From 5daefb8e3cba94da37c1894b2bbceace8a135e13 Mon Sep 17 00:00:00 2001 From: ginuerzh Date: Mon, 14 Feb 2022 22:50:06 +0800 Subject: [PATCH] add basic auth for config webapi --- pkg/api/config.go | 65 +++++++++++++++++ pkg/api/config_auther.go | 15 +++- pkg/api/config_bypass.go | 15 +++- pkg/api/config_chain.go | 15 +++- pkg/api/config_hosts.go | 15 +++- pkg/api/config_resolver.go | 15 +++- pkg/api/config_service.go | 15 +++- pkg/api/doc.go | 3 +- pkg/api/error.go | 1 + pkg/api/server.go | 1 + pkg/api/swagger.yaml | 143 +++++++++++++++++++++++++++++++------ 11 files changed, 263 insertions(+), 40 deletions(-) diff --git a/pkg/api/config.go b/pkg/api/config.go index b4f976b..3f07e82 100644 --- a/pkg/api/config.go +++ b/pkg/api/config.go @@ -2,7 +2,9 @@ package api import ( "bytes" + "fmt" "net/http" + "os" "github.com/gin-gonic/gin" "github.com/go-gost/gost/pkg/config" @@ -26,6 +28,9 @@ func getConfig(ctx *gin.Context) { // // Get current config. // + // Security: + // basicAuth: [] + // // Responses: // 200: getConfigResponse @@ -51,3 +56,63 @@ func getConfig(ctx *gin.Context) { ctx.Data(http.StatusOK, contentType, buf.Bytes()) } + +// swagger:parameters saveConfigRequest +type saveConfigRequest struct { + // output format, one of yaml|json, default is yaml. + // in: query + Format string `form:"format" json:"format"` +} + +// successful operation. +// swagger:response saveConfigResponse +type saveConfigResponse struct { + Data Response +} + +func saveConfig(ctx *gin.Context) { + // swagger:route POST /config ConfigManagement saveConfigRequest + // + // Save current config to file (gost.yaml or gost.json). + // + // Security: + // basicAuth: [] + // + // Responses: + // 200: saveConfigResponse + + var req saveConfigRequest + ctx.ShouldBindQuery(&req) + + file := "gost.yaml" + switch req.Format { + case "json": + file = "gost.json" + default: + req.Format = "yaml" + } + + f, err := os.Create(file) + if err != nil { + writeError(ctx, &Error{ + statusCode: http.StatusInternalServerError, + Code: 40005, + Msg: fmt.Sprintf("create file: %s", err.Error()), + }) + return + } + defer f.Close() + + if err := config.Global().Write(f, req.Format); err != nil { + writeError(ctx, &Error{ + statusCode: http.StatusInternalServerError, + Code: 40006, + Msg: fmt.Sprintf("write: %s", err.Error()), + }) + return + } + + ctx.JSON(http.StatusOK, Response{ + Msg: "OK", + }) +} diff --git a/pkg/api/config_auther.go b/pkg/api/config_auther.go index eea668b..4a4bcb6 100644 --- a/pkg/api/config_auther.go +++ b/pkg/api/config_auther.go @@ -24,7 +24,10 @@ type createAutherResponse struct { func createAuther(ctx *gin.Context) { // swagger:route POST /config/authers ConfigManagement createAutherRequest // - // create a new auther, the name of the auther must be unique in auther list. + // Create a new auther, the name of the auther must be unique in auther list. + // + // Security: + // basicAuth: [] // // Responses: // 200: createAutherResponse @@ -70,7 +73,10 @@ type updateAutherResponse struct { func updateAuther(ctx *gin.Context) { // swagger:route PUT /config/authers/{auther} ConfigManagement updateAutherRequest // - // update auther by name, the auther must already exist. + // Update auther by name, the auther must already exist. + // + // Security: + // basicAuth: [] // // Responses: // 200: updateAutherResponse @@ -124,7 +130,10 @@ type deleteAutherResponse struct { func deleteAuther(ctx *gin.Context) { // swagger:route DELETE /config/authers/{auther} ConfigManagement deleteAutherRequest // - // delete auther by name. + // Delete auther by name. + // + // Security: + // basicAuth: [] // // Responses: // 200: deleteAutherResponse diff --git