Add API for controlling proxy use when connecting to controller. Fixes #663

Author: plorenz

CHANGELOG.md

@@ -1,3 +1,13 @@
+# Release notes 0.24.0
+
+## Issues Fixed and Dependency Updates
+
+* github.com/openziti/sdk-golang: [v0.23.45 -> v0.24.0](https://github.com/openziti/sdk-golang/compare/v0.23.45...v0.24.0)
+    * [Issue #663](https://github.com/openziti/sdk-golang/issues/663) - Add API to allow controlling proxying connections to controllers and routers.
+
+* github.com/openziti/edge-api: [v0.26.36 -> v0.26.38](https://github.com/openziti/edge-api/compare/v0.26.36...v0.26.38)
+* github.com/openziti/transport/v2: [v2.0.159 -> v2.0.160](https://github.com/openziti/transport/compare/v2.0.159...v2.0.160)
+
 # Release notes 0.23.45
 
 ## Issues Fixed and Dependency Updates

edge-apis/clients.go

@@ -123,10 +123,12 @@ func (self *BaseClient[A]) Authenticate(credentials Credentials, configTypesOver
 }
 
 // initializeComponents assembles the lower level components necessary for the go-swagger/openapi facilities.
-func (self *BaseClient[A]) initializeComponents(apiUrls []*url.URL, caPool *x509.CertPool) {
-	components := NewComponents()
-	components.HttpTransport.TLSClientConfig.RootCAs = caPool
-	components.CaPool = caPool
+func (self *BaseClient[A]) initializeComponents(config *ApiClientConfig) {
+	components := NewComponentsWithConfig(&ComponentsConfig{
+		Proxy: config.Proxy,
+	})
+	components.HttpTransport.TLSClientConfig.RootCAs = config.CaPool
+	components.CaPool = config.CaPool
 
 	self.Components = *components
 }
@@ -205,6 +207,13 @@ type ManagementApiClient struct {
 	BaseClient[ZitiEdgeManagement]
 }
 
+type ApiClientConfig struct {
+	ApiUrls      []*url.URL
+	CaPool       *x509.CertPool
+	TotpCallback func(chan string)
+	Proxy        func(r *http.Request) (*url.URL, error)
+}
+
 // NewManagementApiClient will assemble an ManagementApiClient. The apiUrl should be the full URL
 // to the Edge Management API (e.g. `https://example.com/edge/management/v1`).
 //
@@ -217,16 +226,25 @@ type ManagementApiClient struct {
 // to obtain and verify the target controllers CAs. Tools should allow users to verify and accept new controllers
 // that have not been verified from an outside secret (such as an enrollment token).
 func NewManagementApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallback func(chan string)) *ManagementApiClient {
+	return NewManagementApiClientWithConfig(&ApiClientConfig{
+		ApiUrls:      apiUrls,
+		CaPool:       caPool,
+		TotpCallback: totpCallback,
+		Proxy:        http.ProxyFromEnvironment,
+	})
+}
+
+func NewManagementApiClientWithConfig(config *ApiClientConfig) *ManagementApiClient {
 	ret := &ManagementApiClient{}
 	ret.Schemes = rest_management_api_client.DefaultSchemes
 	ret.ApiBinding = "edge-management"
 	ret.ApiVersion = "v1"
-	ret.ApiUrls = apiUrls
-	ret.initializeComponents(apiUrls, caPool)
+	ret.ApiUrls = config.ApiUrls
+	ret.initializeComponents(config)
 
 	transportPool := NewClientTransportPoolRandom()
 
-	for _, apiUrl := range apiUrls {
+	for _, apiUrl := range config.ApiUrls {
 		newRuntime := NewRuntime(apiUrl, ret.Schemes, ret.Components.HttpClient)
 		newRuntime.DefaultAuthentication = ret
 		transportPool.Add(apiUrl, newRuntime)
@@ -235,7 +253,7 @@ func NewManagementApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallb
 	newApi := rest_management_api_client.New(transportPool, nil)
 	api := ZitiEdgeManagement{
 		ZitiEdgeManagement:  newApi,
-		TotpCallback:        totpCallback,
+		TotpCallback:        config.TotpCallback,
 		ClientTransportPool: transportPool,
 	}
 
