Refactor project to make it easier to test

tcp_relay_server/src/lib.rs

@@ -1,3 +1,125 @@
-pub mod relay_ws;
+use std::sync::Arc;
+
+use actix_web::web::Data;
+use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer, Responder};
+
+use base::{cert_utils, RelayedPort};
+
+use crate::relay_ws::relay_ws;
+use crate::server_config::ServerConfig;
+use crate::tls_cert_client_verifier::CustomCertClientVerifier;
+
+mod relay_ws;
 pub mod server_config;
-pub mod tls_cert_client_verifier;
+mod tls_cert_client_verifier;
+
+pub async fn hello_route() -> &'static str {
+    "Hello world!"
+}
+
+pub async fn config_route(req: HttpRequest, data: Data<Arc<ServerConfig>>) -> impl Responder {
+    if data.has_token_auth() {
+        let token = req
+            .headers()
+            .get("Authorization")
+            .map(|t| t.to_str().unwrap_or_default())
+            .unwrap_or_default()
+            .strip_prefix("Bearer ")
+            .unwrap_or_default();
+
+        if !data.tokens.iter().any(|t| t.eq(token)) {
+            return HttpResponse::Unauthorized().json("Missing / invalid token");
+        }
+    }
+
+    HttpResponse::Ok().json(
+        data.ports
+            .iter()
+            .enumerate()
+            .map(|(id, port)| RelayedPort {
+                id,
+                port: port + data.increment_ports,
+            })
+            .collect::<Vec<_>>(),
+    )
+}
+
+pub async fn run_app(mut config: ServerConfig) -> std::io::Result<()> {
+    // Check if no port are to be forwarded
+    if config.ports.is_empty() {
+        log::error!("No port to forward!");
+        std::process::exit(2);
+    }
+
+    // Read tokens from file, if any
+    if let Some(file) = &config.tokens_file {
+        std::fs::read_to_string(file)
+            .expect("Failed to read tokens file!")
+            .split('\n')
+            .filter(|l| !l.is_empty())
+            .for_each(|t| config.tokens.push(t.to_string()));
+    }
+
+    if !config.has_auth() {
+        log::error!("No authentication method specified!");
+        std::process::exit(3);
+    }
+
+    if config.has_tls_client_auth() && !config.has_tls_config() {
+        log::error!("Cannot provide client auth without TLS configuration!");
+        panic!();
+    }
+
+    let args = Arc::new(config);
+
+    // Load TLS configuration, if any
+    let tls_config = if let (Some(cert), Some(key)) = (&args.tls_cert, &args.tls_key) {
+        // Load TLS certificate & private key
+        let cert_file = std::fs::read(cert).expect("Failed to read certificate file");
+        let key_file = std::fs::read(key).expect("Failed to read server private key");
+
+        // Get certificates chain
+        let cert_chain =
+            cert_utils::parse_pem_certificates(&cert_file).expect("Failed to extract certificates");
+
+        // Get private key
+        let key =
+            cert_utils::parse_pem_private_key(&key_file).expect("Failed to extract private key!");
+
+        let config = rustls::ServerConfig::builder().with_safe_defaults();
+
+        let config = match args.has_tls_client_auth() {
+            true => config
+                .with_client_cert_verifier(Arc::new(CustomCertClientVerifier::new(args.clone()))),
+            false => config.with_no_client_auth(),
+        };
+
+        let config = config
+            .with_single_cert(cert_chain, key)
+            .expect("Failed to load TLS certificate!");
+
+        Some(config)
+    } else {
+        None
+    };
+
+    log::info!("Starting relay on http://{}", args.listen_address);
+
+    let args_clone = args.clone();
+    let server = HttpServer::new(move || {
+        App::new()
+            .wrap(middleware::Logger::default())
+            .app_data(Data::new(args_clone.clone()))
+            .route("/", web::get().to(hello_route))
+            .route("/config", web::get().to(config_route))
+            .route("/ws", web::get().to(relay_ws))
+    });
+
+    if let Some(tls_conf) = tls_config {
+        server.bind_rustls(&args.listen_address, tls_conf)?
+    } else {
+        server.bind(&args.listen_address)?
+    }
+    .run()
+    .await
+}

tcp_relay_server/src/main.rs

@@ -1,126 +1,10 @@
-use std::sync::Arc;
-
-use actix_web::web::Data;
-use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer, Responder};
 use clap::Parser;
 
