From 03250988491efac6bfbaf83c3b069511fb8b6560 Mon Sep 17 00:00:00 2001 From: Wangjunqi123 Date: Wed, 12 Jun 2024 14:00:31 +0800 Subject: [PATCH] sdk: add remote server http/https protocol judgement --- sdk/utils/httputils/judgeProtocol.go | 48 +++++++++++++++++++++ sdk/utils/httputils/request.go | 14 ++++++ src/app/server/network/controller/plugin.go | 17 ++++++++ 3 files changed, 79 insertions(+) create mode 100644 sdk/utils/httputils/judgeProtocol.go diff --git a/sdk/utils/httputils/judgeProtocol.go b/sdk/utils/httputils/judgeProtocol.go new file mode 100644 index 00000000..96d9f61c --- /dev/null +++ b/sdk/utils/httputils/judgeProtocol.go @@ -0,0 +1,48 @@ +package httputils + +import ( + "crypto/tls" + "fmt" + "io" + "net" + "net/http" + "net/url" + "strings" +) + +func ServerIsHttp(rawurl string) (bool, error) { + url, err := url.Parse(rawurl) + if err != nil { + return false, err + } + + url_string := fmt.Sprintf("http://%s", net.JoinHostPort(url.Hostname(), url.Port())) + req, err := http.NewRequest("GET", url_string, nil) + if err != nil { + return false, err + } + + hc := &http.Client{ + Transport: &http.Transport{ + DisableKeepAlives: true, + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: true, + }, + }, + } + resp, err := hc.Do(req) + if err != nil { + return false, err + } + defer resp.Body.Close() + + respbytes, err := io.ReadAll(resp.Body) + if err != nil { + return false, err + } + + if resp.StatusCode != 200 && strings.Contains(string(respbytes), "Client sent an HTTP request to an HTTPS server") { + return false, nil + } + return true, nil +} diff --git a/sdk/utils/httputils/request.go b/sdk/utils/httputils/request.go index 2cca0c24..f85ddfb1 100644 --- a/sdk/utils/httputils/request.go +++ b/sdk/utils/httputils/request.go @@ -8,9 +8,23 @@ import ( "io" "net/http" "strings" + + "gitee.com/openeuler/PilotGo/sdk/logger" ) func request(method, url string, param *Params) (*Response, error) { + // 判断服务端是否是http协议 + ishttp, err := ServerIsHttp(url) + if err != nil { + return nil, err + } + if ishttp { + url = fmt.Sprintf("http://%s", strings.Split(url, "://")[1]) + } else { + url = fmt.Sprintf("https://%s", strings.Split(url, "://")[1]) + } + logger.Debug(">>>ishttp: %v", ishttp) + // 处理form参数 if param != nil && len(param.Form) > 0 { s := "" diff --git a/src/app/server/network/controller/plugin.go b/src/app/server/network/controller/plugin.go index d4e88ab0..028c92ad 100644 --- a/src/app/server/network/controller/plugin.go +++ b/src/app/server/network/controller/plugin.go @@ -1,6 +1,7 @@ package controller import ( + "crypto/tls" "net/http" "net/http/httputil" "net/url" @@ -12,6 +13,7 @@ import ( "gitee.com/openeuler/PilotGo/app/server/service/plugin" "gitee.com/openeuler/PilotGo/sdk/logger" "gitee.com/openeuler/PilotGo/sdk/response" + "gitee.com/openeuler/PilotGo/sdk/utils/httputils" "github.com/gin-gonic/gin" uuidservice "github.com/google/uuid" ) @@ -171,6 +173,18 @@ func PluginGatewayHandler(c *gin.Context) { auditlog.Add(log) s := strings.Replace(p.Url, "/plugin/"+name, "", 1) + ishttp, err := httputils.ServerIsHttp(s) + if err != nil { + c.String(http.StatusNotFound, "parse plugin url error: "+err.Error()) + return + } + if ishttp && strings.Split(s, "://")[0] == "https" { + s = "http://" + strings.Split(s, "://")[1] + } + if !ishttp && strings.Split(s, "://")[0] == "http" { + s = "https://" + strings.Split(s, "://")[1] + } + target, err := url.Parse(s) if err != nil { c.String(http.StatusNotFound, "parse plugin url error: "+err.Error()) @@ -180,5 +194,8 @@ func PluginGatewayHandler(c *gin.Context) { c.Request.Host = target.Host proxy := httputil.NewSingleHostReverseProxy(target) + proxy.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } proxy.ServeHTTP(c.Writer, c.Request) } -- Gitee