github.com/TeaOSLab/EdgeNode@v1.3.8/internal/waf/get302_validator.go

github.com/TeaOSLab/EdgeNode@v1.3.8/internal/waf/get302_validator.go (about)

     1  // Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
     2  
     3  package waf
     4  
     5  import (
     6  	"github.com/TeaOSLab/EdgeNode/internal/utils"
     7  	"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
     8  	"github.com/iwind/TeaGo/types"
     9  	"net/http"
    10  	"time"
    11  )
    12  
    13  var get302Validator = NewGet302Validator()
    14  
    15  type Get302Validator struct {
    16  }
    17  
    18  func NewGet302Validator() *Get302Validator {
    19  	return &Get302Validator{}
    20  }
    21  
    22  func (this *Get302Validator) Run(request requests.Request, writer http.ResponseWriter) {
    23  	var info = request.WAFRaw().URL.Query().Get("info")
    24  	if len(info) == 0 {
    25  		request.ProcessResponseHeaders(writer.Header(), http.StatusBadRequest)
    26  		writer.WriteHeader(http.StatusBadRequest)
    27  		_, _ = writer.Write([]byte("invalid request (002)"))
    28  		return
    29  	}
    30  
    31  	var timestamp int64
    32  	var life int64
    33  	var setId int64
    34  	var policyId int64
    35  	var groupId int64
    36  	var scope string
    37  	var url string
    38  
    39  	var infoArg = &InfoArg{}
    40  	decodeErr := infoArg.Decode(info)
    41  	var success bool
    42  	if decodeErr == nil && infoArg.IsValid() {
    43  		success = true
    44  
    45  		timestamp = infoArg.Timestamp
    46  		life = int64(infoArg.Life)
    47  		setId = infoArg.SetId
    48  		policyId = infoArg.PolicyId
    49  		groupId = infoArg.GroupId
    50  		scope = infoArg.Scope
    51  		url = infoArg.URL
    52  	} else {
    53  		// 兼容老版本
    54  		m, decodeMapErr := utils.SimpleDecryptMap(info)
    55  		if decodeMapErr == nil {
    56  			success = true
    57  
    58  			timestamp = m.GetInt64("timestamp")
    59  			life = m.GetInt64("life")
    60  			setId = m.GetInt64("setId")
    61  			policyId = m.GetInt64("policyId")
    62  			groupId = m.GetInt64("groupId")
    63  			scope = m.GetString("scope")
    64  			url = m.GetString("url")
    65  		}
    66  	}
    67  
    68  	if !success {
    69  		request.ProcessResponseHeaders(writer.Header(), http.StatusBadRequest)
    70  		writer.WriteHeader(http.StatusBadRequest)
    71  		_, _ = writer.Write([]byte("invalid request (003)"))
    72  		return
    73  	}
    74  
    75  	if time.Now().Unix()-timestamp > 5 { // 超过5秒认为失效
    76  		request.ProcessResponseHeaders(writer.Header(), http.StatusBadRequest)
    77  		writer.WriteHeader(http.StatusBadRequest)
    78  		_, _ = writer.Write([]byte("invalid request (004)"))
    79  		return
    80  	}
    81  
    82  	// 加入白名单
    83  	if life <= 0 {
    84  		life = 600 // 默认10分钟
    85  	}
    86  	SharedIPWhiteList.RecordIP("set:"+types.String(setId), scope, request.WAFServerId(), request.WAFRemoteIP(), time.Now().Unix()+life, policyId, false, groupId, setId, "")
    87  
    88  	// 返回原始URL
    89  	request.ProcessResponseHeaders(writer.Header(), http.StatusFound)
    90  	http.Redirect(writer, request.WAFRaw(), url, http.StatusFound)
    91  }