GuanM/hysteria-dev
1
0
Fork 0
mirror of https://github.com/cmz0228/hysteria-dev.git synced 2025-06-16 09:19:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

External HTTP auth implementation

Browse Source
This commit is contained in:
Toby 2021-04-04 14:47:07 -07:00
parent da65c4cbf5
commit 461b16f07f
2 changed files with 75 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cmd/server.go
View File

@ -6,12 +6,15 @@ import (
"github.com/lucas-clemente/quic-go/congestion" "github.com/lucas-clemente/quic-go/congestion"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/tobyxdd/hysteria/pkg/acl" "github.com/tobyxdd/hysteria/pkg/acl"
"github.com/tobyxdd/hysteria/pkg/auth"
hyCongestion "github.com/tobyxdd/hysteria/pkg/congestion" hyCongestion "github.com/tobyxdd/hysteria/pkg/congestion"
"github.com/tobyxdd/hysteria/pkg/core" "github.com/tobyxdd/hysteria/pkg/core"
"github.com/tobyxdd/hysteria/pkg/obfs" "github.com/tobyxdd/hysteria/pkg/obfs"
"github.com/yosuke-furukawa/json5/encoding/json5" "github.com/yosuke-furukawa/json5/encoding/json5"
"io" "io"
"net" "net"
"net/http"
"time"
) )
func server(config *serverConfig) { func server(config *serverConfig) {
@ -72,6 +75,22 @@ func server(config *serverConfig) {
return false, "Wrong password" return false, "Wrong password"
} }
} }
case "external":
logrus.Info("External authentication enabled")
var extConfig map[string]string
err = json5.Unmarshal(config.Auth.Config, &extConfig)
if err != nil || len(extConfig["http"]) == 0 {
logrus.WithFields(logrus.Fields{
"error": err,
}).Fatal("Invalid external authentication config")
}
provider := &auth.HTTPAuthProvider{
Client: &http.Client{
Timeout: 10 * time.Second,
},
URL: extConfig["http"],
}
authFunc = provider.Auth
default: default:
logrus.WithField("mode", config.Auth.Mode).Fatal("Unsupported authentication mode") logrus.WithField("mode", config.Auth.Mode).Fatal("Unsupported authentication mode")
} }

56
pkg/auth/http.go Normal file
View File

@ -0,0 +1,56 @@
package auth
import (
"bytes"
"encoding/json"
"io/ioutil"
"net"
"net/http"
)
type HTTPAuthProvider struct {
Client *http.Client
URL string
}
type authReq struct {
Addr string `json:"addr"`
Payload []byte `json:"payload"`
Send uint64 `json:"send"`
Recv uint64 `json:"recv"`
}
type authResp struct {
OK bool `json:"ok"`
Msg string `json:"msg"`
}
func (p *HTTPAuthProvider) Auth(addr net.Addr, auth []byte, sSend uint64, sRecv uint64) (bool, string) {
jbs, err := json.Marshal(&authReq{
Addr: addr.String(),
Payload: auth,
Send: sSend,
Recv: sRecv,
})
if err != nil {
return false, "Internal error"
}
resp, err := p.Client.Post(p.URL, "application/json", bytes.NewBuffer(jbs))
if err != nil {
return false, "Internal error"
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return false, "Auth endpoint error"
}
data, err := ioutil.ReadAll(resp.Body)
if err != nil {
return false, "Auth endpoint error"
}
var ar authResp
err = json.Unmarshal(data, &ar)
if err != nil {
return false, "Auth endpoint error"
}
return ar.OK, ar.Msg
}