Implement support for Wireguard in PIA

.gitignore

@@ -1 +1,2 @@
 scratch.txt
+.idea/

internal/configuration/settings/provider.go

@@ -36,6 +36,7 @@ func (p *Provider) validate(vpnType string, storage Storage) (err error) {
 			providers.Ivpn,
 			providers.Mullvad,
 			providers.Nordvpn,
+			providers.PrivateInternetAccess,
 			providers.Surfshark,
 			providers.Windscribe,
 		}

internal/models/server.go

@@ -44,7 +44,7 @@ var (
 	ErrWireguardPublicKeyEmpty = errors.New("wireguard public key field is empty")
 )
 
-func (s *Server) HasMinimumInformation() (err error) {
+func (s *Server) HasMinimumInformation(providerWireguardKeyUnknown bool) (err error) {
 	switch {
 	case s.VPN == "":
 		return fmt.Errorf("%w", ErrVPNFieldEmpty)
@@ -54,7 +54,7 @@ func (s *Server) HasMinimumInformation() (err error) {
 		return fmt.Errorf("%w", ErrNetworkProtocolSet)
 	case s.VPN == vpn.OpenVPN && !s.TCP && !s.UDP:
 		return fmt.Errorf("%w", ErrNoNetworkProtocol)
-	case s.VPN == vpn.Wireguard && s.WgPubKey == "":
+	case s.VPN == vpn.Wireguard && (s.WgPubKey == "" && !providerWireguardKeyUnknown):
 		return fmt.Errorf("%w", ErrWireguardPublicKeyEmpty)
 	default:
 		return nil

internal/provider/airvpn/provider.go

@@ -14,6 +14,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/custom/provider.go

@@ -9,6 +9,7 @@ import (
 type Provider struct {
 	extractor Extractor
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/cyberghost/provider.go

@@ -13,6 +13,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/example/provider.go

@@ -14,6 +14,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/expressvpn/provider.go

@@ -13,6 +13,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/fastestvpn/provider.go

@@ -13,6 +13,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/hidemyass/provider.go

@@ -14,6 +14,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/ipvanish/provider.go

@@ -13,6 +13,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/ivpn/provider.go

@@ -14,6 +14,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/mullvad/provider.go

@@ -14,6 +14,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/nordvpn/provider.go

@@ -14,6 +14,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/perfectprivacy/provider.go

@@ -13,6 +13,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/privado/provider.go

@@ -13,6 +13,7 @@ type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
 	utils.NoPortForwarder
+	utils.NoWireguardConfigurator
 	common.Fetcher
 }
 

internal/provider/privateinternetaccess/connection.go

@@ -19,6 +19,7 @@ func (p *Provider) GetConnection(selection settings.ServerSelection, ipv6Support
 		defaults.OpenVPNTCPPort = 501
 		defaults.OpenVPNUDPPort = 1197
 	}
+	defaults.WireguardPort = 1337
 
 	return utils.GetConnection(p.Name(),
 		p.storage, selection, defaults, ipv6Supported, p.randSource)

internal/provider/privateinternetaccess/portforward.go

@@ -134,7 +134,7 @@ func (p *Provider) KeepPortForward(ctx context.Context, _ uint16,
 
 func refreshPIAPortForwardData(ctx context.Context, client, privateIPClient *http.Client,
 	gateway netip.Addr, portForwardPath, authFilePath string) (data piaPortForwardData, err error) {
-	data.Token, err = fetchToken(ctx, client, authFilePath)
+	data.Token, err = fetchToken(ctx, client, "client", authFilePath)
 	if err != nil {
 		return data, fmt.Errorf("fetching token: %w", err)
 	}
@@ -233,57 +233,6 @@ var (
 	errEmptyToken = errors.New("token received is empty")
 )
 
-func fetchToken(ctx context.Context, client *http.Client,
-	authFilePath string) (token string, err error) {
-	username, password, err := getOpenvpnCredentials(authFilePath)
-	if err != nil {
-		return "", fmt.Errorf("getting username and password: %w", err)
-	}
-
-	errSubstitutions := map[string]string{
-		url.QueryEscape(username): "<username>",
-		url.QueryEscape(password): "<password>",
-	}
-
-	form := url.Values{}
-	form.Add("username", username)
-	form.Add("password", password)
-	url := url.URL{
-		Scheme: "https",
-		Host:   "www.privateinternetaccess.com",
-		Path:   "/api/client/v2/token",
-	}
-	request, err := http.NewRequestWithContext(ctx, http.MethodPost, url.String(), strings.NewReader(form.Encode()))
-	if err != nil {
-		return "", replaceInErr(err, errSubstitutions)
-	}
-
-	request.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-
-	response, err := client.Do(request)
-	if err != nil {
-		return "", replaceInErr(err, errSubstitutions)
-	}
-	defer response.Body.Close()
-
-	if response.StatusCode != http.StatusOK {
-		return "", makeNOKStatusError(response, errSubstitutions)
-	}
-
-	decoder := json.NewDecoder(response.Body)
-	var result struct {
-		Token string `json:"token"`
-	}
-	if err := decoder.Decode(&result); err != nil {
-		return "", fmt.Errorf("decoding response: %w", err)
-	}
-
-	if result.Token == "" {
-		return "", errEmptyToken
-	}
-	return result.Token, nil
-}
-
 var (
 	errAuthFileMalformed = errors.New("authentication file is malformed")
 )
@@ -329,13 +278,13 @@ func fetchPortForwardData(ctx context.Context, client *http.Client, gateway neti
 	}
 	request, err := http.NewRequestWithContext(ctx, http.MethodGet, url.String(), nil)
 	if err != nil {
-		err = replaceInErr(err, errSubstitutions)
+		err = ReplaceInErr(err, errSubstitutions)
 		return 0, "", expiration, fmt.Errorf("obtaining signature payload: %w", err)
 	}
 
