mirror of
https://github.com/apernet/hysteria.git
synced 2025-04-03 20:47:38 +03:00
External HTTP auth implementation
This commit is contained in:
Toby
parent
da65c4cbf5
commit
461b16f07f
2 changed files with 75 additions and 0 deletions
|
|
@ -6,12 +6,15 @@ import (
|
|||
"github.com/lucas-clemente/quic-go/congestion"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/tobyxdd/hysteria/pkg/acl"
|
||||
"github.com/tobyxdd/hysteria/pkg/auth"
|
||||
hyCongestion "github.com/tobyxdd/hysteria/pkg/congestion"
|
||||
"github.com/tobyxdd/hysteria/pkg/core"
|
||||
"github.com/tobyxdd/hysteria/pkg/obfs"
|
||||
"github.com/yosuke-furukawa/json5/encoding/json5"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
func server(config *serverConfig) {
|
||||
|
|
@ -72,6 +75,22 @@ func server(config *serverConfig) {
|
|||
return false, "Wrong password"
|
||||
}
|
||||
}
|
||||
case "external":
|
||||
logrus.Info("External authentication enabled")
|
||||
var extConfig map[string]string
|
||||
err = json5.Unmarshal(config.Auth.Config, &extConfig)
|
||||
if err != nil || len(extConfig["http"]) == 0 {
|
||||
logrus.WithFields(logrus.Fields{
|
||||
"error": err,
|
||||
}).Fatal("Invalid external authentication config")
|
||||
}
|
||||
provider := &auth.HTTPAuthProvider{
|
||||
Client: &http.Client{
|
||||
Timeout: 10 * time.Second,
|
||||
},
|
||||
URL: extConfig["http"],
|
||||
}
|
||||
authFunc = provider.Auth
|
||||
default:
|
||||
logrus.WithField("mode", config.Auth.Mode).Fatal("Unsupported authentication mode")
|
||||
}
|
||||
|
|
|
|||
56
pkg/auth/http.go
Normal file
56
pkg/auth/http.go
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
"net"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
type HTTPAuthProvider struct {
|
||||
Client *http.Client
|
||||
URL string
|
||||
}
|
||||
|
||||
type authReq struct {
|
||||
Addr string `json:"addr"`
|
||||
Payload []byte `json:"payload"`
|
||||
Send uint64 `json:"send"`
|
||||
Recv uint64 `json:"recv"`
|
||||
}
|
||||
|
||||
type authResp struct {
|
||||
OK bool `json:"ok"`
|
||||
Msg string `json:"msg"`
|
||||
}
|
||||
|
||||
func (p *HTTPAuthProvider) Auth(addr net.Addr, auth []byte, sSend uint64, sRecv uint64) (bool, string) {
|
||||
jbs, err := json.Marshal(&authReq{
|
||||
Addr: addr.String(),
|
||||
Payload: auth,
|
||||
Send: sSend,
|
||||
Recv: sRecv,
|
||||
})
|
||||
if err != nil {
|
||||
return false, "Internal error"
|
||||
}
|
||||
resp, err := p.Client.Post(p.URL, "application/json", bytes.NewBuffer(jbs))
|
||||
if err != nil {
|
||||
return false, "Internal error"
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
return false, "Auth endpoint error"
|
||||
}
|
||||
data, err := ioutil.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return false, "Auth endpoint error"
|
||||
}
|
||||
var ar authResp
|
||||
err = json.Unmarshal(data, &ar)
|
||||
if err != nil {
|
||||
return false, "Auth endpoint error"
|
||||
}
|
||||
return ar.OK, ar.Msg
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue