test
This commit is contained in:
chenzhongjie
parent
36cd2202bb
commit
dd2f4b5973
9
README_agi7.md
Normal file
9
README_agi7.md
Normal file
@ -0,0 +1,9 @@
|
||||
## build nvr frpc
|
||||
```shell
|
||||
env GOOS=linux GOARCH=arm GOARM=7 go build -v -o frpc ./cmd/frpc
|
||||
```
|
||||
|
||||
## build frps for linux
|
||||
```shell
|
||||
env GOOS=linux GOARCH=amd64 go build -v -o frpc ./cmd/frps
|
||||
```
|
||||
@ -30,7 +30,9 @@ type Setter interface {
|
||||
func NewAuthSetter(cfg v1.AuthClientConfig) (authProvider Setter) {
|
||||
switch cfg.Method {
|
||||
case v1.AuthMethodToken:
|
||||
authProvider = NewJWTAuth(cfg.AdditionalScopes, cfg.Token)
|
||||
authProvider = NewTokenAuth(cfg.AdditionalScopes, cfg.Token)
|
||||
case v1.AuthMethodJWT:
|
||||
authProvider = NewJWTAuth(cfg.AdditionalScopes, cfg.Token, cfg.Secret)
|
||||
case v1.AuthMethodOIDC:
|
||||
authProvider = NewOidcAuthSetter(cfg.AdditionalScopes, cfg.OIDC)
|
||||
default:
|
||||
@ -48,7 +50,9 @@ type Verifier interface {
|
||||
func NewAuthVerifier(cfg v1.AuthServerConfig) (authVerifier Verifier) {
|
||||
switch cfg.Method {
|
||||
case v1.AuthMethodToken:
|
||||
authVerifier = NewJWTAuth(cfg.AdditionalScopes, cfg.Token)
|
||||
authVerifier = NewTokenAuth(cfg.AdditionalScopes, cfg.Token)
|
||||
case v1.AuthMethodJWT:
|
||||
authVerifier = NewJWTAuth(cfg.AdditionalScopes, cfg.Token, cfg.Secret)
|
||||
case v1.AuthMethodOIDC:
|
||||
authVerifier = NewOidcAuthVerifier(cfg.AdditionalScopes, cfg.OIDC)
|
||||
}
|
||||
|
||||
@ -15,12 +15,14 @@ import (
|
||||
type JWTAuthSetterVerifier struct {
|
||||
additionalAuthScopes []v1.AuthScope
|
||||
token string
|
||||
secret string
|
||||
}
|
||||
|
||||
func NewJWTAuth(additionalAuthScopes []v1.AuthScope, token string) *JWTAuthSetterVerifier {
|
||||
func NewJWTAuth(additionalAuthScopes []v1.AuthScope, token, secret string) *JWTAuthSetterVerifier {
|
||||
return &JWTAuthSetterVerifier{
|
||||
additionalAuthScopes: additionalAuthScopes,
|
||||
token: token,
|
||||
secret: secret,
|
||||
}
|
||||
}
|
||||
|
||||
@ -50,7 +52,11 @@ func (auth *JWTAuthSetterVerifier) SetNewWorkConn(newWorkConnMsg *msg.NewWorkCon
|
||||
}
|
||||
|
||||
func (auth *JWTAuthSetterVerifier) VerifyLogin(m *msg.Login) error {
|
||||
return auth.VerifyToken(m.User, m.PrivilegeKey)
|
||||
if m.User == "" {
|
||||
return errors.New("user is empty")
|
||||
}
|
||||
token := m.PrivilegeKey
|
||||
return auth.VerifyToken(m.User, token)
|
||||
}
|
||||
|
||||
func (auth *JWTAuthSetterVerifier) VerifyPing(m *msg.Ping) error {
|
||||
@ -58,7 +64,8 @@ func (auth *JWTAuthSetterVerifier) VerifyPing(m *msg.Ping) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
return auth.VerifyToken("", m.PrivilegeKey)
|
||||
token := m.PrivilegeKey
|
||||
return auth.VerifyToken("", token)
|
||||
}
|
||||
|
||||
func (auth *JWTAuthSetterVerifier) VerifyNewWorkConn(m *msg.NewWorkConn) error {
|
||||
@ -66,11 +73,12 @@ func (auth *JWTAuthSetterVerifier) VerifyNewWorkConn(m *msg.NewWorkConn) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
return auth.VerifyToken("", m.PrivilegeKey)
|
||||
token := m.PrivilegeKey
|
||||
return auth.VerifyToken("", token)
|
||||
}
|
||||
|
||||
func (auth *JWTAuthSetterVerifier) VerifyToken(user, token string) error {
|
||||
methodKey := map[string]string{jwt.SigningMethodHS256.Alg(): auth.token}
|
||||
methodKey := map[string]string{jwt.SigningMethodHS256.Alg(): auth.secret}
|
||||
