mirror of
https://github.com/openziti/zrok.git
synced 2025-06-27 05:01:26 +02:00
new 'logic' layer in Agent for private access (#922)
This commit is contained in:
parent
534b8492ad
commit
9faf122416
@ -6,6 +6,16 @@ import (
|
||||
"github.com/openziti/zrok/cmd/zrok/subordinate"
|
||||
)
|
||||
|
||||
type AccessPrivateRequest struct {
|
||||
Token string
|
||||
BindAddress string
|
||||
AutoMode bool
|
||||
AutoAddress string
|
||||
AutoStartPort uint16
|
||||
AutoEndPort uint16
|
||||
ResponseHeaders []string
|
||||
}
|
||||
|
||||
type access struct {
|
||||
frontendToken string
|
||||
token string
|
||||
|
@ -12,14 +12,14 @@ import (
|
||||
"os"
|
||||
)
|
||||
|
||||
func (i *agentGrpcImpl) AccessPrivate(_ context.Context, req *agentGrpc.AccessPrivateRequest) (*agentGrpc.AccessPrivateResponse, error) {
|
||||
func (a *Agent) AccessPrivate(req *AccessPrivateRequest) (frontendToken string, err error) {
|
||||
root, err := environment.LoadRoot()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return "", err
|
||||
}
|
||||
|
||||
if !root.IsEnabled() {
|
||||
return nil, errors.New("unable to load environment; did you 'zrok enable'?")
|
||||
return "", errors.New("unable to load environment; did you 'zrok enable'?")
|
||||
}
|
||||
|
||||
accCmd := []string{os.Args[0], "access", "private", "--subordinate", "-b", req.BindAddress, req.Token}
|
||||
@ -38,7 +38,7 @@ func (i *agentGrpcImpl) AccessPrivate(_ context.Context, req *agentGrpc.AccessPr
|
||||
autoEndPort: uint16(req.AutoEndPort),
|
||||
responseHeaders: req.ResponseHeaders,
|
||||
sub: subordinate.NewMessageHandler(),
|
||||
agent: i.agent,
|
||||
agent: a,
|
||||
}
|
||||
acc.sub.MessageHandler = func(msg subordinate.Message) {
|
||||
logrus.Info(msg)
|
||||
@ -74,20 +74,36 @@ func (i *agentGrpcImpl) AccessPrivate(_ context.Context, req *agentGrpc.AccessPr
|
||||
|
||||
acc.process, err = proctree.StartChild(acc.sub.Tail, accCmd...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return "", err
|
||||
}
|
||||
|
||||
<-acc.sub.BootComplete
|
||||
|
||||
if bootErr == nil {
|
||||
go acc.monitor()
|
||||
i.agent.addAccess <- acc
|
||||
return &agentGrpc.AccessPrivateResponse{FrontendToken: acc.frontendToken}, nil
|
||||
a.addAccess <- acc
|
||||
return acc.frontendToken, nil
|
||||
|
||||
} else {
|
||||
if err := proctree.WaitChild(acc.process); err != nil {
|
||||
logrus.Errorf("error joining: %v", err)
|
||||
}
|
||||
return nil, fmt.Errorf("unable to start access: %v", bootErr)
|
||||
return "", fmt.Errorf("unable to start access: %v", bootErr)
|
||||
}
|
||||
}
|
||||
|
||||
func (i *agentGrpcImpl) AccessPrivate(_ context.Context, req *agentGrpc.AccessPrivateRequest) (*agentGrpc.AccessPrivateResponse, error) {
|
||||
if frontendToken, err := i.agent.AccessPrivate(&AccessPrivateRequest{
|
||||
Token: req.Token,
|
||||
BindAddress: req.BindAddress,
|
||||
AutoMode: req.AutoMode,
|
||||
AutoAddress: req.AutoAddress,
|
||||
AutoStartPort: uint16(req.AutoStartPort),
|
||||
AutoEndPort: uint16(req.AutoEndPort),
|
||||
ResponseHeaders: req.ResponseHeaders,
|
||||
}); err == nil {
|
||||
return &agentGrpc.AccessPrivateResponse{FrontendToken: frontendToken}, nil
|
||||
} else {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
@ -7,13 +7,16 @@ import (
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func (i *agentGrpcImpl) ReleaseAccess(_ context.Context, req *agentGrpc.ReleaseAccessRequest) (*agentGrpc.ReleaseAccessResponse, error) {
|
||||
if acc, found := i.agent.accesses[req.FrontendToken]; found {
|
||||
i.agent.rmAccess <- acc
|
||||
func (a *Agent) ReleaseAccess(frontendToken string) error {
|
||||
if acc, found := a.accesses[frontendToken]; found {
|
||||
a.rmAccess <- acc
|
||||
logrus.Infof("released access '%v'", acc.frontendToken)
|
||||
|
||||
} else {
|
||||
return nil, errors.Errorf("agent has no access with frontend token '%v'", req.FrontendToken)
|
||||
return errors.Errorf("agent has no access with frontend token '%v'", frontendToken)
|
||||
}
|
||||
return nil, nil
|
||||
return nil
|
||||
}
|
||||
|
||||
func (i *agentGrpcImpl) ReleaseAccess(_ context.Context, req *agentGrpc.ReleaseAccessRequest) (*agentGrpc.ReleaseAccessResponse, error) {
|
||||
return nil, i.agent.ReleaseAccess(req.FrontendToken)
|
||||
}
|
||||
|
@ -9,6 +9,32 @@ import (
|
||||
"time"
|
||||
)
|
||||
|
||||
type SharePrivateRequest struct {
|
||||
Target string
|
||||
BackendMode string
|
||||
Insecure bool
|
||||
Closed bool
|
||||
AccessGrants []string
|
||||
}
|
||||
|
||||
type SharePublicRequest struct {
|
||||
Target string
|
||||
BasicAuth []string
|
||||
FrontendSelection []string
|
||||
BackendMode string
|
||||
Insecure bool
|
||||
OauthProvider string
|
||||
OauthCheckInterval string
|
||||
Closed bool
|
||||
AccessGrants []string
|
||||
}
|
||||
|
||||
type ShareReservedRequest struct {
|
||||
Token string
|
||||
OverrideEndpoint string
|
||||
Insecure bool
|
||||
}
|
||||
|
||||
type share struct {
|
||||
token string
|
||||
frontendEndpoints []string
|
||||
|
Loading…
x
Reference in New Issue
Block a user