mrok 0.4.3__py3-none-any.whl → 0.4.5__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- mrok/proxy/app.py +14 -6
- {mrok-0.4.3.dist-info → mrok-0.4.5.dist-info}/METADATA +1 -1
- {mrok-0.4.3.dist-info → mrok-0.4.5.dist-info}/RECORD +6 -7
- mrok/proxy/ziti.py +0 -103
- {mrok-0.4.3.dist-info → mrok-0.4.5.dist-info}/WHEEL +0 -0
- {mrok-0.4.3.dist-info → mrok-0.4.5.dist-info}/entry_points.txt +0 -0
- {mrok-0.4.3.dist-info → mrok-0.4.5.dist-info}/licenses/LICENSE.txt +0 -0
mrok/proxy/app.py
CHANGED
|
@@ -2,11 +2,13 @@ import asyncio
|
|
|
2
2
|
import logging
|
|
3
3
|
from pathlib import Path
|
|
4
4
|
|
|
5
|
+
import openziti
|
|
6
|
+
from openziti.context import ZitiContext
|
|
7
|
+
|
|
5
8
|
from mrok.conf import get_settings
|
|
6
9
|
from mrok.http.forwarder import ForwardAppBase
|
|
7
10
|
from mrok.http.types import Scope, StreamReader, StreamWriter
|
|
8
11
|
from mrok.logging import setup_logging
|
|
9
|
-
from mrok.proxy.ziti import ZitiSocketCache
|
|
10
12
|
|
|
11
13
|
logger = logging.getLogger("mrok.proxy")
|
|
12
14
|
|
|
@@ -30,7 +32,7 @@ class ProxyApp(ForwardAppBase):
|
|
|
30
32
|
if settings.proxy.domain[0] == "."
|
|
31
33
|
else f".{settings.proxy.domain}"
|
|
32
34
|
)
|
|
33
|
-
self.
|
|
35
|
+
self._ziti_ctx: ZitiContext | None = None
|
|
34
36
|
|
|
35
37
|
def get_target_from_header(self, headers: dict[str, str], name: str) -> str | None:
|
|
36
38
|
header_value = headers.get(name, "")
|
|
@@ -47,11 +49,17 @@ class ProxyApp(ForwardAppBase):
|
|
|
47
49
|
raise ProxyError("Neither Host nor X-Forwarded-Host contain a valid target name")
|
|
48
50
|
return target
|
|
49
51
|
|
|
52
|
+
def _get_ziti_ctx(self) -> ZitiContext:
|
|
53
|
+
if self._ziti_ctx is None:
|
|
54
|
+
ctx, err = openziti.load(str(self._identity_file), timeout=10_000)
|
|
55
|
+
if err != 0:
|
|
56
|
+
raise Exception(f"Cannot create a Ziti context from the identity file: {err}")
|
|
57
|
+
self._ziti_ctx = ctx
|
|
58
|
+
return self._ziti_ctx
|
|
59
|
+
|
|
50
60
|
async def startup(self):
|
|
51
61
|
setup_logging(get_settings())
|
|
52
|
-
|
|
53
|
-
async def shutdown(self):
|
|
54
|
-
await self._ziti_socket_cache.stop()
|
|
62
|
+
self._get_ziti_ctx()
|
|
55
63
|
|
|
56
64
|
async def select_backend(
|
|
57
65
|
self,
|
|
@@ -59,6 +67,6 @@ class ProxyApp(ForwardAppBase):
|
|
|
59
67
|
headers: dict[str, str],
|
|
60
68
|
) -> tuple[StreamReader, StreamWriter] | tuple[None, None]:
|
|
61
69
|
target_name = self.get_target_name(headers)
|
|
62
|
-
sock = self.
