zrok/proxy/proxy.go

package proxy

import (
	"context"
	"fmt"
	"github.com/openziti-test-kitchen/zrok/util"
	"github.com/openziti/sdk-golang/ziti"
	"github.com/openziti/sdk-golang/ziti/config"
	"github.com/pkg/errors"
	"github.com/sirupsen/logrus"
	"net"
	"net/http"
	"net/http/httputil"
	"net/url"
	"strings"
)

type Config struct {
	IdentityPath string
	Address      string
}

func Run(cfg *Config) error {
	zCfg, err := config.NewFromFile(cfg.IdentityPath)
	if err != nil {
		return errors.Wrap(err, "error loading config")
	}
	zCtx := ziti.NewContextWithConfig(zCfg)
	zDialCtx := ZitiDialContext{Context: zCtx}
	zTransport := http.DefaultTransport.(*http.Transport).Clone()
	zTransport.DialContext = zDialCtx.Dial

	proxy, err := NewServiceProxy(&resolver{})
	if err != nil {
		return err
	}
	proxy.Transport = zTransport
	return http.ListenAndServe(cfg.Address, util.NewProxyHandler(proxy))
}

type resolver struct{}

func (r *resolver) Service(host string) string {
	logrus.Debugf("host = '%v'", host)
	tokens := strings.Split(host, ".")
	if len(tokens) > 0 {
		return tokens[0]
	}
	return "zrok"
}

type ZitiDialContext struct {
	Context ziti.Context
}

func (self *ZitiDialContext) Dial(_ context.Context, _ string, addr string) (net.Conn, error) {
	service := strings.Split(addr, ":")[0] // ignore :port (we get passed 'host:port')
	_, found := self.Context.GetService(service)
	if !found {
		logrus.Infof("service '%v' not cached; refreshing", service)
		if err := self.Context.RefreshServices(); err != nil {
			return nil, errors.Wrap(err, "error refreshing services")
		}
	}
	return self.Context.Dial(service)
}

type ProxyServiceResolver interface {
	Service(host string) string
}

func NewServiceProxy(p ProxyServiceResolver) (*httputil.ReverseProxy, error) {
	proxy := hostTargetReverseProxy(p)
	director := proxy.Director
	proxy.Director = func(req *http.Request) {
		director(req)
		logrus.Debugf("-> %v", req.URL.String())
		req.Header.Set("X-Proxy", "zrok")
	}
	proxy.ModifyResponse = func(resp *http.Response) error {
		return nil
	}
	proxy.ErrorHandler = func(w http.ResponseWriter, r *http.Request, err error) {
		logrus.Errorf("error proxying: %v", err)
	}

	return proxy, nil
}

func hostTargetReverseProxy(r ProxyServiceResolver) *httputil.ReverseProxy {
	director := func(req *http.Request) {
		targetSvc := r.Service(req.Host)
		if target, err := url.Parse(fmt.Sprintf("http://%v", targetSvc)); err == nil {
			targetQuery := target.RawQuery
			req.URL.Scheme = target.Scheme
			req.URL.Host = target.Host
			req.URL.Path, req.URL.RawPath = joinURLPath(target, req.URL)
			if targetQuery == "" || req.URL.RawQuery == "" {
				req.URL.RawQuery = targetQuery + req.URL.RawQuery
			} else {
				req.URL.RawQuery = targetQuery + "&" + req.URL.RawQuery
			}
			if _, ok := req.Header["User-Agent"]; !ok {
				// explicitly disable User-Agent so it's not set to default value
				req.Header.Set("User-Agent", "")
			}
		} else {
			logrus.Errorf("error proxying: %v", err)
		}
	}
	return &httputil.ReverseProxy{Director: director}
}

func joinURLPath(a, b *url.URL) (path, rawpath string) {
	if a.RawPath == "" && b.RawPath == "" {
		return singleJoiningSlash(a.Path, b.Path), ""
	}
	// Same as singleJoiningSlash, but uses EscapedPath to determine
	// whether a slash should be added
	apath := a.EscapedPath()
	bpath := b.EscapedPath()

	aslash := strings.HasSuffix(apath, "/")
	bslash := strings.HasPrefix(bpath, "/")