parser := jwt.NewParser(jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Name}))
|
||||
parsedToken, err := parser.Parse(token, func(t *jwt.Token) (any, error) {
|
||||
key, ok := methodKey[t.Method.Alg()]
|
||||
|
||||
@ -40,6 +40,7 @@ type ClientConfig struct {
|
||||
BaseConfig `ini:",extends"`
|
||||
OidcClientConfig `ini:",extends"`
|
||||
TokenConfig `ini:",extends"`
|
||||
JWTConfig `ini:",extends"`
|
||||
}
|
||||
|
||||
func GetDefaultClientConf() ClientConfig {
|
||||
@ -47,6 +48,7 @@ func GetDefaultClientConf() ClientConfig {
|
||||
BaseConfig: getDefaultBaseConf(),
|
||||
OidcClientConfig: getDefaultOidcClientConf(),
|
||||
TokenConfig: getDefaultTokenConf(),
|
||||
JWTConfig: getDefaultJWTConf(),
|
||||
}
|
||||
}
|
||||
|
||||
@ -54,6 +56,7 @@ type ServerConfig struct {
|
||||
BaseConfig `ini:",extends"`
|
||||
OidcServerConfig `ini:",extends"`
|
||||
TokenConfig `ini:",extends"`
|
||||
JWTConfig `ini:",extends"`
|
||||
}
|
||||
|
||||
func GetDefaultServerConf() ServerConfig {
|
||||
@ -61,6 +64,7 @@ func GetDefaultServerConf() ServerConfig {
|
||||
BaseConfig: getDefaultBaseConf(),
|
||||
OidcServerConfig: getDefaultOidcServerConf(),
|
||||
TokenConfig: getDefaultTokenConf(),
|
||||
JWTConfig: getDefaultJWTConf(),
|
||||
}
|
||||
}
|
||||
|
||||
@ -143,3 +147,13 @@ func getDefaultTokenConf() TokenConfig {
|
||||
Token: "",
|
||||
}
|
||||
}
|
||||
|
||||
type JWTConfig struct {
|
||||
Secret string `ini:"secret" json:"secret"`
|
||||
}
|
||||
|
||||
func getDefaultJWTConf() JWTConfig {
|
||||
return JWTConfig{
|
||||
Secret: "",
|
||||
}
|
||||
}
|
||||
|
||||
@ -175,6 +175,8 @@ type AuthClientConfig struct {
|
||||
// to succeed. By default, this value is "".
|
||||
Token string `json:"token,omitempty"`
|
||||
OIDC AuthOIDCClientConfig `json:"oidc,omitempty"`
|
||||
|
||||
Secret string `json:"secret"`
|
||||
}
|
||||
|
||||
func (c *AuthClientConfig) Complete() {
|
||||
|
||||
@ -44,6 +44,7 @@ type AuthMethod string
|
||||
const (
|
||||
AuthMethodToken AuthMethod = "token"
|
||||
AuthMethodOIDC AuthMethod = "oidc"
|
||||
AuthMethodJWT AuthMethod = "jwt"
|
||||
)
|
||||
|
||||
// QUIC protocol options
|
||||
|
||||
@ -127,6 +127,7 @@ type AuthServerConfig struct {
|
||||
AdditionalScopes []AuthScope `json:"additionalScopes,omitempty"`
|
||||
Token string `json:"token,omitempty"`
|
||||
OIDC AuthOIDCServerConfig `json:"oidc,omitempty"`
|
||||
Secret string `json:"secret,omitempty"`
|
||||
}
|
||||
|
||||
func (c *AuthServerConfig) Complete() {
|
||||
|
||||
@ -33,6 +33,7 @@ var (
|
||||
SupportedAuthMethods = []v1.AuthMethod{
|
||||
"token",
|
||||
"oidc",
|
||||
"jwt",
|
||||
}
|
||||
|
||||
SupportedAuthAdditionalScopes = []v1.AuthScope{
|
||||
|
||||
@ -17,6 +17,8 @@ package msg
|
||||
import (
|
||||
"io"
|
||||
"reflect"
|
||||
|
||||
"github.com/fatedier/frp/pkg/util/log"
|
||||
)
|
||||
|
||||
func AsyncHandler(f func(Message)) func(Message) {
|
||||
@ -65,6 +67,7 @@ func (d *Dispatcher) readLoop() {
|
||||
for {
|
||||
m, err := ReadMsg(d.rw)
|
||||
if err != nil {
|
||||
log.Errorf("read msg error, %v", err)
|
||||
close(d.doneCh)
|
||||
return
|
||||
}
|
||||
|
||||
@ -186,7 +186,7 @@ func NewControl(
|
||||
ctl.lastPing.Store(time.Now())
|
||||
|
||||
if ctlConnEncrypted {
|
||||
cryptoRW, err := netpkg.NewCryptoReadWriter(ctl.conn, []byte(ctl.serverCfg.Auth.Token))
|
||||
cryptoRW, err := netpkg.NewCryptoReadWriter(ctl.conn, []byte(loginMsg.PrivilegeKey))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user