From 4f457596a2fa991b5914d4c368697c659db9d1e7 Mon Sep 17 00:00:00 2001
From: Mike Crute <mike@crute.us>
Date: Mon, 22 Nov 2021 18:39:08 -0800
Subject: Add API index resource

---
 app/controllers/api.go | 26 ++++++++++++++++++++++++++
 cmd/web/server.go      | 45 +++++++++++++++++++++++++--------------------
 2 files changed, 51 insertions(+), 20 deletions(-)

diff --git a/app/controllers/api.go b/app/controllers/api.go
index 7beaa4c..5ee6591 100644
--- a/app/controllers/api.go
+++ b/app/controllers/api.go
@@ -1,6 +1,32 @@
 package controllers
 
+import (
+	"net/http"
+
+	"code.crute.us/mcrute/cloud-identity-broker/app/middleware"
+
+	glecho "code.crute.us/mcrute/golib/echo"
+	"github.com/labstack/echo/v4"
+)
+
 const (
 	contentTypeV1 = "application/vnd.broker.v1+json" // Original type
 	contentTypeV2 = "application/vnd.broker.v2+json" // Start of migration to multi-cloud
 )
+
+func APIIndexHandler(c echo.Context) error {
+	p, err := middleware.GetAuthorizedPrincipal(c)
+	if err != nil {
+		return echo.ErrUnauthorized
+	}
+
+	out := map[string]string{
+		"accounts": glecho.URLFor(c, "/api/account").String(),
+	}
+
+	if p.IsAdmin {
+		out["users"] = glecho.URLFor(c, "/api/user").String()
+	}
+
+	return c.JSON(http.StatusOK, out)
+}
diff --git a/cmd/web/server.go b/cmd/web/server.go
index 3797acd..c573244 100644
--- a/cmd/web/server.go
+++ b/cmd/web/server.go
@@ -127,30 +127,35 @@ func webMain(cfg app.Config, embeddedTemplates fs.FS, version string) {
 	}
 	am.RegisterUrls(s)
 
-	api := s.Group("/api/account")
+	api := s.Group("/api")
 	api.Use(glmw.VaryCookie())
 	api.Use(glmw.CacheNeverMiddleware)
 	api.Use(am.Middleware)
 	{
-		api.GET("", controllers.NewAPIAccountListHandler(as))
-		api.GET(
-			"/:account/credentials",
-			controllers.NewAPIRegionListHandler(aws),
-		)
-		api.GET(
-			"/:account/console",
-			controllers.NewAPIConsoleRedirectHandler(aws, cfg.IssuerEndpoint),
-			rateLimit,
-		)
-		api.GET(
-			"/:account/credentials/:region",
-			controllers.NewAPICredentialsHandler(aws),
-			rateLimit,
-		)
-		(&controllers.APIAccountHandler{
-			Store:      as,
-			AdminStore: adminAccountStore,
-		}).Register("/:account", api)
+		api.GET("", controllers.APIIndexHandler)
+
+		account := api.Group("/account")
+		{
+			account.GET("", controllers.NewAPIAccountListHandler(as))
+			account.GET(
+				"/:account/credentials",
+				controllers.NewAPIRegionListHandler(aws),
+			)
+			account.GET(
+				"/:account/console",
+				controllers.NewAPIConsoleRedirectHandler(aws, cfg.IssuerEndpoint),
+				rateLimit,
+			)
+			account.GET(
+				"/:account/credentials/:region",
+				controllers.NewAPICredentialsHandler(aws),
+				rateLimit,
+			)
+			(&controllers.APIAccountHandler{
+				Store:      as,
+				AdminStore: adminAccountStore,
+			}).Register("/:account", account)
+		}
 	}
 	s.GET("/favicon.ico", echo.NotFoundHandler)
 	s.GET("/logout", controllers.LogoutHandler)
-- 
cgit v1.2.3