Merge pull request #2531 from doubles-ss/master

Feat: Add mtls authen option to http
2 years ago · 09fa60de55
parent 0efabb4e39 1e80365b73
commit 09fa60de55
7 changed files with 75 additions and 53 deletions
--- a/db/patch-monitor-tls.sql
+++ b/db/patch-monitor-tls.sql
@ -0,0 +1,13 @@
+-- You should not modify if this have pushed to Github, unless it does serious wrong with the db.
+BEGIN TRANSACTION;
+
+ALTER TABLE monitor
+    ADD tls_ca TEXT default null;
+
+ALTER TABLE monitor
+    ADD tls_cert TEXT default null;
+
+ALTER TABLE monitor
+    ADD tls_key TEXT default null;
+
+COMMIT;
--- a/package-lock.json
+++ b/package-lock.json
@ -10,7 +10,7 @@
            "license": "MIT",
            "dependencies": {
                "@grpc/grpc-js": "~1.7.3",
-                "@louislam/ping": "~0.4.2-mod.2",
+                "@louislam/ping": "~0.4.4-mod.0",
                "@louislam/sqlite3": "15.1.2",
                "args-parser": "~1.3.0",
                "axios": "~0.27.0",
@ -4213,13 +4213,11 @@
            "integrity": "sha512-retLUN4TwCJ0QJDi9OCJwYVaXAz93NeOkEtEQL98M2bykBOxmURlP0YlfsuE46kItOOVZIWRYC3KsSLhQ1R2Qw=="
        },
        "node_modules/@louislam/ping": {
-            "version": "0.4.2-mod.2",
-            "resolved": "https://registry.npmjs.org/@louislam/ping/-/ping-0.4.2-mod.2.tgz",
-            "integrity": "sha512-4krrRGohYdhQOD+Mt0Q8e1Z05DEKntZ7TgiY1jYaqWrMz0H2XJyRh+mLPOUVPL5zSymiHsZiK2ZACXtp/d9Wxg==",
+            "version": "0.4.4-mod.0",
+            "resolved": "https://registry.npmjs.org/@louislam/ping/-/ping-0.4.4-mod.0.tgz",
+            "integrity": "sha512-U2ZXcgFRPmZYd/ooA8KILG4aCMBsDrGP9NDWseHriZSsKlu5Y1lf/LbenN6tnqQ9JjAsbJjqwSi3xtAcWqU+1w==",
            "dependencies": {
-                "command-exists": "~1.2.9",
-                "q": "1.x",
-                "underscore": "^1.12.0"
+                "command-exists": "~1.2.9"
            },
            "engines": {
                "node": ">=4.0.0"
@ -15570,15 +15568,6 @@
                "node": ">=6"
            }
        },
-        "node_modules/q": {
-            "version": "1.5.1",
-            "resolved": "https://registry.npmjs.org/q/-/q-1.5.1.tgz",
-            "integrity": "sha512-kV/CThkXo6xyFEZUugw/+pIOywXcDbFYgSct5cT3gqlbkBE1SJdwy6UQoZvodiWF/ckQLZyDE/Bu1M6gVu5lVw==",
-            "engines": {
-                "node": ">=0.6.0",
-                "teleport": ">=0.2.0"
-            }
-        },
        "node_modules/qlobber": {
            "version": "5.0.3",
            "resolved": "https://registry.npmjs.org/qlobber/-/qlobber-5.0.3.tgz",
@ -17977,11 +17966,6 @@
                "url": "https://github.com/sponsors/ljharb"
            }
        },
-        "node_modules/underscore": {
-            "version": "1.13.6",
-            "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz",
-            "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A=="
-        },
        "node_modules/unicode-canonical-property-names-ecmascript": {
            "version": "2.0.0",
            "resolved": "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.0.tgz",
@ -22231,13 +22215,11 @@
            "integrity": "sha512-retLUN4TwCJ0QJDi9OCJwYVaXAz93NeOkEtEQL98M2bykBOxmURlP0YlfsuE46kItOOVZIWRYC3KsSLhQ1R2Qw=="
        },
        "@louislam/ping": {
-            "version": "0.4.2-mod.2",
-            "resolved": "https://registry.npmjs.org/@louislam/ping/-/ping-0.4.2-mod.2.tgz",
-            "integrity": "sha512-4krrRGohYdhQOD+Mt0Q8e1Z05DEKntZ7TgiY1jYaqWrMz0H2XJyRh+mLPOUVPL5zSymiHsZiK2ZACXtp/d9Wxg==",
+            "version": "0.4.4-mod.0",
+            "resolved": "https://registry.npmjs.org/@louislam/ping/-/ping-0.4.4-mod.0.tgz",
+            "integrity": "sha512-U2ZXcgFRPmZYd/ooA8KILG4aCMBsDrGP9NDWseHriZSsKlu5Y1lf/LbenN6tnqQ9JjAsbJjqwSi3xtAcWqU+1w==",
            "requires": {
-                "command-exists": "~1.2.9",
-                "q": "1.x",
-                "underscore": "^1.12.0"
+                "command-exists": "~1.2.9"
            }
        },
        "@louislam/sqlite3": {
@ -30817,11 +30799,6 @@
            "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz",
            "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA=="
        },
-        "q": {
-            "version": "1.5.1",
-            "resolved": "https://registry.npmjs.org/q/-/q-1.5.1.tgz",
-            "integrity": "sha512-kV/CThkXo6xyFEZUugw/+pIOywXcDbFYgSct5cT3gqlbkBE1SJdwy6UQoZvodiWF/ckQLZyDE/Bu1M6gVu5lVw=="
-        },
        "qlobber": {
            "version": "5.0.3",
            "resolved": "https://registry.npmjs.org/qlobber/-/qlobber-5.0.3.tgz",
@ -32679,11 +32656,6 @@
                "which-boxed-primitive": "^1.0.2"
            }
        },
-        "underscore": {
-            "version": "1.13.6",
-            "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.6.tgz",
-            "integrity": "sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A=="
-        },
        "unicode-canonical-property-names-ecmascript": {
            "version": "2.0.0",
            "resolved": "https://registry.npmjs.org/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-2.0.0.tgz",
--- a/package.json
+++ b/package.json
@ -69,7 +69,7 @@
    },
    "dependencies": {
        "@grpc/grpc-js": "~1.7.3",
-        "@louislam/ping": "~0.4.2-mod.2",
+        "@louislam/ping": "~0.4.4-mod.0",
        "@louislam/sqlite3": "15.1.2",
        "args-parser": "~1.3.0",
        "axios": "~0.27.0",
--- a/server/database.js
+++ b/server/database.js
@ -73,6 +73,7 @@ class Database {
        "patch-http-body-encoding.sql": true,
        "patch-add-description-monitor.sql": true,
        "patch-api-key-table.sql": true,
+        "patch-monitor-tls.sql": true,
    };

