TheLanc3/rustdesk
1
0
Fork 0
mirror of https://github.com/rustdesk/rustdesk.git synced 2026-04-30 17:43:19 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: TheLanc3:27c0cd4f9b88d5157999a2f3db42227dbd65580e
Branches Tags
TheLanc3:master TheLanc3:tcp-proxy TheLanc3:copilot/fix-issue-14527 TheLanc3:copilot/fix-discussion-14282-issue TheLanc3:copilot/fix-h265-image-quality-issue TheLanc3:fix-mobile-mouse-hover-issue-8789 TheLanc3:ios TheLanc3:sciterjs
TheLanc3:1.4.6 TheLanc3:nightly TheLanc3:1.4.5 TheLanc3:1.4.4 TheLanc3:1.4.3 TheLanc3:1.4.2 TheLanc3:1.4.1 TheLanc3:1.4.0 TheLanc3:1.3.9 TheLanc3:1.3.8 TheLanc3:1.3.7 TheLanc3:1.3.6 TheLanc3:1.3.5 TheLanc3:1.3.4 TheLanc3:1.3.3 TheLanc3:1.3.2 TheLanc3:1.3.1 TheLanc3:1.3.0 TheLanc3:1.2.7 TheLanc3:1.2.6 TheLanc3:1.2.5 TheLanc3:1.2.4 TheLanc3:fdroid-version TheLanc3:1.2.3-2 TheLanc3:1.2.3-1 TheLanc3:1.2.3 TheLanc3:1.2.2 TheLanc3:1.2.1 TheLanc3:1.2.0 TheLanc3:1.1.9 TheLanc3:1.1.8 TheLanc3:1.1.6 TheLanc3:1.1.5 TheLanc3:1.1.4 TheLanc3:1.1.3 TheLanc3:1.1.2
..
compare: TheLanc3:tcp-proxy
Branches Tags
TheLanc3:master TheLanc3:tcp-proxy TheLanc3:copilot/fix-issue-14527 TheLanc3:copilot/fix-discussion-14282-issue TheLanc3:copilot/fix-h265-image-quality-issue TheLanc3:fix-mobile-mouse-hover-issue-8789 TheLanc3:ios TheLanc3:sciterjs
TheLanc3:1.4.6 TheLanc3:nightly TheLanc3:1.4.5 TheLanc3:1.4.4 TheLanc3:1.4.3 TheLanc3:1.4.2 TheLanc3:1.4.1 TheLanc3:1.4.0 TheLanc3:1.3.9 TheLanc3:1.3.8 TheLanc3:1.3.7 TheLanc3:1.3.6 TheLanc3:1.3.5 TheLanc3:1.3.4 TheLanc3:1.3.3 TheLanc3:1.3.2 TheLanc3:1.3.1 TheLanc3:1.3.0 TheLanc3:1.2.7 TheLanc3:1.2.6 TheLanc3:1.2.5 TheLanc3:1.2.4 TheLanc3:fdroid-version TheLanc3:1.2.3-2 TheLanc3:1.2.3-1 TheLanc3:1.2.3 TheLanc3:1.2.2 TheLanc3:1.2.1 TheLanc3:1.2.0 TheLanc3:1.1.9 TheLanc3:1.1.8 TheLanc3:1.1.6 TheLanc3:1.1.5 TheLanc3:1.1.4 TheLanc3:1.1.3 TheLanc3:1.1.2

9 Commits
27c0cd4f9b ... tcp-proxy

Author SHA1 Message Date
21pages
28cca601b5 oidc: route auth requests through shared HTTP/tcp-proxy path while keeping TLS warmup 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-31 11:09:44 +08:00
21pages
93cfd56954 review: make is_public case-insensitive and cover mixed-case rustdesk URLs 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-31 11:05:15 +08:00
rustdesk
5e7484c51b review: extract fallback helper, fix Content-Type override, add overall timeout 
- Extract duplicated TCP proxy fallback logic into generic
  `with_tcp_proxy_fallback` helper used by both `post_request` and
  `http_request_sync`, eliminating code drift risk
- Allow caller-supplied Content-Type to override the default in
  `parse_simple_header` instead of silently dropping it
