From 139a6aa237507ebde6fe46b6f578b11d88245e53 Mon Sep 17 00:00:00 2001 From: mr Date: Fri, 20 Feb 2026 10:31:58 +0100 Subject: [PATCH] AuthForwarded API --- Makefile | 2 +- controllers/workspace.go | 26 +++++++++++++++++--------- docker-compose.yml | 7 +++++-- go.mod | 10 +++++----- go.sum | 7 +++++++ main.go | 2 ++ 6 files changed, 37 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index 696cec0..f7739b2 100755 --- a/Makefile +++ b/Makefile @@ -44,6 +44,6 @@ prepare-multiarch: docker-multiarch: DOCKER_BUILDKIT=1 docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t opencloudregistry/oc-workspace:latest --push . -ci: prepare-multiarch docker-multiarch +ci: docker publish-registry .PHONY: build run clean docker publish-kind publish-registry diff --git a/controllers/workspace.go b/controllers/workspace.go index ad255b2..7f05153 100755 --- a/controllers/workspace.go +++ b/controllers/workspace.go @@ -2,6 +2,7 @@ package controllers import ( "encoding/json" + "fmt" oclib "cloud.o-forge.io/core/oc-lib" "cloud.o-forge.io/core/oc-lib/tools" @@ -30,11 +31,13 @@ var paths = map[tools.DataType]map[tools.METHOD]string{ // @Success 200 {workspace} models.workspace // @router /search/:search [get] func (o *WorkspaceController) Search() { - user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) + // user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) // store and return Id or post with UUID search := o.Ctx.Input.Param(":search") isDraft := o.Ctx.Input.Query("is_draft") - o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, nil).Search(nil, search, isDraft == "true") + // o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, nil).Search(nil, search, isDraft == "true") + o.Data["json"] = oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.WORKSPACE), nil).Search(nil, search, isDraft == "true") + o.ServeJSON() } @@ -45,14 +48,15 @@ func (o *WorkspaceController) Search() { // @Success 200 {workspace} models.workspace // @router /:id [put] func (o *WorkspaceController) Put() { - user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) + //user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) // store and return Id or post with UUID caller := tools.NewHTTPCaller(paths) // generate a http caller to send to peer shared workspace caller.Disabled = oclib.IsQueryParamsEquals(o.Ctx.Input, "is_remote", true) var res map[string]interface{} id := o.Ctx.Input.Param(":id") json.Unmarshal(o.Ctx.Input.CopyBody(10000), &res) - o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, caller).UpdateOne(res, id) + // o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, caller).UpdateOne(res, id) + o.Data["json"] = oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.WORKSPACE), caller).UpdateOne(res, id) o.ServeJSON() } @@ -62,12 +66,13 @@ func (o *WorkspaceController) Put() { // @Success 200 {workspace} models.workspace // @router / [post] func (o *WorkspaceController) Post() { - user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) + // user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) caller := tools.NewHTTPCaller(paths) // generate a http caller to send to peer shared workspace caller.Disabled = oclib.IsQueryParamsEquals(o.Ctx.Input, "is_remote", true) var res map[string]interface{} json.Unmarshal(o.Ctx.Input.CopyBody(10000), &res) - o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, caller).StoreOne(res) + // o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, caller).StoreOne(res) + o.Data["json"] = oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.WORKSPACE), caller).StoreOne(res) o.ServeJSON() } @@ -78,8 +83,10 @@ func (o *WorkspaceController) Post() { // @router / [get] func (o *WorkspaceController) GetAll() { user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) + fmt.Println(user, peerID, groups) isDraft := o.Ctx.Input.Query("is_draft") - o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, nil).LoadAll(isDraft == "true") + // o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, nil).LoadAll(isDraft == "true") + o.Data["json"] = oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.WORKSPACE), nil).LoadAll(isDraft == "true") o.ServeJSON() } @@ -89,9 +96,10 @@ func (o *WorkspaceController) GetAll() { // @Success 200 {workspace} models.workspace // @router /:id [get] func (o *WorkspaceController) Get() { - user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) + //user, peerID, groups := oclib.ExtractTokenInfo(*o.Ctx.Request) id := o.Ctx.Input.Param(":id") - o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, nil).LoadOne(id) + // o.Data["json"] = oclib.NewRequest(oclib.LibDataEnum(oclib.WORKSPACE), user, peerID, groups, nil).LoadOne(id) + o.Data["json"] = oclib.NewRequestAdmin(oclib.LibDataEnum(oclib.WORKSPACE), nil).LoadOne(id) o.ServeJSON() } diff --git a/docker-compose.yml b/docker-compose.yml index 1ae83f9..0a044e6 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,9 +13,12 @@ services: - "traefik.http.routers.workspace.rule=PathPrefix(`/workspace`)" - "traefik.http.middlewares.workspace-rewrite.replacepathregex.regex=^/workspace(.