revert the recent v1.2.0 feature that fetches a token from the API

silinternational · Nov 26, 2024 · f456139 · f456139
1 parent 9d974e6
commit f456139
Showing 1 changed file with 6 additions and 45 deletions.
diff --git a/main.go b/main.go
@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"net"
 	"net/http"
 	"net/url"
 	"strings"
@@ -202,7 +201,7 @@ func (p Proxy) setVar(r *http.Request, name, value string) {
 	p.log.Info("setting " + name + " to " + value)
 }
 
-func newDynamicProxy(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
+func newDynamicProxy(_ httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
 	return newProxy()
 }
 
@@ -315,30 +314,11 @@ func (p Proxy) getFlag(r *http.Request) bool {
 	return r.URL.Query().Get(CookieFlag) != ""
 }
 
-// getNewToken uses either an API call or a redirect to get a new token from the management API
-func (p Proxy) getNewToken(w http.ResponseWriter, r *http.Request) error {
-	ipAddr, err := getRequestIPAddress(r)
-	if err != nil {
-		return fmt.Errorf("failed to get request IP address: %w", err)
-	}
-
-	token := p.getTokenFromAPI(ipAddr)
-	claim := p.getClaimFromToken(token)
-	if claim.IsValid {
-		p.setCookie(w, token, claim.ExpiresAt.Time)
-
-		upstream, err := p.getSite(claim.Level)
-		if err != nil {
-			return fmt.Errorf("failed to get upstream from claim: %w", err)
-		}
-
-		p.setVar(r, CaddyVarUpstream, upstream)
-		return nil
-	} else {
-		p.log.Info("last resort, redirecting to management API")
-		p.setVar(r, CaddyVarRedirectURL, p.ManagementAPI+p.TokenPath+"?returnTo="+url.QueryEscape(p.Host+r.URL.Path))
-		return nil
-	}
+// getNewToken uses a redirect to get a new token from the management API
+func (p Proxy) getNewToken(_ http.ResponseWriter, r *http.Request) error {
+	p.log.Info("redirecting to management API")
+	p.setVar(r, CaddyVarRedirectURL, p.ManagementAPI+p.TokenPath+"?returnTo="+url.QueryEscape(p.Host+r.URL.Path))
+	return nil
 }
 
 func (p Proxy) getTokenFromAPI(ipAddress string) string {
@@ -368,22 +348,3 @@ func (p Proxy) getTokenFromAPI(ipAddress string) string {
 func claimsAreValidAndDifferent(a, b ProxyClaim) bool {
 	return a.IsValid && b.IsValid && !a.IssuedAt.Time.Equal(b.IssuedAt.Time)
 }
-
-// getRequestIPAddress gets the client IP address from CF-Connecting-IP or RemoteAddr in a request
-func getRequestIPAddress(req *http.Request) (string, error) {
-	if req == nil {
-		return "", errors.New("no request found")
-	}
-
-	// https://developers.cloudflare.com/fundamentals/reference/http-request-headers/#cf-connecting-ip
-	if cf := req.Header.Get("CF-Connecting-IP"); cf != "" {
-		return cf, nil
-	}
-
-	ip, _, err := net.SplitHostPort(req.RemoteAddr)
-	if err != nil {
-		return "", fmt.Errorf("userip: %q is not IP:port, %w", req.RemoteAddr, err)
-	}
-
-	return ip, nil
-}