Merge pull request #664 from openziti/proxy-support

Add API for controlling proxy use when connecting to controller. Fixes #663

Author: plorenz

CHANGELOG.md

@@ -1,3 +1,17 @@
+# Release notes 0.24.0
+
+## Issues Fixed and Dependency Updates
+
+* github.com/openziti/sdk-golang: [v0.23.45 -> v0.24.0](https://github.com/openziti/sdk-golang/compare/v0.23.45...v0.24.0)
+    * [Issue #663](https://github.com/openziti/sdk-golang/issues/663) - Add API to allow controlling proxying connections to controllers and routers.
+
+* github.com/go-resty/resty/v2: v2.15.3 -> v2.16.4
+* github.com/openziti/channel/v3: [v3.0.26 -> v3.0.27](https://github.com/openziti/channel/compare/v3.0.26...v3.0.27)
+* github.com/openziti/edge-api: [v0.26.36 -> v0.26.38](https://github.com/openziti/edge-api/compare/v0.26.36...v0.26.38)
+* github.com/openziti/transport/v2: [v2.0.159 -> v2.0.160](https://github.com/openziti/transport/compare/v2.0.159...v2.0.160)
+* golang.org/x/oauth2: v0.23.0 -> v0.25.0
+* google.golang.org/protobuf: v1.36.2 -> v1.36.3
+
 # Release notes 0.23.45
 
 ## Issues Fixed and Dependency Updates

edge-apis/clients.go

@@ -123,10 +123,12 @@ func (self *BaseClient[A]) Authenticate(credentials Credentials, configTypesOver
 }
 
 // initializeComponents assembles the lower level components necessary for the go-swagger/openapi facilities.
-func (self *BaseClient[A]) initializeComponents(apiUrls []*url.URL, caPool *x509.CertPool) {
-	components := NewComponents()
-	components.HttpTransport.TLSClientConfig.RootCAs = caPool
-	components.CaPool = caPool
+func (self *BaseClient[A]) initializeComponents(config *ApiClientConfig) {
+	components := NewComponentsWithConfig(&ComponentsConfig{
+		Proxy: config.Proxy,
+	})
+	components.HttpTransport.TLSClientConfig.RootCAs = config.CaPool
+	components.CaPool = config.CaPool
 
 	self.Components = *components
 }
@@ -205,6 +207,13 @@ type ManagementApiClient struct {
 	BaseClient[ZitiEdgeManagement]
 }
 
+type ApiClientConfig struct {
+	ApiUrls      []*url.URL
+	CaPool       *x509.CertPool
+	TotpCallback func(chan string)
+	Proxy        func(r *http.Request) (*url.URL, error)
+}
+
 // NewManagementApiClient will assemble an ManagementApiClient. The apiUrl should be the full URL
 // to the Edge Management API (e.g. `https://example.com/edge/management/v1`).
 //
@@ -217,16 +226,25 @@ type ManagementApiClient struct {
 // to obtain and verify the target controllers CAs. Tools should allow users to verify and accept new controllers
 // that have not been verified from an outside secret (such as an enrollment token).
 func NewManagementApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallback func(chan string)) *ManagementApiClient {
+	return NewManagementApiClientWithConfig(&ApiClientConfig{
+		ApiUrls:      apiUrls,
+		CaPool:       caPool,
+		TotpCallback: totpCallback,
+		Proxy:        http.ProxyFromEnvironment,
+	})
+}
+
+func NewManagementApiClientWithConfig(config *ApiClientConfig) *ManagementApiClient {
 	ret := &ManagementApiClient{}
 	ret.Schemes = rest_management_api_client.DefaultSchemes
 	ret.ApiBinding = "edge-management"
 	ret.ApiVersion = "v1"
-	ret.ApiUrls = apiUrls
-	ret.initializeComponents(apiUrls, caPool)
+	ret.ApiUrls = config.ApiUrls
+	ret.initializeComponents(config)
 
 	transportPool := NewClientTransportPoolRandom()
 
-	for _, apiUrl := range apiUrls {
+	for _, apiUrl := range config.ApiUrls {
 		newRuntime := NewRuntime(apiUrl, ret.Schemes, ret.Components.HttpClient)
 		newRuntime.DefaultAuthentication = ret
 		transportPool.Add(apiUrl, newRuntime)
@@ -235,7 +253,7 @@ func NewManagementApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallb
 	newApi := rest_management_api_client.New(transportPool, nil)
 	api := ZitiEdgeManagement{
 		ZitiEdgeManagement:  newApi,
-		TotpCallback:        totpCallback,
+		TotpCallback:        config.TotpCallback,
 		ClientTransportPool: transportPool,
 	}
 