- Take body by reference in `post_request_http` to avoid eager clone
  when no fallback is needed
- Wrap entire `tcp_proxy_request` flow (connect + handshake + send +
  receive) in an overall timeout to prevent indefinite stalls

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-30 20:55:15 +08:00
21pages
43df9fb7a1 copilot review: normalize HTTP method before direct request dispatch 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-29 17:20:23 +08:00
21pages
8d65f21f23 copilot review: format IPv6 tcp proxy log targets correctly 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-29 16:41:48 +08:00
21pages
91ebbbd31d copilot review: test function name 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-29 16:31:41 +08:00
21pages
a965e8cf8f format common.rs 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-29 16:22:21 +08:00
21pages
c737611538 copilot review: redact tcp proxy logs, dedupe headers, and avoid body clone 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-29 16:21:18 +08:00
21pages
9f2ce33a6c Suppress secure_tcp info logs for TCP proxy requests 
Signed-off-by: 21pages <sunboeasy@gmail.com>
 2026-03-29 14:44:52 +08:00
2 changed files with 263 additions and 160 deletions
Expand all files Collapse all files

344
src/common.rs
View File

@@ -1086,6 +1086,7 @@ fn get_api_server_(api: String, custom: String) -> String {
#[inline]
pub fn is_public(url: &str) -> bool {
let url = url.to_ascii_lowercase();
url.contains("rustdesk.com/") || url.ends_with("rustdesk.com")
}
@@ -1160,6 +1161,25 @@ fn is_tcp_proxy_api_target(url: &str) -> bool {
should_use_tcp_proxy_for_api_url(url, &ui_get_api_server())
}
fn tcp_proxy_log_target(url: &str) -> String {
url::Url::parse(url)
.ok()
.map(|parsed| {
let mut redacted = format!("{}://", parsed.scheme());
let Some(host) = parsed.host() else {
return "<invalid-url>".to_owned();
};
redacted.push_str(&host.to_string());
if let Some(port) = parsed.port() {
redacted.push(':');
redacted.push_str(&port.to_string());
}
redacted.push_str(parsed.path());
redacted
})
.unwrap_or_else(|| "<invalid-url>".to_owned())
}
#[inline]
fn get_tcp_proxy_addr() -> String {
check_port(Config::get_rendezvous_server(), RENDEZVOUS_PORT)
@@ -1168,6 +1188,10 @@ fn get_tcp_proxy_addr() -> String {
/// Send an HTTP request via the rendezvous server's TCP proxy using protobuf.
/// Connects with `connect_tcp` + `secure_tcp`, sends `HttpProxyRequest`,
/// receives `HttpProxyResponse`.
///
/// The entire operation (connect + handshake + send + receive) is wrapped in
/// an overall timeout of `CONNECT_TIMEOUT + READ_TIMEOUT` so that a stall at
/// any stage cannot block the caller indefinitely.
