Merge pull request #5 from sdjnmxd/feature/upnp

feat: 支持 UPNP 端口映射（启用开关、IPv4 校验、关停清理）

Author: bangbang93

README.md

@@ -269,5 +269,5 @@ MIT License - 参见 LICENSE 文件
 - ✅ 文件同步
 - ✅ 多种存储后端支持
 - ✅ HTTPS 证书管理 (BYOC 和自动获取)
-- ⏳ UPNP 支持 (待实现)
+- ✅ UPNP 支持 (使用weupnp)
 

build.gradle.kts

@@ -64,6 +64,7 @@ dependencies {
     implementation(libs.kotlin.retry)
     implementation(libs.bouncycastle.prov)
     implementation(libs.bouncycastle.pkix)
+    implementation("org.bitlet:weupnp:0.1.4")
     ksp(libs.koin.ksp.compiler)
     testImplementation(libs.ktor.server.test.host)
     testImplementation(libs.kotlin.test.junit)

src/main/kotlin/com/bangbang93/openbmclapi/agent/nat/NatMapper.kt

@@ -0,0 +1,36 @@
+package com.bangbang93.openbmclapi.agent.nat
+
+import java.net.InetAddress
+
+/**
+ * NAT 端口映射抽象：封装 UPnP / NAT-PMP / PCP 的最小能力集合。
+ */
+interface NatMapper {
+    /** 建立端口映射，返回可用于续期与清理的句柄。 */
+    fun map(
+        privatePort: Int,
+        publicPort: Int = privatePort,
+        protocol: Protocol = Protocol.TCP,
+        ttlSeconds: Int = 3600,
+        description: String = "openbmclapi",
+    ): MappingHandle
+
+    /** 刷新现有映射（续期）。返回是否成功。 */
+    fun refresh(handle: MappingHandle): Boolean
+
+    /** 删除映射。返回是否成功。 */
+    fun unmap(handle: MappingHandle): Boolean
+
+    /** 获取外网 IP（若可用）。 */
+    fun externalIp(): InetAddress
+}
+
+enum class Protocol { TCP, UDP }
+
+data class MappingHandle(
+    val protocol: Protocol,
+    val privatePort: Int,
+    val publicPort: Int,
+    val ttlSeconds: Int,
+    val description: String,
+)

src/main/kotlin/com/bangbang93/openbmclapi/agent/nat/NatService.kt

@@ -0,0 +1,67 @@
+package com.bangbang93.openbmclapi.agent.nat
+
+import com.bangbang93.openbmclapi.agent.config.ClusterConfig
+import io.github.oshai.kotlinlogging.KotlinLogging
+import org.koin.core.annotation.Single
+import java.net.Inet4Address
+import java.net.InetAddress
+
+private val logger = KotlinLogging.logger {}
+
+@Single
+class NatService(
+    private val config: ClusterConfig,
+) {
+    private val mapper: NatMapper = WeUpnpNatMapper()
+    @Volatile private var handle: MappingHandle? = null
+    @Volatile private var external: InetAddress? = null
+
+    fun startIfEnabled(): InetAddress? {
+        if (!config.enableUpnp) return null
+
+        val mapped =
+            mapper.map(
+                privatePort = config.port,
+                publicPort = config.clusterPublicPort,
+                protocol = Protocol.TCP,
+                ttlSeconds = 3600,
+                description = "openbmclapi",
+            )
+        handle = mapped
+        external = mapper.externalIp()
+
+        val ip = external ?: error("无法获取外网 IP")
+        validateExternalIp(ip)
+        logger.info { "UPnP/NAT 端口映射成功，外网 IP: ${ip.hostAddress}" }
+
+        // 关闭时清理端口映射
+        Runtime.getRuntime().addShutdownHook(
+            Thread(
+                {
+                    try {
+                        handle?.let { mapper.unmap(it) }
+                    } catch (_: Exception) {
+                    }
+                },
+                "nat-unmap",
+            ),
+        )
+
+        return ip
+    }
+
+    /** 返回最近一次建立映射时获取到的外网 IP（可能为空）。 */
+    fun getExternalIpOrNull(): InetAddress? = external
+
+    /** 校验为 IPv4 且不属于私网/回环/组播等地址段。 */
+    private fun validateExternalIp(ip: InetAddress) {
+        if (ip !is Inet4Address) {
+            throw IllegalStateException("不支持ipv6")
+        }
+        if (ip.isAnyLocalAddress || ip.isLoopbackAddress || ip.isMulticastAddress || ip.isSiteLocalAddress) {
+            throw IllegalStateException("无法获取公网IP, UPNP返回的IP位于私有地址段, IP: ${ip.hostAddress}")
+        }
+    }
+}
+
+

