ing
This commit is contained in:
crusader
parent
f9c7c69d0b
commit
3f7d55695c
|
|
@ -13,7 +13,7 @@
|
|||
"EnableCompression": false
|
||||
},
|
||||
"gRPC": {
|
||||
"addr": "192.168.1.50:50006",
|
||||
"addr": "127.0.0.1:50006",
|
||||
"tls": false,
|
||||
"pool": {
|
||||
"MaxIdle": 1,
|
||||
|
|
|
|||
100
server/auth_servlet.go
Normal file
100
server/auth_servlet.go
Normal file
|
|
@ -0,0 +1,100 @@
|
|||
package server
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"git.loafle.net/commons_go/logging"
|
||||
"git.loafle.net/overflow/overflow_gateway_probe/grpc"
|
||||
ogw "git.loafle.net/overflow/overflow_gateway_websocket"
|
||||
"github.com/valyala/fasthttp"
|
||||
)
|
||||
|
||||
const (
|
||||
noAuthHeaderNoAuthID = "overFlow-NoAuth-ID"
|
||||
noAuthHeaderNoAuthRegist = "overFlow-NoAuth-Regist"
|
||||
noAuthHeaderSetNoAuthID = "overFlow-Set-NoAuth-ID"
|
||||
)
|
||||
|
||||
func newAuthServlet() Servlet {
|
||||
s := &authServlet{}
|
||||
return s
|
||||
}
|
||||
|
||||
type authServlet struct {
|
||||
}
|
||||
|
||||
func (s *authServlet) IsCanConnect(ctx *fasthttp.RequestCtx) bool {
|
||||
var buf []byte
|
||||
if buf = ctx.Request.Header.Peek(noAuthHeaderNoAuthID); nil != buf {
|
||||
return s.noAuthConnect(ctx, string(buf))
|
||||
}
|
||||
if buf = ctx.Request.Header.Peek(noAuthHeaderNoAuthRegist); nil != buf {
|
||||
return s.noAuthRegist(ctx, string(buf))
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func (s *authServlet) noAuthConnect(ctx *fasthttp.RequestCtx, tempKey string) bool {
|
||||
var err error
|
||||
gctx := context.Background()
|
||||
params := []string{tempKey}
|
||||
|
||||
var result string
|
||||
if result, err = grpc.Exec(gctx, "NoAuthProbeService.readByTempKey", params); nil != err {
|
||||
logging.Logger.Warn(fmt.Sprintf("Auth: Invalid connect tempKey[%s] ip[%s]", tempKey, ctx.RemoteAddr().String()))
|
||||
return false
|
||||
}
|
||||
var nap NoAuthProbe
|
||||
if err = json.Unmarshal([]byte(result), &nap); nil != err {
|
||||
logging.Logger.Warn(fmt.Sprintf("Auth: Cannot conver json[%s] ip[%s]", result, ctx.RemoteAddr().String()))
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func (s *authServlet) noAuthRegist(ctx *fasthttp.RequestCtx, encInfo string) bool {
|
||||
var buf []byte
|
||||
var err error
|
||||
if buf, err = base64.StdEncoding.DecodeString(encInfo); nil != err {
|
||||
logging.Logger.Warn(fmt.Sprintf("Auth: Invalid noAuth regist base64[%s] ip[%s]", encInfo, ctx.RemoteAddr().String()))
|
||||
return false
|
||||
}
|
||||
noauthJSON := string(buf)
|
||||
gctx := context.Background()
|
||||
params := []string{noauthJSON}
|
||||
var result string
|
||||
if result, err = grpc.Exec(gctx, "NoAuthProbeService.regist", params); nil != err {
|
||||
logging.Logger.Warn(fmt.Sprintf("Auth: Invalid noAuth regist info[%s] ip[%s]", noauthJSON, ctx.RemoteAddr().String()))
|
||||
return false
|
||||
}
|
||||
|
||||
var nap NoAuthProbe
|
||||
if err = json.Unmarshal([]byte(result), &nap); nil != err {
|
||||
logging.Logger.Warn(fmt.Sprintf("Auth: Invalid noAuth regist result[%s] ip[%s]", result, ctx.RemoteAddr().String()))
|
||||
return false
|
||||
}
|
||||
|
||||
ctx.Response.Header.Set(noAuthHeaderSetNoAuthID, nap.TempProbeKey)
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func (s *authServlet) SessionUID(soc ogw.Socket) string {
|
||||
var buf []byte
|
||||
if buf = soc.Conn().Headers().Peek(noAuthHeaderNoAuthID); nil != buf {
|
||||
return string(buf)
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
type NoAuthProbe struct {
|
||||
ID uint64 `json:"id"`
|
||||
Description string `json:"description"`
|
||||
TempProbeKey string `json:"tempProbeKey"`
|
||||
}
|
||||
25
server/probe_servlet.go
Normal file
25
server/probe_servlet.go
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
package server
|
||||
|
||||
import (
|
||||