	switch {
	case aslash && bslash:
		return a.Path + b.Path[1:], apath + bpath[1:]
	case !aslash && !bslash:
		return a.Path + "/" + b.Path, apath + "/" + bpath
	}
	return a.Path + b.Path, apath + bpath
}

func singleJoiningSlash(a, b string) string {
	aslash := strings.HasSuffix(a, "/")
	bslash := strings.HasPrefix(b, "/")
	switch {
	case aslash && bslash:
		return a + b[1:]
	case !aslash && !bslash:
		return a + "/" + b
	}
	return a + b
}
more scaffolding 2022-07-19 22:15:54 +02:00			`package proxy`

			`import (`
proxy lint 2022-08-10 21:15:35 +02:00			`"context"`
			`"fmt"`
mvp... minimum viable proxy 2022-07-20 20:36:14 +02:00			`"github.com/openziti-test-kitchen/zrok/util"`
mvc... minimum viable curl 2022-07-20 20:16:01 +02:00			`"github.com/openziti/sdk-golang/ziti"`
			`"github.com/openziti/sdk-golang/ziti/config"`
			`"github.com/pkg/errors"`
adjust reverse proxy infrastructure to selectively proxy based on host header (#7) 2022-07-26 19:30:19 +02:00			`"github.com/sirupsen/logrus"`
proxy lint 2022-08-10 21:15:35 +02:00			`"net"`
more scaffolding 2022-07-19 22:15:54 +02:00			`"net/http"`
proxy lint 2022-08-10 21:15:35 +02:00			`"net/http/httputil"`
			`"net/url"`
ugly service detection (#3) 2022-07-26 23:30:06 +02:00			`"strings"`
more scaffolding 2022-07-19 22:15:54 +02:00			`)`

proxy lint 2022-08-10 21:15:35 +02:00			`type Config struct {`
			`IdentityPath string`
			`Address string`
			`}`

more scaffolding 2022-07-19 22:15:54 +02:00			`func Run(cfg *Config) error {`
mvc... minimum viable curl 2022-07-20 20:16:01 +02:00			`zCfg, err := config.NewFromFile(cfg.IdentityPath)`
			`if err != nil {`
			`return errors.Wrap(err, "error loading config")`
			`}`
			`zCtx := ziti.NewContextWithConfig(zCfg)`
check service/refresh missing services zrok proxy fix (#27) 2022-08-10 21:02:47 +02:00			`zDialCtx := ZitiDialContext{Context: zCtx}`
more proxy debugging 2022-07-21 21:26:44 +02:00			`zTransport := http.DefaultTransport.(*http.Transport).Clone()`
			`zTransport.DialContext = zDialCtx.Dial`
httputil.ReverseProxy version skeleton 2022-07-21 21:46:14 +02:00
refactoring and restructuring the core proxying machinery (#27) 2022-08-09 20:11:50 +02:00			`proxy, err := NewServiceProxy(&resolver{})`
mvp... minimum viable proxy 2022-07-20 20:36:14 +02:00			`if err != nil {`
solid proxy infrastructure 2022-07-21 22:01:39 +02:00			`return err`
mvp... minimum viable proxy 2022-07-20 20:36:14 +02:00			`}`
httputil.ReverseProxy version skeleton 2022-07-21 21:46:14 +02:00			`proxy.Transport = zTransport`
solid proxy infrastructure 2022-07-21 22:01:39 +02:00			`return http.ListenAndServe(cfg.Address, util.NewProxyHandler(proxy))`
more scaffolding 2022-07-19 22:15:54 +02:00			`}`
adjust reverse proxy infrastructure to selectively proxy based on host header (#7) 2022-07-26 19:30:19 +02:00
proxy lint 2022-08-10 21:15:35 +02:00			`type resolver struct{}`
adjust reverse proxy infrastructure to selectively proxy based on host header (#7) 2022-07-26 19:30:19 +02:00
			`func (r *resolver) Service(host string) string {`
logging lint 2022-07-27 18:58:16 +02:00			`logrus.Debugf("host = '%v'", host)`
ugly service detection (#3) 2022-07-26 23:30:06 +02:00			`tokens := strings.Split(host, ".")`
			`if len(tokens) > 0 {`
			`return tokens[0]`
			`}`
adjust reverse proxy infrastructure to selectively proxy based on host header (#7) 2022-07-26 19:30:19 +02:00			`return "zrok"`
			`}`
proxy lint 2022-08-10 21:15:35 +02:00
			`type ZitiDialContext struct {`
			`Context ziti.Context`
			`}`