src/main/kotlin/com/bangbang93/openbmclapi/agent/nat/WeUpnpNatMapper.kt

@@ -0,0 +1,97 @@
+package com.bangbang93.openbmclapi.agent.nat
+
+import io.github.oshai.kotlinlogging.KotlinLogging
+import org.bitlet.weupnp.GatewayDevice
+import org.bitlet.weupnp.GatewayDiscover
+import java.net.InetAddress
+
+private val logger = KotlinLogging.logger {}
+
+class WeUpnpNatMapper : NatMapper {
+    private var device: GatewayDevice? = null
+
+    override fun map(
+        privatePort: Int,
+        publicPort: Int,
+        protocol: Protocol,
+        ttlSeconds: Int,
+        description: String,
+    ): MappingHandle {
+        val discover = GatewayDiscover()
+        discover.discover()
+        val gw = discover.validGateway ?: error("未发现可用的 UPnP IGD 网关")
+        device = gw
+
+        val ok =
+            when (protocol) {
+                Protocol.TCP ->
+                    gw.addPortMapping(
+                        publicPort,
+                        privatePort,
+                        gw.localAddress.hostAddress,
+                        "TCP",
+                        description,
+                    )
+                Protocol.UDP ->
+                    gw.addPortMapping(
+                        publicPort,
+                        privatePort,
+                        gw.localAddress.hostAddress,
+                        "UDP",
+                        description,
+                    )
+            }
+        if (!ok) error("UPnP 端口映射失败: $protocol $publicPort->$privatePort")
+
+        logger.info { "UPnP 映射成功: $protocol $publicPort->$privatePort" }
+        return MappingHandle(protocol, privatePort, publicPort, ttlSeconds, description)
+    }
+
+    override fun refresh(handle: MappingHandle): Boolean {
+        // WeUPnP 不支持 TTL 刷新，直接重做一次映射作为 best-effort
+        return try {
+            val dev = device ?: return false
+            when (handle.protocol) {
+                Protocol.TCP ->
+                    dev.addPortMapping(
+                        handle.publicPort,
+                        handle.privatePort,
+                        dev.localAddress.hostAddress,
+                        "TCP",
+                        handle.description,
+                    )
+                Protocol.UDP ->
+                    dev.addPortMapping(
+                        handle.publicPort,
+                        handle.privatePort,
+                        dev.localAddress.hostAddress,
+                        "UDP",
+                        handle.description,
+                    )
+            }
+            true
+        } catch (e: Exception) {
+            logger.error(e) { "UPnP 续期失败" }
+            false
+        }
+    }
+
+    override fun unmap(handle: MappingHandle): Boolean {
+        return try {
+            val dev = device ?: return true
+            when (handle.protocol) {
+                Protocol.TCP -> dev.deletePortMapping(handle.publicPort, "TCP")
+                Protocol.UDP -> dev.deletePortMapping(handle.publicPort, "UDP")
+            }
+            true
+        } catch (e: Exception) {
+            logger.warn(e) { "删除映射失败" }
+            false
+        }
+    }
+
+    override fun externalIp(): InetAddress {
+        val dev = device ?: error("尚未建立映射")
+        return InetAddress.getByName(dev.externalIPAddress)
+    }
+}

src/main/kotlin/com/bangbang93/openbmclapi/agent/service/ClusterService.kt

@@ -9,6 +9,7 @@ import com.bangbang93.openbmclapi.agent.model.FileList
 import com.bangbang93.openbmclapi.agent.model.OpenbmclapiAgentConfiguration
 import com.bangbang93.openbmclapi.agent.model.SyncConfig
 import com.bangbang93.openbmclapi.agent.storage.IStorage
+import com.bangbang93.openbmclapi.agent.nat.NatService
 import com.bangbang93.openbmclapi.agent.util.HashUtil
 import com.bangbang93.openbmclapi.agent.util.emitAck
 import com.github.avrokotlin.avro4k.Avro
@@ -42,6 +43,7 @@ class ClusterService(
     private val storage: IStorage,
     private val tokenManager: TokenManager,
     private val httpClient: HttpClient,
+    private val natService: NatService,
 ) : CoroutineScope by CoroutineScope(Dispatchers.Default) {
     lateinit var socket: Socket
     var isEnabled = false
@@ -172,9 +174,18 @@ class ClusterService(
 
         logger.trace { "Enabling cluster" }
 
+        val upnpIp = try {
+            natService.startIfEnabled()
+        } catch (e: Exception) {
+            logger.error(e) { "UPnP/NAT 端口映射失败" }
+            throw e
+        }
+
+        val hostForEnable = config.clusterIp ?: upnpIp?.hostAddress
+
         val enableRequest =
             EnableRequest(
-                host = config.clusterIp,
+                host = hostForEnable,
                 port = config.clusterPublicPort,
                 version = AGENT_PROTOCOL_VERSION,
                 byoc = config.byoc,

src/test/kotlin/com/bangbang93/openbmclapi/agent/nat/WeUpnpNatMapperTest.kt

@@ -0,0 +1,44 @@
+package com.bangbang93.openbmclapi.agent.nat
+
+import kotlin.test.Test
+import kotlin.test.assertTrue
+import io.github.oshai.kotlinlogging.KotlinLogging
+import org.bitlet.weupnp.GatewayDiscover
+import java.net.Inet4Address
+
+class WeUpnpNatMapperTest {
+    private val logger = KotlinLogging.logger {}
+
+    @Test
+    fun `map and unmap via WeUPnP if gateway available`() {
+        val discover = GatewayDiscover()
+        logger.info { "Discovering UPnP gateways..." }
+        val found = discover.discover()
+        logger.info { "Discovery result: found=$found, gw=${discover.validGateway}" }
+        val gw = discover.validGateway ?: run {
+            logger.info { "No UPnP IGD gateway found - skipping test" }
+            return
+        }
+
+        val mapper = WeUpnpNatMapper()
+        val privatePort = 4000
+        val publicPort = 4000
+
+        val handle = mapper.map(
+            privatePort = privatePort,
+            publicPort = publicPort,
+            protocol = Protocol.TCP,
+            ttlSeconds = 300,
+            description = "openbmclapi-test",
+        )
+
+        val ip = mapper.externalIp()
+        logger.info { "External IP: ${ip.hostAddress}" }
+        assertTrue(ip is Inet4Address, "external ip should be IPv4")
+
+        val removed = mapper.unmap(handle)
+        logger.info { "Unmapped result: $removed" }
+    }
+}
+
+