    /**
--- a/server/model/monitor.js
+++ b/server/model/monitor.js
@ -133,6 +133,9 @@ class Monitor extends BeanModel {
                mqttPassword: this.mqttPassword,
                authWorkstation: this.authWorkstation,
                authDomain: this.authDomain,
+                tlsCa: this.tlsCa,
+                tlsCert: this.tlsCert,
+                tlsKey: this.tlsKey,
            };
        }

@ -331,6 +334,18 @@ class Monitor extends BeanModel {
                        options.httpsAgent = new https.Agent(httpsAgentOptions);
                    }

+                    if (this.auth_method === "mtls") {
+                        if (this.tlsCert !== null && this.tlsCert !== "") {
+                            options.httpsAgent.options.cert = Buffer.from(this.tlsCert);
+                        }
+                        if (this.tlsCa !== null && this.tlsCa !== "") {
+                            options.httpsAgent.options.ca = Buffer.from(this.tlsCa);
+                        }
+                        if (this.tlsKey !== null && this.tlsKey !== "") {
+                            options.httpsAgent.options.key = Buffer.from(this.tlsKey);
+                        }
+                    }
+
                    log.debug("monitor", `[${this.name}] Axios Options: ${JSON.stringify(options)}`);
                    log.debug("monitor", `[${this.name}] Axios Request`);

