This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/outpost/pkg/server/api_ws.go

118 lines
3.2 KiB
Go
Raw Normal View History

2020-09-02 22:04:12 +00:00
package server
import (
"crypto/tls"
"encoding/base64"
2020-09-02 22:04:12 +00:00
"fmt"
"net/http"
"net/url"
"os"
"strings"
"time"
2021-01-09 20:50:48 +00:00
"github.com/BeryJu/authentik/outpost/pkg"
2020-09-02 22:04:12 +00:00
"github.com/go-openapi/strfmt"
"github.com/gorilla/websocket"
"github.com/recws-org/recws"
)
func (ac *APIController) initWS(pbURL url.URL, outpostUUID strfmt.UUID) {
pathTemplate := "%s://%s/ws/outpost/%s/"
scheme := strings.ReplaceAll(pbURL.Scheme, "http", "ws")
authHeader := base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("Basic :%s", ac.token)))
2020-09-02 22:04:12 +00:00
header := http.Header{
"Authorization": []string{authHeader},
2020-12-05 21:08:42 +00:00
"User-Agent": []string{fmt.Sprintf("authentik-proxy@%s", pkg.VERSION)},
2020-09-02 22:04:12 +00:00
}
2020-12-05 21:08:42 +00:00
value, set := os.LookupEnv("AUTHENTIK_INSECURE")
if !set {
value = "false"
}
2020-09-02 22:04:12 +00:00
ws := &recws.RecConn{
2020-09-02 22:04:12 +00:00
NonVerbose: true,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: strings.ToLower(value) == "true",
2020-09-02 22:04:12 +00:00
},
}
ws.Dial(fmt.Sprintf(pathTemplate, scheme, pbURL.Host, outpostUUID.String()), header)
2020-12-05 21:08:42 +00:00
ac.logger.WithField("component", "ws").WithField("outpost", outpostUUID.String()).Debug("connecting to authentik")
2020-09-02 22:04:12 +00:00
ac.wsConn = ws
// Send hello message with our version
msg := websocketMessage{
Instruction: WebsocketInstructionHello,
Args: map[string]interface{}{
"version": pkg.VERSION,
},
}
err := ws.WriteJSON(msg)
if err != nil {
2020-12-05 21:08:42 +00:00
ac.logger.WithField("component", "ws").WithError(err).Warning("Failed to hello to authentik")
}
2020-09-02 22:04:12 +00:00
}
// Shutdown Gracefully stops all workers, disconnects from websocket
func (ac *APIController) Shutdown() {
// Cleanly close the connection by sending a close message and then
// waiting (with timeout) for the server to close the connection.
err := ac.wsConn.WriteMessage(websocket.CloseMessage, websocket.FormatCloseMessage(websocket.CloseNormalClosure, ""))
if err != nil {
ac.logger.Println("write close:", err)
return
}
return
}
func (ac *APIController) startWSHandler() {
notConnectedBackoff := 1
2020-09-02 22:04:12 +00:00
for {
if !ac.wsConn.IsConnected() {
notConnectedWait := time.Duration(notConnectedBackoff) * time.Second
ac.logger.WithField("loop", "ws-handler").WithField("wait", notConnectedWait).Info("Not connected, trying again...")
time.Sleep(notConnectedWait)
notConnectedBackoff += notConnectedBackoff
continue
}
2020-09-02 22:04:12 +00:00
var wsMsg websocketMessage
err := ac.wsConn.ReadJSON(&wsMsg)
if err != nil {
ac.logger.WithField("loop", "ws-handler").Println("read:", err)
ac.wsConn.CloseAndReconnect()
continue
2020-09-02 22:04:12 +00:00
}
if wsMsg.Instruction == WebsocketInstructionTriggerUpdate {
2020-10-17 14:48:53 +00:00
time.Sleep(ac.reloadOffset)
2020-09-02 22:04:12 +00:00
err := ac.UpdateIfRequired()
if err != nil {
ac.logger.WithField("loop", "ws-handler").WithError(err).Debug("Failed to update")
2020-09-02 22:04:12 +00:00
}
}
}
}
func (ac *APIController) startWSHealth() {
for ; true; <-time.Tick(time.Second * 10) {
if !ac.wsConn.IsConnected() {
continue
}
2020-09-02 22:04:12 +00:00
aliveMsg := websocketMessage{
Instruction: WebsocketInstructionHello,
Args: map[string]interface{}{
"version": pkg.VERSION,
},
2020-09-02 22:04:12 +00:00
}
err := ac.wsConn.WriteJSON(aliveMsg)
ac.logger.WithField("loop", "ws-health").Debug("hello'd")
2020-09-02 22:04:12 +00:00
if err != nil {
ac.logger.WithField("loop", "ws-health").Println("write:", err)
ac.wsConn.CloseAndReconnect()
continue
2020-09-02 22:04:12 +00:00
}
}
}