async fn tcp_proxy_request(
method: &str,
url: &str,
@@ -1186,45 +1210,55 @@ async fn tcp_proxy_request(
parsed.path().to_string()
};
log::debug!("Sending {} {} via TCP proxy to {}", method, path, tcp_addr);
log::debug!(
"Sending {} {} via TCP proxy to {}",
method,
parsed.path(),
tcp_addr
);
let mut conn = socket_client::connect_tcp(&*tcp_addr, CONNECT_TIMEOUT).await?;
let key = crate::get_key(true).await;
secure_tcp(&mut conn, &key).await?;
let overall_timeout = CONNECT_TIMEOUT + READ_TIMEOUT;
timeout(overall_timeout, async {
let mut conn = socket_client::connect_tcp(&*tcp_addr, CONNECT_TIMEOUT).await?;
let key = crate::get_key(true).await;
secure_tcp_silent(&mut conn, &key).await?;
let mut req = HttpProxyRequest::new();
req.method = method.to_uppercase();
req.path = path;
req.headers = headers.into();
req.body = Bytes::from(body.to_vec());
let mut req = HttpProxyRequest::new();
req.method = method.to_uppercase();
req.path = path;
req.headers = headers.into();
req.body = Bytes::from(body.to_vec());
let mut msg_out = RendezvousMessage::new();
msg_out.set_http_proxy_request(req);
conn.send(&msg_out).await?;
let mut msg_out = RendezvousMessage::new();
msg_out.set_http_proxy_request(req);
conn.send(&msg_out).await?;
match timeout(READ_TIMEOUT, conn.next()).await? {
Some(Ok(bytes)) => {
let msg_in = RendezvousMessage::parse_from_bytes(&bytes)?;
match msg_in.union {
Some(rendezvous_message::Union::HttpProxyResponse(resp)) => Ok(resp),
_ => bail!("Unexpected response from TCP proxy"),
match conn.next().await {
Some(Ok(bytes)) => {
let msg_in = RendezvousMessage::parse_from_bytes(&bytes)?;
match msg_in.union {
Some(rendezvous_message::Union::HttpProxyResponse(resp)) => Ok(resp),
_ => bail!("Unexpected response from TCP proxy"),
}
}
Some(Err(e)) => bail!("TCP proxy read error: {}", e),
None => bail!("TCP proxy connection closed without response"),
}
Some(Err(e)) => bail!("TCP proxy read error: {}", e),
None => bail!("TCP proxy connection closed without response"),
}
})
.await?
}
/// Build HeaderEntry list from "Key: Value" style header string (used by post_request).
/// If the caller supplies a Content-Type header it overrides the default `application/json`.
fn parse_simple_header(header: &str) -> Vec<HeaderEntry> {
let mut entries = vec![HeaderEntry {
name: "Content-Type".into(),
value: "application/json".into(),
..Default::default()
}];
let mut entries = Vec::new();
let mut has_content_type = false;
if !header.is_empty() {
let tmp: Vec<&str> = header.splitn(2, ": ").collect();
if tmp.len() == 2 {
if tmp[0].eq_ignore_ascii_case("Content-Type") {
has_content_type = true;
}
entries.push(HeaderEntry {
name: tmp[0].into(),
value: tmp[1].into(),
@@ -1232,15 +1266,21 @@ fn parse_simple_header(header: &str) -> Vec<HeaderEntry> {
});
}
}
if !has_content_type {
entries.insert(
0,
HeaderEntry {
name: "Content-Type".into(),
value: "application/json".into(),
..Default::default()
},
);
}
entries
}
/// POST request via TCP proxy.
async fn post_request_via_tcp_proxy(
url: &str,
body: &str,
header: &str,
) -> ResultType<String> {
async fn post_request_via_tcp_proxy(url: &str, body: &str, header: &str) -> ResultType<String> {
let headers = parse_simple_header(header);
let resp = tcp_proxy_request("POST", url, body.as_bytes(), headers).await?;
if !resp.error.is_empty() {
@@ -1256,10 +1296,7 @@ fn http_proxy_response_to_json(resp: HttpProxyResponse) -> ResultType<String> {
let mut response_headers = Map::new();
for entry in resp.headers.iter() {
response_headers.insert(
entry.name.to_lowercase(),
json!(entry.value),
);
response_headers.insert(entry.name.to_lowercase(), json!(entry.value));
}
let mut result = Map::new();
@@ -1289,25 +1326,16 @@ fn parse_json_header_entries(header: &str) -> ResultType<Vec<HeaderEntry>> {
}
}
#[inline]
fn tcp_proxy_fallback_log_condition() -> &'static str {
"failed or 5xx"
}
/// Returns (status_code, body_text). Separating status so the wrapper can decide on fallback.
