171 lines
4.9 KiB
Go
171 lines
4.9 KiB
Go
package sandbox
|
|
|
|
import (
|
|
"crypto/hmac"
|
|
"crypto/sha256"
|
|
"encoding/hex"
|
|
"encoding/json"
|
|
"net/url"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils"
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
|
"github.com/iwind/TeaGo/maps"
|
|
"github.com/iwind/TeaGo/rands"
|
|
)
|
|
|
|
type TestAction struct {
|
|
actionutils.ParentAction
|
|
}
|
|
|
|
func (this *TestAction) RunPost(params struct {
|
|
AppId string
|
|
ClusterId int64
|
|
Domain string
|
|
ClientIp string
|
|
Qtype string
|
|
}) {
|
|
clientIP := strings.TrimSpace(params.ClientIp)
|
|
if len(clientIP) == 0 {
|
|
clientIP = strings.TrimSpace(loginutils.RemoteIP(&this.ActionObject))
|
|
}
|
|
qtype := strings.ToUpper(strings.TrimSpace(params.Qtype))
|
|
if len(qtype) == 0 {
|
|
qtype = "A"
|
|
}
|
|
|
|
resp, err := this.RPC().HTTPDNSSandboxRPC().TestHTTPDNSResolve(this.AdminContext(), &pb.TestHTTPDNSResolveRequest{
|
|
ClusterId: params.ClusterId,
|
|
AppId: strings.TrimSpace(params.AppId),
|
|
Domain: strings.TrimSpace(params.Domain),
|
|
Qtype: qtype,
|
|
ClientIP: clientIP,
|
|
Sid: "",
|
|
SdkVersion: "",
|
|
Os: "",
|
|
})
|
|
if err != nil {
|
|
this.ErrorPage(err)
|
|
return
|
|
}
|
|
|
|
clusterDomain := ""
|
|
port := "443"
|
|
if params.ClusterId > 0 {
|
|
clusterResp, findErr := this.RPC().HTTPDNSClusterRPC().FindHTTPDNSCluster(this.AdminContext(), &pb.FindHTTPDNSClusterRequest{
|
|
ClusterId: params.ClusterId,
|
|
})
|
|
if findErr == nil && clusterResp.GetCluster() != nil {
|
|
clusterDomain = strings.TrimSpace(clusterResp.GetCluster().GetServiceDomain())
|
|
if rawTLS := clusterResp.GetCluster().GetTlsPolicyJSON(); len(rawTLS) > 0 {
|
|
var tlsConfig map[string]interface{}
|
|
if err := json.Unmarshal(rawTLS, &tlsConfig); err == nil {
|
|
if listenRaw, ok := tlsConfig["listen"]; ok && listenRaw != nil {
|
|
if data, err := json.Marshal(listenRaw); err == nil {
|
|
var listenAddresses []map[string]interface{}
|
|
if err := json.Unmarshal(data, &listenAddresses); err == nil {
|
|
if len(listenAddresses) > 0 {
|
|
if portRange, ok := listenAddresses[0]["portRange"].(string); ok && len(portRange) > 0 {
|
|
port = portRange
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if len(clusterDomain) == 0 {
|
|
clusterDomain = "httpdns.example.com"
|
|
}
|
|
query := url.Values{}
|
|
query.Set("appId", params.AppId)
|
|
query.Set("dn", params.Domain)
|
|
query.Set("qtype", qtype)
|
|
if len(clientIP) > 0 {
|
|
query.Set("cip", clientIP)
|
|
}
|
|
|
|
signEnabled, signSecret := this.findAppSignConfig(params.AppId)
|
|
if signEnabled && len(signSecret) > 0 {
|
|
exp := strconv.FormatInt(time.Now().Unix()+300, 10)
|
|
nonce := "sandbox-" + rands.HexString(16)
|
|
sign := buildSandboxResolveSign(signSecret, params.AppId, params.Domain, qtype, exp, nonce)
|
|
query.Set("exp", exp)
|
|
query.Set("nonce", nonce)
|
|
query.Set("sign", sign)
|
|
}
|
|
requestURL := "https://" + clusterDomain + ":" + port + "/resolve?" + query.Encode()
|
|
|
|
resultCode := 1
|
|
if strings.EqualFold(resp.GetCode(), "SUCCESS") {
|
|
resultCode = 0
|
|
}
|
|
rows := make([]maps.Map, 0, len(resp.GetRecords()))
|
|
ips := make([]string, 0, len(resp.GetRecords()))
|
|
lineName := strings.TrimSpace(resp.GetClientCarrier())
|
|
if len(lineName) == 0 {
|
|
lineName = "-"
|
|
}
|
|
for _, record := range resp.GetRecords() {
|
|
ips = append(ips, record.GetIp())
|
|
if lineName == "-" && len(record.GetLine()) > 0 {
|
|
lineName = record.GetLine()
|
|
}
|
|
rows = append(rows, maps.Map{
|
|
"domain": resp.GetDomain(),
|
|
"type": record.GetType(),
|
|
"ip": record.GetIp(),
|
|
"ttl": record.GetTtl(),
|
|
"region": record.GetRegion(),
|
|
"line": record.GetLine(),
|
|
})
|
|
}
|
|
|
|
this.Data["result"] = maps.Map{
|
|
"code": resultCode,
|
|
"message": resp.GetMessage(),
|
|
"requestId": resp.GetRequestId(),
|
|
"data": maps.Map{
|
|
"request_url": requestURL,
|
|
"client_ip": resp.GetClientIP(),
|
|
"client_region": resp.GetClientRegion(),
|
|
"line_name": lineName,
|
|
"ips": ips,
|
|
"records": rows,
|
|
"ttl": resp.GetTtl(),
|
|
},
|
|
}
|
|
this.Success()
|
|
}
|
|
|
|
func (this *TestAction) findAppSignConfig(appId string) (bool, string) {
|
|
appId = strings.TrimSpace(appId)
|
|
if len(appId) == 0 {
|
|
return false, ""
|
|
}
|
|
|
|
resp, err := this.RPC().HTTPDNSAppRPC().FindAllHTTPDNSApps(this.AdminContext(), &pb.FindAllHTTPDNSAppsRequest{})
|
|
if err != nil {
|
|
return false, ""
|
|
}
|
|
|
|
for _, app := range resp.GetApps() {
|
|
if strings.EqualFold(strings.TrimSpace(app.GetAppId()), appId) {
|
|
return app.GetSignEnabled(), strings.TrimSpace(app.GetSignSecret())
|
|
}
|
|
}
|
|
return false, ""
|
|
}
|
|
|
|
func buildSandboxResolveSign(signSecret string, appID string, domain string, qtype string, exp string, nonce string) string {
|
|
raw := strings.TrimSpace(appID) + "|" + strings.ToLower(strings.TrimSpace(domain)) + "|" + strings.ToUpper(strings.TrimSpace(qtype)) + "|" + strings.TrimSpace(exp) + "|" + strings.TrimSpace(nonce)
|
|
mac := hmac.New(sha256.New, []byte(strings.TrimSpace(signSecret)))
|
|
_, _ = mac.Write([]byte(raw))
|
|
return hex.EncodeToString(mac.Sum(nil))
|
|
}
|