ouyang/ghproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update authPassThrough

Browse Source
This commit is contained in:
WJQSERVER
2025-01-01 08:45:29 +08:00
parent 83e6b78a93
commit acd38f4fe0
1 changed files with 47 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
proxy/proxy.go
View File

@@ -34,7 +34,7 @@ var exps = []*regexp.Regexp{
regexp.MustCompile(`^(?:https?://)?api\.github\.com/repos/([^/]+)/([^/]+)/.*`), regexp.MustCompile(`^(?:https?://)?api\.github\.com/repos/([^/]+)/([^/]+)/.*`),
} }
func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *rate.IPRateLimiter) gin.HandlerFunc { func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *rate.IPRateLimiter, runMode string) gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
// 限制访问频率 // 限制访问频率
if cfg.RateLimit.Enabled { if cfg.RateLimit.Enabled {
@@ -134,9 +134,9 @@ func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *ra
switch { switch {
case exps[0].MatchString(rawPath), exps[1].MatchString(rawPath), exps[3].MatchString(rawPath), exps[4].MatchString(rawPath): case exps[0].MatchString(rawPath), exps[1].MatchString(rawPath), exps[3].MatchString(rawPath), exps[4].MatchString(rawPath):
ProxyRequest(c, rawPath, cfg, "chrome") ProxyRequest(c, rawPath, cfg, "chrome", runMode)
case exps[2].MatchString(rawPath): case exps[2].MatchString(rawPath):
ProxyRequest(c, rawPath, cfg, "git") ProxyRequest(c, rawPath, cfg, "git", runMode)
default: default:
c.String(http.StatusForbidden, "Invalid input.") c.String(http.StatusForbidden, "Invalid input.")
fmt.Println("Invalid input.") fmt.Println("Invalid input.")
@@ -167,11 +167,14 @@ func MatchUserRepo(rawPath string, cfg *config.Config, c *gin.Context, matches [
return "", "" return "", ""
} }
func ProxyRequest(c *gin.Context, u string, cfg *config.Config, mode string) { func ProxyRequest(c *gin.Context, u string, cfg *config.Config, mode string, runMode string) {
method := c.Request.Method method := c.Request.Method
logInfo("%s %s %s %s %s", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto) logInfo("%s %s %s %s %s", c.ClientIP(), method, u, c.Request.Header.Get("User-Agent"), c.Request.Proto)
client := createHTTPClient(mode) client := createHTTPClient(mode)
if runMode == "dev" {
client.DevMode()
}
// 发送HEAD请求, 预获取Content-Length // 发送HEAD请求, 预获取Content-Length
headReq := client.R() headReq := client.R()
@@ -197,7 +200,7 @@ func ProxyRequest(c *gin.Context, u string, cfg *config.Config, mode string) {
req := client.R().SetBody(body) req := client.R().SetBody(body)
setRequestHeaders(c, req) setRequestHeaders(c, req)
authPassThrough(c, cfg) authPassThrough(c, cfg, req)
resp, err := SendRequest(c, req, method, u) resp, err := SendRequest(c, req, method, u)
if err != nil { if err != nil {
@@ -251,13 +254,46 @@ func setRequestHeaders(c *gin.Context, req *req.Request) {
} }
} }
func authPassThrough(c *gin.Context, cfg *config.Config) { /*
// 判断 func authPassThrough(c *gin.Context, cfg *config.Config, req *req.Request) {
if cfg.Auth.AuthMethod == "parameters" && !cfg.Auth.Enabled { if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "parameters" && !cfg.Auth.Enabled {
// 获取参数(token) // only mode
token := c.Query("token")
req.SetHeader("Authorization", "token "+token)
} else if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "header" && cfg.Auth.Enabled {
// mix mode
token := c.Query("token")
req.SetHeader("Authorization", "token "+token)
} else if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "parameters" && cfg.Auth.Enabled {
// conflict
logWarning("%s %s %s %s %s Auth-Error: Conflict Auth Method", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
c.JSON(http.StatusForbidden, gin.H{"error": "Conflict Auth Method"})
return
} else if cfg.Auth.PassThrough && cfg.Auth.AuthMethod == "header" && !cfg.Auth.Enabled {
// only mode
token := c.Query("token")
req.SetHeader("Authorization", "token "+token)
}
}
*/
func authPassThrough(c *gin.Context, cfg *config.Config, req *req.Request) {
if cfg.Auth.PassThrough {
token := c.Query("token") token := c.Query("token")
// 写入Header switch cfg.Auth.AuthMethod {
c.Header("Authorization", "token "+token) case "parameters":
if !cfg.Auth.Enabled {
req.SetHeader("Authorization", "token "+token)
} else {
logWarning("%s %s %s %s %s Auth-Error: Conflict Auth Method", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
}
case "header":
if cfg.Auth.Enabled {
req.SetHeader("Authorization", "token "+token)
}
default:
logWarning("%s %s %s %s %s Invalid Auth Method / Auth Method is not be set", c.ClientIP(), c.Request.Method, c.Request.URL.String(), c.Request.Header.Get("User-Agent"), c.Request.Proto)
}
} }
} }