开发一个具有HTTP代理服务器认证功能的方法

小伙伴们对Golang编程感兴趣吗？是否正在学习相关知识点？如果是，那么本文《开发一个具有HTTP代理服务器认证功能的方法》，就很适合你，本篇文章讲解的知识点主要包括。在之后的文章中也会多多分享相关知识点，希望对大家的知识积累有所帮助！

我想在golang中编写一个带有身份验证的http代理，但我找不到任何示例。 这是我尝试过但不起作用的：（我在解析基本 auth 时遇到 error ）

server := &http.Server{
        Addr:         "0.0.0.0:8080",
        ReadTimeout:  15 * time.Second,
        WriteTimeout: 15 * time.Second,
        Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

            b, err := httputil.DumpRequest(r, true)
            if err == nil {
                fmt.Println("dump", string(b))
            } else {
                fmt.Println("dump error", err)
            }

            u, p, ok := r.BasicAuth()
            if !ok {
                fmt.Println("Error parsing basic auth")
                w.WriteHeader(401)
                return
            }
            if u != "USERNAME"{
                fmt.Printf("Username provided is correct: %s\n", u)
                w.WriteHeader(401)
                return
            }
            if p != "PASSWORD" {
                fmt.Printf("Password provided is correct: %s\n", u)
                w.WriteHeader(401)
                return
            }
            if r.Method == http.MethodConnect {
                handleTunneling(w, r)
            } else {
                handleHTTP(w, r)
            }
        }),
        // Disable HTTP/2.
        TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
}

log.Fatal(server.ListenAndServe())

我使用 firefox 和 foxyproxy 测试了该应用程序 在此输入图像描述

正确答案

HTTP Authentication 有两个用于提供身份验证信息的标头：Authorization 和 Proxy-Authorization。

授权标头：

the "authorization" header field allows a user agent to authenticate
itself with an origin server -- usually, but not necessarily, after
receiving a 401 (unauthorized) response.  its value consists of
credentials containing the authentication information of the user
agent for the realm of the resource being requested.

代理授权：

the "proxy-authorization" header field allows the client to identify
itself (or its user) to a proxy that requires authentication.  its
value consists of credentials containing the authentication
information of the client for the proxy and/or realm of the resource
being requested.

Request.BasicAuth() 用于“授权”标头，而不是“代理授权”标头。

basicauth returns the username and password provided in the request's authorization header, if the request uses http basic authentication. see rfc 2617, section 2.

要解析“proxy-authorization”标头，您可以从 request.go 复制 parseBasicAuth() 函数。

func ProxyBasicAuth(header http.Header) (username, password string, ok bool) {
    auth := header.Get("Proxy-Authorization")
    if auth == "" {
        return "", "", false
    }
    return parseBasicAuth(auth)
}

// parseBasicAuth parses an HTTP Basic Authentication string.
// "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" returns ("Aladdin", "open sesame", true).
func parseBasicAuth(auth string) (username, password string, ok bool) {
    const prefix = "Basic "
    // Case insensitive prefix match. See Issue 22736.
    if len(auth) < len(prefix) || !asciiEqualFold(auth[:len(prefix)], prefix) {
        return "", "", false
    }
    c, err := base64.StdEncoding.DecodeString(auth[len(prefix):])
    if err != nil {
        return "", "", false
    }
    cs := string(c)
    username, password, ok = strings.Cut(cs, ":")
    if !ok {
        return "", "", false
    }
    return username, password, true
}

// EqualFold is strings.EqualFold, ASCII only. It reports whether s and t
// are equal, ASCII-case-insensitively.
func asciiEqualFold(s, t string) bool {
    if len(s) != len(t) {
        return false
    }
    for i := 0; i < len(s); i++ {
        if asciiLower(s[i]) != asciiLower(t[i]) {
            return false
        }
    }
    return true
}

// lower returns the ASCII lowercase version of b.
func asciiLower(b byte) byte {
    if 'A' <= b && b <= 'Z' {
        return b + ('a' - 'A')
    }
    return b
}

Here 是稍作改动的源代码。您还可以查看 elazarl/goproxy 和 snail007/goproxy 等软件包。

理论要掌握，实操不能落！以上关于《开发一个具有HTTP代理服务器认证功能的方法》的详细介绍，大家都掌握了吧！如果想要继续提升自己的能力，那么就来关注golang学习网公众号吧！