mirror of
https://github.com/warp-tech/warpgate.git
synced 2025-09-05 22:24:51 +08:00
fixed #1442 - unnecessary get_info auth restrictions
This commit is contained in:
Eugene
parent
4b0e5dfa72
commit
8ad6972371
5 changed files with 19 additions and 22 deletions
|
|
@ -233,7 +233,7 @@ impl Api {
|
||||||
#[oai(
|
#[oai(
|
||||||
path = "/auth/state",
|
path = "/auth/state",
|
||||||
method = "get",
|
method = "get",
|
||||||
operation_id = "getDefaultAuthState"
|
operation_id = "get_default_auth_state"
|
||||||
)]
|
)]
|
||||||
async fn api_default_auth_state(
|
async fn api_default_auth_state(
|
||||||
&self,
|
&self,
|
||||||
|
|
@ -256,7 +256,7 @@ impl Api {
|
||||||
#[oai(
|
#[oai(
|
||||||
path = "/auth/state",
|
path = "/auth/state",
|
||||||
method = "delete",
|
method = "delete",
|
||||||
operation_id = "cancelDefaultAuth"
|
operation_id = "cancel_default_auth"
|
||||||
)]
|
)]
|
||||||
async fn api_cancel_default_auth(
|
async fn api_cancel_default_auth(
|
||||||
&self,
|
&self,
|
||||||
|
|
|
||||||
|
|
@ -83,8 +83,8 @@ impl Api {
|
||||||
let targets = p.list_targets().await?;
|
let targets = p.list_targets().await?;
|
||||||
(users, targets)
|
(users, targets)
|
||||||
};
|
};
|
||||||
let user_is_admin = if let Some(auth) = request_authorization {
|
let user_is_admin = if let Some(auth) = &request_authorization {
|
||||||
is_user_admin(req, &auth).await?
|
is_user_admin(req, auth).await?
|
||||||
} else {
|
} else {
|
||||||
false
|
false
|
||||||
};
|
};
|
||||||
|
|
@ -104,8 +104,8 @@ impl Api {
|
||||||
};
|
};
|
||||||
|
|
||||||
Ok(InstanceInfoResponse::Ok(Json(Info {
|
Ok(InstanceInfoResponse::Ok(Json(Info {
|
||||||
version: session
|
version: request_authorization
|
||||||
.is_authenticated()
|
.is_some()
|
||||||
.then(|| warpgate_version().to_string()),
|
.then(|| warpgate_version().to_string()),
|
||||||
username: session.get_username(),
|
username: session.get_username(),
|
||||||
selected_target: session.get_target_name(),
|
selected_target: session.get_target_name(),
|
||||||
|
|
@ -117,8 +117,8 @@ impl Api {
|
||||||
authorized_via_sso_with_single_logout: session
|
authorized_via_sso_with_single_logout: session
|
||||||
.get_sso_login_state()
|
.get_sso_login_state()
|
||||||
.is_some_and(|state| state.supports_single_logout),
|
.is_some_and(|state| state.supports_single_logout),
|
||||||
ports: if session.is_authenticated() {
|
ports: match request_authorization {
|
||||||
PortsInfo {
|
Some(_) => PortsInfo {
|
||||||
ssh: if config.store.ssh.enable {
|
ssh: if config.store.ssh.enable {
|
||||||
Some(config.store.ssh.external_port())
|
Some(config.store.ssh.external_port())
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -139,14 +139,13 @@ impl Api {
|
||||||
} else {
|
} else {
|
||||||
None
|
None
|
||||||
},
|
},
|
||||||
}
|
},
|
||||||
} else {
|
None => PortsInfo {
|
||||||
PortsInfo {
|
|
||||||
ssh: None,
|
ssh: None,
|
||||||
http: None,
|
http: None,
|
||||||
mysql: None,
|
mysql: None,
|
||||||
postgres: None,
|
postgres: None,
|
||||||
}
|
},
|
||||||
},
|
},
|
||||||
own_credential_management_allowed: parameters.allow_own_credential_management,
|
own_credential_management_allowed: parameters.allow_own_credential_management,
|
||||||
setup_state,
|
setup_state,
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,6 @@ pub struct SsoLoginState {
|
||||||
pub trait SessionExt {
|
pub trait SessionExt {
|
||||||
fn get_target_name(&self) -> Option<String>;
|
fn get_target_name(&self) -> Option<String>;
|
||||||
fn set_target_name(&self, target_name: String);
|
fn set_target_name(&self, target_name: String);
|
||||||
fn is_authenticated(&self) -> bool;
|
|
||||||
fn get_username(&self) -> Option<String>;
|
fn get_username(&self) -> Option<String>;
|
||||||
fn get_auth(&self) -> Option<SessionAuthorization>;
|
fn get_auth(&self) -> Option<SessionAuthorization>;
|
||||||
fn set_auth(&self, auth: SessionAuthorization);
