remove authentication for healthz api (#2672)

Release.md

@@ -1,8 +1,3 @@
-### New
-
-* Add `/healthz` API.
-* frpc support `disable_custom_tls_first_byte` .If set true, frpc will not send custom header byte.
-
 ### Improve
 
-* Use go standard embed package instead of statik.
+* Remove authentication for healthz api.

client/admin.go

@@ -34,20 +34,22 @@ func (svr *Service) RunAdminServer(address string) (err error) {
 	// url router
 	router := mux.NewRouter()
 
+	router.HandleFunc("/healthz", svr.healthz)
+
+	subRouter := router.NewRoute().Subrouter()
 	user, passwd := svr.cfg.AdminUser, svr.cfg.AdminPwd
-	router.Use(frpNet.NewHTTPAuthMiddleware(user, passwd).Middleware)
+	subRouter.Use(frpNet.NewHTTPAuthMiddleware(user, passwd).Middleware)
 
 	// api, see admin_api.go
-	router.HandleFunc("/healthz", svr.healthz)
-	router.HandleFunc("/api/reload", svr.apiReload).Methods("GET")
-	router.HandleFunc("/api/status", svr.apiStatus).Methods("GET")
-	router.HandleFunc("/api/config", svr.apiGetConfig).Methods("GET")
-	router.HandleFunc("/api/config", svr.apiPutConfig).Methods("PUT")
+	subRouter.HandleFunc("/api/reload", svr.apiReload).Methods("GET")
+	subRouter.HandleFunc("/api/status", svr.apiStatus).Methods("GET")
+	subRouter.HandleFunc("/api/config", svr.apiGetConfig).Methods("GET")
+	subRouter.HandleFunc("/api/config", svr.apiPutConfig).Methods("PUT")
 
 	// view
-	router.Handle("/favicon.ico", http.FileServer(assets.FileSystem)).Methods("GET")
-	router.PathPrefix("/static/").Handler(frpNet.MakeHTTPGzipHandler(http.StripPrefix("/static/", http.FileServer(assets.FileSystem)))).Methods("GET")
-	router.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+	subRouter.Handle("/favicon.ico", http.FileServer(assets.FileSystem)).Methods("GET")
+	subRouter.PathPrefix("/static/").Handler(frpNet.MakeHTTPGzipHandler(http.StripPrefix("/static/", http.FileServer(assets.FileSystem)))).Methods("GET")
+	subRouter.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		http.Redirect(w, r, "/static/", http.StatusMovedPermanently)
 	})
 

pkg/util/version/version.go

@@ -19,7 +19,7 @@ import (
 	"strings"
 )
 
-var version string = "0.38.0"
+var version string = "0.38.1"
 
 func Full() string {
 	return version

server/dashboard.go

@@ -34,27 +34,29 @@ var (
 func (svr *Service) RunDashboardServer(address string) (err error) {
 	// url router
 	router := mux.NewRouter()
+	router.HandleFunc("/healthz", svr.Healthz)
+
+	subRouter := router.NewRoute().Subrouter()
 
 	user, passwd := svr.cfg.DashboardUser, svr.cfg.DashboardPwd
-	router.Use(frpNet.NewHTTPAuthMiddleware(user, passwd).Middleware)
+	subRouter.Use(frpNet.NewHTTPAuthMiddleware(user, passwd).Middleware)
 
 	// metrics
 	if svr.cfg.EnablePrometheus {
-		router.Handle("/metrics", promhttp.Handler())
+		subRouter.Handle("/metrics", promhttp.Handler())
 	}
 
 	// api, see dashboard_api.go
-	router.HandleFunc("/api/serverinfo", svr.APIServerInfo).Methods("GET")
-	router.HandleFunc("/api/proxy/{type}", svr.APIProxyByType).Methods("GET")
-	router.HandleFunc("/api/proxy/{type}/{name}", svr.APIProxyByTypeAndName).Methods("GET")
-	router.HandleFunc("/api/traffic/{name}", svr.APIProxyTraffic).Methods("GET")
-	router.HandleFunc("/healthz", svr.Healthz)
+	subRouter.HandleFunc("/api/serverinfo", svr.APIServerInfo).Methods("GET")
+	subRouter.HandleFunc("/api/proxy/{type}", svr.APIProxyByType).Methods("GET")
+	subRouter.HandleFunc("/api/proxy/{type}/{name}", svr.APIProxyByTypeAndName).Methods("GET")
+	subRouter.HandleFunc("/api/traffic/{name}", svr.APIProxyTraffic).Methods("GET")
 
