warp-tech/warpgate
1
1
Fork 0
mirror of https://github.com/warp-tech/warpgate.git synced 2025-09-06 06:34:32 +08:00
Code Issues Projects Releases Packages Wiki Activity

fixed #1442 - unnecessary get_info auth restrictions

Browse source
This commit is contained in:
Eugene 2025-08-03 16:27:52 +02:00
parent 4b0e5dfa72
commit 8ad6972371
No known key found for this signature in database
GPG key ID: 5896FCBBDD1CF4F4
5 changed files with 19 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
warpgate-protocol-http/src/api/auth.rs
View file

@ -233,7 +233,7 @@ impl Api {
#[oai( #[oai(
path = "/auth/state", path = "/auth/state",
method = "get", method = "get",
operation_id = "getDefaultAuthState" operation_id = "get_default_auth_state"
)] )]
async fn api_default_auth_state( async fn api_default_auth_state(
&self, &self,
@ -256,7 +256,7 @@ impl Api {
#[oai( #[oai(
path = "/auth/state", path = "/auth/state",
method = "delete", method = "delete",
operation_id = "cancelDefaultAuth" operation_id = "cancel_default_auth"
)] )]
async fn api_cancel_default_auth( async fn api_cancel_default_auth(
&self, &self,

19
warpgate-protocol-http/src/api/info.rs
View file

@ -83,8 +83,8 @@ impl Api {
let targets = p.list_targets().await?; let targets = p.list_targets().await?;
(users, targets) (users, targets)
}; };
let user_is_admin = if let Some(auth) = request_authorization { let user_is_admin = if let Some(auth) = &request_authorization {
is_user_admin(req, &auth).await? is_user_admin(req, auth).await?
} else { } else {
false false
}; };
@ -104,8 +104,8 @@ impl Api {
}; };
Ok(InstanceInfoResponse::Ok(Json(Info { Ok(InstanceInfoResponse::Ok(Json(Info {
version: session version: request_authorization
.is_authenticated() .is_some()
.then(|| warpgate_version().to_string()), .then(|| warpgate_version().to_string()),
username: session.get_username(), username: session.get_username(),
selected_target: session.get_target_name(), selected_target: session.get_target_name(),
@ -117,8 +117,8 @@ impl Api {
authorized_via_sso_with_single_logout: session authorized_via_sso_with_single_logout: session
.get_sso_login_state() .get_sso_login_state()
.is_some_and(|state| state.supports_single_logout), .is_some_and(|state| state.supports_single_logout),
ports: if session.is_authenticated() { ports: match request_authorization {
PortsInfo { Some(_) => PortsInfo {
ssh: if config.store.ssh.enable { ssh: if config.store.ssh.enable {
Some(config.store.ssh.external_port()) Some(config.store.ssh.external_port())
} else { } else {
@ -139,14 +139,13 @@ impl Api {
} else { } else {
None None
}, },
} },
} else { None => PortsInfo {
PortsInfo {
ssh: None, ssh: None,
http: None, http: None,
mysql: None, mysql: None,
postgres: None, postgres: None,
} },
}, },
own_credential_management_allowed: parameters.allow_own_credential_management, own_credential_management_allowed: parameters.allow_own_credential_management,
setup_state, setup_state,

5
warpgate-protocol-http/src/common.rs
View file

@ -35,7 +35,6 @@ pub struct SsoLoginState {
pub trait SessionExt { pub trait SessionExt {
fn get_target_name(&self) -> Option<String>; fn get_target_name(&self) -> Option<String>;
fn set_target_name(&self, target_name: String); fn set_target_name(&self, target_name: String);
fn is_authenticated(&self) -> bool;
fn get_username(&self) -> Option<String>; fn get_username(&self) -> Option<String>;
fn get_auth(&self) -> Option<SessionAuthorization>; fn get_auth(&self) -> Option<SessionAuthorization>;
fn set_auth(&self, auth: SessionAuthorization); fn set_auth(&self, auth: SessionAuthorization);
@ -55,10 +54,6 @@ impl SessionExt for Session {
self.set(TARGET_SESSION_KEY, target_name); self.set(TARGET_SESSION_KEY, target_name);
} }
fn is_authenticated(&self) -> bool {
self.get_username().is_some()
}
fn get_username(&self) -> Option<String> { fn get_username(&self) -> Option<String> {
self.get_auth().map(|x| x.username().to_owned()) self.get_auth().map(|x| x.username().to_owned())
} }

7
warpgate-protocol-ssh/src/server/channel_writer.rs
View file

@ -42,13 +42,16 @@ impl ChannelWriter {
} }
pub fn write_extended(&self, handle: Handle, channel: ChannelId, ext: u32, data: CryptoVec) { pub fn write_extended(&self, handle: Handle, channel: ChannelId, ext: u32, data: CryptoVec) {
let _ = self.tx.send(ChannelWriteOperation::ExtendedData(handle, channel, ext, data)); let _ = self.tx.send(ChannelWriteOperation::ExtendedData(
handle, channel, ext, data,
));
} }
/// Flush all pending writes. Returns when all previously queued operations have completed. /// Flush all pending writes. Returns when all previously queued operations have completed.
pub async fn flush(&self) -> Result<(), Box<dyn std::error::Error + Send + Sync>> { pub async fn flush(&self) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
let (tx, rx) = tokio::sync::oneshot::channel(); let (tx, rx) = tokio::sync::oneshot::channel();
self.tx.send(ChannelWriteOperation::Flush(tx)) self.tx
.send(ChannelWriteOperation::Flush(tx))
.map_err(|_| "ChannelWriter task has stopped")?; .map_err(|_| "ChannelWriter task has stopped")?;
rx.await.map_err(|_| "ChannelWriter flush failed")?; rx.await.map_err(|_| "ChannelWriter flush failed")?;
Ok(()) Ok(())