@@ -261,17 +279,26 @@ type ClientApiClient struct {
 // to obtain and verify the target controllers CAs. Tools should allow users to verify and accept new controllers
 // that have not been verified from an outside secret (such as an enrollment token).
 func NewClientApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallback func(chan string)) *ClientApiClient {
+	return NewClientApiClientWithConfig(&ApiClientConfig{
+		ApiUrls:      apiUrls,
+		CaPool:       caPool,
+		TotpCallback: totpCallback,
+		Proxy:        http.ProxyFromEnvironment,
+	})
+}
+
+func NewClientApiClientWithConfig(config *ApiClientConfig) *ClientApiClient {
 	ret := &ClientApiClient{}
 	ret.ApiBinding = "edge-client"
 	ret.ApiVersion = "v1"
 	ret.Schemes = rest_client_api_client.DefaultSchemes
-	ret.ApiUrls = apiUrls
+	ret.ApiUrls = config.ApiUrls
 
-	ret.initializeComponents(apiUrls, caPool)
+	ret.initializeComponents(config)
 
 	transportPool := NewClientTransportPoolRandom()
 
-	for _, apiUrl := range apiUrls {
+	for _, apiUrl := range config.ApiUrls {
 		newRuntime := NewRuntime(apiUrl, ret.Schemes, ret.Components.HttpClient)
 		newRuntime.DefaultAuthentication = ret
 		transportPool.Add(apiUrl, newRuntime)
@@ -280,7 +307,7 @@ func NewClientApiClient(apiUrls []*url.URL, caPool *x509.CertPool, totpCallback
 	newApi := rest_client_api_client.New(transportPool, nil)
 	api := ZitiEdgeClient{
 		ZitiEdgeClient:      newApi,
-		TotpCallback:        totpCallback,
+		TotpCallback:        config.TotpCallback,
 		ClientTransportPool: transportPool,
 	}
 	ret.API = &api

edge-apis/component.go

@@ -5,6 +5,7 @@ import (
 	"github.com/openziti/edge-api/rest_util"
 	"net/http"
 	"net/http/cookiejar"
+	"net/url"
 	"time"
 )
 
@@ -17,12 +18,22 @@ type Components struct {
 	CaPool        *x509.CertPool
 }
 
+type ComponentsConfig struct {
+	Proxy func(*http.Request) (*url.URL, error)
+}
+
 // NewComponents assembles a new set of components with reasonable production defaults.
 func NewComponents() *Components {
+	return NewComponentsWithConfig(&ComponentsConfig{
+		Proxy: http.ProxyFromEnvironment,
+	})
+}
+
+// NewComponentsWithConfig assembles a new set of components with reasonable production defaults.
+func NewComponentsWithConfig(cfg *ComponentsConfig) *Components {
 	tlsClientConfig, _ := rest_util.NewTlsConfig()
 
 	httpTransport := &http.Transport{
-		Proxy:                 http.ProxyFromEnvironment,
 		TLSClientConfig:       tlsClientConfig,
 		ForceAttemptHTTP2:     true,
 		MaxIdleConns:          10,
@@ -31,6 +42,10 @@ func NewComponents() *Components {
 		ExpectContinueTimeout: 1 * time.Second,
 	}
 