a/pkg/api/config_bypass.go b/pkg/api/config_bypass.go index 6a9d918..6114dfc 100644 --- a/pkg/api/config_bypass.go +++ b/pkg/api/config_bypass.go @@ -24,7 +24,10 @@ type createBypassResponse struct { func createBypass(ctx *gin.Context) { // swagger:route POST /config/bypasses ConfigManagement createBypassRequest // - // create a new bypass, the name of bypass must be unique in bypass list. + // Create a new bypass, the name of bypass must be unique in bypass list. + // + // Security: + // basicAuth: [] // // Responses: // 200: createBypassResponse @@ -71,7 +74,10 @@ type updateBypassResponse struct { func updateBypass(ctx *gin.Context) { // swagger:route PUT /config/bypasses/{bypass} ConfigManagement updateBypassRequest // - // update bypass by name, the bypass must already exist. + // Update bypass by name, the bypass must already exist. + // + // Security: + // basicAuth: [] // // Responses: // 200: updateBypassResponse @@ -126,7 +132,10 @@ type deleteBypassResponse struct { func deleteBypass(ctx *gin.Context) { // swagger:route DELETE /config/bypasses/{bypass} ConfigManagement deleteBypassRequest // - // delete bypass by name. + // Delete bypass by name. + // + // Security: + // basicAuth: [] // // Responses: // 200: deleteBypassResponse diff --git a/pkg/api/config_chain.go b/pkg/api/config_chain.go index f4a3a56..540f86c 100644 --- a/pkg/api/config_chain.go +++ b/pkg/api/config_chain.go @@ -24,7 +24,10 @@ type createChainResponse struct { func createChain(ctx *gin.Context) { // swagger:route POST /config/chains ConfigManagement createChainRequest // - // create a new chain, the name of chain must be unique in chain list. + // Create a new chain, the name of chain must be unique in chain list. + // + // Security: + // basicAuth: [] // // Responses: // 200: createChainResponse @@ -76,7 +79,10 @@ type updateChainResponse struct { func updateChain(ctx *gin.Context) { // swagger:route PUT /config/chains/{chain} ConfigManagement updateChainRequest // - // update chain by name, the chain must already exist. + // Update chain by name, the chain must already exist. + // + // Security: + // basicAuth: [] // // Responses: // 200: updateChainResponse @@ -135,7 +141,10 @@ type deleteChainResponse struct { func deleteChain(ctx *gin.Context) { // swagger:route DELETE /config/chains/{chain} ConfigManagement deleteChainRequest // - // delete chain by name. + // Delete chain by name. + // + // Security: + // basicAuth: [] // // Responses: // 200: deleteChainResponse diff --git a/pkg/api/config_hosts.go b/pkg/api/config_hosts.go index b45d7cd..c647a1a 100644 --- a/pkg/api/config_hosts.go +++ b/pkg/api/config_hosts.go @@ -24,7 +24,10 @@ type createHostsesponse struct { func createHosts(ctx *gin.Context) { // swagger:route POST /config/hosts ConfigManagement createHostsRequest // - // create a new hosts, the name of the hosts must be unique in hosts list. + // Create a new hosts, the name of the hosts must be unique in hosts list. + // + // Security: + // basicAuth: [] // // Responses: // 200: createHostsResponse @@ -71,7 +74,10 @@ type updateHostsResponse struct { func updateHosts(ctx *gin.Context) { // swagger:route PUT /config/hosts/{hosts} ConfigManagement updateHostsRequest // - // update hosts by name, the hosts must already exist. + // Update hosts by name, the hosts must already exist. + // + // Security: + // basicAuth: [] // // Responses: // 200: updateHostsResponse @@ -126,7 +132,10 @@ type deleteHostsResponse struct { func deleteHosts(ctx *gin.Context) { // swagger:route DELETE /config/hosts/{hosts} ConfigManagement deleteHostsRequest // - // delete hosts by name. + // Delete hosts by name. + // + // Security: + // basicAuth: [] // // Responses: // 200: deleteHostsResponse diff --git a/pkg/api/config_resolver.go b/pkg/api/config_resolver.go index 6b4caf0..2cb90f6 100644 --- a/pkg/api/config_resolver.go +++ b/pkg/api/config_resolver.go @@ -24,7 +24,10 @@ type createResolverResponse struct { func createResolver(ctx *gin.Context) { // swagger:route POST /config/resolvers ConfigManagement createResolverRequest // - // create a new resolver, the name of the resolver must be unique in resolver list. + // Create a new resolver, the name of the resolver must be unique in resolver list. + // + // Security: + // basicAuth: [] // // Responses: // 200: createResolverResponse @@ -75,7 +78,10 @@ type updateResolverResponse struct { func updateResolver(ctx *gin.Context) { // swagger:route PUT /config/resolvers/{resolver} ConfigManagement updateResolverRequest // - // update resolver by name, the resolver must already exist. + // Update resolver by name, the resolver must already exist. + // + // Security: + // basicAuth: [] // // Responses: // 200: updateResolverResponse @@ -134,7 +140,10 @@ type deleteResolverResponse struct { func deleteResolver(ctx *gin.Context) { // swagger:route DELETE /config/resolvers/{resolver} ConfigManagement deleteResolverRequest // - // delete resolver by name. + // Delete resolver by name. + // + // Security: + // basicAuth: [] // // Responses: // 200: deleteResolverResponse diff --git a/pkg/api/config_service.go b/pkg/api/config_service.go index 80f6870..d2a9d9c 100644 --- a/pkg/api/config_service.go +++ b/pkg/api/config_service.go @@ -24,7 +24,10 @@ type createServiceResponse struct { func createService(ctx *gin.Context) { // swagger:route POST /config/services ConfigManagement createServiceRequest // - // create a new service, the name of the service must be unique in service list. + // Create a new service, the name of the service must be unique in service list. + // + // Security: + // basicAuth: [] // // Responses: // 200: createServiceResponse @@ -83,7 +86,10 @@ type updateServiceResponse struct { func updateService(ctx *gin.Context) { // swagger:route PUT /config/services/{service} ConfigManagement updateServiceRequest // - // update service by name, the service must already exist. + // Update service by name, the service must already exist. + // + // Security: + // basicAuth: [] // // Responses: // 200: updateServiceResponse @@ -147,7 +153,10 @@ type deleteServiceResponse struct { func deleteService(ctx *gin.Context) { // swagger:route DELETE /config/services/{service} ConfigManagement deleteServiceRequest // - // delete service by name. + // Delete service by name. + // + // Security: + // basicAuth: [] // // Responses: // 200: deleteServiceResponse diff --git a/pkg/api/doc.go b/pkg/api/doc.go index 9265f32..a2bfb2e 100644 --- a/pkg/api/doc.go +++ b/pkg/api/doc.go @@ -11,7 +11,8 @@ // - application/json // // SecurityDefinitions: -// api_key: +// basicAuth: +// type: basic // // swagger:meta package api diff --git a/pkg/api/error.go b/pkg/api/error.go index 44340cb..2d852b6 100644 --- a/pkg/api/error.go +++ b/pkg/api/error.go @@ -12,6 +12,7 @@ var ( ErrDup = &Error{statusCode: http.StatusBadRequest, Code: 40002, Msg: "instance duplicated"} ErrCreate = &Error{statusCode: http.StatusConflict, Code: 40003, Msg: "instance creation failed"} ErrNotFound = &Error{statusCode: http.StatusBadRequest, Code: 40004, Msg: "instance not found"} + ErrSave = &Error{statusCode: http.StatusInternalServerError, Code: 40005, Msg: "save config failed"} ) // Error is an api error. diff --git a/pkg/api/server.go b/pkg/api/server.go index 35a05a5..1048d67 100644 --- a/pkg/api/server.go +++ b/pkg/api/server.go @@ -99,6 +99,7 @@ func (s *Server) Close() error { func