mirror of
https://github.com/netbirdio/netbird.git
synced 2026-04-18 16:26:38 +00:00
fix linter issues
This commit is contained in:
pascal
@@ -67,6 +67,7 @@ func withTokenStore(cmd *cobra.Command, fn func(ctx context.Context, s store.Sto
|
|||||||
return fmt.Errorf("init log: %w", err)
|
return fmt.Errorf("init log: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//nolint
|
||||||
ctx := context.WithValue(cmd.Context(), hook.ExecutionContextKey, hook.SystemSource)
|
ctx := context.WithValue(cmd.Context(), hook.ExecutionContextKey, hook.SystemSource)
|
||||||
|
|
||||||
config, err := loadMgmtConfig(ctx, nbconfig.MgmtConfigPath)
|
config, err := loadMgmtConfig(ctx, nbconfig.MgmtConfigPath)
|
||||||
@@ -108,11 +109,11 @@ func tokenCreateRun(cmd *cobra.Command, _ []string) error {
|
|||||||
return fmt.Errorf("save token: %w", err)
|
return fmt.Errorf("save token: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
fmt.Println("Token created successfully!")
|
fmt.Println("Token created successfully!") //nolint:forbidigo
|
||||||
fmt.Printf("Token: %s\n", generated.PlainToken)
|
fmt.Printf("Token: %s\n", generated.PlainToken) //nolint:forbidigo
|
||||||
fmt.Println()
|
fmt.Println() //nolint:forbidigo
|
||||||
fmt.Println("IMPORTANT: Save this token now. It will not be shown again.")
|
fmt.Println("IMPORTANT: Save this token now. It will not be shown again.") //nolint:forbidigo
|
||||||
fmt.Printf("Token ID: %s\n", generated.ID)
|
fmt.Printf("Token ID: %s\n", generated.ID) //nolint:forbidigo
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
@@ -126,7 +127,7 @@ func tokenListRun(cmd *cobra.Command, _ []string) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if len(tokens) == 0 {
|
if len(tokens) == 0 {
|
||||||
fmt.Println("No proxy access tokens found.")
|
fmt.Println("No proxy access tokens found.") //nolint:forbidigo
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -174,7 +175,7 @@ func tokenRevokeRun(cmd *cobra.Command, args []string) error {
|
|||||||
return fmt.Errorf("revoke token: %w", err)
|
return fmt.Errorf("revoke token: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
fmt.Printf("Token %s revoked successfully.\n", tokenID)
|
fmt.Printf("Token %s revoked successfully.\n", tokenID) //nolint:forbidigo
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -92,7 +92,6 @@ type proxyConnection struct {
|
|||||||
sendChan chan *proto.ProxyMapping
|
sendChan chan *proto.ProxyMapping
|
||||||
ctx context.Context
|
ctx context.Context
|
||||||
cancel context.CancelFunc
|
cancel context.CancelFunc
|
||||||
mu sync.RWMutex
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewProxyServiceServer creates a new proxy service server.
|
// NewProxyServiceServer creates a new proxy service server.
|
||||||
@@ -833,6 +832,7 @@ func (s *ProxyServiceServer) ValidateSession(ctx context.Context, req *proto.Val
|
|||||||
"domain": domain,
|
"domain": domain,
|
||||||
"error": err.Error(),
|
"error": err.Error(),
|
||||||
}).Debug("ValidateSession: service not found")
|
}).Debug("ValidateSession: service not found")
|
||||||
|
//nolint:nilerr
|
||||||
return &proto.ValidateSessionResponse{
|
return &proto.ValidateSessionResponse{
|
||||||
Valid: false,
|
Valid: false,
|
||||||
DeniedReason: "service_not_found",
|
DeniedReason: "service_not_found",
|
||||||
@@ -857,6 +857,7 @@ func (s *ProxyServiceServer) ValidateSession(ctx context.Context, req *proto.Val
|
|||||||
"domain": domain,
|
"domain": domain,
|
||||||
"error": err.Error(),
|
"error": err.Error(),
|
||||||
}).Debug("ValidateSession: invalid session token")
|
}).Debug("ValidateSession: invalid session token")
|
||||||
|
//nolint:nilerr
|
||||||
return &proto.ValidateSessionResponse{
|
return &proto.ValidateSessionResponse{
|
||||||
Valid: false,
|
Valid: false,
|
||||||
DeniedReason: "invalid_token",
|
DeniedReason: "invalid_token",
|
||||||
@@ -870,6 +871,7 @@ func (s *ProxyServiceServer) ValidateSession(ctx context.Context, req *proto.Val