|
|
70
|
+
sock = self._get_ziti_ctx().connect(target_name)
|
|
63
71
|
reader, writer = await asyncio.open_connection(sock=sock)
|
|
64
72
|
return reader, writer
|
|
@@ -71,9 +71,8 @@ mrok/http/server.py,sha256=Mj7C85fc-DXp-WTBWaOd7ag808oliLmFBH5bf-G2FHg,370
|
|
|
71
71
|
mrok/http/types.py,sha256=XpNrvbfpANKvmjOBYtLF1FmDHoJF3z_MIMQHXoJlvmE,1302
|
|
72
72
|
mrok/http/utils.py,sha256=sOixYu3R9-nNoMFYdifrreYvcFRIHYVtb6AAmtVzaLE,2125
|
|
73
73
|
mrok/proxy/__init__.py,sha256=vWXyImroqM1Eq8e_oFPBup8VJ3reyp8SVjFTbLzRkI8,51
|
|
74
|
-
mrok/proxy/app.py,sha256
|
|
74
|
+
mrok/proxy/app.py,sha256=kWMg4oi0WtwHS0CD4iOK2-dghBzu8ya7aRIH-jn-61g,2436
|
|
75
75
|
mrok/proxy/main.py,sha256=ZXpticE6J4FABaslDB_8J5qklPsf3e7xIFSZmcPAAjQ,1588
|
|
76
|
-
mrok/proxy/ziti.py,sha256=Ce02EimVJNffyluFr1nhOMXh6kZ0kY2nt6Shg58wkBw,3206
|
|
77
76
|
mrok/ziti/__init__.py,sha256=20OWMiexRhOovZOX19zlX87-V78QyWnEnSZfyAftUdE,263
|
|
78
77
|
mrok/ziti/api.py,sha256=KvGiT9d4oSgC3JbFWLDQyuHcLX2HuZJoJ8nHmWtCDkY,16154
|
|
79
78
|
mrok/ziti/bootstrap.py,sha256=QIDhlkIxPW2QRuumFq2D1WDbD003P5f3z24pAUsyeBI,2696
|
|
@@ -82,8 +81,8 @@ mrok/ziti/errors.py,sha256=yYCbVDwktnR0AYduqtynIjo73K3HOhIrwA_vQimvEd4,368
|
|
|
82
81
|
mrok/ziti/identities.py,sha256=1BcwfqAJHMBhc3vRaf0aLaIkoHskj5Xe2Lsq2lO9Vs8,6735
|
|
83
82
|
mrok/ziti/pki.py,sha256=o2tySqHC8-7bvFuI2Tqxg9vX6H6ZSxWxfP_9x29e19M,1954
|
|
84
83
|
mrok/ziti/services.py,sha256=zR1PEBYwXVou20iJK4euh0ZZFAo9UB8PZk8f6SDmiUE,3194
|
|
85
|
-
mrok-0.4.
|
|
86
|
-
mrok-0.4.
|
|
87
|
-
mrok-0.4.
|
|
88
|
-
mrok-0.4.
|
|
89
|
-
mrok-0.4.
|
|
84
|
+
mrok-0.4.5.dist-info/METADATA,sha256=jomSUZzuiMTTuC3T3zzisYfaFnevrSbQJ7y1-sM6lgU,15836
|
|
85
|
+
mrok-0.4.5.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
|
|
86
|
+
mrok-0.4.5.dist-info/entry_points.txt,sha256=tloXwvU1uJicBJR2h-8HoVclPgwJWDwuREMHN8Zq-nU,38
|
|
87
|
+
mrok-0.4.5.dist-info/licenses/LICENSE.txt,sha256=6PaICaoA3yNsZKLv5G6OKqSfLSoX7MakYqTDgJoTCBs,11346
|
|
88
|
+
mrok-0.4.5.dist-info/RECORD,,
|
mrok/proxy/ziti.py
DELETED
|
@@ -1,103 +0,0 @@
|
|
|
1
|
-
import asyncio
|
|
2
|
-
import contextlib
|
|
3
|
-
from asyncio import Task
|
|
4
|
-
from pathlib import Path
|
|
5
|
-
|
|
6
|
-
import openziti
|
|
7
|
-
from aiocache import Cache
|
|
8
|
-
from openziti.context import ZitiContext
|
|
9
|
-
from openziti.zitisock import ZitiSocket
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
class ZitiSocketCache:
|
|
13
|
-
def __init__(
|
|
14
|
-
self,
|
|
15
|
-
identity_file: str | Path,
|
|
16
|
-
ziti_ctx_timeout_ms: int = 10_000,
|
|
17
|
-
ttl_seconds: float = 60.0,
|
|
18
|
-
cleanup_interval: float = 10.0,
|
|
19
|
-
) -> None:
|
|
20
|
-
self._identity_file = identity_file
|
|
21
|
-
self._ziti_ctx_timeout_ms = ziti_ctx_timeout_ms
|
|
22
|
-
self._ttl_seconds = ttl_seconds
|
|
23
|
-
self._cleanup_interval = cleanup_interval
|
|
24
|
-
|
|
25
|
-
self._ziti_ctx: ZitiContext | None = None
|