ogw "git.loafle.net/overflow/overflow_gateway_websocket"
|
||||
"github.com/valyala/fasthttp"
|
||||
)
|
||||
|
||||
func newProbeServlet() Servlet {
|
||||
s := &probeServlet{}
|
||||
return s
|
||||
}
|
||||
|
||||
type probeServlet struct {
|
||||
}
|
||||
|
||||
func (s *probeServlet) IsCanConnect(ctx *fasthttp.RequestCtx) bool {
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func (s *probeServlet) SessionUID(soc ogw.Socket) string {
|
||||
|
||||
return ""
|
||||
|
||||
}
|
||||
|
|
@ -3,6 +3,8 @@ package server
|
|||
import (
|
||||
"context"
|
||||
|
||||
"github.com/valyala/fasthttp"
|
||||
|
||||
"git.loafle.net/overflow/overflow_gateway_probe/conf"
|
||||
ogw "git.loafle.net/overflow/overflow_gateway_websocket"
|
||||
)
|
||||
|
|
@ -17,3 +19,8 @@ func NewServer(ctx context.Context) ogw.Server {
|
|||
|
||||
return _s
|
||||
}
|
||||
|
||||
type Servlet interface {
|
||||
IsCanConnect(ctx *fasthttp.RequestCtx) bool
|
||||
SessionUID(soc ogw.Socket) string
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,12 +2,10 @@ package server
|
|||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"git.loafle.net/commons_go/config"
|
||||
"git.loafle.net/overflow/overflow_gateway_probe/conf"
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
"github.com/valyala/fasthttp"
|
||||
|
||||
ogw "git.loafle.net/overflow/overflow_gateway_websocket"
|
||||
|
|
@ -17,50 +15,42 @@ var ofSigningKey []byte
|
|||
|
||||
func newServerHandler(ctx context.Context) ogw.ServerHandler {
|
||||
h := &serverHandlers{
|
||||
ctx: ctx,
|
||||
ctx: ctx,
|
||||
servlets: make(map[string]Servlet, 2),
|
||||
}
|
||||
h.HandshakeTimeout = conf.Config.Websocket.HandshakeTimeout * time.Second
|
||||
h.ReadBufferSize = conf.Config.Websocket.ReadBufferSize
|
||||
h.WriteBufferSize = conf.Config.Websocket.WriteBufferSize
|
||||
h.EnableCompression = conf.Config.Websocket.EnableCompression
|
||||
|
||||
h.servlets["/auth"] = newAuthServlet()
|
||||
h.servlets["/probe"] = newProbeServlet()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
type serverHandlers struct {
|
||||
ogw.ServerHandlers
|
||||
ctx context.Context
|
||||
cfg config.Configurator
|
||||
ctx context.Context
|
||||
cfg config.Configurator
|
||||
servlets map[string]Servlet
|
||||
}
|
||||
|
||||
func (h *serverHandlers) OnConnect(ctx *fasthttp.RequestCtx) bool {
|
||||
if s, ok := h.servlets[string(ctx.Path())]; ok {
|
||||
return s.IsCanConnect(ctx)
|
||||
}
|
||||
|
||||
return true
|
||||
return false
|
||||
}
|
||||
|
||||
func (h *serverHandlers) OnConnected(soc ogw.Socket) {
|
||||
// tokenString := string(soc.Conn().Headers().Cookie("AuthToken"))
|
||||
tokenString := "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJvdmVyRmxvdyIsImlhdCI6MTUwNDU5NTExOSwiZXhwIjoxNTM2MTMxMTE5LCJhdWQiOiJ3d3cub3ZlcmZsb3cuY2xvdWQiLCJzdWIiOiJvdmVyZmxvd0Bsb2FmbGUuY29tIn0.-WQi3OykPlJ9x8RcZGhWXEtGw4GhU6wmyJ_AWh2rMeUatQylfPzvmum2Xfp6pwKLMmcP76XoDPNyq06i7RKWNQ"
|
||||
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
|
||||
// Don't forget to validate the alg is what you expect:
|
||||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
||||
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
|
||||
if s, ok := h.servlets[soc.Path()]; ok {
|
||||
if uid := s.SessionUID(soc); "" != uid {
|
||||
path := soc.Path()
|
||||
AddSocket(path, uid, soc)
|
||||
}
|
||||
|
||||
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
|
||||
return ofSigningKey, nil
|
||||
})
|
||||
path := soc.Path()
|
||||
var uid string
|
||||
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
|
||||
uid = claims["sub"].(string)
|
||||
} else {
|
||||
fmt.Println(err)
|
||||
return
|
||||
}
|
||||
|
||||
AddSocket(path, uid, soc)
|
||||
|
||||
}
|
||||
|
||||
func (h *serverHandlers) OnDisconnected(soc ogw.Socket) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user