extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-02-23 05:31:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

extract real ip address when behind a load balancer (#68)

Browse Source
This commit is contained in:
Michael Quigley 2022-09-26 16:21:49 -04:00
parent e58fd0760f
commit 9cbbb40105
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
2 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
controller/enable.go
View File

@ -16,7 +16,6 @@ import (
sdk_config "github.com/openziti/sdk-golang/ziti/config" sdk_config "github.com/openziti/sdk-golang/ziti/config"
"github.com/openziti/sdk-golang/ziti/enroll" "github.com/openziti/sdk-golang/ziti/enroll"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"strings"
"time" "time"
) )
@ -29,6 +28,8 @@ func newEnableHandler(cfg *Config) *enableHandler {
} }
func (self *enableHandler) Handle(params identity.EnableParams, principal *rest_model_zrok.Principal) middleware.Responder { func (self *enableHandler) Handle(params identity.EnableParams, principal *rest_model_zrok.Principal) middleware.Responder {
logrus.Infof("headers = %v", params.HTTPRequest.Header)
// start transaction early; if it fails, don't bother creating ziti resources // start transaction early; if it fails, don't bother creating ziti resources
tx, err := str.Begin() tx, err := str.Begin()
if err != nil { if err != nil {
@ -55,13 +56,10 @@ func (self *enableHandler) Handle(params identity.EnableParams, principal *rest_
logrus.Error(err) logrus.Error(err)
return identity.NewEnableInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error())) return identity.NewEnableInternalServerError().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
} }
addrTokens := strings.Split(params.HTTPRequest.RemoteAddr, ":")
addr := addrTokens[0]
envId, err := str.CreateEnvironment(int(principal.ID), &store.Environment{ envId, err := str.CreateEnvironment(int(principal.ID), &store.Environment{
Description: params.Body.Description, Description: params.Body.Description,
Host: params.Body.Host, Host: params.Body.Host,
Address: addr, Address: realRemoteAddress(params.HTTPRequest),
ZitiIdentityId: ident.Payload.Data.ID, ZitiIdentityId: ident.Payload.Data.ID,
}, tx) }, tx)
if err != nil { if err != nil {

16
controller/util.go
View File

@ -11,6 +11,8 @@ import (
"github.com/openziti/edge/rest_management_api_client" "github.com/openziti/edge/rest_management_api_client"
"github.com/openziti/edge/rest_util" "github.com/openziti/edge/rest_util"
"github.com/pkg/errors" "github.com/pkg/errors"
"net/http"
"strings"
) )
func ZrokAuthenticate(token string) (*rest_model_zrok.Principal, error) { func ZrokAuthenticate(token string) (*rest_model_zrok.Principal, error) {
@ -60,3 +62,17 @@ func hashPassword(raw string) string {
hash.Write([]byte(raw)) hash.Write([]byte(raw))
return hex.EncodeToString(hash.Sum(nil)) return hex.EncodeToString(hash.Sum(nil))
} }
func realRemoteAddress(req *http.Request) string {
ip := strings.Split(req.RemoteAddr, ":")[0]
fwdAddress := req.Header.Get("X-Forwarded-For")
if fwdAddress != "" {
ip = fwdAddress
ips := strings.Split(fwdAddress, ", ")
if len(ips) > 1 {
ip = ips[0]
}
}
return ip
}