Skip to content

FP Refactor & Enveloping SPA Requests #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dtpthao merged 18 commits into from
Jul 1, 2025
Merged

FP Refactor & Enveloping SPA Requests #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
93d7ce5
reverse-proxy: refactor/restructure codebase
dtpthao Jun 19, 2025
4f41bf9
reverse-proxy: move request body validation code to a separate method
dtpthao Jun 19, 2025
72656d6
reverse-proxy: add configuration
dtpthao Jun 20, 2025
6a5f069
reverse-proxy: updated handle_init_tunnel to create and store in-memo…
dtpthao Jun 20, 2025
483de77
utils: centralize utility functions in dedicated module to avoid dupl…
dtpthao Jun 20, 2025
07f5b72
forward-proxy: update init-tunnel request/response bodies
dtpthao Jun 20, 2025
832d147
reverse-proxy: update ntor_server_id
dtpthao Jun 21, 2025
f711f7b
Merge branch 'refs/heads/main' into thao/issue-13
dtpthao Jun 21, 2025
b7325e9
reverse-proxy: fixed ntor import tag
dtpthao Jun 21, 2025
6c27881
forward-proxy: forward original request of `/proxy` api to upstream
dtpthao Jun 26, 2025
fc6173b
pingora-router: moved request body reading out of Layer8Context::update
dtpthao Jun 27, 2025
995c871
forward-proxy: refactor to forward request to RP instead of creating …
dtpthao Jun 28, 2025
06837d7
forward-proxy: remove router and clean up
dtpthao Jun 29, 2025
a3ca997
reverse-proxy: refactor request/response wrapping and encryption usin…
dtpthao Jun 29, 2025
5325008
forward-proxy: fix silly bug reading chunked body
dtpthao Jun 30, 2025
3413910
Merge branch 'refs/heads/main' into thao/issue-32
dtpthao Jun 30, 2025
bbe694e
reverse-proxy: replace WrappedUserRequest/Response by Layer8Request/R…
dtpthao Jul 1, 2025
d629c24
forward-proxy: handle CORS preflight request
dtpthao Jul 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions forward-proxy/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,5 @@ once_cell = "1.21.3"
pingora-error = "0.5.0"
boring = "4.17.0"
env_logger = "0.11.8"
utils = { path = "../utils" }
hex = "0.4.3"
15 changes: 14 additions & 1 deletion forward-proxy/src/handler/consts.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,20 @@ impl ForwardHeaderKeys {
}

const LAYER8_URL: &str = "http://127.0.0.1:5001";
const RP_URL: &str = "http://127.0.0.1:6193";
const RP_URL: &str = "http://127.0.0.1:6194";

pub static RP_INIT_ENCRYPTED_TUNNEL_PATH: Lazy<String> = Lazy::new(|| format!("{}/init-tunnel", RP_URL));
pub static RP_PROXY_PATH: Lazy<String> = Lazy::new(|| format!("{}/proxy", RP_URL));
pub static LAYER8_GET_CERTIFICATE_PATH: Lazy<String> = Lazy::new(|| format!("{}/sp-pub-key?backend_url=", LAYER8_URL));

pub const NTOR_SERVER_ID: &str = "ntor_server_id";
pub const NTOR_SERVER_ID_TMP_VALUE: &str = "ReverseProxyServer";
pub const NTOR_STATIC_PUBLIC_KEY: &str = "ntor_static_public_key";
pub const NTOR_STATIC_PUBLIC_KEY_TMP_VALUE: [u8; 32] = [
131, 210, 36, 101, 39, 191, 61, 165, 29, 112, 94, 149, 120, 202, 189, 170,
151, 62, 247, 71, 208, 255, 144, 173, 52, 223, 239, 221, 153, 225, 40, 10
];

pub const INIT_TUNNEL_ENDPOINT: &str = "/init-tunnel";
pub const PROXY_ENDPOINT: &str = "/proxy";
pub const HEALTHCHECK_ENDPOINT: &str = "/healthcheck";
28 changes: 28 additions & 0 deletions forward-proxy/src/handler/helpers.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
use serde::Serialize;
use chrono::Utc;
use jsonwebtoken::{encode, EncodingKey, Header};

// Get SECRET_KEY from environment variable
pub fn get_secret_key() -> String {
std::env::var("JWT_SECRET_KEY").expect("JWT_SECRET_KEY must be set")
}

#[derive(Serialize)]
struct Claims {
exp: usize,
}

pub fn generate_standard_token(secret_key: &str) -> pingora::Result<String, Box<dyn std::error::Error>> {
let now = Utc::now();
let claims = Claims {
exp: (now + chrono::Duration::days(1)).timestamp() as usize,
};

let token = encode(
&Header::new(jsonwebtoken::Algorithm::HS256),
&claims,
&EncodingKey::from_secret(secret_key.as_bytes()),
)?;

Ok(token)
}
Loading
Loading