From a26302e81e1aee07ec6e6b4245140453b7262d7c Mon Sep 17 00:00:00 2001 From: zhangyasong Date: Tue, 22 Mar 2022 16:04:46 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0token=E9=89=B4=E6=9D=83?= =?UTF-8?q?=E8=AE=A4=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .beagle.yml | 16 ++++++++-------- src/handler/proxyhandler.go | 30 +++++++++++++++++++++++++++++- src/model/response.go | 12 ++++++++++++ src/service/field.go | 4 ++-- 4 files changed, 51 insertions(+), 11 deletions(-) diff --git a/.beagle.yml b/.beagle.yml index a78ca41..47adb7c 100644 --- a/.beagle.yml +++ b/.beagle.yml @@ -30,7 +30,7 @@ pipeline: base: registry.cn-qingdao.aliyuncs.com/wod/alpine:3.12 dockerfile: build/dockerfile repo: wod/apaas-meshproxy - version: v3.0.3 + version: v3.0.4 channel: alpha args: "TARGETOS=linux,TARGETARCH=amd64" registry: registry.cn-qingdao.aliyuncs.com @@ -47,8 +47,8 @@ pipeline: dns: 223.5.5.5 volumes: - /var/run/docker.sock:/var/run/docker.sock - source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.3-alpha - target: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.3 + source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.4-alpha + target: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.4 registry: registry.cn-qingdao.aliyuncs.com secrets: - source: REGISTRY_USER_ALIYUN @@ -63,7 +63,7 @@ pipeline: dns: 223.5.5.5 volumes: - /var/run/docker.sock:/var/run/docker.sock - source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.3 + source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.4 target: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0 registry: registry.cn-qingdao.aliyuncs.com secrets: @@ -83,7 +83,7 @@ pipeline: base: registry.cn-qingdao.aliyuncs.com/wod/alpine:3.12-arm64 dockerfile: build/dockerfile repo: wod/apaas-meshproxy - version: "v3.0.3" + version: v3.0.4 channel: alpha-arm64 args: "TARGETOS=linux,TARGETARCH=arm64" registry: registry.cn-qingdao.aliyuncs.com @@ -100,8 +100,8 @@ pipeline: dns: 223.5.5.5 volumes: - /var/run/docker.sock:/var/run/docker.sock - source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.3-alpha-arm64 - target: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.3-arm64 + source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.4-alpha-arm64 + target: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.4-arm64 registry: registry.cn-qingdao.aliyuncs.com secrets: - source: REGISTRY_USER_ALIYUN @@ -116,7 +116,7 @@ pipeline: dns: 223.5.5.5 volumes: - /var/run/docker.sock:/var/run/docker.sock - source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.3-arm64 + source: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0.4-arm64 target: registry.cn-qingdao.aliyuncs.com/wod/apaas-meshproxy:v3.0-arm64 registry: registry.cn-qingdao.aliyuncs.com secrets: diff --git a/src/handler/proxyhandler.go b/src/handler/proxyhandler.go index c4241e9..fe53500 100644 --- a/src/handler/proxyhandler.go +++ b/src/handler/proxyhandler.go @@ -36,14 +36,31 @@ func Proxy(c *gin.Context) { return } apiId := c.Param("apiid") + + var apaasToken string + apaasToken = c.Query("apaasToken") + if apaasToken == "" { + apaasToken = c.GetHeader("Authorization") + } + fmt.Println("apaasToken:", apaasToken) + if apaasToken == "" { + c.JSON(403, "Get Authorization Token failed") + return + } + //获取服务相关信息 proxyData, err := service.GetRealPath(applyId, apiId) - if err != nil { fmt.Println("err......", err.Error()) c.Error(err) return } + + if proxyData.ApaasToken != apaasToken { + c.JSON(403, "invalid Authorization Token") + return + } + //proxyData.ReqUrl = "https://apaas3.wodcloud.com/iam/login/#/login" if proxyData.SecondLevel != 1 { res := model.WebRes{} @@ -86,6 +103,17 @@ func Proxy(c *gin.Context) { c.JSON(200, res) return }*/ + + switch proxyData.ReqAuthMthod { + case 0: // 注册的服务无鉴权 + c.Request.Header.Del("Authorization") + case 1: // 注册的服务通过静态token鉴权 + c.Request.Header.Set(proxyData.ReqAuthTokenName, proxyData.ReqAuthToken) + case 2: // 注册的服务通过动态token鉴权 + // 透传apaasToken + break + } + fmt.Println("判断是否为静态文件") //如果是静态文件 if CheckStaticFile(c.Request.URL.Path) { diff --git a/src/model/response.go