registerConfig(config *gin.RouterGroup) { config.GET("", getConfig) + config.POST("", saveConfig) config.POST("/services", createService) config.PUT("/services/:service", updateService) diff --git a/pkg/api/swagger.yaml b/pkg/api/swagger.yaml index 19c8cc5..649f268 100644 --- a/pkg/api/swagger.yaml +++ b/pkg/api/swagger.yaml @@ -10,6 +10,11 @@ definitions: addr: type: string x-go-name: Addr + auth: + $ref: '#/definitions/AuthConfig' + auther: + type: string + x-go-name: Auther pathPrefix: type: string x-go-name: PathPrefix @@ -100,6 +105,8 @@ definitions: x-go-name: Hosts log: $ref: '#/definitions/LogConfig' + metrics: + $ref: '#/definitions/MetricsConfig' profiling: $ref: '#/definitions/ProfilingConfig' resolvers: @@ -282,6 +289,19 @@ definitions: x-go-name: Output type: object x-go-package: github.com/go-gost/gost/pkg/config + MetricsConfig: + properties: + addr: + type: string + x-go-name: Addr + enable: + type: boolean + x-go-name: Enable + path: + type: string + x-go-name: Path + type: object + x-go-package: github.com/go-gost/gost/pkg/config NameserverConfig: properties: addr: @@ -333,9 +353,9 @@ definitions: addr: type: string x-go-name: Addr - enabled: + enable: type: boolean - x-go-name: Enabled + x-go-name: Enable type: object x-go-package: github.com/go-gost/gost/pkg/config ResolverConfig: @@ -438,9 +458,29 @@ paths: responses: "200": $ref: '#/responses/getConfigResponse' + security: + - basicAuth: + - '[]' summary: Get current config. tags: - ConfigManagement + post: + operationId: saveConfigRequest + parameters: + - description: output format, one of yaml|json, default is yaml. + in: query + name: format + type: string + x-go-name: Format + responses: + "200": + $ref: '#/responses/saveConfigResponse' + security: + - basicAuth: + - '[]' + summary: Save current config to file (gost.yaml or gost.json). + tags: + - ConfigManagement /config/authers: post: operationId: createAutherRequest @@ -453,7 +493,10 @@ paths: responses: "200": $ref: '#/responses/createAutherResponse' - summary: create a new auther, the name of the auther must be unique in auther + security: + - basicAuth: + - '[]' + summary: Create a new auther, the name of the auther must be unique in auther list. tags: - ConfigManagement @@ -469,7 +512,10 @@ paths: responses: "200": $ref: '#/responses/deleteAutherResponse' - summary: delete auther by name. + security: + - basicAuth: + - '[]' + summary: Delete auther by name. tags: - ConfigManagement put: @@ -488,7 +534,10 @@ paths: responses: "200": $ref: '#/responses/updateAutherResponse' - summary: update auther by name, the auther must already exist. + security: + - basicAuth: + - '[]' + summary: Update auther by name, the auther must already exist. tags: - ConfigManagement /config/bypasses: @@ -503,7 +552,10 @@ paths: responses: "200": $ref: '#/responses/createBypassResponse' - summary: create a new bypass, the name of bypass must be unique in bypass list. + security: + - basicAuth: + - '[]' + summary: Create a new bypass, the name of bypass must be unique in bypass list. tags: - ConfigManagement /config/bypasses/{bypass}: @@ -518,7 +570,10 @@ paths: responses: "200": $ref: '#/responses/deleteBypassResponse' - summary: delete bypass by name. + security: + - basicAuth: + - '[]' + summary: Delete bypass by name. tags: - ConfigManagement put: @@ -537,7 +592,10 @@ paths: responses: "200": $ref: '#/responses/updateBypassResponse' - summary: update bypass by name, the bypass must already exist. + security: + - basicAuth: + - '[]' + summary: Update bypass by name, the bypass must already exist. tags: - ConfigManagement /config/chains: @@ -552,7 +610,10 @@ paths: responses: "200": $ref: '#/responses/createChainResponse' - summary: create a new chain, the name of chain must be unique in chain list. + security: + - basicAuth: + - '[]' + summary: Create a new chain, the name of chain must be unique in chain list. tags: - ConfigManagement /config/chains/{chain}: @@ -567,7 +628,10 @@ paths: responses: "200": $ref: '#/responses/deleteChainResponse' - summary: delete chain by name. + security: + - basicAuth: + - '[]' + summary: Delete chain by name. tags: - ConfigManagement put: @@ -586,7 +650,10 @@ paths: responses: "200": $ref: '#/responses/updateChainResponse' - summary: update chain by name, the chain must already exist. + security: + - basicAuth: + - '[]' + summary: Update chain by name, the chain must already exist. tags: - ConfigManagement /config/hosts: @@ -601,7 +668,10 @@ paths: responses: "200": $ref: '#/responses/createHostsResponse' - summary: create a new hosts, the name of the hosts must be unique in hosts list. + security: + - basicAuth: + - '[]' + summary: Create a new hosts, the name of the hosts must be unique in hosts list. tags: - ConfigManagement /config/hosts/{hosts}: @@ -616,7 +686,10 @@ paths: responses: "200": $ref: '#/responses/deleteHostsResponse' - summary: delete hosts by name. + security: + - basicAuth: + - '[]' + summary: Delete hosts by name. tags: - ConfigManagement put: @@ -635,7 +708,10 @@ paths: responses: "200": $ref: '#/responses/updateHostsResponse' - summary: update hosts by name, the hosts must already exist. + security: + - basicAuth: + - '[]' + summary: Update hosts by name, the hosts must already exist. tags: - ConfigManagement /config/resolvers: @@ -650,7 +726,10 @@ paths: responses: "200": $ref: '#/responses/createResolverResponse' - summary: create a new resolver, the name of the resolver must be unique in resolver + security: + - basicAuth: + - '[]' + summary: Create a new resolver, the name of the resolver must be unique in resolver list. tags: - ConfigManagement @@ -666,7 +745,10 @@ paths: responses: "200": $ref: '#/responses/deleteResolverResponse' - summary: delete resolver by name. + security: + - basicAuth: + - '[]' + summary: Delete resolver by name. tags: - ConfigManagement put: @@ -685,7 +767,10 @@ paths: responses: "200": $ref: '#/responses/updateResolverResponse' - summary: update resolver by name, the resolver must already exist. + security: + - basicAuth: + - '[]' + summary: Update resolver by name, the resolver must already exist. tags: - ConfigManagement /config/services: @@ -700,7 +785,10 @@ paths: responses: "200": $ref: '#/responses/createServiceResponse' - summary: create a new service, the name of the service must be unique in service + security: + - basicAuth: + - '[]' + summary: Create a new service, the name of the service must be unique in service list. tags: - ConfigManagement @@ -716,7 +804,10 @@ paths: responses: "200": $ref: '#/responses/deleteServiceResponse' - summary: delete service by name. + security: + - basicAuth: + - '[]' + summary: Delete service by name. tags: - ConfigManagement put: @@ -735,7 +826,10 @@ paths: responses: "200": $ref: '#/responses/updateServiceResponse' - summary: update service by name, the service must already exist. + security: + - basicAuth: + - '[]' + summary: Update service by name, the service must already exist. tags: - ConfigManagement produces: @@ -819,6 +913,12 @@ responses: Config: {} schema: $ref: '#/definitions/Config' + saveConfigResponse: + description: successful operation. + headers: + Data: {} + schema: + $ref: '#/definitions/Response' updateAutherResponse: description: successful operation. headers: @@ -859,5 +959,6 @@ schemes: - https - http securityDefinitions: - api_key: null + basicAuth: + type: basic swagger: "2.0"