extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-06-20 01:37:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

initial user-agent driven interstitial implementation (#715)

Browse Source
This commit is contained in:
Michael Quigley 2024-07-31 13:10:04 -04:00
parent ed09ab2c25
commit 1f08ca43ea
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
2 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
endpoints/publicProxy/config.go
View File

@ -16,11 +16,16 @@ type Config struct {
Identity string Identity string
Address string Address string
HostMatch string HostMatch string
Interstitial bool Interstitial *InterstitialConfig
Oauth *OauthConfig Oauth *OauthConfig
Tls *endpoints.TlsConfig Tls *endpoints.TlsConfig
} }
type InterstitialConfig struct {
Enabled bool
UserAgentPrefixes []string
}
type OauthConfig struct { type OauthConfig struct {
BindAddress string BindAddress string
RedirectUrl string RedirectUrl string
@ -48,7 +53,6 @@ func DefaultConfig() *Config {
return &Config{ return &Config{
Identity: "public", Identity: "public",
Address: "0.0.0.0:8080", Address: "0.0.0.0:8080",
Interstitial: false,
} }
} }

18
endpoints/publicProxy/http.go
View File

@ -158,7 +158,22 @@ func shareHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Conte
if shrToken != "" { if shrToken != "" {
if svc, found := endpoints.GetRefreshedService(shrToken, ctx); found { if svc, found := endpoints.GetRefreshedService(shrToken, ctx); found {
if cfg, found := svc.Config[sdk.ZrokProxyConfig]; found { if cfg, found := svc.Config[sdk.ZrokProxyConfig]; found {
if pcfg.Interstitial { if pcfg.Interstitial != nil && pcfg.Interstitial.Enabled {
sendInterstitial := true
if len(pcfg.Interstitial.UserAgentPrefixes) > 0 {
ua := r.Header.Get("User-Agent")
matched := false
for _, prefix := range pcfg.Interstitial.UserAgentPrefixes {
if strings.HasPrefix(ua, prefix) {
matched = true
break
}
}
if !matched {
sendInterstitial = false
}
}
if sendInterstitial {
if v, istlFound := cfg["interstitial"]; istlFound { if v, istlFound := cfg["interstitial"]; istlFound {
if istlEnabled, ok := v.(bool); ok && istlEnabled { if istlEnabled, ok := v.(bool); ok && istlEnabled {
skip := r.Header.Get("skip_zrok_interstitial") skip := r.Header.Get("skip_zrok_interstitial")
@ -171,6 +186,7 @@ func shareHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Conte
} }
} }
} }
}
if scheme, found := cfg["auth_scheme"]; found { if scheme, found := cfg["auth_scheme"]; found {
switch scheme { switch scheme {