async fn post_request_http(
url: String,
body: String,
header: &str,
) -> ResultType<(u16, String)> {
async fn post_request_http(url: &str, body: &str, header: &str) -> ResultType<(u16, String)> {
let proxy_conf = Config::get_socks();
let tls_url = get_url_for_tls(&url, &proxy_conf);
let tls_url = get_url_for_tls(url, &proxy_conf);
let tls_type = get_cached_tls_type(tls_url);
let danger_accept_invalid_cert = get_cached_tls_accept_invalid_cert(tls_url);
let response = post_request_(
&url,
url,
tls_url,
body.clone(),
body.to_owned(),
header,
tls_type,
danger_accept_invalid_cert,
@@ -1319,6 +1347,49 @@ async fn post_request_http(
Ok((status, text))
}
/// Try `http_fn` first; on connection failure or 5xx, fall back to `tcp_fn`
/// if the URL is eligible. 4xx responses are returned as-is.
async fn with_tcp_proxy_fallback<HttpFut, TcpFut>(
url: &str,
method: &str,
http_fn: HttpFut,
tcp_fn: TcpFut,
) -> ResultType<String>
where
HttpFut: Future<Output = ResultType<(u16, String)>>,
TcpFut: Future<Output = ResultType<String>>,
{
if should_use_raw_tcp_for_api(url) {
return tcp_fn.await;
}
let http_result = http_fn.await;
let should_fallback = match &http_result {
Err(_) => true,
Ok((status, _)) => *status >= 500,
};
if should_fallback && can_fallback_to_raw_tcp(url) {
log::warn!(
"HTTP {} to {} failed or 5xx (result: {:?}), trying TCP proxy fallback",
method,
tcp_proxy_log_target(url),
http_result
.as_ref()
.map(|(s, _)| *s)
.map_err(|e| e.to_string()),
);
match tcp_fn.await {
Ok(resp) => return Ok(resp),
Err(tcp_err) => {
log::warn!("TCP proxy fallback also failed: {:?}", tcp_err);
}
}
}
http_result.map(|(_status, text)| text)
}
/// POST request with raw TCP proxy support.
/// - If `USE_RAW_TCP_FOR_API` is "Y" and WS is off, goes directly through TCP proxy.
/// - Otherwise tries HTTP first; on connection failure or 5xx status,
@@ -1326,37 +1397,13 @@ async fn post_request_http(
/// - 4xx responses are returned as-is (server is reachable, business logic error).
/// - If fallback also fails, returns the original HTTP result (text or error).
pub async fn post_request(url: String, body: String, header: &str) -> ResultType<String> {
if should_use_raw_tcp_for_api(&url) {
return post_request_via_tcp_proxy(&url, &body, header).await;
}
let http_result = post_request_http(url.clone(), body.clone(), header).await;
let should_fallback = match &http_result {
Err(_) => true,
Ok((status, _)) => *status >= 500,
};
if should_fallback && can_fallback_to_raw_tcp(&url) {
log::warn!(
"HTTP POST to {} {} (result: {:?}), trying TCP proxy fallback",
url,
tcp_proxy_fallback_log_condition(),
http_result.as_ref().map(|(s, _)| *s).map_err(|e| e.to_string()),
);
match post_request_via_tcp_proxy(&url, &body, header).await {
Ok(resp) => return Ok(resp),
Err(tcp_err) => {
log::warn!("TCP proxy fallback also failed: {:?}", tcp_err);
// Fall through to return original HTTP result
}
}
}
// Return original HTTP result
match http_result {
Ok((_status, text)) => Ok(text),
Err(e) => Err(e),
}
with_tcp_proxy_fallback(
&url,
"POST",
post_request_http(&url, &body, header),