 	response, err := client.Do(request)
 	if err != nil {
-		err = replaceInErr(err, errSubstitutions)
+		err = ReplaceInErr(err, errSubstitutions)
 		return 0, "", expiration, fmt.Errorf("obtaining signature payload: %w", err)
 	}
 	defer response.Body.Close()
@@ -392,12 +341,12 @@ func bindPort(ctx context.Context, client *http.Client, gateway netip.Addr, data
 
 	request, err := http.NewRequestWithContext(ctx, http.MethodGet, bindPortURL.String(), nil)
 	if err != nil {
-		return replaceInErr(err, errSubstitutions)
+		return ReplaceInErr(err, errSubstitutions)
 	}
 
 	response, err := client.Do(request)
 	if err != nil {
-		return replaceInErr(err, errSubstitutions)
+		return ReplaceInErr(err, errSubstitutions)
 	}
 	defer response.Body.Close()
 
@@ -421,33 +370,4 @@ func bindPort(ctx context.Context, client *http.Client, gateway netip.Addr, data
 	return nil
 }
 
-// replaceInErr is used to remove sensitive information from errors.
-func replaceInErr(err error, substitutions map[string]string) error {
-	s := replaceInString(err.Error(), substitutions)
-	return errors.New(s) //nolint:goerr113
-}
-
-// replaceInString is used to remove sensitive information.
-func replaceInString(s string, substitutions map[string]string) string {
-	for old, new := range substitutions {
-		s = strings.ReplaceAll(s, old, new)
-	}
-	return s
-}
-
 var ErrHTTPStatusCodeNotOK = errors.New("HTTP status code is not OK")
-
-func makeNOKStatusError(response *http.Response, substitutions map[string]string) (err error) {
-	url := response.Request.URL.String()
-	url = replaceInString(url, substitutions)
-
-	b, _ := io.ReadAll(response.Body)
-	shortenMessage := string(b)
-	shortenMessage = strings.ReplaceAll(shortenMessage, "\n", "")
-	shortenMessage = strings.ReplaceAll(shortenMessage, "  ", " ")
-	shortenMessage = replaceInString(shortenMessage, substitutions)
-
-	return fmt.Errorf("%w: %s: %d %s: response received: %s",
-		ErrHTTPStatusCodeNotOK, url, response.StatusCode,
-		response.Status, shortenMessage)
-}

internal/provider/privateinternetaccess/portforward_test.go

@@ -100,7 +100,7 @@ func Test_replaceInString(t *testing.T) {
 		testCase := testCase
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
-			result := replaceInString(testCase.s, testCase.substitutions)
+			result := ReplaceInString(testCase.s, testCase.substitutions)
 			assert.Equal(t, testCase.result, result)
 		})
 	}

internal/provider/privateinternetaccess/tokenutils.go

@@ -0,0 +1,72 @@
+package privateinternetaccess
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+func fetchToken(ctx context.Context, client *http.Client,
+	tokenType string, authFilePath string) (token string, err error) {
+	username, password, err := getOpenvpnCredentials(authFilePath)
+	if err != nil {
+		return "", fmt.Errorf("getting username and password: %w", err)
+	}
+
+	errSubstitutions := map[string]string{
+		url.QueryEscape(username): "<username>",
+		url.QueryEscape(password): "<password>",
+	}
+
+	var path string
+
+	switch tokenType {
+	case "client":
+		path = "/api/client/v2/token"
+	case "gtoken":
+		path = "/gtoken/generateToken"
+	default:
+		return "", fmt.Errorf("token type %q is not supported", tokenType)
+	}
+
+	form := url.Values{}
+	form.Add("username", username)
+	form.Add("password", password)
+	url := url.URL{
+		Scheme: "https",
+		Host:   "www.privateinternetaccess.com",
+		Path:   path,
+	}
+	request, err := http.NewRequestWithContext(ctx, http.MethodPost, url.String(), strings.NewReader(form.Encode()))
+	if err != nil {
+		return "", ReplaceInErr(err, errSubstitutions)
+	}
+
+	request.Header.Add("Content-Type", "application/x-www-form-urlencoded")
+
+	response, err := client.Do(request)
+	if err != nil {
+		return "", ReplaceInErr(err, errSubstitutions)
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return "", makeNOKStatusError(response, errSubstitutions)
+	}
+
+	decoder := json.NewDecoder(response.Body)
+	var result struct {
+		Token string `json:"token"`
+	}
+	if err := decoder.Decode(&result); err != nil {
+		return "", fmt.Errorf("decoding response: %w", err)
+	}
+
+	if result.Token == "" {
+		return "", errEmptyToken
+	}
+	return result.Token, nil
+}

internal/provider/privateinternetaccess/updater/api.go

@@ -27,6 +27,7 @@ type regionData struct {
 	Servers     struct {
 		UDP []serverData `json:"ovpnudp"`
 		TCP []serverData `json:"ovpntcp"`
+		WG  []serverData `json:"wg"`
 	} `json:"servers"`
 }