+	if cfg != nil && cfg.Proxy != nil {
+		httpTransport.Proxy = cfg.Proxy
+	}
+
 	jar, _ := cookiejar.New(nil)
 
 	httpClient := &http.Client{

example/go.mod

@@ -4,20 +4,22 @@ go 1.21
 
 toolchain go1.22.1
 
+replace github.com/openziti/sdk-golang => ../
+
 require (
 	github.com/Jeffail/gabs v1.4.0
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/mux v1.8.1
 	github.com/michaelquigley/pfxlog v0.6.10
-	github.com/openziti/foundation/v2 v2.0.47
+	github.com/openziti/foundation/v2 v2.0.56
 	github.com/openziti/runzmd v1.0.33
 	github.com/openziti/sdk-golang v0.23.39
 	github.com/pkg/errors v0.9.1
 	github.com/sirupsen/logrus v1.9.3
-	github.com/spf13/cobra v1.8.0
+	github.com/spf13/cobra v1.8.1
 	github.com/spf13/viper v1.17.0
 	github.com/zitadel/oidc v1.13.5
-	golang.org/x/text v0.16.0
+	golang.org/x/text v0.21.0
 	google.golang.org/grpc v1.59.0
 	google.golang.org/grpc/examples v0.0.0-20231107231549-482de2224942
 	gopkg.in/resty.v1 v1.12.0
@@ -50,13 +52,13 @@ require (
 	github.com/go-openapi/strfmt v0.23.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-openapi/validate v0.24.0 // indirect
-	github.com/go-resty/resty/v2 v2.13.1 // indirect
+	github.com/go-resty/resty/v2 v2.15.3 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 // indirect
 	github.com/gorilla/schema v1.4.1 // indirect
-	github.com/gorilla/securecookie v1.1.1 // indirect
-	github.com/gorilla/websocket v1.5.1 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/websocket v1.5.3 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
@@ -76,12 +78,12 @@ require (
 	github.com/muhlemmer/gu v0.3.1 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
-	github.com/openziti/channel/v2 v2.0.136 // indirect
-	github.com/openziti/edge-api v0.26.21 // indirect
-	github.com/openziti/identity v1.0.81 // indirect
-	github.com/openziti/metrics v1.2.56 // indirect
-	github.com/openziti/secretstream v0.1.21 // indirect
-	github.com/openziti/transport/v2 v2.0.138 // indirect
+	github.com/openziti/channel/v3 v3.0.26 // indirect
+	github.com/openziti/edge-api v0.26.36 // indirect
+	github.com/openziti/identity v1.0.94 // indirect
+	github.com/openziti/metrics v1.2.65 // indirect
+	github.com/openziti/secretstream v0.1.28 // indirect
+	github.com/openziti/transport/v2 v2.0.159 // indirect
 	github.com/orcaman/concurrent-map/v2 v2.0.1 // indirect
 	github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
@@ -105,24 +107,25 @@ require (
 	github.com/valyala/fasttemplate v1.2.2 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	github.com/zitadel/logging v0.3.4 // indirect
-	github.com/zitadel/oidc/v2 v2.12.0 // indirect
-	go.mongodb.org/mongo-driver v1.16.0 // indirect
-	go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect
-	go.opentelemetry.io/otel v1.28.0 // indirect
-	go.opentelemetry.io/otel/metric v1.28.0 // indirect
-	go.opentelemetry.io/otel/trace v1.28.0 // indirect
+	github.com/zitadel/oidc/v2 v2.12.2 // indirect
+	go.mongodb.org/mongo-driver v1.17.0 // indirect
+	go.mozilla.org/pkcs7 v0.9.0 // indirect
+	go.opentelemetry.io/otel v1.29.0 // indirect
+	go.opentelemetry.io/otel/metric v1.29.0 // indirect
+	go.opentelemetry.io/otel/trace v1.29.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/crypto v0.32.0 // indirect
 	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/image v0.18.0 // indirect
-	golang.org/x/net v0.27.0 // indirect
-	golang.org/x/oauth2 v0.21.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.22.0 // indirect
-	golang.org/x/term v0.22.0 // indirect
+	golang.org/x/net v0.34.0 // indirect
+	golang.org/x/oauth2 v0.23.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/term v0.28.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
-	google.golang.org/protobuf v1.34.2 // indirect
+	google.golang.org/protobuf v1.36.2 // indirect
+	gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	nhooyr.io/websocket v1.8.11 // indirect
+	nhooyr.io/websocket v1.8.17 // indirect
 )