TC
/
Zoraxy
镜像来自 https://git.hkwtc.org/TC/ReverseProxy


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201
							package sso

/*
	handlers.go

	This file contains the handlers for the SSO module.
	If you are looking for handlers for SSO user management,
	please refer to userHandlers.go.
*/

import (
	"encoding/json"
	"net/http"
	"strings"

	"github.com/gofrs/uuid"
	"imuslab.com/zoraxy/mod/utils"
)

// HandleSSOStatus handle the request to get the status of the SSO portal server
func (s *SSOHandler) HandleSSOStatus(w http.ResponseWriter, r *http.Request) {
	type SSOStatus struct {
		Enabled             bool
		SSOInterceptEnabled bool
		ListeningPort       int
		AuthURL             string
	}

	status := SSOStatus{
		Enabled: s.ssoPortalServer != nil,
		//SSOInterceptEnabled: s.ssoInterceptEnabled,
		ListeningPort: s.Config.PortalServerPort,
		AuthURL:       s.Config.AuthURL,
	}

	js, _ := json.Marshal(status)
	utils.SendJSONResponse(w, string(js))
}

// HandleStartSSOPortal handle the request to start the SSO portal server
func (s *SSOHandler) HandleStartSSOPortal(w http.ResponseWriter, r *http.Request) {
	err := s.StartSSOPortal()
	if err != nil {
		s.Log("Failed to start SSO portal server", err)
		utils.SendErrorResponse(w, "failed to start SSO portal server")
		return
	}
	//Write current state to database
	err = s.Config.Database.Write("sso_conf", "enabled", true)
	if err != nil {
		utils.SendErrorResponse(w, "failed to update SSO state")
		return
	}
	utils.SendOK(w)
}

// HandleStopSSOPortal handle the request to stop the SSO portal server
func (s *SSOHandler) HandleStopSSOPortal(w http.ResponseWriter, r *http.Request) {
	err := s.ssoPortalServer.Close()
	if err != nil {
		s.Log("Failed to stop SSO portal server", err)
		utils.SendErrorResponse(w, "failed to stop SSO portal server")
		return
	}
	s.ssoPortalServer = nil

	//Write current state to database
	err = s.Config.Database.Write("sso_conf", "enabled", false)
	if err != nil {
		utils.SendErrorResponse(w, "failed to update SSO state")
		return
	}

	//Clear the cookie store and restart the server
	err = s.RestartSSOServer()
	if err != nil {
		utils.SendErrorResponse(w, "failed to restart SSO server")
		return
	}
	utils.SendOK(w)
}

// HandlePortChange handle the request to change the SSO portal server port
func (s *SSOHandler) HandlePortChange(w http.ResponseWriter, r *http.Request) {
	if r.Method == http.MethodGet {
		//Return the current port
		js, _ := json.Marshal(s.Config.PortalServerPort)
		utils.SendJSONResponse(w, string(js))
		return
	}

	port, err := utils.PostInt(r, "port")
	if err != nil {
		utils.SendErrorResponse(w, "invalid port given")
		return
	}

	s.Config.PortalServerPort = port

	//Write to the database
	err = s.Config.Database.Write("sso_conf", "port", port)
	if err != nil {
		utils.SendErrorResponse(w, "failed to update port")
		return
	}

	//Clear the cookie store and restart the server
	err = s.RestartSSOServer()
	if err != nil {
		utils.SendErrorResponse(w, "failed to restart SSO server")
		return
	}
	utils.SendOK(w)
}

// HandleSetAuthURL handle the request to change the SSO auth URL
// This is the URL that the SSO portal server will redirect to for authentication
// e.g. auth.yourdomain.com
func (s *SSOHandler) HandleSetAuthURL(w http.ResponseWriter, r *http.Request) {
	if r.Method == http.MethodGet {
		//Return the current auth URL
		js, _ := json.Marshal(s.Config.AuthURL)
		utils.SendJSONResponse(w, string(js))
		return
	}

	//Get the auth URL
	authURL, err := utils.PostPara(r, "auth_url")
	if err != nil {
		utils.SendErrorResponse(w, "invalid auth URL given")
		return
	}

	s.Config.AuthURL = authURL

	//Write to the database
	err = s.Config.Database.Write("sso_conf", "authurl", authURL)
	if err != nil {
		utils.SendErrorResponse(w, "failed to update auth URL")
		return
	}

	//Clear the cookie store and restart the server
	err = s.RestartSSOServer()
	if err != nil {
		utils.SendErrorResponse(w, "failed to restart SSO server")
		return
	}
	utils.SendOK(w)
}

// HandleRegisterApp handle the request to register a new app to the SSO portal
func (s *SSOHandler) HandleRegisterApp(w http.ResponseWriter, r *http.Request) {
	appName, err := utils.PostPara(r, "app_name")
	if err != nil {
		utils.SendErrorResponse(w, "invalid app name given")
		return
	}

	id, err := utils.PostPara(r, "app_id")
	if err != nil {
		//If id is not given, use the app name with a random UUID
		newID, err := uuid.NewV4()
		if err != nil {
			utils.SendErrorResponse(w, "failed to generate new app ID")
			return
		}
		id = strings.ReplaceAll(appName, " ", "") + "-" + newID.String()
	}

	appDomain, err := utils.PostPara(r, "app_domain")
	if err != nil {
		utils.SendErrorResponse(w, "invalid app URL given")
		return
	}

	appURLs := strings.Split(appDomain, ",")
	//Remove padding and trailing spaces in each URL
	for i := range appURLs {
		appURLs[i] = strings.TrimSpace(appURLs[i])
	}

	//Create a new app entry
	thisAppEntry := RegisteredUpstreamApp{
		ID:              id,
		Secret:          "",
		Domain:          appURLs,
		Scopes:          []string{},
		SessionDuration: 3600,
	}

	js, _ := json.Marshal(thisAppEntry)

	//Create a new app in the database
	err = s.Config.Database.Write("sso_apps", appName, string(js))
	if err != nil {
		utils.SendErrorResponse(w, "failed to create new app")
		return
	}
	utils.SendOK(w)
}