test jwt pass.

escape on AppModel.Prefix()
This commit is contained in:
w-mj 2023-02-25 12:43:49 +08:00
parent 04b7361df7
commit a6bf064d63
No known key found for this signature in database
GPG Key ID: 3A2CB5BE2F835897
4 changed files with 32 additions and 10 deletions

View File

@ -1,4 +1,4 @@
IMAGE_TAG ?= docker.educg.net/cg/k8s-manager:v1.0.4
IMAGE_TAG ?= docker.educg.net/cg/k8s-manager:v1.0.7
build: export CGO_ENABLED=0
build: export GOOS=linux

25
main.go
View File

@ -70,7 +70,6 @@ func ParseCGToken(token string) (string, error) {
token = strings.ReplaceAll(token, "-", "+")
token = strings.ReplaceAll(token, "_", "/")
token = token + []string{"", "===", "==", "="}[len(token)%4]
fmt.Println(token)
aesEncrypt, err := base64.StdEncoding.DecodeString(token)
if err != nil {
log.WithError(err).Error("Parse CG Token 1")
@ -80,7 +79,7 @@ func ParseCGToken(token string) (string, error) {
jwtString := AesDecryptECB(aesEncrypt, []byte(aseKey))
jwtResult, err := jwt.ParseWithClaims(string(jwtString), &CGJWTClaim{}, func(token *jwt.Token) (i interface{}, err error) {
return jwtKey, nil
return []byte(jwtKey), nil
// return hmac.New(sha256.New, []byte(jwtKey)), nil
})
if err != nil {
@ -104,7 +103,13 @@ func generateKey(key []byte) (genKey []byte) {
return genKey
}
func AesDecryptECB(encrypted []byte, key []byte) (decrypted []byte) {
c, _ := aes.NewCipher(key)
sh := sha1.New()
sh.Write(key)
realKey := sh.Sum(nil)
c, err := aes.NewCipher(realKey[:16])
if err != nil {
log.WithError(err).Error(AesDecryptECB)
}
decrypted = make([]byte, len(encrypted))
//
for bs, be := 0, c.BlockSize(); bs < len(encrypted); bs, be = bs+c.BlockSize(), be+c.BlockSize() {
@ -142,8 +147,11 @@ func AesDecrypt(data []byte, key []byte) ([]byte, error) {
}
func Test(c *gin.Context) {
//username := c.Param("username")
username, err := ParseCGToken(c.Request.URL.Query().Get("cgtoken"))
username := c.Request.URL.Query().Get("username")
var err error
if username == "" {
username, err = ParseCGToken(c.Request.URL.Query().Get("cgtoken"))
}
if username == "" || err != nil {
c.JSON(http.StatusNotFound, gin.H{
"code": http.StatusNotFound,
@ -159,7 +167,12 @@ func Test(c *gin.Context) {
c.SetCookie("Authorization", "Bearer "+token, 0, "", "", false, false)
c.Header("Authorization", "Bearer "+token)
c.Header("Cache-Control", "no-store")
redirectUrl := fmt.Sprintf("/%s/index", os.Getenv("URL_PREFIX"))
redirectUrl := ""
if os.Getenv("URL_PREFIX") == "" {
redirectUrl = "/index"
} else {
redirectUrl = fmt.Sprintf("/%s/index", os.Getenv("URL_PREFIX"))
}
c.Redirect(http.StatusTemporaryRedirect, redirectUrl)
}
}

View File

@ -63,7 +63,16 @@ func (a *AppModel) Delete() error {
}
func (a *AppModel) NamePrefix() string {
return fmt.Sprintf("%s-%s", a.UserName, a.AppName)
prefix := fmt.Sprintf("%s-%s", a.UserName, a.AppName)
ans := strings.Builder{}
for _, c := range prefix {
if (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-' {
ans.WriteRune(c)
} else {
ans.WriteString(fmt.Sprintf("-%d-", c))
}
}
return ans.String()
}
func (a *AppModel) PodName() string {

View File

@ -17,7 +17,7 @@
<br/>
<div class="d-flex">
<!-- <div class="align-self-start">用户名:{{ .Username }}</div>-->
<div class="align-self-start">用户名:{{ username }}</div>
<div class="ms-auto align-self-end">
<button class="btn btn-success" @click="showModal(null)">添加应用</button>
</div>
@ -49,7 +49,7 @@
<td> {{ item.Command }}</td>
<td> {{ item.Env }}</td>
<td> {{ item.Status }}</td>
<td> {{ item.ServiceDisplayName }}</td>
<td> <a :href="'/' + item.ServiceDisplayName + '/'" target="_blank">{{ item.ServiceDisplayName }}</a></td>
<td> {{ item.Ports }}</td>
<td>
<div class="btn-group">