|
|||||||
"user_id": userID,
|
"user_id": userID,
|
||||||
"error": err.Error(),
|
"error": err.Error(),
|
||||||
}).Debug("ValidateSession: user not found")
|
}).Debug("ValidateSession: user not found")
|
||||||
|
//nolint:nilerr
|
||||||
return &proto.ValidateSessionResponse{
|
return &proto.ValidateSessionResponse{
|
||||||
Valid: false,
|
Valid: false,
|
||||||
DeniedReason: "user_not_found",
|
DeniedReason: "user_not_found",
|
||||||
@@ -883,6 +885,7 @@ func (s *ProxyServiceServer) ValidateSession(ctx context.Context, req *proto.Val
|
|||||||
"user_account": user.AccountID,
|
"user_account": user.AccountID,
|
||||||
"service_account": service.AccountID,
|
"service_account": service.AccountID,
|
||||||
}).Debug("ValidateSession: user account mismatch")
|
}).Debug("ValidateSession: user account mismatch")
|
||||||
|
//nolint:nilerr
|
||||||
return &proto.ValidateSessionResponse{
|
return &proto.ValidateSessionResponse{
|
||||||
Valid: false,
|
Valid: false,
|
||||||
DeniedReason: "account_mismatch",
|
DeniedReason: "account_mismatch",
|
||||||
@@ -895,6 +898,7 @@ func (s *ProxyServiceServer) ValidateSession(ctx context.Context, req *proto.Val
|
|||||||
"user_id": userID,
|
"user_id": userID,
|
||||||
"error": err.Error(),
|
"error": err.Error(),
|
||||||
}).Debug("ValidateSession: access denied")
|
}).Debug("ValidateSession: access denied")
|
||||||
|
//nolint:nilerr
|
||||||
return &proto.ValidateSessionResponse{
|
return &proto.ValidateSessionResponse{
|
||||||
Valid: false,
|
Valid: false,
|
||||||
UserId: user.Id,
|
UserId: user.Id,
|
||||||
|
|||||||
@@ -5132,9 +5132,10 @@ func (s *SqlStore) applyAccessLogFilters(query *gorm.DB, filter accesslogs.Acces
|
|||||||
}
|
}
|
||||||
|
|
||||||
if filter.Status != nil {
|
if filter.Status != nil {
|
||||||
if *filter.Status == "success" {
|
switch *filter.Status {
|
||||||
|
case "success":
|
||||||
query = query.Where("status_code >= ? AND status_code < ?", 200, 400)
|
query = query.Where("status_code >= ? AND status_code < ?", 200, 400)
|
||||||
} else if *filter.Status == "failed" {
|
case "failed":
|
||||||
query = query.Where("status_code < ? OR status_code >= ?", 200, 400)
|
query = query.Where("status_code < ? OR status_code >= ?", 200, 400)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -21,6 +21,8 @@ import (
|
|||||||
const DefaultManagementURL = "https://api.netbird.io:443"
|
const DefaultManagementURL = "https://api.netbird.io:443"
|
||||||
|
|
||||||
// envProxyToken is the environment variable name for the proxy access token.
|
// envProxyToken is the environment variable name for the proxy access token.
|
||||||
|
//
|
||||||
|
//nolint:gosec
|
||||||
const envProxyToken = "NB_PROXY_TOKEN"
|
const envProxyToken = "NB_PROXY_TOKEN"
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@@ -160,7 +162,8 @@ func runServer(cmd *cobra.Command, args []string) error {
|
|||||||
defer stop()
|
defer stop()
|
||||||
|
|
||||||
if err := srv.ListenAndServe(ctx, addr); err != nil {
|
if err := srv.ListenAndServe(ctx, addr); err != nil {
|
||||||
log.Fatal(err)
|
log.Error(err)
|
||||||
|
return err
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,40 +0,0 @@
|
|||||||
package auth
|
|
||||||
|
|
||||||
import (
|
|
||||||
"context"
|
|
||||||
|
|
||||||
"github.com/netbirdio/netbird/proxy/auth"
|
|
||||||
)
|
|
||||||
|
|
||||||
type requestContextKey string
|
|
||||||
|
|
||||||
const (
|
|
||||||
authMethodKey requestContextKey = "authMethod"
|
|
||||||
authUserKey requestContextKey = "authUser"
|
|
||||||
)
|
|
||||||
|
|
||||||
func withAuthMethod(ctx context.Context, method auth.Method) context.Context {
|
|
||||||
return context.WithValue(ctx, authMethodKey, method)
|
|
||||||
}
|
|
||||||
|
|
||||||
func MethodFromContext(ctx context.Context) auth.Method {
|
|
||||||
v := ctx.Value(authMethodKey)
|
|
||||||
method, ok := v.(auth.Method)
|
|
||||||
if !ok {
|
|
||||||
return ""
