mirror of
https://github.com/yusing/godoxy.git
synced 2025-05-20 20:52:33 +02:00
268 lines
5.5 KiB
Go
268 lines
5.5 KiB
Go
package rules
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
E "github.com/yusing/go-proxy/internal/error"
|
|
"github.com/yusing/go-proxy/internal/net/types"
|
|
"github.com/yusing/go-proxy/internal/utils/strutils"
|
|
)
|
|
|
|
type RuleOn struct {
|
|
raw string
|
|
checker Checker
|
|
}
|
|
|
|
const (
|
|
OnHeader = "header"
|
|
OnQuery = "query"
|
|
OnCookie = "cookie"
|
|
OnForm = "form"
|
|
OnPostForm = "postform"
|
|
OnMethod = "method"
|
|
OnPath = "path"
|
|
OnRemote = "remote"
|
|
OnBasicAuth = "basic_auth"
|
|
)
|
|
|
|
var checkers = map[string]struct {
|
|
help Help
|
|
validate ValidateFunc
|
|
builder func(args any) CheckFunc
|
|
}{
|
|
OnHeader: {
|
|
help: Help{
|
|
command: OnHeader,
|
|
args: map[string]string{
|
|
"key": "the header key",
|
|
"value": "the header value",
|
|
},
|
|
},
|
|
validate: toStrTuple,
|
|
builder: func(args any) CheckFunc {
|
|
k, v := args.(*StrTuple).Unpack()
|
|
return func(cached Cache, r *http.Request) bool {
|
|
return r.Header.Get(k) == v
|
|
}
|
|
},
|
|
},
|
|
OnQuery: {
|
|
help: Help{
|
|
command: OnQuery,
|
|
args: map[string]string{
|
|
"key": "the query key",
|
|
"value": "the query value",
|
|
},
|
|
},
|
|
validate: toStrTuple,
|
|
builder: func(args any) CheckFunc {
|
|
k, v := args.(*StrTuple).Unpack()
|
|
return func(cached Cache, r *http.Request) bool {
|
|
queries := cached.GetQueries(r)[k]
|
|
for _, query := range queries {
|
|
if query == v {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
},
|
|
},
|
|
OnCookie: {
|
|
help: Help{
|
|
command: OnCookie,
|
|
args: map[string]string{
|
|
"key": "the cookie key",
|
|
"value": "the cookie value",
|
|
},
|
|
},
|
|
validate: toStrTuple,
|
|
builder: func(args any) CheckFunc {
|
|
k, v := args.(*StrTuple).Unpack()
|
|
return func(cached Cache, r *http.Request) bool {
|
|
cookies := cached.GetCookies(r)
|
|
for _, cookie := range cookies {
|
|
if cookie.Name == k &&
|
|
cookie.Value == v {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
},
|
|
},
|
|
OnForm: {
|
|
help: Help{
|
|
command: OnForm,
|
|
args: map[string]string{
|
|
"key": "the form key",
|
|
"value": "the form value",
|
|
},
|
|
},
|
|
validate: toStrTuple,
|
|
builder: func(args any) CheckFunc {
|
|
k, v := args.(*StrTuple).Unpack()
|
|
return func(cached Cache, r *http.Request) bool {
|
|
return r.FormValue(k) == v
|
|
}
|
|
},
|
|
},
|
|
OnPostForm: {
|
|
help: Help{
|
|
command: OnPostForm,
|
|
args: map[string]string{
|
|
"key": "the form key",
|
|
"value": "the form value",
|
|
},
|
|
},
|
|
validate: toStrTuple,
|
|
builder: func(args any) CheckFunc {
|
|
k, v := args.(*StrTuple).Unpack()
|
|
return func(cached Cache, r *http.Request) bool {
|
|
return r.PostFormValue(k) == v
|
|
}
|
|
},
|
|
},
|
|
OnMethod: {
|
|
help: Help{
|
|
command: OnMethod,
|
|
args: map[string]string{
|
|
"method": "the http method",
|
|
},
|
|
},
|
|
validate: validateMethod,
|
|
builder: func(args any) CheckFunc {
|
|
method := args.(string)
