Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add HMAC Authorization Plugin #241

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
wujunze merged 6 commits into from
Apr 1, 2019
Merged

Add HMAC Authorization Plugin #241

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
dead7db
Add HMAC Authorization Plugin
shuaijinchao Mar 30, 2019
8cdd366
Merge pull request #1 from shuaijinchao/plugins/hmac
shuaijinchao Mar 30, 2019
4ba2c61
Merge remote-tracking branch 'origin/v0.7.0-dev' into plugins/hmac
shuaijinchao Mar 31, 2019
f33a5a9
Merge remote-tracking branch 'origin/master' into plugins/hmac
shuaijinchao Mar 31, 2019
143545c
hmac_auth sql updated from orange-0.6.4.sql to orange-0.7.0.sql
shuaijinchao Mar 31, 2019
e8a6e67
Merge pull request #2 from shuaijinchao/plugins/hmac
shuaijinchao Mar 31, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions conf/orange.conf.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"property_rate_limiting",
"basic_auth",
"key_auth",
"hmac_auth",
"signature_auth",
"waf",
"divide",
Expand Down
5 changes: 5 additions & 0 deletions dashboard/routes/dashboard.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,6 +172,11 @@ return function(config, store)
res:render("jwt_auth/jwt_auth")
end)

-- HMAC AUTH
dashboard_router:get("/hmac_auth", function(req, res, next)
res:render("hmac_auth/hmac_auth")
end)

dashboard_router:get("/waf", function(req, res, next)
res:render("waf")
end)
Expand Down
128 changes: 128 additions & 0 deletions dashboard/static/js/hmac_auth.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
(function (L) {
var _this = null;
L.HmacAuth = L.HmacAuth || {};
_this = L.HmacAuth = {
data: {
},

init: function () {
L.Common.loadConfigs("hmac_auth", _this, true);
_this.initEvents();
},

initEvents: function () {
var op_type = "hmac_auth";
//添加规则对话框
L.Common.initRuleAddDialog(op_type, _this);
//删除规则对话框
L.Common.initRuleDeleteDialog(op_type, _this);
//编辑规则对话框
L.Common.initRuleEditDialog(op_type, _this);
L.Common.initRuleSortEvent(op_type, _this);

L.Common.initSelectorAddDialog(op_type, _this);
L.Common.initSelectorDeleteDialog(op_type, _this);
L.Common.initSelectorEditDialog(op_type, _this);
L.Common.initSelectorSortEvent(op_type, _this);
L.Common.initSelectorClickEvent(op_type, _this);
//选择器类型选择事件
L.Common.initSelectorTypeChangeEvent();
//添加或删除条件
L.Common.initConditionAddOrRemove();
//judge类型选择事件
L.Common.initJudgeTypeChangeEvent();
//condition类型选择事件
L.Common.initConditionTypeChangeEvent();

L.Common.initViewAndDownloadEvent(op_type, _this);
//redirect关闭、开启
L.Common.initSwitchBtn(op_type, _this);
//编辑规则对话框
L.Common.initSyncDialog(op_type, _this);
},

buildRule: function () {
let result = {
success: false,
data: {
name: null,
judge: {},
handle: {}
}
};

//build name and judge
let buildJudgeResult = L.Common.buildJudge();
if (buildJudgeResult.success == true) {
result.data.name = buildJudgeResult.data.name;
result.data.judge = buildJudgeResult.data.judge;
} else {
result.success = false;
result.data = buildJudgeResult.data;
return result;
}

//build handle
let buildHandleResult = _this.buildHandle();
if (buildHandleResult.success == true) {
result.data.handle = buildHandleResult.handle;
} else {
result.success = false;
result.data = buildHandleResult.data;
return result;
}

//enable or not
let enable = $('#rule-enable').is(':checked');
result.data.enable = enable;

result.success = true;
return result;
},

buildHandle: function () {
let result = {};
let handle = {};
// 检查秘钥是否为空
let handle_secret = $("#rule-handle-secret").val();
if (!handle_secret) {
result.success = false;
result.data = "[秘钥] 不能为空";
return result
}

let handle_algorithm = $("#rule-handle-algorithm").val();
if (!handle_algorithm) {
result.success = false;
result.data = "[算法] 不能为空";
return result
}

let handle_timeout = $("#rule-handle-timeout").val();
if (!handle_timeout) {
result.success = false;
result.data = "[超时] 不能为空";
return result
}

handle.credentials = {};
handle.credentials.secret = handle_secret;
handle.credentials.algorithm = handle_algorithm;
handle.credentials.timeout = parseInt(handle_timeout);

// 检查处理码是否为空
let handle_code = $("#rule-handle-code").val();
if (!handle_code) {
result.success = false;
result.data = "[处理] 状态码不能为空";
return result;
}

handle.code = parseInt(handle_code);
handle.log = ($("#rule-handle-log").val() === "true");
result.success = true;
result.handle = handle;
return result;
},
};
}(APP));
7 changes: 6 additions & 1 deletion dashboard/views/common/left_nav.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,12 @@
<span class="nav-label">Jwt Auth</span>
</a>
</li>