*)" - "traefik.http.middlewares.workspace-rewrite.replacepathregex.replacement=/oc$$1" - - "traefik.http.routers.workspace.middlewares=workspace-rewrite" + - "traefik.http.routers.workspace.middlewares=workspace-rewrite,auth-workspace" - "traefik.http.services.workspace.loadbalancer.server.port=8080" - - "traefik.http.middlewares.workspace.forwardauth.address=http://oc-auth:8080/oc/forward" + + - "traefik.http.middlewares.auth-workspace.forwardauth.address=http://oc-auth:8080/oc/forward" + - "traefik.http.middlewares.auth-workspace.forwardauth.trustForwardHeader=true" + - "traefik.http.middlewares.auth-workspace.forwardauth.authResponseHeaders=X-Auth-Request-User,X-Auth-Request-Email" container_name: oc-workspace networks: - oc diff --git a/go.mod b/go.mod index e183637..bba2d64 100755 --- a/go.mod +++ b/go.mod @@ -1,11 +1,9 @@ module oc-workspace -go 1.23.0 - -toolchain go1.24.0 +go 1.24.6 require ( - cloud.o-forge.io/core/oc-lib v0.0.0-20260203150531-ef916fe2d995 + cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 github.com/beego/beego/v2 v2.3.8 github.com/smartystreets/goconvey v1.7.2 ) @@ -17,6 +15,7 @@ require ( github.com/biter777/countries v1.7.5 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect github.com/gabriel-vasile/mimetype v1.4.9 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect @@ -30,6 +29,7 @@ require ( github.com/klauspost/compress v1.18.0 // indirect github.com/kr/text v0.2.0 // indirect github.com/leodido/go-urn v1.4.0 // indirect + github.com/libp2p/go-libp2p/core v0.43.0-rc2 // indirect github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect @@ -44,7 +44,7 @@ require ( github.com/prometheus/common v0.65.0 // indirect github.com/prometheus/procfs v0.17.0 // indirect github.com/robfig/cron v1.2.0 // indirect - github.com/rogpeppe/go-internal v1.11.0 // indirect + github.com/rogpeppe/go-internal v1.13.1 // indirect github.com/rs/zerolog v1.34.0 // indirect github.com/shiena/ansicolor v0.0.0-20230509054315-a9deabde6e02 // indirect github.com/smartystreets/assertions v1.2.0 // indirect diff --git a/go.sum b/go.sum index 6498c3b..eb46841 100755 --- a/go.sum +++ b/go.sum @@ -8,6 +8,8 @@ cloud.o-forge.io/core/oc-lib v0.0.0-20260203083753-4f28b9b589d6 h1:N+0xkioACl3PN cloud.o-forge.io/core/oc-lib v0.0.0-20260203083753-4f28b9b589d6/go.mod h1:vHWauJsS6ryf7UDqq8hRXoYD5RsONxcFTxeZPOztEuI= cloud.o-forge.io/core/oc-lib v0.0.0-20260203150531-ef916fe2d995 h1:ZDRvnzTTNHgMm5hYmseHdEPqQ6rn/4v+P9f/JIxPaNw= cloud.o-forge.io/core/oc-lib v0.0.0-20260203150531-ef916fe2d995/go.mod h1:T0UCxRd8w+qCVVC0NEyDiWIGC5ADwEbQ7hFcvftd4Ks= +cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 h1:DNIPQ7C+7wjbj5RUx29wLxuIe/wiSOcuUMlLRIv6Fvs= +cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/beego/beego/v2 v2.3.8 h1:wplhB1pF4TxR+2SS4PUej8eDoH4xGfxuHfS7wAk9VBc= github.com/beego/beego/v2 v2.3.8/go.mod h1:8vl9+RrXqvodrl9C8yivX1e6le6deCK6RWeq8R7gTTg= @@ -25,6 +27,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= github.com/elazarl/go-bindata-assetfs v1.0.1 h1:m0kkaHRKEu7tUIUFVwhGGGYClXvyl4RE03qmvRTNfbw= github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4= github.com/etcd-io/etcd v3.3.17+incompatible/go.mod h1:cdZ77EstHBwVtD6iTgzgvogwcjo9m4iOqoijouPJ4bs= @@ -67,6 +71,8 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= +github.com/libp2p/go-libp2p/core v0.43.0-rc2 h1:1X1aDJNWhMfodJ/ynbaGLkgnC8f+hfBIqQDrzxFZOqI= +github.com/libp2p/go-libp2p/core v0.43.0-rc2/go.mod h1:NYeJ9lvyBv9nbDk2IuGb8gFKEOkIv/W5YRIy1pAJB2Q= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= @@ -110,6 +116,7 @@ github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ= github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY= github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ= diff --git a/main.go b/main.go index a7bc605..0ce5f53 100755 --- a/main.go +++ b/main.go @@ -4,10 +4,12 @@ import ( _ "oc-workspace/routers" oclib "cloud.o-forge.io/core/oc-lib" + beego "github.com/beego/beego/v2/server/web" ) const appname = "oc-workspace" func main() { oclib.InitAPI(appname) + beego.Run() }