			`func (self *ZitiDialContext) Dial(_ context.Context, _ string, addr string) (net.Conn, error) {`
			`service := strings.Split(addr, ":")[0] // ignore :port (we get passed 'host:port')`
			`_, found := self.Context.GetService(service)`
			`if !found {`
			`logrus.Infof("service '%v' not cached; refreshing", service)`
			`if err := self.Context.RefreshServices(); err != nil {`
			`return nil, errors.Wrap(err, "error refreshing services")`
			`}`
			`}`
			`return self.Context.Dial(service)`
			`}`

			`type ProxyServiceResolver interface {`
			`Service(host string) string`
			`}`

			`func NewServiceProxy(p ProxyServiceResolver) (*httputil.ReverseProxy, error) {`
			`proxy := hostTargetReverseProxy(p)`
			`director := proxy.Director`
			`proxy.Director = func(req *http.Request) {`
			`director(req)`
			`logrus.Debugf("-> %v", req.URL.String())`
			`req.Header.Set("X-Proxy", "zrok")`
			`}`
			`proxy.ModifyResponse = func(resp *http.Response) error {`
			`return nil`
			`}`
			`proxy.ErrorHandler = func(w http.ResponseWriter, r *http.Request, err error) {`
			`logrus.Errorf("error proxying: %v", err)`
			`}`

			`return proxy, nil`
			`}`

			`func hostTargetReverseProxy(r ProxyServiceResolver) *httputil.ReverseProxy {`
			`director := func(req *http.Request) {`
			`targetSvc := r.Service(req.Host)`
			`if target, err := url.Parse(fmt.Sprintf("http://%v", targetSvc)); err == nil {`
			`targetQuery := target.RawQuery`
			`req.URL.Scheme = target.Scheme`
			`req.URL.Host = target.Host`
			`req.URL.Path, req.URL.RawPath = joinURLPath(target, req.URL)`
			`if targetQuery == "" \|\| req.URL.RawQuery == "" {`
			`req.URL.RawQuery = targetQuery + req.URL.RawQuery`
			`} else {`
			`req.URL.RawQuery = targetQuery + "&" + req.URL.RawQuery`
			`}`
			`if _, ok := req.Header["User-Agent"]; !ok {`
			`// explicitly disable User-Agent so it's not set to default value`
			`req.Header.Set("User-Agent", "")`
			`}`
			`} else {`
			`logrus.Errorf("error proxying: %v", err)`
			`}`
			`}`
			`return &httputil.ReverseProxy{Director: director}`
			`}`

			`func joinURLPath(a, b *url.URL) (path, rawpath string) {`
			`if a.RawPath == "" && b.RawPath == "" {`
			`return singleJoiningSlash(a.Path, b.Path), ""`
			`}`
			`// Same as singleJoiningSlash, but uses EscapedPath to determine`
			`// whether a slash should be added`
			`apath := a.EscapedPath()`
			`bpath := b.EscapedPath()`

			`aslash := strings.HasSuffix(apath, "/")`
			`bslash := strings.HasPrefix(bpath, "/")`

			`switch {`
			`case aslash && bslash:`
			`return a.Path + b.Path[1:], apath + bpath[1:]`
			`case !aslash && !bslash:`
			`return a.Path + "/" + b.Path, apath + "/" + bpath`
			`}`
			`return a.Path + b.Path, apath + bpath`
			`}`

			`func singleJoiningSlash(a, b string) string {`
			`aslash := strings.HasSuffix(a, "/")`
			`bslash := strings.HasPrefix(b, "/")`
			`switch {`
			`case aslash && bslash:`
			`return a + b[1:]`
			`case !aslash && !bslash:`
			`return a + "/" + b`
			`}`
			`return a + b`
			`}`