|
|
return func(cached Cache, r *http.Request) bool {
|
|
return r.Method == method
|
|
}
|
|
},
|
|
},
|
|
OnPath: {
|
|
help: Help{
|
|
command: OnPath,
|
|
description: `The path can be a glob pattern, e.g.:
|
|
/path/to
|
|
/path/to/*`,
|
|
args: map[string]string{
|
|
"path": "the request path",
|
|
},
|
|
},
|
|
validate: validateURLPath,
|
|
builder: func(args any) CheckFunc {
|
|
pat := args.(string)
|
|
return func(cached Cache, r *http.Request) bool {
|
|
reqPath := r.URL.Path
|
|
if len(reqPath) > 0 && reqPath[0] != '/' {
|
|
reqPath = "/" + reqPath
|
|
}
|
|
return strutils.GlobMatch(pat, reqPath)
|
|
}
|
|
},
|
|
},
|
|
OnRemote: {
|
|
help: Help{
|
|
command: OnRemote,
|
|
args: map[string]string{
|
|
"ip|cidr": "the remote ip or cidr",
|
|
},
|
|
},
|
|
validate: validateCIDR,
|
|
builder: func(args any) CheckFunc {
|
|
cidr := args.(types.CIDR)
|
|
return func(cached Cache, r *http.Request) bool {
|
|
ip := cached.GetRemoteIP(r)
|
|
if ip == nil {
|
|
return false
|
|
}
|
|
return cidr.Contains(ip)
|
|
}
|
|
},
|
|
},
|
|
OnBasicAuth: {
|
|
help: Help{
|
|
command: OnBasicAuth,
|
|
args: map[string]string{
|
|
"username": "the username",
|
|
"password": "the password encrypted with bcrypt",
|
|
},
|
|
},
|
|
validate: validateUserBCryptPassword,
|
|
builder: func(args any) CheckFunc {
|
|
cred := args.(*HashedCrendentials)
|
|
return func(cached Cache, r *http.Request) bool {
|
|
return cred.Match(cached.GetBasicAuth(r))
|
|
}
|
|
},
|
|
},
|
|
}
|
|
|
|
// Parse implements strutils.Parser.
|
|
func (on *RuleOn) Parse(v string) error {
|
|
on.raw = v
|
|
|
|
lines := strutils.SplitLine(v)
|
|
checkAnd := make(CheckMatchAll, 0, len(lines))
|
|
|
|
errs := E.NewBuilder("rule.on syntax errors")
|
|
for i, line := range lines {
|
|
if line == "" {
|
|
continue
|
|
}
|
|
parsed, err := parseOn(line)
|
|
if err != nil {
|
|
errs.Add(err.Subjectf("line %d", i+1))
|
|
continue
|
|
}
|
|
checkAnd = append(checkAnd, parsed)
|
|
}
|
|
|
|
on.checker = checkAnd
|
|
return errs.Error()
|
|
}
|
|
|
|
func (on *RuleOn) String() string {
|
|
return on.raw
|
|
}
|
|
|
|
func (on *RuleOn) MarshalText() ([]byte, error) {
|
|
return []byte(on.String()), nil
|
|
}
|
|
|
|
func parseOn(line string) (Checker, E.Error) {
|
|
ors := strutils.SplitRune(line, '|')
|
|
|
|
if len(ors) > 1 {
|
|
errs := E.NewBuilder("rule.on syntax errors")
|
|
checkOr := make(CheckMatchSingle, len(ors))
|
|
for i, or := range ors {
|
|
curCheckers, err := parseOn(or)
|
|
if err != nil {
|
|
errs.Add(err)
|
|
continue
|
|
}
|
|
checkOr[i] = curCheckers.(CheckFunc)
|
|
}
|
|
if err := errs.Error(); err != nil {
|
|
return nil, err
|
|
}
|
|
return checkOr, nil
|
|
}
|
|
|
|
subject, args, err := parse(line)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
checker, ok := checkers[subject]
|
|
if !ok {
|
|
return nil, ErrInvalidOnTarget.Subject(subject)
|
|
}
|
|
|
|
validArgs, err := checker.validate(args)
|
|
if err != nil {
|
|
return nil, err.Subject(subject).Withf("%s", checker.help.String())
|
|
}
|
|
|
|
return checker.builder(validArgs), nil
|
|
}
|