-use base::{cert_utils, RelayedPort};
-use tcp_relay_server::relay_ws::relay_ws;
 use tcp_relay_server::server_config::ServerConfig;
-use tcp_relay_server::tls_cert_client_verifier::CustomCertClientVerifier;
-
-pub async fn hello_route() -> &'static str {
-    "Hello world!"
-}
-
-pub async fn config_route(req: HttpRequest, data: Data<Arc<ServerConfig>>) -> impl Responder {
-    if data.has_token_auth() {
-        let token = req
-            .headers()
-            .get("Authorization")
-            .map(|t| t.to_str().unwrap_or_default())
-            .unwrap_or_default()
-            .strip_prefix("Bearer ")
-            .unwrap_or_default();
-
-        if !data.tokens.iter().any(|t| t.eq(token)) {
-            return HttpResponse::Unauthorized().json("Missing / invalid token");
-        }
-    }
-
-    HttpResponse::Ok().json(
-        data.ports
-            .iter()
-            .enumerate()
-            .map(|(id, port)| RelayedPort {
-                id,
-                port: port + data.increment_ports,
-            })
-            .collect::<Vec<_>>(),
-    )
-}
 
 #[actix_web::main]
 async fn main() -> std::io::Result<()> {
     env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
 
-    let mut args: ServerConfig = ServerConfig::parse();
-
-    // Check if no port are to be forwarded
-    if args.ports.is_empty() {
-        log::error!("No port to forward!");
-        std::process::exit(2);
-    }
-
-    // Read tokens from file, if any
-    if let Some(file) = &args.tokens_file {
-        std::fs::read_to_string(file)
-            .expect("Failed to read tokens file!")
-            .split('\n')
-            .filter(|l| !l.is_empty())
-            .for_each(|t| args.tokens.push(t.to_string()));
-    }
-
-    if !args.has_auth() {
-        log::error!("No authentication method specified!");
-        std::process::exit(3);
-    }
-
-    if args.has_tls_client_auth() && !args.has_tls_config() {
-        log::error!("Cannot provide client auth without TLS configuration!");
-        panic!();
-    }
-
-    let args = Arc::new(args);
-
-    // Load TLS configuration, if any
-    let tls_config = if let (Some(cert), Some(key)) = (&args.tls_cert, &args.tls_key) {
-        // Load TLS certificate & private key
-        let cert_file = std::fs::read(cert).expect("Failed to read certificate file");
-        let key_file = std::fs::read(key).expect("Failed to read server private key");
-
-        // Get certificates chain
-        let cert_chain =
-            cert_utils::parse_pem_certificates(&cert_file).expect("Failed to extract certificates");
-
-        // Get private key
-        let key =
-            cert_utils::parse_pem_private_key(&key_file).expect("Failed to extract private key!");
-
-        let config = rustls::ServerConfig::builder().with_safe_defaults();
-
-        let config = match args.has_tls_client_auth() {
-            true => config
-                .with_client_cert_verifier(Arc::new(CustomCertClientVerifier::new(args.clone()))),
-            false => config.with_no_client_auth(),
-        };
-
-        let config = config
-            .with_single_cert(cert_chain, key)
-            .expect("Failed to load TLS certificate!");
-
-        Some(config)
-    } else {
-        None
-    };
-
-    log::info!("Starting relay on http://{}", args.listen_address);
-
-    let args_clone = args.clone();
-    let server = HttpServer::new(move || {
-        App::new()
-            .wrap(middleware::Logger::default())
-            .app_data(Data::new(args_clone.clone()))
-            .route("/", web::get().to(hello_route))
-            .route("/config", web::get().to(config_route))
-            .route("/ws", web::get().to(relay_ws))
-    });
-
-    if let Some(tls_conf) = tls_config {
-        server.bind_rustls(&args.listen_address, tls_conf)?
-    } else {
-        server.bind(&args.listen_address)?
-    }
-    .run()
-    .await
+    tcp_relay_server::run_app(ServerConfig::parse()).await
 }

tcp_relay_server/src/server_config.rs

@@ -71,3 +71,14 @@ impl ServerConfig {
         self.has_token_auth() || self.has_tls_client_auth()
     }
 }
+
+#[cfg(test)]
+mod test {
+    use crate::server_config::ServerConfig;
+
+    #[test]
+    fn verify_cli() {
+        use clap::CommandFactory;
+        ServerConfig::command().debug_assert()
+    }
+}