|
26
|
-
self._cache = Cache(Cache.MEMORY)
|
|
27
|
-
self._active_sockets: dict[str, ZitiSocket] = {}
|
|
28
|
-
self._cleanup_task: Task | None = None
|
|
29
|
-
|
|
30
|
-
def _get_ziti_ctx(self) -> ZitiContext:
|
|
31
|
-
if self._ziti_ctx is None:
|
|
32
|
-
ctx, err = openziti.load(str(self._identity_file), timeout=self._ziti_ctx_timeout_ms)
|
|
33
|
-
if err != 0:
|
|
34
|
-
raise Exception(f"Cannot create a Ziti context from the identity file: {err}")
|
|
35
|
-
self._ziti_ctx = ctx
|
|
36
|
-
return self._ziti_ctx
|
|
37
|
-
|
|
38
|
-
async def _create_socket(self, key: str):
|
|
39
|
-
return self._get_ziti_ctx().connect(key)
|
|
40
|
-
|
|
41
|
-
async def get_or_create(self, key: str):
|
|
42
|
-
sock = await self._cache.get(key)
|
|
43
|
-
|
|
44
|
-
if sock:
|
|
45
|
-
await self._cache.set(key, sock, ttl_seconds=self._ttl_seconds)
|
|
46
|
-
self._active_sockets[key] = sock
|
|
47
|
-
return sock
|
|
48
|
-
|
|
49
|
-
sock = await self._create_socket(key)
|
|
50
|
-
await self._cache.set(key, sock, ttl_seconds=self._ttl_seconds)
|
|
51
|
-
self._active_sockets[key] = sock
|
|
52
|
-
return sock
|
|
53
|
-
|
|
54
|
-
async def invalidate(self, key: str):
|
|
55
|
-
sock = await self._cache.get(key)
|
|
56
|
-
if sock:
|
|
57
|
-
await self._close_socket(sock)
|
|
58
|
-
|
|
59
|
-
await self._cache.delete(key)
|
|
60
|
-
self._active_sockets.pop(key, None)
|
|
61
|
-
|
|
62
|
-
async def start(self):
|
|
63
|
-
self._cleanup_task = asyncio.create_task(self._periodic_cleanup())
|
|
64
|
-
# Warmup ziti context
|
|
65
|
-
self._get_ziti_ctx()
|
|
66
|
-
|
|
67
|
-
async def stop(self):
|
|
68
|
-
"""
|
|
69
|
-
Cleanup: stop background task + close all sockets.
|
|
70
|
-
"""
|
|
71
|
-
self._cleanup_task.cancel()
|
|
72
|
-
with contextlib.suppress(Exception):
|
|
73
|
-
await self._cleanup_task
|
|
74
|
-
|
|
75
|
-
for sock in list(self._active_sockets.values()):
|
|
76
|
-
await self._close_socket(sock)
|
|
77
|
-
|
|
78
|
-
self._active_sockets.clear()
|
|
79
|
-
await self._cache.clear()
|
|
80
|
-
|
|
81
|
-
@staticmethod
|
|
82
|
-
async def _close_socket(sock: ZitiSocket):
|
|
83
|
-
with contextlib.suppress(Exception):
|
|
84
|
-
sock.close()
|
|
85
|
-
|
|
86
|
-
async def _periodic_cleanup(self):
|
|
87
|
-
try:
|
|
88
|
-
while True:
|
|
89
|
-
await asyncio.sleep(self._cleanup_interval)
|
|
90
|
-
await self._cleanup_once()
|
|
91
|
-
except asyncio.CancelledError:
|
|
92
|
-
return
|
|
93
|
-
|
|
94
|
-
async def _cleanup_once(self):
|
|
95
|
-
keys_now = set(await self._cache.keys())
|
|
96
|
-
known_keys = set(self._active_sockets.keys())
|
|
97
|
-
|
|
98
|
-
expired = known_keys - keys_now
|
|
99
|
-
|
|
100
|
-
for key in expired:
|
|
101
|
-
sock = self._active_sockets.pop(key, None)
|
|
102
|
-
if sock:
|
|
103
|
-
await self._close_socket(sock)
|
|
File without changes
|
|
File without changes
|
|
File without changes
|