Refactor the third-party connect backend functionality

pkg/api/backend.go

@@ -0,0 +1,75 @@
+package api
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+type Backend struct {
+	Endpoint    string
+	Token       string
+	PassHeaders string
+}
+
+type BackendRequest struct {
+	Resource string            `json:"resource"`
+	Token    string            `json:"token"`
+	Headers  map[string]string `json:"headers"`
+}
+
+type BackendCredential struct {
+	DatabaseUrl string `json:"database_url"`
+}
+
+func (be Backend) FetchCredential(resource string, c *gin.Context) (*BackendCredential, error) {
+	request := BackendRequest{
+		Resource: resource,
+		Token:    be.Token,
+		Headers:  map[string]string{},
+	}
+
+	for _, name := range strings.Split(be.PassHeaders, ",") {
+		request.Headers[strings.ToLower(name)] = c.Request.Header.Get(name)
+	}
+
+	body, err := json.Marshal(request)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := http.Post(be.Endpoint, "application/json", bytes.NewReader(body))
+	if err != nil {
+		// Any connection-related issues will show up in the server log
+		log.Println("Unable to fetch backend credential:", err)
+
+		// We dont want to expose the url of the backend here, so reply with generic error
+		return nil, fmt.Errorf("Unable to connect to the auth backend")
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != 200 {
+		return nil, fmt.Errorf("Got HTTP error %v from backend", resp.StatusCode)
+	}
+
+	respBody, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	cred := &BackendCredential{}
+	if err := json.Unmarshal(respBody, cred); err != nil {
+		return nil, err
+	}
+	if cred.DatabaseUrl == "" {
+		return nil, fmt.Errorf("Database url was not provided")
+	}
+
+	return cred, nil
+}