@@ -261,17 +279,26 @@ type ClientApiClient struct {
 // to obtain and verify the target controllers CAs. Tools should allow users to verify and accept new controllers
 // that have not been verified from an outside secret (such as an enrollment token).
 func NewClientApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallback func(chan string)) *ClientApiClient {
+	return NewClientApiClientWithConfig(&ApiClientConfig{
+		ApiUrls:      apiUrls,
+		CaPool:       caPool,
+		TotpCallback: totpCallback,
+		Proxy:        http.ProxyFromEnvironment,
+	})
+}
+
+func NewClientApiClientWithConfig(config *ApiClientConfig) *ClientApiClient {
 	ret := &ClientApiClient{}
 	ret.ApiBinding = "edge-client"
 	ret.ApiVersion = "v1"
 	ret.Schemes = rest_client_api_client.DefaultSchemes
-	ret.ApiUrls = apiUrls
+	ret.ApiUrls = config.ApiUrls
 
-	ret.initializeComponents(apiUrls, caPool)
+	ret.initializeComponents(config)
 
 	transportPool := NewClientTransportPoolRandom()
 
-	for _, apiUrl := range apiUrls {
+	for _, apiUrl := range config.ApiUrls {
 		newRuntime := NewRuntime(apiUrl, ret.Schemes, ret.Components.HttpClient)
 		newRuntime.DefaultAuthentication = ret
 		transportPool.Add(apiUrl, newRuntime)
@@ -280,7 +307,7 @@ func NewClientApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallback
 	newApi := rest_client_api_client.New(transportPool, nil)
 	api := ZitiEdgeClient{
 		ZitiEdgeClient:      newApi,
-		TotpCallback:        totpCallback,
+		TotpCallback:        config.TotpCallback,
 		ClientTransportPool: transportPool,
 	}
 	ret.API = &api

edge-apis/component.go

@@ -5,6 +5,7 @@ import (
 	"github.com/openziti/edge-api/rest_util"
 	"net/http"
 	"net/http/cookiejar"
+	"net/url"
 	"time"
 )
 
@@ -17,12 +18,22 @@ type Components struct {
 	CaPool        *x509.CertPool
 }
 
+type ComponentsConfig struct {
+	Proxy func(*http.Request) (*url.URL, error)
+}
+
 // NewComponents assembles a new set of components with reasonable production defaults.
 func NewComponents() *Components {
+	return NewComponentsWithConfig(&ComponentsConfig{
+		Proxy: http.ProxyFromEnvironment,
+	})
+}
+
+// NewComponentsWithConfig assembles a new set of components with reasonable production defaults.
+func NewComponentsWithConfig(cfg *ComponentsConfig) *Components {
 	tlsClientConfig, _ := rest_util.NewTlsConfig()
 
 	httpTransport := &http.Transport{
-		Proxy:                 http.ProxyFromEnvironment,
 		TLSClientConfig:       tlsClientConfig,
 		ForceAttemptHTTP2:     true,
 		MaxIdleConns:          10,
@@ -31,6 +42,10 @@ func NewComponents() *Components {
 		ExpectContinueTimeout: 1 * time.Second,
 	}
 
+	if cfg != nil && cfg.Proxy != nil {
+		httpTransport.Proxy = cfg.Proxy
+	}
+
 	jar, _ := cookiejar.New(nil)
 
 	httpClient := &http.Client{

example/go.mod

@@ -14,6 +14,7 @@ require (
 	github.com/openziti/foundation/v2 v2.0.56
 	github.com/openziti/runzmd v1.0.33
 	github.com/openziti/sdk-golang v0.0.0
+	github.com/openziti/transport/v2 v2.0.160
 	github.com/pkg/errors v0.9.1
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.1
@@ -52,7 +53,7 @@ require (
 	github.com/go-openapi/strfmt v0.23.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-openapi/validate v0.24.0 // indirect
-	github.com/go-resty/resty/v2 v2.15.3 // indirect
+	github.com/go-resty/resty/v2 v2.16.5 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 // indirect
@@ -78,12 +79,11 @@ require (
 	github.com/muhlemmer/gu v0.3.1 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
-	github.com/openziti/channel/v3 v3.0.26 // indirect
-	github.com/openziti/edge-api v0.26.36 // indirect
+	github.com/openziti/channel/v3 v3.0.27 // indirect
+	github.com/openziti/edge-api v0.26.38 // indirect
 	github.com/openziti/identity v1.0.94 // indirect
 	github.com/openziti/metrics v1.2.65 // indirect
 	github.com/openziti/secretstream v0.1.28 // indirect
-	github.com/openziti/transport/v2 v2.0.159 // indirect
 	github.com/orcaman/concurrent-map/v2 v2.0.1 // indirect
 	github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
@@ -118,12 +118,12 @@ require (
 	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/image v0.18.0 // indirect
 	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/oauth2 v0.23.0 // indirect
+	golang.org/x/oauth2 v0.25.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.29.0 // indirect
 	golang.org/x/term v0.28.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
-	google.golang.org/protobuf v1.36.2 // indirect
+	google.golang.org/protobuf v1.36.3 // indirect
 	gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect

example/go.sum

@@ -145,8 +145,8 @@ github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+Gr
 github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
 github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58=
 github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ=
-github.com/go-resty/resty/v2 v2.15.3 h1:bqff+hcqAflpiF591hhJzNdkRsFhlB96CYfBwSFvql8=
-github.com/go-resty/resty/v2 v2.15.3/go.mod h1:0fHAoK7JoBy/Ch36N8VFeMsK7xQOHhvWaC3iOktwmIU=
+github.com/go-resty/resty/v2 v2.16.5 h1:hBKqmWrr7uRc3euHVqmh1HTHcKn99Smr7o5spptdhTM=
+github.com/go-resty/resty/v2 v2.16.5/go.mod h1:hkJtXbA2iKHzJheXYvQ8snQES5ZLGKMwQ07xAwp/fiA=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
@@ -359,10 +359,10 @@ github.com/onsi/gomega v1.13.0 h1:7lLHu94wT9Ij0o6EWWclhu0aOh32VxhkwEJvzuWPeak=
 github.com/onsi/gomega v1.13.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je41yGY=
 github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
 github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
-github.com/openziti/channel/v3 v3.0.26 h1:KVMOpqA8teIUcjG8u21pg8iI1YOjaY/SQyWWozWfXpA=
-github.com/openziti/channel/v3 v3.0.26/go.mod h1:o5/tWvfHgEzVBqdl8WBHFJNc7m8zHcCb3S5ymocDZEk=
-github.com/openziti/edge-api v0.26.36 h1:zy2DjmIz/B+WxPpIzhFOAxi/LhM/yeKa8s1Vz2h8cQk=
-github.com/openziti/edge-api v0.26.36/go.mod h1:sYHVpm26Jr1u7VooNJzTb2b2nGSlmCHMnbGC8XfWSng=
+github.com/openziti/channel/v3 v3.0.27 h1:Jx56fuxuvlkap+zNXIDPdfLW1mA6GjrnCxjbDqdBgco=
+github.com/openziti/channel/v3 v3.0.27/go.mod h1:vmLGw7KS1mhFDBoYal7O4dIcsm6TAVi9WqjI4TvAemQ=
+github.com/openziti/edge-api v0.26.38 h1:3xDWC5SFn3qUVR428TIBpRc2lrjVV7Gz0Rx4pQx0JSg=
+github.com/openziti/edge-api v0.26.38/go.mod h1:sYHVpm26Jr1u7VooNJzTb2b2nGSlmCHMnbGC8XfWSng=
 github.com/openziti/foundation/v2 v2.0.56 h1:YXqBmkrN0fYr3TqIlWZSZGluE2QpJxlA29Z6okZyQ5I=
 github.com/openziti/foundation/v2 v2.0.56/go.mod h1:f12R1pwEod348qONZr6esZgackX1ScLGDcEyPF2G5/w=
 github.com/openziti/identity v1.0.94 h1:nF4etu/5LmOlbT24lpSKq9p+90A9jeyLr5U23LemgD4=
@@ -373,8 +373,8 @@ github.com/openziti/runzmd v1.0.33 h1:tOyjRoUuVXIo1z1pNU32jALWkMmhzsSaDrhLtuOn3T
 github.com/openziti/runzmd v1.0.33/go.mod h1:8c/uvZR/XWXQNllTq6LuTpfKL2DTNxfI2X2wYhgRwik=
 github.com/openziti/secretstream v0.1.28 h1:D+a5TcvbY3i7HOIecoTL0Pq8HJGnJqS0XmUyO1ohObg=
 github.com/openziti/secretstream v0.1.28/go.mod h1:BESAWnpyIr9A+ditH4vk15ZVsnP8zdy6vGi8Qr1lgAg=
-github.com/openziti/transport/v2 v2.0.159 h1:Ol6vTrXWJdkfRLWYI2hjDTeH2Ji0cYC26UuPnBylALg=
-github.com/openziti/transport/v2 v2.0.159/go.mod h1:Hw4TIlDd97D5m8BrlxTZ3bqO01+hwddTDMSOOzz/4cs=
+github.com/openziti/transport/v2 v2.0.160 h1:bYBBj8gqZ8DCF6aCJThq2v89h5ILwqTVaFkyfjFmHpk=
+github.com/openziti/transport/v2 v2.0.160/go.mod h1:Hw4TIlDd97D5m8BrlxTZ3bqO01+hwddTDMSOOzz/4cs=
 github.com/orcaman/concurrent-map/v2 v2.0.1 h1:jOJ5Pg2w1oeB6PeDurIYf6k9PQ+aTITr/6lP/L/zp6c=
 github.com/orcaman/concurrent-map/v2 v2.0.1/go.mod h1:9Eq3TG2oBe5FirmYWQfYO5iH1q0Jv47PLaNK++uCdOM=
 github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9 h1:mOvehYivJ4Aqu2CPe3D3lv8jhqOI9/1o0THxJHBE0qw=
@@ -628,8 +628,8 @@ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
-golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70=
+golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -899,8 +899,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.36.2 h1:R8FeyR1/eLmkutZOM5CWghmo5itiG9z0ktFlTVLuTmU=
-google.golang.org/protobuf v1.36.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.3 h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU=
+google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=