add public key and registration

Author: rajsinghtech

Dockerfile

@@ -29,6 +29,6 @@ COPY static/ static/
 RUN adduser -D appuser
 USER appuser
 
-EXPOSE 8080
+EXPOSE 3000 
 
 CMD ["./main"] 

Makefile

@@ -10,7 +10,7 @@ reload:
 	make apply
 
 run:
-	docker compose up
+	docker compose up --force-recreate --build
 
 pull-secrets:
 	@echo "Creating static directory if it doesn't exist..."

docker-compose.yml

@@ -26,7 +26,5 @@ services:
       dockerfile: Dockerfile
     ports:
       - "3000:3000"
-    # environment:
-    #   - TESLA_PROXY_URL=https://localhost:4443
     depends_on:
       - tesla-http-proxy

examples/kustomization/kustomization.yaml

@@ -6,7 +6,7 @@ resources:
   - certificate.yaml
   - tlsroute.yaml
   - secrets.yaml
-
+  - public-key-webserver.yaml
 configMapGenerator:
   - name: fleet-telemetry-config
     files:

examples/kustomization/public-key-webserver.yaml

@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: public-key-web-server
+  labels:
+    app: public-key-web-server
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: public-key-web-server
+  template:
+    metadata:
+      labels:
+        app: public-key-web-server
+    spec:
+      containers:
+      - name: web-server
+        image: nginx:latest
+        volumeMounts:
+        - name: public-key-volume
+          mountPath: /usr/share/nginx/html/public-key.pem
+          subPath: public-key.pem
+        - name: nginx-config
+          mountPath: /etc/nginx/conf.d/default.conf
+          subPath: default.conf
+        ports:
+        - containerPort: 80
+      volumes:
+      - name: public-key-volume
+        secret:
+          secretName: tesla-fleet-api
+          items:
+          - key: public-key.pem
+            path: public-key.pem
+      - name: nginx-config
+        configMap:
+          name: nginx-config
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-config
+data:
+  default.conf: |
+    server {
+        listen 80;
+        location / {
+            default_type application/x-pem-file;
+            root /usr/share/nginx/html;
+            try_files /public-key.pem =404;
+        }
+    }
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: public-key-web-server
+spec:
+  selector:
+    app: public-key-web-server
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  type: ClusterIP

main.go

@@ -1,13 +1,127 @@
 package main
 
 import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
 	"log"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
 
 	"github.com/gofiber/fiber/v2"
 	"github.com/gofiber/template/html/v2"
 )
 
+type TokenResponse struct {
+	AccessToken string `json:"access_token"`
+	TokenType   string `json:"token_type"`
+	ExpiresIn   int    `json:"expires_in"`
+}
+
+type RegistrationResponse struct {
+	ClientID       string      `json:"client_id"`
+	Name           string      `json:"name"`
+	Description    string      `json:"description"`
+	Domain         string      `json:"domain"`
+	CA             interface{} `json:"ca"`
+	CreatedAt      string      `json:"created_at"`
+	UpdatedAt      string      `json:"updated_at"`
+	EnterpriseTier string      `json:"enterprise_tier"`
+	PublicKey      string      `json:"public_key"`
+}
+
+func generateToken() (*TokenResponse, error) {
+	data := url.Values{}
+	data.Set("grant_type", "client_credentials")
+	data.Set("client_id", strings.TrimSpace(string(clientID)))
+	data.Set("client_secret", strings.TrimSpace(string(clientSecret)))
+	data.Set("scope", "openid vehicle_device_data vehicle_cmds vehicle_charging_cmds")
+	data.Set("audience", "https://fleet-api.prd.na.vn.cloud.tesla.com")
+
+	resp, err := http.PostForm("https://auth.tesla.com/oauth2/v3/token", data)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var tokenResp TokenResponse
+	if err := json.NewDecoder(resp.Body).Decode(&tokenResp); err != nil {
+		return nil, err
+	}
+
+	return &tokenResp, nil
+}
+
+func registerPartnerAccount(token string) (*RegistrationResponse, error) {
+	domain := strings.TrimSpace(string(domainName))
+	payload := map[string]string{
+		"domain": domain,
+	}
+
+	jsonPayload, err := json.Marshal(payload)
+	if err != nil {
+		return nil, fmt.Errorf("error marshaling payload: %v", err)
+	}
+
+	req, err := http.NewRequest("POST",
+		"https://fleet-api.prd.na.vn.cloud.tesla.com/api/1/partner_accounts",
+		bytes.NewBuffer(jsonPayload))
+	if err != nil {
+		return nil, fmt.Errorf("error creating request: %v", err)
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", "Bearer "+token)
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("error making request: %v", err)
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("error reading response: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("registration failed with status %d: %s", resp.StatusCode, string(body))
+	}
+
+	var regResp RegistrationResponse
+	if err := json.Unmarshal(body, &regResp); err != nil {
+		return nil, fmt.Errorf("error parsing response: %v", err)
+	}
+
+	return &regResp, nil
+}
+
+var (
+	clientID     []byte
+	clientSecret []byte
+	domainName   []byte
+)
+
 func main() {
+	var err error
+	// Read credentials
+	clientID, err = os.ReadFile("static/CLIENT_ID")
+	if err != nil {
+		log.Fatal("Error reading CLIENT_ID:", err)
+	}
+	clientSecret, err = os.ReadFile("static/CLIENT_SECRET")
+	if err != nil {
+		log.Fatal("Error reading CLIENT_SECRET:", err)
+	}
+	domainName, err = os.ReadFile("static/DOMAIN")
+	if err != nil {
+		log.Fatal("Error reading DOMAIN:", err)
+	}
+
 	// Create a new engine
 	engine := html.New("./views", ".html")
 
@@ -24,6 +138,30 @@ func main() {
 		return c.SendFile("./static/public-key.pem")
 	})
 
+	// Generate token and register partner account endpoint
+	app.Post("/generate-token", func(c *fiber.Ctx) error {
+		token, err := generateToken()
+		if err != nil {
+			return c.Status(500).JSON(fiber.Map{
+				"error": "Token generation failed: " + err.Error(),
+			})
+		}
+
+		// Register partner account using the token
+		regResp, err := registerPartnerAccount(token.AccessToken)
+		if err != nil {
+			return c.Status(500).JSON(fiber.Map{
+				"error": "Registration failed: " + err.Error(),
+				"token": token,
+			})
+		}
+
+		return c.JSON(fiber.Map{
+			"token":        token,
+			"registration": regResp,
+		})
+	})
+
 	// Serve the main page
 	app.Get("/", func(c *fiber.Ctx) error {
 		return c.Render("index", fiber.Map{