post_request_via_tcp_proxy(&url, &body, header),
)
.await
}
#[async_recursion]
@@ -1464,7 +1511,8 @@ async fn get_http_response_async(
tls_type.unwrap_or(TlsType::Rustls),
danger_accept_invalid_cert.unwrap_or(false),
);
let mut http_client = match method {
let normalized_method = method.to_ascii_lowercase();
let mut http_client = match normalized_method.as_str() {
"get" => http_client.get(url),
"post" => http_client.post(url),
"put" => http_client.put(url),
@@ -1568,7 +1616,7 @@ async fn http_request_http(
url,
tls_url,
method,
body.clone(),
body,
header,
tls_type,
danger_accept_invalid_cert,
@@ -1578,10 +1626,7 @@ async fn http_request_http(
// Serialize response headers
let mut response_headers = Map::new();
for (key, value) in response.headers() {
response_headers.insert(
key.to_string(),
json!(value.to_str().unwrap_or("")),
);
response_headers.insert(key.to_string(), json!(value.to_str().unwrap_or("")));
}
let status_code = response.status().as_u16();
@@ -1590,15 +1635,12 @@ async fn http_request_http(
// Construct the JSON object
let mut result = Map::new();
result.insert("status_code".to_string(), json!(status_code));
result.insert(
"headers".to_string(),
Value::Object(response_headers),
);
result.insert("headers".to_string(), Value::Object(response_headers));
result.insert("body".to_string(), json!(response_body));
// Convert map to JSON string
let json_str =
serde_json::to_string(&result).map_err(|e| anyhow!("Failed to serialize response: {}", e))?;
let json_str = serde_json::to_string(&result)
.map_err(|e| anyhow!("Failed to serialize response: {}", e))?;
Ok((status_code, json_str))
}
@@ -1610,32 +1652,13 @@ pub async fn http_request_sync(
body: Option<String>,
header: String,
) -> ResultType<String> {
if should_use_raw_tcp_for_api(&url) {
return http_request_via_tcp_proxy(&url, &method, body.as_deref(), &header).await;
}
let http_result = http_request_http(&url, &method, body.clone(), &header).await;
let should_fallback = match &http_result {
Err(_) => true,
Ok((status, _)) => *status >= 500,
};
if should_fallback && can_fallback_to_raw_tcp(&url) {
log::warn!(
"HTTP {} to {} {}, trying TCP proxy fallback",
method,
url,
tcp_proxy_fallback_log_condition()
);
match http_request_via_tcp_proxy(&url, &method, body.as_deref(), &header).await {
Ok(resp) => return Ok(resp),
Err(tcp_err) => {
log::warn!("TCP proxy fallback also failed: {:?}", tcp_err);
}
}
}
http_result.map(|(_status, json_str)| json_str)
with_tcp_proxy_fallback(
&url,
&method,
http_request_http(&url, &method, body.clone(), &header),
http_request_via_tcp_proxy(&url, &method, body.as_deref(), &header),
)
.await
}
/// General HTTP request via TCP proxy. Header is a JSON string (used by http_request_sync).
@@ -1913,7 +1936,7 @@ pub fn check_process(arg: &str, mut same_uid: bool) -> bool {
false
}
pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
async fn secure_tcp_impl(conn: &mut Stream, key: &str, log_on_success: bool) -> ResultType<()> {
// Skip additional encryption when using WebSocket connections (wss://)
// as WebSocket Secure (wss://) already provides transport layer encryption.