<li id="nav-hmac-auth">
<a href="/hmac_auth">
<i class="fa fa-lock"></i>
<span class="nav-label">Hmac Auth</span>
</a>
</li>
<li id="nav-signature-auth">
<a href="/signature_auth">
<i class="fa fa-minus-circle"></i>
Expand Down
34 changes: 34 additions & 0 deletions dashboard/views/hmac_auth/credential-add.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
<!-- 私钥 -->
<div id="secret-area">
<div class="form-group secret-holder">
<label class="col-sm-1 control-label">秘钥</label>
<div class="col-sm-11">
<input type="text" class="form-control" name="rule-handle-secret" id="rule-handle-secret" placeholder="秘钥">
</div>
</div>
</div>

<!-- 算法 -->
<div id="algorithm-area">
<div class="form-group algorithm-holder">
<label class="col-sm-1 control-label">算法</label>
<div class="col-sm-11">
<select class="form-control" name="rule-handle-algorithm" id="rule-handle-algorithm">
<option value="hmac-sha1">HMAC-SHA1</option>
<option value="hmac-sha256" disabled>HMAC-SHA256(依赖openssl模块)</option>
<option value="hmac-sha384" disabled>HMAC-SHA384(依赖openssl模块)</option>
<option value="hmac-sha512" disabled>HMAC-SHA512(依赖openssl模块)</option>
</select>
</div>
</div>
</div>

<!-- 超时 -->
<div id="timeout-area">
<div class="form-group secret-holder">
<label class="col-sm-1 control-label">超时</label>
<div class="col-sm-11">
<input type="text" class="form-control" name="rule-handle-timeout" id="rule-handle-timeout" placeholder="超时(秒)">
</div>
</div>
</div>
34 changes: 34 additions & 0 deletions dashboard/views/hmac_auth/credential-edit.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
<!-- 私钥 -->
<div id="secret-area">
<div class="form-group secret-holder">
<label class="col-sm-1 control-label">秘钥</label>
<div class="col-sm-11">
<input type="text" class="form-control" name="rule-handle-secret" id="rule-handle-secret" placeholder="秘钥" value="${r.handle.credentials.secret}">
</div>
</div>
</div>

<!-- 算法 -->
<div id="algorithm-area">
<div class="form-group algorithm-holder">
<label class="col-sm-1 control-label">算法</label>
<div class="col-sm-11">
<select class="form-control" name="rule-handle-algorithm" id="rule-handle-algorithm">
<option value="hmac-sha1" {@if r.handle.credentials.algorithm == 'hmac-sha1' } selected {@/if}>HMAC-SHA1</option>
<option value="hmac-sha256" {@if r.handle.credentials.algorithm == 'hmac-sha256' } selected {@/if} disabled>HMAC-SHA256(依赖openssl模块)</option>
<option value="hmac-sha384" {@if r.handle.credentials.algorithm == 'hmac-sha384' } selected {@/if} disabled>HMAC-SHA384(依赖openssl模块)</option>
<option value="hmac-sha512" {@if r.handle.credentials.algorithm == 'hmac-sha512' } selected {@/if} disabled>HMAC-SHA512(依赖openssl模块)</option>
</select>
</div>
</div>
</div>

<!-- 超时 -->
<div id="timeout-area">
<div class="form-group secret-holder">
<label class="col-sm-1 control-label">超时</label>
<div class="col-sm-11">
<input type="text" class="form-control" name="rule-handle-timeout" id="rule-handle-timeout" placeholder="超时(秒)" value="${r.handle.credentials.timeout}">
</div>
</div>
</div>
30 changes: 30 additions & 0 deletions dashboard/views/hmac_auth/credential-tmpl.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<script type="text/template" id="single-credential-tmpl">
<div class="form-group pair credential-holder">
<label class="col-sm-1 control-label"></label>
<div class="col-sm-3" style="width: 120px; line-height: 38px;">
<select class="form-control" name="rule-handle-credential-type">
<option value="1">Header</option>
<option value="2">Query</option>
<option value="3">PostParam</option>
</select>
</div>

<div class="col-sm-3" style="padding-left:0">
<input type="text" class="form-control" name="rule-handle-credential-key" placeholder="key">
</div>
<div class="col-sm-3" style="padding-left:0">
<input type="text" class="form-control" name="rule-handle-credential-target-value" placeholder="target value">
</div>
<div class="col-sm-1" style="margin-top:5px">
<span class="input-group-btn">
<a class="btn btn-remove" style="padding:0 5px;">
<i class="fa fa-remove"></i>
</a>
<a class="btn btn-add" style="padding:0 5px;">
<i class="fa fa-plus"></i>
</a>
</span>
</div>
</div>
</script>
<!--single credential tmpl-->
Loading