|
fn set_auth(&self, auth: SessionAuthorization);
|
||||||
|
|
@ -55,10 +54,6 @@ impl SessionExt for Session {
|
||||||
self.set(TARGET_SESSION_KEY, target_name);
|
self.set(TARGET_SESSION_KEY, target_name);
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_authenticated(&self) -> bool {
|
|
||||||
self.get_username().is_some()
|
|
||||||
}
|
|
||||||
|
|
||||||
fn get_username(&self) -> Option<String> {
|
fn get_username(&self) -> Option<String> {
|
||||||
self.get_auth().map(|x| x.username().to_owned())
|
self.get_auth().map(|x| x.username().to_owned())
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -42,13 +42,16 @@ impl ChannelWriter {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn write_extended(&self, handle: Handle, channel: ChannelId, ext: u32, data: CryptoVec) {
|
pub fn write_extended(&self, handle: Handle, channel: ChannelId, ext: u32, data: CryptoVec) {
|
||||||
let _ = self.tx.send(ChannelWriteOperation::ExtendedData(handle, channel, ext, data));
|
let _ = self.tx.send(ChannelWriteOperation::ExtendedData(
|
||||||
|
handle, channel, ext, data,
|
||||||
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Flush all pending writes. Returns when all previously queued operations have completed.
|
/// Flush all pending writes. Returns when all previously queued operations have completed.
|
||||||
pub async fn flush(&self) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
|
pub async fn flush(&self) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
|
||||||
let (tx, rx) = tokio::sync::oneshot::channel();
|
let (tx, rx) = tokio::sync::oneshot::channel();
|
||||||
self.tx.send(ChannelWriteOperation::Flush(tx))
|
self.tx
|
||||||
|
.send(ChannelWriteOperation::Flush(tx))
|
||||||
.map_err(|_| "ChannelWriter task has stopped")?;
|
.map_err(|_| "ChannelWriter task has stopped")?;
|
||||||
rx.await.map_err(|_| "ChannelWriter flush failed")?;
|
rx.await.map_err(|_| "ChannelWriter flush failed")?;
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
|
||||||
|
|
@ -736,7 +736,7 @@ impl ServerSession {
|
||||||
RCEvent::Close(channel) => {
|
RCEvent::Close(channel) => {
|
||||||
// Flush any pending writes before closing the channel
|
// Flush any pending writes before closing the channel
|
||||||
let _ = self.channel_writer.flush().await;
|
let _ = self.channel_writer.flush().await;
|
||||||
|
|
||||||
let server_channel_id = self.map_channel_reverse(&channel)?;
|
let server_channel_id = self.map_channel_reverse(&channel)?;
|
||||||
let _ = self
|
let _ = self
|
||||||
.maybe_with_session(|handle| async move {
|
.maybe_with_session(|handle| async move {
|
||||||
|
|
@ -750,7 +750,7 @@ impl ServerSession {
|
||||||
RCEvent::Eof(channel) => {
|
RCEvent::Eof(channel) => {
|
||||||
// Flush any pending writes before sending EOF
|
// Flush any pending writes before sending EOF
|
||||||
let _ = self.channel_writer.flush().await;
|
let _ = self.channel_writer.flush().await;
|
||||||
|
|
||||||
let server_channel_id = self.map_channel_reverse(&channel)?;
|
let server_channel_id = self.map_channel_reverse(&channel)?;
|
||||||
self.maybe_with_session(|handle| async move {
|
self.maybe_with_session(|handle| async move {
|
||||||
handle
|
handle
|
||||||
|
|
@ -763,7 +763,7 @@ impl ServerSession {
|
||||||
RCEvent::ExitStatus(channel, code) => {
|
RCEvent::ExitStatus(channel, code) => {
|
||||||
// Flush any pending writes before sending exit status
|
// Flush any pending writes before sending exit status
|
||||||
let _ = self.channel_writer.flush().await;
|
let _ = self.channel_writer.flush().await;
|
||||||
|
|
||||||
let server_channel_id = self.map_channel_reverse(&channel)?;
|
let server_channel_id = self.map_channel_reverse(&channel)?;
|
||||||
self.maybe_with_session(|handle| async move {
|
self.maybe_with_session(|handle| async move {
|
||||||
handle
|
handle
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue