mirror of
https://github.com/go-kratos/kratos.git
synced 2025-03-19 21:18:07 +02:00
feat: make secure url to grpcs://127.0.0.1/ (#2072)
* feat:make secure url to grpcs://127.0.0.1/
This commit is contained in:
parent
1b3529fd0b
commit
ad5e9032a3
internal/endpoint
transport
@ -6,29 +6,42 @@ import (
|
||||
)
|
||||
|
||||
// NewEndpoint new an Endpoint URL.
|
||||
func NewEndpoint(scheme, host string, isSecure bool) *url.URL {
|
||||
var query string
|
||||
if isSecure {
|
||||
query = "isSecure=true"
|
||||
}
|
||||
return &url.URL{Scheme: scheme, Host: host, RawQuery: query}
|
||||
func NewEndpoint(scheme, host string) *url.URL {
|
||||
return &url.URL{Scheme: scheme, Host: host}
|
||||
}
|
||||
|
||||
// ParseEndpoint parses an Endpoint URL.
|
||||
func ParseEndpoint(endpoints []string, scheme string, isSecure bool) (string, error) {
|
||||
func ParseEndpoint(endpoints []string, scheme string) (string, error) {
|
||||
for _, e := range endpoints {
|
||||
u, err := url.Parse(e)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
if u.Scheme == scheme && IsSecure(u) == isSecure {
|
||||
|
||||
// TODO: Compatibility processing
|
||||
// Function is to convert grpc:/127.0.0.1/?isSecure=true into grpcs:/127.0.0.1/
|
||||
// It will be deleted in about a month
|
||||
u = legacyURLToNew(u)
|
||||
if u.Scheme == scheme {
|
||||
return u.Host, nil
|
||||
}
|
||||
}
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func legacyURLToNew(u *url.URL) *url.URL {
|
||||
if u.Scheme == "https" || u.Scheme == "grpcs" {
|
||||
return u
|
||||
}
|
||||
if IsSecure(u) {
|
||||
return &url.URL{Scheme: u.Scheme + "s", Host: u.Host}
|
||||
}
|
||||
return u
|
||||
}
|
||||
|
||||
// IsSecure parses isSecure for Endpoint URL.
|
||||
// Note: It will be deleted after some time,
|
||||
// unified use grpcs://127.0.0.1:8080 instead of grpc://127.0.0.1:8080?isSecure=true
|
||||
func IsSecure(u *url.URL) bool {
|
||||
ok, err := strconv.ParseBool(u.Query().Get("isSecure"))
|
||||
if err != nil {
|
||||
@ -36,3 +49,12 @@ func IsSecure(u *url.URL) bool {
|
||||
}
|
||||
return ok
|
||||
}
|
||||
|
||||
// Scheme is the scheme of endpoint url.
|
||||
// examples: scheme="http",isSecure=true get "https"
|
||||
func Scheme(scheme string, isSecure bool) string {
|
||||
if isSecure {
|
||||
return scheme + "s"
|
||||
}
|
||||
return scheme
|
||||
}
|
||||
|
@ -18,17 +18,17 @@ func TestEndPoint(t *testing.T) {
|
||||
// TODO: Add test cases.
|
||||
{
|
||||
name: "grpc://127.0.0.1?isSecure=false",
|
||||
args: args{NewEndpoint("grpc", "127.0.0.1", false)},
|
||||
args: args{&url.URL{Scheme: "grpc", Host: "127.0.0.1", RawQuery: "isSecure=false"}},
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "grpc://127.0.0.1?isSecure=true",
|
||||
args: args{NewEndpoint("http", "127.0.0.1", true)},
|
||||
args: args{&url.URL{Scheme: "grpc", Host: "127.0.0.1", RawQuery: "isSecure=true"}},
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "grpc://127.0.0.1",
|
||||
args: args{NewEndpoint("grpc", "localhost", false)},
|
||||
args: args{&url.URL{Scheme: "grpc", Host: "127.0.0.1"}},
|
||||
want: false,
|
||||
},
|
||||
}
|
||||
@ -43,9 +43,8 @@ func TestEndPoint(t *testing.T) {
|
||||
|
||||
func TestNewEndpoint(t *testing.T) {
|
||||
type args struct {
|
||||
scheme string
|
||||
host string
|
||||
isSecure bool
|
||||
scheme string
|
||||
host string
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
@ -54,18 +53,23 @@ func TestNewEndpoint(t *testing.T) {
|
||||
}{
|
||||
{
|
||||
name: "https://github.com/go-kratos/kratos/",
|
||||
args: args{"https", "github.com/go-kratos/kratos/", false},
|
||||
args: args{"https", "github.com/go-kratos/kratos/"},
|
||||
want: &url.URL{Scheme: "https", Host: "github.com/go-kratos/kratos/"},
|
||||
},
|
||||
{
|
||||
name: "https://go-kratos.dev/",
|
||||
args: args{"https", "go-kratos.dev/", true},
|
||||
want: &url.URL{Scheme: "https", Host: "go-kratos.dev/", RawQuery: "isSecure=true"},
|
||||
args: args{"https", "go-kratos.dev/"},
|
||||
want: &url.URL{Scheme: "https", Host: "go-kratos.dev/"},
|
||||
},
|
||||
{
|
||||
name: "https://www.google.com/",
|
||||
args: args{"https", "www.google.com/"},
|
||||
want: &url.URL{Scheme: "https", Host: "www.google.com/"},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if got := NewEndpoint(tt.args.scheme, tt.args.host, tt.args.isSecure); !reflect.DeepEqual(got, tt.want) {
