fix: pgs tunnels - pico@7372600

commit: 7372600
parent: dcfb7ac
author: Eric Bower
date: 2024-12-13 02:53:22 +0000 UTC

fix: pgs tunnels

1 files changed, +27, -10

M pgs/tunnel.go

+27, -10

 1@@ -1,6 +1,7 @@
 2 package pgs
 3 
 4 import (
 5+	"context"
 6 	"net/http"
 7 	"strings"
 8 
 9@@ -11,12 +12,26 @@ import (
10 
11 type TunnelWebRouter struct {
12 	*WebRouter
13+	subdomain string
14+}
15+
16+func (web *TunnelWebRouter) InitRouter() {
17+	router := http.NewServeMux()
18+	router.HandleFunc("GET /{fname...}", web.AssetRequest)
19+	router.HandleFunc("GET /{$}", web.AssetRequest)
20+	web.UserRouter = router
21 }
22 
23 func (web *TunnelWebRouter) Perm(proj *db.Project) bool {
24 	return true
25 }
26 
27+func (web *TunnelWebRouter) ServeHTTP(w http.ResponseWriter, r *http.Request) {
28+	ctx := r.Context()
29+	ctx = context.WithValue(ctx, shared.CtxSubdomainKey{}, web.subdomain)
30+	web.UserRouter.ServeHTTP(w, r.WithContext(ctx))
31+}
32+
33 type CtxHttpBridge = func(ssh.Context) http.Handler
34 
35 func getInfoFromUser(user string) (string, string) {
36@@ -50,13 +65,17 @@ func createHttpHandler(apiConfig *shared.ApiConfig) CtxHttpBridge {
37 
38 		props, err := shared.GetProjectFromSubdomain(subdomain)
39 		if err != nil {
40-			log.Error(err.Error())
41+			log.Error("could not get project from subdomain", "err", err.Error())
42 			return http.HandlerFunc(shared.UnauthorizedHandler)
43 		}
44 
45 		owner, err := dbh.FindUserForName(props.Username)
46 		if err != nil {
47-			log.Error(err.Error())
48+			log.Error(
49+				"could not find user from name",
50+				"name", props.Username,
51+				"err", err.Error(),
52+			)
53 			return http.HandlerFunc(shared.UnauthorizedHandler)
54 		}
55 		log = log.With(
56@@ -65,7 +84,7 @@ func createHttpHandler(apiConfig *shared.ApiConfig) CtxHttpBridge {
57 
58 		project, err := dbh.FindProjectByName(owner.ID, props.ProjectName)
59 		if err != nil {
60-			log.Error(err.Error())
61+			log.Error("could not get project by name", "project", props.ProjectName, "err", err.Error())
62 			return http.HandlerFunc(shared.UnauthorizedHandler)
63 		}
64 
65@@ -87,8 +106,9 @@ func createHttpHandler(apiConfig *shared.ApiConfig) CtxHttpBridge {
66 		}
67 
68 		ctx.Permissions().Extensions["user_id"] = requester.ID
69-		publicKey, err := ssh.ParsePublicKey([]byte(pubkey))
70+		publicKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(pubkey))
71 		if err != nil {
72+			log.Error("could not parse public key", "pubkey", pubkey, "err", err)
73 			return http.HandlerFunc(shared.UnauthorizedHandler)
74 		}
75 		if !HasProjectAccess(project, owner, requester, publicKey) {
76@@ -104,11 +124,8 @@ func createHttpHandler(apiConfig *shared.ApiConfig) CtxHttpBridge {
77 			apiConfig.Dbpool,
78 			apiConfig.Storage,
79 		)
80-		tunnelRouter := TunnelWebRouter{routes}
81-		router := http.NewServeMux()
82-		router.HandleFunc("GET /{fname}/{options}...", tunnelRouter.ImageRequest)
83-		router.HandleFunc("GET /{fname}", tunnelRouter.AssetRequest)
84-		router.HandleFunc("GET /{$}", tunnelRouter.AssetRequest)
85-		return router
86+		tunnelRouter := TunnelWebRouter{routes, subdomain}
87+		tunnelRouter.initRouters()
88+		return &tunnelRouter
89 	}
90 }