConfig represents a virtual interface (VLAN) configuration.
+type VIFConfig struct {
+	Address     []string `json:"address,omitempty"`
+	Description string   `json:"description,omitempty"`
+	MTU         string   `json:"mtu,omitempty"`
+}
+
+// SystemConfig contains system configuration.
+type SystemConfig struct {
+	HostName   string `json:"host-name,omitempty"`
+	DomainName string `json:"domain-name,omitempty"`
+}