// This doesn't affect the end-to-end encryption between clients,
@@ -1946,7 +1969,9 @@ pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
});
timeout(CONNECT_TIMEOUT, conn.send(&msg_out)).await??;
conn.set_key(key);
log::info!("Connection secured");
if log_on_success {
log::info!("Connection secured");
}
}
_ => {}
}
@@ -1957,6 +1982,14 @@ pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
Ok(())
}
pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
secure_tcp_impl(conn, key, true).await
}
async fn secure_tcp_silent(conn: &mut Stream, key: &str) -> ResultType<()> {
secure_tcp_impl(conn, key, false).await
}
#[inline]
fn get_pk(pk: &[u8]) -> Option<[u8; 32]> {
if pk.len() == 32 {
@@ -2734,11 +2767,13 @@ mod tests {
assert!(is_public("https://rustdesk.com/"));
assert!(is_public("https://www.rustdesk.com/"));
assert!(is_public("https://api.rustdesk.com/v1"));
assert!(is_public("https://API.RUSTDESK.COM/v1"));
assert!(is_public("https://rustdesk.com/path"));
// Test URLs ending with "rustdesk.com"
assert!(is_public("rustdesk.com"));
assert!(is_public("https://rustdesk.com"));
assert!(is_public("https://RustDesk.com"));
assert!(is_public("http://www.rustdesk.com"));
assert!(is_public("https://api.rustdesk.com"));
@@ -2792,8 +2827,9 @@ mod tests {
}
}
let _restore =
RestoreCustomRendezvousServer(Config::get_option(keys::OPTION_CUSTOM_RENDEZVOUS_SERVER));
let _restore = RestoreCustomRendezvousServer(Config::get_option(
keys::OPTION_CUSTOM_RENDEZVOUS_SERVER,
));
Config::set_option(
keys::OPTION_CUSTOM_RENDEZVOUS_SERVER.to_string(),
"1:2".to_string(),
@@ -2804,11 +2840,8 @@ mod tests {
#[tokio::test]
async fn test_http_request_via_tcp_proxy_rejects_invalid_header_json() {
let err = http_request_via_tcp_proxy("not a url", "get", None, "{")
.await
.unwrap_err()
.to_string();
assert!(err.contains("EOF while parsing an object"));
let result = http_request_via_tcp_proxy("not a url", "get", None, "{").await;
assert!(result.is_err());
}
#[tokio::test]
@@ -2853,8 +2886,63 @@ mod tests {
}
#[test]
fn test_tcp_proxy_fallback_log_condition() {
assert_eq!(tcp_proxy_fallback_log_condition(), "failed or 5xx");
fn test_parse_simple_header_respects_custom_content_type() {
let headers = parse_simple_header("Content-Type: text/plain");
assert_eq!(
headers
.iter()
.filter(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
.count(),
1
);
assert_eq!(
headers
.iter()
.find(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
.map(|entry| entry.value.as_str()),
Some("text/plain")
);
}
#[test]
fn test_parse_simple_header_preserves_non_content_type_header() {
let headers = parse_simple_header("Authorization: Bearer token");
assert!(headers.iter().any(|entry| {
entry.name.eq_ignore_ascii_case("Authorization")
&& entry.value.as_str() == "Bearer token"
}));
assert_eq!(
headers
.iter()
.filter(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
.count(),
1
);
assert_eq!(
headers
.iter()
.find(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
.map(|entry| entry.value.as_str()),
Some("application/json")
);
}
#[test]
fn test_tcp_proxy_log_target_redacts_query_only() {
assert_eq!(
tcp_proxy_log_target("https://example.com/api/heartbeat?token=secret"),
"https://example.com/api/heartbeat"
);
}
#[test]
fn test_tcp_proxy_log_target_brackets_ipv6_host_with_port() {
assert_eq!(
tcp_proxy_log_target("https://[2001:db8::1]:21114/api/heartbeat?token=secret"),
"https://[2001:db8::1]:21114/api/heartbeat"
);
}
#[test]

79
src/hbbs_http/account.rs
View File

@@ -1,9 +1,10 @@
use super::HbbHttpResponse;
use crate::hbbs_http::create_http_client_with_url;
use hbb_common::{config::LocalConfig, log, ResultType};
use reqwest::blocking::Client;
use serde::de::DeserializeOwned;
use serde_derive::{Deserialize, Serialize};
use serde_repr::{Deserialize_repr, Serialize_repr};
use serde_json::{Map, Value};
use std::{
collections::HashMap,
sync::{Arc, RwLock},
@@ -109,7 +110,7 @@ pub struct AuthBody {
}
pub struct OidcSession {
client: Option<Client>,
warmed_api_server: Option<String>,
state_msg: &'static str,
failed_msg: String,
code_url: Option<OidcAuthUrl>,
@@ -136,7 +137,7 @@ impl Default for UserStatus {
impl OidcSession {
fn new() -> Self {
Self {
client: None,
warmed_api_server: None,
state_msg: REQUESTING_ACCOUNT_AUTH,
failed_msg: "".to_owned(),
code_url: None,
@@ -149,11 +150,28 @@ impl OidcSession {
fn ensure_client(api_server: &str) {
let mut write_guard = OIDC_SESSION.write().unwrap();
if write_guard.client.is_none() {
// This URL is used to detect the appropriate TLS implementation for the server.