@ -836,7 +851,6 @@ class Monitor extends BeanModel {
                    domain: this.authDomain,
                    workstation: this.authWorkstation ? this.authWorkstation : undefined
                });
-
            } else {
                res = await axios.request(options);
            }
--- a/server/server.js
+++ b/server/server.js
@ -688,6 +688,9 @@ let needSetup = false;
                bean.headers = monitor.headers;
                bean.basic_auth_user = monitor.basic_auth_user;
                bean.basic_auth_pass = monitor.basic_auth_pass;
+                bean.tlsCa = monitor.tlsCa;
+                bean.tlsCert = monitor.tlsCert;
+                bean.tlsKey = monitor.tlsKey;
                bean.interval = monitor.interval;
                bean.retryInterval = monitor.retryInterval;
                bean.resendInterval = monitor.resendInterval;
--- a/src/pages/EditMonitor.vue
+++ b/src/pages/EditMonitor.vue
@ -546,28 +546,47 @@
                                        <option value="ntlm">
                                            NTLM
                                        </option>
+                                        <option value="mtls">
+                                            mTLS
+                                        </option>
                                    </select>
                                </div>
                                <template v-if="monitor.authMethod && monitor.authMethod !== null ">
-                                    <div class="my-3">
-                                        <label for="basicauth" class="form-label">{{ $t("Username") }}</label>
-                                        <input id="basicauth-user" v-model="monitor.basic_auth_user" type="text" class="form-control" :placeholder="$t('Username')">
-                                    </div>
-
-                                    <div class="my-3">
-                                        <label for="basicauth" class="form-label">{{ $t("Password") }}</label>
-                                        <input id="basicauth-pass" v-model="monitor.basic_auth_pass" type="password" autocomplete="new-password" class="form-control" :placeholder="$t('Password')">
-                                    </div>
-                                    <template v-if="monitor.authMethod === 'ntlm' ">
+                                    <template v-if="monitor.authMethod === 'mtls' ">
+                                        <div class="my-3">
+                                            <label for="tls-cert" class="form-label">{{ $t("Cert") }}</label>
+                                            <textarea id="tls-cert" v-model="monitor.tlsCert" class="form-control" :placeholder="$t('Cert body')" required></textarea>
+                                        </div>
+                                        <div class="my-3">
+                                            <label for="tls-key" class="form-label">{{ $t("Key") }}</label>
+                                            <textarea id="tls-key" v-model="monitor.tlsKey" class="form-control" :placeholder="$t('Key body')" required></textarea>
+                                        </div>
+                                        <div class="my-3">
+                                            <label for="tls-ca" class="form-label">{{ $t("CA") }}</label>
+                                            <textarea id="tls-ca" v-model="monitor.tlsCa" class="form-control" :placeholder="$t('Server CA')"></textarea>
+                                        </div>
+                                    </template>
+                                    <template v-else>
                                        <div class="my-3">
-                                            <label for="basicauth" class="form-label">{{ $t("Domain") }}</label>
-                                            <input id="basicauth-domain" v-model="monitor.authDomain" type="text" class="form-control" :placeholder="$t('Domain')">
+                                            <label for="basicauth-user" class="form-label">{{ $t("Username") }}</label>
+                                            <input id="basicauth-user" v-model="monitor.basic_auth_user" type="text" class="form-control" :placeholder="$t('Username')">
                                        </div>

                                        <div class="my-3">
-                                            <label for="basicauth" class="form-label">{{ $t("Workstation") }}</label>
-                                            <input id="basicauth-workstation" v-model="monitor.authWorkstation" type="text" class="form-control" :placeholder="$t('Workstation')">
+                                            <label for="basicauth-pass" class="form-label">{{ $t("Password") }}</label>
+                                            <input id="basicauth-pass" v-model="monitor.basic_auth_pass" type="password" autocomplete="new-password" class="form-control" :placeholder="$t('Password')">
                                        </div>
+                                        <template v-if="monitor.authMethod === 'ntlm' ">
+                                            <div class="my-3">
+                                                <label for="ntlm-domain" class="form-label">{{ $t("Domain") }}</label>
+                                                <input id="ntlm-domain" v-model="monitor.authDomain" type="text" class="form-control" :placeholder="$t('Domain')">
+                                            </div>
+
+                                            <div class="my-3">
+                                                <label for="ntlm-workstation" class="form-label">{{ $t("Workstation") }}</label>
+                                                <input id="ntlm-workstation" v-model="monitor.authWorkstation" type="text" class="form-control" :placeholder="$t('Workstation')">
+                                            </div>
+                                        </template>
                                    </template>
                                </template>
                            </template>