refactor: remove forward auth, move module net/http to net/gphttp

2026-04-20 15:31:24 +02:00 · 2025-03-28 07:03:35 +08:00
parent c0c6e21a16
commit 5d2df3550b
69 changed files with 321 additions and 745 deletions
--- a/internal/net/gphttp/middleware/test_data/cidr_whitelist_test.yml
+++ b/internal/net/gphttp/middleware/test_data/cidr_whitelist_test.yml
@@ -0,0 +1,23 @@
+deny:
+  - use: ModifyRequest
+    setHeaders:
+      X-Real-IP: 192.168.1.1:1234
+  - use: RealIP
+    header: X-Real-IP
+    from:
+      - 0.0.0.0/0
+  - use: CIDRWhitelist
+    allow:
+      - 192.168.0.0/24
+accept:
+  - use: ModifyRequest
+    setHeaders:
+      X-Real-IP: 192.168.0.1:1234
+  - use: RealIP
+    header: X-Real-IP
+    from:
+      - 0.0.0.0/0
+  - use: CIDRWhitelist
+    allow:
+      - 192.168.0.0/24
+      - 127.0.0.1
--- a/internal/net/gphttp/middleware/test_data/middleware_compose.yml
+++ b/internal/net/gphttp/middleware/test_data/middleware_compose.yml
@@ -0,0 +1,25 @@
+theGreatPretender:
+  - use: HideXForwarded
+  - use: ModifyRequest
+    setHeaders:
+      X-Real-IP: 6.6.6.6
+  - use: ModifyResponse
+    hideHeaders:
+      - X-Test3
+      - X-Test4
+
+realIPAuthentik:
+  - use: RedirectHTTP
+  - use: RealIP
+    header: X-Real-IP
+    from:
+      - "127.0.0.0/8"
+      - "192.168.0.0/16"
+      - "172.16.0.0/12"
+    recursive: true
+
+testFakeRealIP:
+  - use: ModifyRequest
+    setHeaders:
+      CF-Connecting-IP: 127.0.0.1
+  - use: CloudflareRealIP
--- a/internal/net/gphttp/middleware/test_data/sample_headers.json
+++ b/internal/net/gphttp/middleware/test_data/sample_headers.json
@@ -0,0 +1,17 @@
+{
+    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
+    "Accept-Encoding": "gzip, deflate, br, zstd",
+    "Accept-Language": "en,zh-HK;q=0.9,zh-TW;q=0.8,zh-CN;q=0.7,zh;q=0.6",
+    "Dnt": "1",
+    "Host": "localhost",
+    "Priority": "u=0, i",
+    "Sec-Ch-Ua": "\"Chromium\";v=\"129\", \"Not=A?Brand\";v=\"8\"",
+    "Sec-Ch-Ua-Mobile": "?0",
+    "Sec-Ch-Ua-Platform": "\"Windows\"",
+    "Sec-Fetch-Dest": "document",
+    "Sec-Fetch-Mode": "navigate",
+    "Sec-Fetch-Site": "none",
+    "Sec-Fetch-User": "?1",
+    "Upgrade-Insecure-Requests": "1",
+    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
+}