|
|
||||||
}
|
|
||||||
return method
|
|
||||||
}
|
|
||||||
|
|
||||||
func withAuthUser(ctx context.Context, userId string) context.Context {
|
|
||||||
return context.WithValue(ctx, authUserKey, userId)
|
|
||||||
}
|
|
||||||
|
|
||||||
func UserFromContext(ctx context.Context) string {
|
|
||||||
v := ctx.Value(authUserKey)
|
|
||||||
userId, ok := v.(string)
|
|
||||||
if !ok {
|
|
||||||
return ""
|
|
||||||
}
|
|
||||||
return userId
|
|
||||||
}
|
|
||||||
@@ -21,7 +21,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
saTokenPath = "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
saTokenPath = "/var/run/secrets/kubernetes.io/serviceaccount/token" //nolint:gosec
|
||||||
saNamespacePath = "/var/run/secrets/kubernetes.io/serviceaccount/namespace"
|
saNamespacePath = "/var/run/secrets/kubernetes.io/serviceaccount/namespace"
|
||||||
saCACertPath = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
|
saCACertPath = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
|
||||||
|
|
||||||
|
|||||||
@@ -86,7 +86,7 @@ func (p *ReverseProxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||||||
ErrorHandler: proxyErrorHandler,
|
ErrorHandler: proxyErrorHandler,
|
||||||
}
|
}
|
||||||
if result.rewriteRedirects {
|
if result.rewriteRedirects {
|
||||||
rp.ModifyResponse = p.rewriteLocationFunc(result.url, result.matchedPath, r)
|
rp.ModifyResponse = p.rewriteLocationFunc(result.url, result.matchedPath, r) //nolint:bodyclose
|
||||||
}
|
}
|
||||||
rp.ServeHTTP(w, r.WithContext(ctx))
|
rp.ServeHTTP(w, r.WithContext(ctx))
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -572,6 +572,7 @@ func TestRewriteLocationFunc(t *testing.T) {
|
|||||||
"http://backend.internal:8080/login")
|
"http://backend.internal:8080/login")
|
||||||
|
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
defer resp.Body.Close()
|
||||||
assert.Equal(t, "https://public.example.com/login", resp.Header.Get("Location"))
|
assert.Equal(t, "https://public.example.com/login", resp.Header.Get("Location"))
|
||||||
})
|
})
|
||||||
|
|
||||||
@@ -580,6 +581,7 @@ func TestRewriteLocationFunc(t *testing.T) {
|
|||||||
"https://other.example.com/path")
|
"https://other.example.com/path")
|
||||||
|
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
defer resp.Body.Close()
|
||||||
assert.Equal(t, "https://other.example.com/path", resp.Header.Get("Location"))
|
assert.Equal(t, "https://other.example.com/path", resp.Header.Get("Location"))
|
||||||
})
|
})
|
||||||
|
|
||||||
@@ -588,12 +590,14 @@ func TestRewriteLocationFunc(t *testing.T) {
|
|||||||
"/dashboard")
|
"/dashboard")
|
||||||
|
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
defer resp.Body.Close()
|
||||||
assert.Equal(t, "/dashboard", resp.Header.Get("Location"))
|
assert.Equal(t, "/dashboard", resp.Header.Get("Location"))
|
||||||
})
|
})
|
||||||
|
|
||||||
t.Run("re-adds stripped path prefix", func(t *testing.T) {
|
t.Run("re-adds stripped path prefix", func(t *testing.T) {
|
||||||
resp, err := run(newProxy("https"), "/api", newReq("https://public.example.com/api/users"),
|
resp, err := run(newProxy("https"), "/api", newReq("https://public.example.com/api/users"),
|
||||||
"http://backend.internal:8080/users")
|
"http://backend.internal:8080/users")
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
assert.Equal(t, "https://public.example.com/api/users", resp.Header.Get("Location"))
|
assert.Equal(t, "https://public.example.com/api/users", resp.Header.Get("Location"))
|
||||||
|
|||||||
@@ -109,7 +109,7 @@ func ServeHTTP(w http.ResponseWriter, r *http.Request, data any, statusCode ...i
|
|||||||
if err := tmpl.Execute(&buf, struct {
|
if err := tmpl.Execute(&buf, struct {
|
||||||
Data template.JS
|
Data template.JS
|
||||||
}{
|
}{
|
||||||
Data: template.JS(dataJSON),
|
Data: template.JS(dataJSON), //nolint:gosec
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
|
|||||||
Reference in New Issue
Block a user