|
||||
if got := NewEndpoint(tt.args.scheme, tt.args.host); !reflect.DeepEqual(got, tt.want) {
|
||||
t.Errorf("NewEndpoint() = %v, want %v", got, tt.want)
|
||||
}
|
||||
})
|
||||
@ -76,7 +80,6 @@ func TestParseEndpoint(t *testing.T) {
|
||||
type args struct {
|
||||
endpoints []string
|
||||
scheme string
|
||||
isSecure bool
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
@ -86,20 +89,46 @@ func TestParseEndpoint(t *testing.T) {
|
||||
}{
|
||||
{
|
||||
name: "kratos",
|
||||
args: args{endpoints: []string{"https://github.com/go-kratos/kratos?isSecure=true"}, scheme: "https", isSecure: true},
|
||||
args: args{endpoints: []string{"https://github.com/go-kratos/kratos"}, scheme: "https"},
|
||||
want: "github.com",
|
||||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "test",
|
||||
args: args{endpoints: []string{"https://go-kratos.dev/"}, scheme: "http", isSecure: true},
|
||||
args: args{endpoints: []string{"http://go-kratos.dev/"}, scheme: "https"},
|
||||
want: "",
|
||||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "localhost:8080",
|
||||
args: args{endpoints: []string{"grpcs://localhost:8080/"}, scheme: "grpcs"},
|
||||
want: "localhost:8080",
|
||||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "localhost:8081",
|
||||
args: args{endpoints: []string{"grpcs://localhost:8080/"}, scheme: "grpc"},
|
||||
want: "",
|
||||
wantErr: false,
|
||||
},
|
||||
|
||||
// Legacy
|
||||
{
|
||||
name: "google",
|
||||
args: args{endpoints: []string{"grpc://www.google.com/?isSecure=true"}, scheme: "grpcs"},
|
||||
want: "www.google.com",
|
||||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "baidu",
|
||||
args: args{endpoints: []string{"http://www.baidu.com/?isSecure=true"}, scheme: "https"},
|
||||
want: "www.baidu.com",
|
||||
wantErr: false,
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
got, err := ParseEndpoint(tt.args.endpoints, tt.args.scheme, tt.args.isSecure)
|
||||
got, err := ParseEndpoint(tt.args.endpoints, tt.args.scheme)
|
||||
if (err != nil) != tt.wantErr {
|
||||
t.Errorf("ParseEndpoint() error = %v, wantErr %v", err, tt.wantErr)
|
||||
return
|
||||
|
@ -49,7 +49,7 @@ func (r *discoveryResolver) update(ins []*registry.ServiceInstance) {
|
||||
addrs := make([]resolver.Address, 0)
|
||||
endpoints := make(map[string]struct{})
|
||||
for _, in := range ins {
|
||||
endpoint, err := endpoint.ParseEndpoint(in.Endpoints, "grpc", !r.insecure)
|
||||
endpoint, err := endpoint.ParseEndpoint(in.Endpoints, endpoint.Scheme("grpc", !r.insecure))
|
||||
if err != nil {
|
||||
log.Errorf("[resolver] Failed to parse discovery endpoint: %v", err)
|
||||
continue
|
||||
|
@ -207,6 +207,6 @@ func (s *Server) listenAndEndpoint() error {
|
||||
_ = s.lis.Close()
|
||||
return err
|
||||
}
|
||||
s.endpoint = endpoint.NewEndpoint("grpc", addr, s.tlsConf != nil)
|
||||
s.endpoint = endpoint.NewEndpoint(endpoint.Scheme("grpc", s.tlsConf != nil), addr)
|
||||
return nil
|
||||
}
|
||||
|
@ -112,7 +112,7 @@ func newResolver(ctx context.Context, discovery registry.Discovery, target *Targ
|
||||
func (r *resolver) update(services []*registry.ServiceInstance) bool {
|
||||
nodes := make([]selector.Node, 0)
|
||||
for _, ins := range services {
|
||||
ept, err := endpoint.ParseEndpoint(ins.Endpoints, "http", !r.insecure)
|
||||
ept, err := endpoint.ParseEndpoint(ins.Endpoints, endpoint.Scheme("http", !r.insecure))
|
||||
if err != nil {
|
||||
log.Errorf("Failed to parse (%v) discovery endpoint: %v error %v", r.target, ins.Endpoints, err)
|
||||
continue
|
||||
|
@ -224,7 +224,8 @@ func (s *Server) filter() mux.MiddlewareFunc {
|
||||
|
||||
// Endpoint return a real address to registry endpoint.
|
||||
// examples:
|
||||
// http://127.0.0.1:8000?isSecure=false
|
||||
// https://127.0.0.1:8000
|
||||
// Legacy: http://127.0.0.1:8000?isSecure=false
|
||||
func (s *Server) Endpoint() (*url.URL, error) {
|
||||
if s.err != nil {
|
||||
return nil, s.err
|
||||
@ -272,6 +273,6 @@ func (s *Server) listenAndEndpoint() error {
|
||||
_ = s.lis.Close()
|
||||
return err
|
||||
}
|
||||
s.endpoint = endpoint.NewEndpoint("http", addr, s.tlsConf != nil)
|
||||
s.endpoint = endpoint.NewEndpoint(endpoint.Scheme("http", s.tlsConf != nil), addr)
|
||||
return nil
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user