ip

NewNimo · NewNimo · commit d3edd1fecabf · 2025-09-23T10:58:52.000Z
diff --git a/handlers/auth.go b/handlers/auth.go
@@ -53,7 +53,7 @@ func CallbackHandler(w http.ResponseWriter, r *http.Request) {
 // - validate info from oauth provider (Google, GitHub, OIDC, etc)
 // - issue jwt in the form of a cookie
 func AuthStateHandler(w http.ResponseWriter, r *http.Request) {
-	log.Debug("/auth/{state}/ api")
+	log.Debug("/auth/{state}/")
 	// Handle the exchange code to initiate a transport.
 
 	session, err := sessstore.Get(r, cfg.Cfg.Session.Name)
diff --git a/pkg/jwtmanager/jwtcache.go b/pkg/jwtmanager/jwtcache.go
@@ -54,6 +54,7 @@ func JWTCacheHandler(next http.Handler) http.Handler {
 		// check to see if the request is from a whitelisted IP
 		ipWhitelist := cfg.Cfg.IPWhiteList
 		ipHost, _, _ := net.SplitHostPort(r.RemoteAddr) // 去掉端口
+		log.Debugf("request ip: %s", ipHost)
 		for _, wip := range ipWhitelist {
 			if ipHost == wip {
 				logger.Debug("IP whitelisted, access granted")
diff --git a/pkg/providers/common/common.go b/pkg/providers/common/common.go
@@ -35,11 +35,9 @@ func PrepareTokensAndClient(r *http.Request, ptokens *structs.PTokens, setProvid
 	sslClient := ClientWithCert(&http.Client{})
 	ctx := context.WithValue(context.TODO(), oauth2.HTTPClient, sslClient)
 	providerToken, err := cfg.OAuthClient.Exchange(ctx, r.URL.Query().Get("code"), opts...)
-	log.Debugf("----->PrepareTokensAndClient 1")
 	if err != nil {
 		return nil, nil, err
 	}
-	log.Debugf("----->PrepareTokensAndClient 2")
 	ptokens.PAccessToken = providerToken.AccessToken
 
 	if setProviderToken {
@@ -59,17 +57,17 @@ func PrepareTokensAndClient(r *http.Request, ptokens *structs.PTokens, setProvid
 }
 
 func ClientWithCert(client *http.Client) *http.Client {
-	log.Debugf("----->ClientWithCert 1")
+	log.Debugf("ClientWithCert")
 	certFile := cfg.Cfg.TLS.ClientCertFile
 	keyFile := cfg.Cfg.TLS.ClientKeyFile
 	if certFile == "" || keyFile == "" {
-		log.Debugf("----->client ssl is null")
+		log.Debugf("client ssl is null")
 		return client
 	}
 	// 加载客户端证书
 	cert, err := tls.LoadX509KeyPair(certFile, keyFile)
 	if err != nil {
-		log.Debugf("----->client ssl load error: %v", err)
+		log.Debugf("client ssl load error: %v", err)
 		return client
 	}
 
@@ -95,7 +93,7 @@ func ClientWithCert(client *http.Client) *http.Client {
 			TLSClientConfig: tlsConfig,
 		}
 	}
-	log.Debugf("----->with client ssl success")
+	log.Debugf("ClientWithCert success")
 	return client
 }
 
diff --git a/pkg/providers/openid/openid.go b/pkg/providers/openid/openid.go
@@ -35,14 +35,12 @@ func (Provider) Configure() {
 
 // GetUserInfo provider specific call to get userinfomation
 func (Provider) GetUserInfo(r *http.Request, user *structs.User, customClaims *structs.CustomClaims, ptokens *structs.PTokens, opts ...oauth2.AuthCodeOption) (rerr error) {
-	log.Debugf("----->client ssl  get userinfo ")
 	client, _, err := common.PrepareTokensAndClient(r, ptokens, true, opts...)
 	if err != nil {
 		return err
 	}
 	userinfo, err := client.Get(cfg.GenOAuth.UserInfoURL)
 	if err != nil {
-		log.Debugf("----->cclient ssl userinfo error: %v", err)
 		return err
 	}
 	defer func() {