b/src/model/response.go index 010cca6..42f219e 100644 --- a/src/model/response.go +++ b/src/model/response.go @@ -1,3 +1,11 @@ +/* + * @Descripttion: + * @Author: Zhang YaSong + * @version: + * @Date: 2022-03-22 15:50:26 + * @LastEditors: Zhang YaSong + * @LastEditTime: 2022-03-22 15:52:03 + */ package model import "time" @@ -29,6 +37,10 @@ type ProxyData struct { ApiId int64 `json:"api_id"` //接口ID RequestStartTime string `json:"request_start_time"` // 申请使用开始时间 RequestEndTime string `json:"request_end_time"` // 申请使用结束时间 + ApaasToken string `json:"apaas_token"` // apaas校验token + ReqAuthMthod int64 `json:"req_auth_mthod"` // 0 注册的服务无鉴权,1 注册的服务通过静态token鉴权 2 注册的服务通过动态token鉴权 + ReqAuthToken string `json:"req_auth_token"` + ReqAuthTokenName string `json:"req_auth_token_name"` } type WebRes struct { diff --git a/src/service/field.go b/src/service/field.go index d983df7..6c323bc 100644 --- a/src/service/field.go +++ b/src/service/field.go @@ -475,7 +475,7 @@ func GetRealPath(applyId, apiId string) (model.ProxyData, error) { var res model.ProxyData apiid := cast.ToInt64(apiId) if apiid == 0 { - has, err := db.NewSession().Select("ssc.sensituve_word,sa.service_id,sa.id as apply_id, s.req_url,sa.request_count,sa.duration,sa.duration_unit,sa.spcs_type,sa.spcs_count,sa.res_fields,s.data_service_type1,s.data_service_type2 ,s.data_service_type3,sa.second_level,sa.service_end_time,s.req_name,s.state as service_state,sa.pay_status,sa.user_id as apply_user_id,s.user_id as service_user_id,s.organization as service_oid,sa.apply_oid,sa.request_start_time,sa.request_end_time"). + has, err := db.NewSession().Select("ssc.sensituve_word,sa.service_id,sa.id as apply_id, s.req_url,sa.request_count,sa.duration,sa.duration_unit,sa.spcs_type,sa.spcs_count,sa.res_fields,s.data_service_type1,s.data_service_type2 ,s.data_service_type3,sa.second_level,sa.service_end_time,s.req_name,s.state as service_state,sa.pay_status,sa.user_id as apply_user_id,s.user_id as service_user_id,s.organization as service_oid,sa.apply_oid,sa.request_start_time,sa.request_end_time,s.req_auth_token,s.req_auth_token_name,sa.apaas_token,s.req_auth_mthod"). Table("service_apply").Alias("sa").Join("inner", []string{"service", "s"}, "sa.service_id=s.id").Join("left", []string{"service_safe_config", "ssc"}, "ssc.service_id=sa.service_id").Where("s.is_deleted =0 and sa.is_deleted =0 and s.state in(1,3) and sa.uuid=?", applyId).Get(&res) if err != nil { log.Println(err) @@ -484,7 +484,7 @@ func GetRealPath(applyId, apiId string) (model.ProxyData, error) { return model.ProxyData{}, errors.New(`未找到发布的服务!`) } } else { - has, err := db.NewSession().Select("ssc.sensituve_word,sre.id as api_id,sa.service_id,sa.id as apply_id,sre.req_url,sa.request_count,sa.duration,sa.duration_unit,sa.spcs_type,sa.spcs_count,sa.res_fields,s.data_service_type1,s.data_service_type2 ,s.data_service_type3,sa.second_level,sa.service_end_time,sre.req_name,s.state as service_state,sa.pay_status,sa.user_id as apply_user_id,s.user_id as service_user_id,s.organization as service_oid,sa.apply_oid,sa.request_start_time,sa.request_end_time"). + has, err := db.NewSession().Select("ssc.sensituve_word,sre.id as api_id,sa.service_id,sa.id as apply_id,sre.req_url,sa.request_count,sa.duration,sa.duration_unit,sa.spcs_type,sa.spcs_count,sa.res_fields,s.data_service_type1,s.data_service_type2 ,s.data_service_type3,sa.second_level,sa.service_end_time,sre.req_name,s.state as service_state,sa.pay_status,sa.user_id as apply_user_id,s.user_id as service_user_id,s.organization as service_oid,sa.apply_oid,sa.request_start_time,sa.request_end_time,s.req_auth_token,s.req_auth_token_name,sa.apaas_token,s.req_auth_mthod"). Table("service_apply").Alias("sa").Join("inner", []string{"service", "s"}, "sa.service_id=s.id").Join("inner", []string{"service_req_extend", "sre"}, "sre.service_id = sa.service_id and sre.id =?", apiid).Join("left", []string{"service_safe_config", "ssc"}, "ssc.service_id=sa.service_id").Where("s.is_deleted =0 and sa.is_deleted =0 and s.state in(1,3) and sa.uuid=?", applyId).Get(&res) if err != nil { log.Println(err) -- 2.26.0