mirror of
https://github.com/openziti/zrok.git
synced 2025-08-14 02:05:39 +02:00
refactor public sharing backend to use frontend selection, rather than hard-wired frontend zids (#110)
This commit is contained in:
@ -12,7 +12,6 @@ type Config struct {
|
||||
V int
|
||||
Admin *AdminConfig
|
||||
Endpoint *EndpointConfig
|
||||
Proxy *ProxyConfig
|
||||
Email *EmailConfig
|
||||
Registration *RegistrationConfig
|
||||
Store *store.Config
|
||||
@ -30,11 +29,6 @@ type EndpointConfig struct {
|
||||
Port int
|
||||
}
|
||||
|
||||
type ProxyConfig struct {
|
||||
UrlTemplate string
|
||||
Identities []string
|
||||
}
|
||||
|
||||
type EmailConfig struct {
|
||||
Host string
|
||||
Port int
|
||||
|
@ -158,7 +158,7 @@ func deleteServicePolicyBind(envZId, svcToken string, edge *rest_management_api_
|
||||
return deleteServicePolicy(envZId, fmt.Sprintf("tags.zrokServiceToken=\"%v\" and type=2", svcToken), edge)
|
||||
}
|
||||
|
||||
func createServicePolicyDial(envZId, svcToken, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement, tags ...*rest_model.Tags) error {
|
||||
func createServicePolicyDial(envZId, svcToken, svcZId string, dialZIds []string, edge *rest_management_api_client.ZitiEdgeManagement, tags ...*rest_model.Tags) error {
|
||||
allTags := zrokServiceTags(svcToken)
|
||||
for _, t := range tags {
|
||||
for k, v := range t.SubTags {
|
||||
@ -167,7 +167,7 @@ func createServicePolicyDial(envZId, svcToken, svcZId string, edge *rest_managem
|
||||
}
|
||||
|
||||
var identityRoles []string
|
||||
for _, proxyIdentity := range cfg.Proxy.Identities {
|
||||
for _, proxyIdentity := range dialZIds {
|
||||
identityRoles = append(identityRoles, "@"+proxyIdentity)
|
||||
logrus.Infof("added proxy identity role '%v'", proxyIdentity)
|
||||
}
|
||||
|
@ -60,7 +60,21 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
|
||||
var frontendEndpoints []string
|
||||
switch params.Body.ShareMode {
|
||||
case "public":
|
||||
svcZId, frontendEndpoints, err = newPublicResourceAllocator().allocate(envZId, svcToken, params, edge)
|
||||
var frontendZIds []string
|
||||
var frontendTemplates []string
|
||||
for _, frontendSelection := range params.Body.FrontendSelection {
|
||||
sfe, err := str.FindFrontendPubliclyNamed(frontendSelection, tx)
|
||||
if err != nil {
|
||||
logrus.Error(err)
|
||||
return service.NewUpdateShareNotFound()
|
||||
}
|
||||
if sfe != nil && sfe.UrlTemplate != nil {
|
||||
frontendZIds = append(frontendZIds, sfe.ZId)
|
||||
frontendTemplates = append(frontendTemplates, *sfe.UrlTemplate)
|
||||
logrus.Infof("added frontend selection '%v' with ziti identity '%v' for service '%v'", svcToken)
|
||||
}
|
||||
}
|
||||
svcZId, frontendEndpoints, err = newPublicResourceAllocator().allocate(envZId, svcToken, frontendZIds, frontendTemplates, params, edge)
|
||||
if err != nil {
|
||||
logrus.Error(err)
|
||||
return service.NewShareInternalServerError()
|
||||
|
@ -35,5 +35,5 @@ func (a *privateResourceAllocator) allocate(envZId, svcToken string, params serv
|
||||
return "", nil, err
|
||||
}
|
||||
|
||||
return svcZId, []string{proxyUrl(svcToken)}, nil
|
||||
return svcZId, nil, nil
|
||||
}
|
||||
|
@ -12,7 +12,7 @@ func newPublicResourceAllocator() *publicResourceAllocator {
|
||||
return &publicResourceAllocator{}
|
||||
}
|
||||
|
||||
func (a *publicResourceAllocator) allocate(envZId, svcToken string, params service.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
|
||||
func (a *publicResourceAllocator) allocate(envZId, svcToken string, frontendZIds, frontendTemplates []string, params service.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
|
||||
var authUsers []*model.AuthUser
|
||||
for _, authUser := range params.Body.AuthUsers {
|
||||
authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
|
||||
@ -31,7 +31,7 @@ func (a *publicResourceAllocator) allocate(envZId, svcToken string, params servi
|
||||
return "", nil, err
|
||||
}
|
||||
|
||||
if err := createServicePolicyDial(envZId, svcToken, svcZId, edge); err != nil {
|
||||
if err := createServicePolicyDial(envZId, svcToken, svcZId, frontendZIds, edge); err != nil {
|
||||
return "", nil, err
|
||||
}
|
||||
|
||||
@ -39,5 +39,9 @@ func (a *publicResourceAllocator) allocate(envZId, svcToken string, params servi
|
||||
return "", nil, err
|
||||
}
|
||||
|
||||
return svcZId, []string{proxyUrl(svcToken)}, nil
|
||||
for _, frontendTemplate := range frontendTemplates {
|
||||
frontendEndpoints = append(frontendEndpoints, proxyUrl(svcToken, frontendTemplate))
|
||||
}
|
||||
|
||||
return svcZId, frontendEndpoints, nil
|
||||
}
|
||||
|
@ -102,6 +102,6 @@ func realRemoteAddress(req *http.Request) string {
|
||||
return ip
|
||||
}
|
||||
|
||||
func proxyUrl(svcToken string) string {
|
||||
return strings.Replace(cfg.Proxy.UrlTemplate, "{svcToken}", svcToken, -1)
|
||||
func proxyUrl(svcToken, template string) string {
|
||||
return strings.Replace(template, "{svcToken}", svcToken, -1)
|
||||
}
|
||||
|
Reference in New Issue
Block a user