handleTunnel is the PrivateKite side of the Tunnel (on private network).
(session sockjs.Session, req *http.Request)
| 226 | |
| 227 | // handleTunnel is the PrivateKite side of the Tunnel (on private network). |
| 228 | func (p *Proxy) handleTunnel(session sockjs.Session, req *http.Request) { |
| 229 | tokenString := req.URL.Query().Get("token") |
| 230 | |
| 231 | getPublicKey := func(token *jwt.Token) (interface{}, error) { |
| 232 | if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { |
| 233 | return nil, errors.New("invalid signing method") |
| 234 | } |
| 235 | |
| 236 | return jwt.ParseRSAPublicKeyFromPEM([]byte(p.pubKey)) |
| 237 | } |
| 238 | |
| 239 | token, err := jwt.Parse(tokenString, getPublicKey) |
| 240 | if err != nil { |
| 241 | p.Kite.Log.Error("Invalid token: \"%s\"", tokenString) |
| 242 | return |
| 243 | } |
| 244 | |
| 245 | kiteID := token.Claims.(jwt.MapClaims)["sub"].(string) |
| 246 | seq := uint64(token.Claims.(jwt.MapClaims)["seq"].(float64)) |
| 247 | |
| 248 | client, ok := p.kites[kiteID] |
| 249 | if !ok { |
| 250 | p.Kite.Log.Error("Remote kite is not found: %s", kiteID) |
| 251 | return |
| 252 | } |
| 253 | |
| 254 | tunnel, ok := client.tunnels[seq] |
| 255 | if !ok { |
| 256 | p.Kite.Log.Error("Tunnel not found: %d", seq) |
| 257 | } |
| 258 | |
| 259 | go tunnel.Run(session) |
| 260 | |
| 261 | <-tunnel.CloseNotify() |
| 262 | |
| 263 | } |
| 264 | |
| 265 | // |
| 266 | // PrivateKite |
nothing calls this directly
no test coverage detected