 	// view
-	router.Handle("/favicon.ico", http.FileServer(assets.FileSystem)).Methods("GET")
-	router.PathPrefix("/static/").Handler(frpNet.MakeHTTPGzipHandler(http.StripPrefix("/static/", http.FileServer(assets.FileSystem)))).Methods("GET")
+	subRouter.Handle("/favicon.ico", http.FileServer(assets.FileSystem)).Methods("GET")
+	subRouter.PathPrefix("/static/").Handler(frpNet.MakeHTTPGzipHandler(http.StripPrefix("/static/", http.FileServer(assets.FileSystem)))).Methods("GET")
 
-	router.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+	subRouter.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		http.Redirect(w, r, "/static/", http.StatusMovedPermanently)
 	})
 

test/e2e/basic/client.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/fatedier/frp/test/e2e/framework"
 	"github.com/fatedier/frp/test/e2e/framework/consts"
+	"github.com/fatedier/frp/test/e2e/pkg/request"
 	clientsdk "github.com/fatedier/frp/test/e2e/pkg/sdk/client"
 
 	. "github.com/onsi/ginkgo"
@@ -75,4 +76,28 @@ var _ = Describe("[Feature: ClientManage]", func() {
 		framework.NewRequestExpect(f).Port(newP2Port).Explain("new p2 port").Ensure()
 		framework.NewRequestExpect(f).Port(p3Port).Explain("p3 port").ExpectError(true).Ensure()
 	})
+
+	It("healthz", func() {
+		serverConf := consts.DefaultServerConfig
+
+		dashboardPort := f.AllocPort()
+		clientConf := consts.DefaultClientConfig + fmt.Sprintf(`
+		admin_addr = 0.0.0.0
+		admin_port = %d
+		admin_user = admin
+		admin_pwd = admin
+		`, dashboardPort)
+
+		f.RunProcesses([]string{serverConf}, []string{clientConf})
+
+		framework.NewRequestExpect(f).RequestModify(func(r *request.Request) {
+			r.HTTP().HTTPPath("/healthz")
+		}).Port(dashboardPort).ExpectResp([]byte("")).Ensure()
+
+		framework.NewRequestExpect(f).RequestModify(func(r *request.Request) {
+			r.HTTP().HTTPPath("/")
+		}).Port(dashboardPort).
+			Ensure(framework.ExpectResponseCode(401))
+	})
+
 })

test/e2e/basic/server.go

@@ -144,4 +144,36 @@ var _ = Describe("[Feature: Server Manager]", func() {
 			r.HTTP().HTTPHost("example.com")
 		}).PortName(consts.PortServerName).Ensure()
 	})
+
+	It("healthz", func() {
+		serverConf := consts.DefaultServerConfig
+		dashboardPort := f.AllocPort()
+
+		// Use same port as PortServer
+		serverConf += fmt.Sprintf(`
+		vhost_http_port = {{ .%s }}
+		dashboard_addr = 0.0.0.0
+		dashboard_port = %d
+		dashboard_user = admin
+		dashboard_pwd = admin
+		`, consts.PortServerName, dashboardPort)
+
+		clientConf := consts.DefaultClientConfig + fmt.Sprintf(`
+		[http]
+		type = http
+		local_port = {{ .%s }}
+		custom_domains = example.com
+		`, framework.HTTPSimpleServerPort)
+
+		f.RunProcesses([]string{serverConf}, []string{clientConf})
+
+		framework.NewRequestExpect(f).RequestModify(func(r *request.Request) {
+			r.HTTP().HTTPPath("/healthz")
+		}).Port(dashboardPort).ExpectResp([]byte("")).Ensure()
+
+		framework.NewRequestExpect(f).RequestModify(func(r *request.Request) {
+			r.HTTP().HTTPPath("/")
+		}).Port(dashboardPort).
+			Ensure(framework.ExpectResponseCode(401))
+	})
 })