Original file line number	Diff line number	Diff line change
`@@ -35,11 +35,9 @@ func PrepareTokensAndClient(r http.Request, ptokens structs.PTokens, setProvid`
`35`	`35`	`sslClient := ClientWithCert(&http.Client{})`
`36`	`36`	`ctx := context.WithValue(context.TODO(), oauth2.HTTPClient, sslClient)`
`37`	`37`	`providerToken, err := cfg.OAuthClient.Exchange(ctx, r.URL.Query().Get("code"), opts...)`
`38`		`- log.Debugf("----->PrepareTokensAndClient 1")`
`39`	`38`	`if err != nil {`
`40`	`39`	`return nil, nil, err`
`41`	`40`	`}`
`42`		`- log.Debugf("----->PrepareTokensAndClient 2")`
`43`	`41`	`ptokens.PAccessToken = providerToken.AccessToken`
`44`	`42`
`45`	`43`	`if setProviderToken {`
`@@ -59,17 +57,17 @@ func PrepareTokensAndClient(r http.Request, ptokens structs.PTokens, setProvid`
`59`	`57`	`}`
`60`	`58`
`61`	`59`	`func ClientWithCert(client http.Client) http.Client {`
`62`		`- log.Debugf("----->ClientWithCert 1")`
	`60`	`+ log.Debugf("ClientWithCert")`
`63`	`61`	`certFile := cfg.Cfg.TLS.ClientCertFile`
`64`	`62`	`keyFile := cfg.Cfg.TLS.ClientKeyFile`
`65`	`63`	`if certFile == "" \|\| keyFile == "" {`
`66`		`- log.Debugf("----->client ssl is null")`
	`64`	`+ log.Debugf("client ssl is null")`
`67`	`65`	`return client`
`68`	`66`	`}`
`69`	`67`	`// 加载客户端证书`
`70`	`68`	`cert, err := tls.LoadX509KeyPair(certFile, keyFile)`
`71`	`69`	`if err != nil {`
`72`		`- log.Debugf("----->client ssl load error: %v", err)`
	`70`	`+ log.Debugf("client ssl load error: %v", err)`
`73`	`71`	`return client`
`74`	`72`	`}`
`75`	`73`
`@@ -95,7 +93,7 @@ func ClientWithCert(client http.Client) http.Client {`
`95`	`93`	`TLSClientConfig: tlsConfig,`
`96`	`94`	`}`
`97`	`95`	`}`
`98`		`- log.Debugf("----->with client ssl success")`
	`96`	`+ log.Debugf("ClientWithCert success")`
`99`	`97`	`return client`
`100`	`98`	`}`
`101`	`99`
Original file line number	Diff line number	Diff line change
`@@ -35,14 +35,12 @@ func (Provider) Configure() {`
`35`	`35`
`36`	`36`	`// GetUserInfo provider specific call to get userinfomation`
`37`	`37`	`func (Provider) GetUserInfo(r http.Request, user structs.User, customClaims structs.CustomClaims, ptokens structs.PTokens, opts ...oauth2.AuthCodeOption) (rerr error) {`
`38`		`- log.Debugf("----->client ssl get userinfo ")`
`39`	`38`	`client, _, err := common.PrepareTokensAndClient(r, ptokens, true, opts...)`
`40`	`39`	`if err != nil {`
`41`	`40`	`return err`
`42`	`41`	`}`
`43`	`42`	`userinfo, err := client.Get(cfg.GenOAuth.UserInfoURL)`
`44`	`43`	`if err != nil {`
`45`		`- log.Debugf("----->cclient ssl userinfo error: %v", err)`
`46`	`44`	`return err`
`47`	`45`	`}`
`48`	`46`	`defer func() {`