Files
x/bypass/plugin/http.go
T
ginuerzh d015378654 test(bypass): add unit tests achieving 96.4% total coverage
- 88 tests: 70 for core (96.8%), 12 for gRPC plugin, 14 for HTTP plugin
- Cover all matchers (IP, CIDR, wildcard, IP range), loader sources,
  bypassGroup logic, periodReload, and plugin fail-open semantics
- Add nil-logger guard in httpPlugin.Contains to prevent panic
  when logger is nil
2026-05-23 16:04:30 +08:00

128 lines
2.7 KiB
Go

package bypass
import (
"bytes"
"context"
"encoding/json"
"net/http"
"github.com/go-gost/core/bypass"
"github.com/go-gost/core/logger"
ctxvalue "github.com/go-gost/x/ctx"
"github.com/go-gost/x/internal/plugin"
)
// httpPluginRequest is the JSON payload sent to a remote HTTP bypass service.
type httpPluginRequest struct {
Service string `json:"service"`
Network string `json:"network"`
Addr string `json:"addr"`
Client string `json:"client"`
Host string `json:"host"`
Path string `json:"path"`
}
// httpPluginResponse is the JSON response from a remote HTTP bypass service.
type httpPluginResponse struct {
OK bool `json:"ok"`
}
// httpPlugin delegates bypass decisions to a remote HTTP service.
// All error paths return true (fail-open) so that a down plugin
// does not block traffic.
type httpPlugin struct {
url string
client *http.Client
header http.Header
log logger.Logger
}
// NewHTTPPlugin creates a Bypass that delegates decisions to an HTTP
// bypass service at url. The service should accept POST requests with
// a JSON body and return {"ok": true/false}.
func NewHTTPPlugin(name string, url string, opts ...plugin.Option) bypass.Bypass {
var options plugin.Options
for _, opt := range opts {
opt(&options)
}
return &httpPlugin{
url: url,
client: plugin.NewHTTPClient(&options),
header: options.Header,
log: logger.Default().WithFields(map[string]any{
"kind": "bypass",
"bypass": name,
}),
}
}
func (p *httpPlugin) Contains(ctx context.Context, network, addr string, opts ...bypass.Option) bool {
if p.client == nil {
return true
}
log := p.log
if log == nil {
log = logger.Default()
}
var options bypass.Options
for _, opt := range opts {
opt(&options)
}
rb := httpPluginRequest{
Service: options.Service,
Network: network,
Addr: addr,
Client: string(ctxvalue.ClientIDFromContext(ctx)),
Host: options.Host,
Path: options.Path,
}
v, err := json.Marshal(&rb)
if err != nil {
log.Error(err)
return true
}
req, err := http.NewRequestWithContext(ctx, http.MethodPost, p.url, bytes.NewReader(v))
if err != nil {
log.Error(err)
return true
}
if p.header != nil {
req.Header = p.header.Clone()
}
req.Header.Set("Content-Type", "application/json")
resp, err := p.client.Do(req)
if err != nil {
log.Error(err)
return true
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return true
}
res := httpPluginResponse{}
if err := json.NewDecoder(resp.Body).Decode(&res); err != nil {
log.Error(err)
return true
}
return res.OK
}
func (p *httpPlugin) Close() error {
if p.client != nil {
p.client.CloseIdleConnections()
}
return nil
}
func (p *httpPlugin) IsWhitelist() bool {
return false
}