let login_option_url = format!("{}/api/login-options", &api_server);
let client = create_http_client_with_url(&login_option_url);
write_guard.client = Some(client);
if write_guard.warmed_api_server.as_deref() == Some(api_server) {
return;
}
// This URL is used to detect the appropriate TLS implementation for the server.
let login_option_url = format!("{}/api/login-options", api_server);
let _ = create_http_client_with_url(&login_option_url);
write_guard.warmed_api_server = Some(api_server.to_owned());
}
fn parse_hbb_http_response<T: DeserializeOwned>(body: &str) -> ResultType<HbbHttpResponse<T>> {
let map = serde_json::from_str::<Map<String, Value>>(body)?;
if let Some(error) = map.get("error") {
if let Some(err) = error.as_str() {
Ok(HbbHttpResponse::Error(err.to_owned()))
} else {
Ok(HbbHttpResponse::ErrorFormat)
}
} else {
match serde_json::from_value(Value::Object(map)) {
Ok(v) => Ok(HbbHttpResponse::Data(v)),
Err(_) => Ok(HbbHttpResponse::DataTypeFormat),
}
}
}
@@ -164,26 +182,15 @@ impl OidcSession {
uuid: &str,
) -> ResultType<HbbHttpResponse<OidcAuthUrl>> {
Self::ensure_client(api_server);
let resp = if let Some(client) = &OIDC_SESSION.read().unwrap().client {
client
.post(format!("{}/api/oidc/auth", api_server))
.json(&serde_json::json!({
"op": op,
"id": id,
"uuid": uuid,
"deviceInfo": crate::ui_interface::get_login_device_info(),
}))
.send()?
} else {
hbb_common::bail!("http client not initialized");
};
let status = resp.status();
match resp.try_into() {
Ok(v) => Ok(v),
Err(err) => {
hbb_common::bail!("Http status: {}, err: {}", status, err);
}
}
let body = serde_json::json!({
"op": op,
"id": id,
"uuid": uuid,
"deviceInfo": crate::ui_interface::get_login_device_info(),
})
.to_string();
let resp = crate::post_request_sync(format!("{}/api/oidc/auth", api_server), body, "")?;
Self::parse_hbb_http_response(&resp)
}
fn query(
@@ -197,11 +204,19 @@ impl OidcSession {
&[("code", code), ("id", id), ("uuid", uuid)],
)?;
Self::ensure_client(api_server);
if let Some(client) = &OIDC_SESSION.read().unwrap().client {
Ok(client.get(url).send()?.try_into()?)
} else {
hbb_common::bail!("http client not initialized")
#[derive(Deserialize)]
struct HttpResponseBody {
body: String,
}
let resp = crate::http_request_sync(
url.to_string(),
"GET".to_owned(),
None,
"{}".to_owned(),
)?;
let resp = serde_json::from_str::<HttpResponseBody>(&resp)?;
Self::parse_hbb_http_response(&resp.body)
}
fn reset(&mut self) {