|
|
@@ -153,7 +153,7 @@ func (s *webForwardingService) buildWebForwardingModel(req *v1.WebForwardingData
|
|
|
Comment: req.Comment,
|
|
|
HttpsCert: req.HttpsCert,
|
|
|
HttpsKey: req.HttpsKey,
|
|
|
- SslCertId: int(req.SslCertId),
|
|
|
+ SslCertId: int(require.SslPolicyId),
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -186,11 +186,11 @@ func (s *webForwardingService) prepareWafData(ctx context.Context, req *v1.WebFo
|
|
|
}
|
|
|
|
|
|
// 2. 调用辅助函数,构建核心的代理配置 (将复杂逻辑封装起来)
|
|
|
- byteData, err := s.buildProxyJSONConfig(ctx, req, require)
|
|
|
+ byteData, sslPolicyId, err := s.buildProxyJSONConfig(ctx, req, require)
|
|
|
if err != nil {
|
|
|
return RequireResponse{}, v1.Website{}, err // 错误信息在辅助函数中已经包装好了
|
|
|
}
|
|
|
-
|
|
|
+ require.SslPolicyId = sslPolicyId
|
|
|
type serverNames struct {
|
|
|
ServerNames string `json:"name" form:"name"`
|
|
|
Type string `json:"type" form:"type"`
|
|
|
@@ -238,12 +238,14 @@ func (s *webForwardingService) prepareWafData(ctx context.Context, req *v1.WebFo
|
|
|
// 辅助函数:buildProxyJSONConfig
|
|
|
// 职责:专门负责处理 HTTP/HTTPS 的差异,并生成对应的 JSON 配置。
|
|
|
// =================================================================
|
|
|
-func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1.WebForwardingRequest, require RequireResponse) ([]byte, error) {
|
|
|
+func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1.WebForwardingRequest, require RequireResponse) ([]byte,int64, error) {
|
|
|
var (
|
|
|
jsonData v1.TypeJSON
|
|
|
apiType string
|
|
|
err error
|
|
|
)
|
|
|
+
|
|
|
+ var sslPolicyId int64
|
|
|
jsonData.IsOn = true
|
|
|
|
|
|
// 判断协议类型,并处理 HTTPS 的特殊逻辑(证书)
|
|
|
@@ -251,7 +253,7 @@ func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1
|
|
|
// 处理证书信息
|
|
|
serverName, commonNames, DNSNames, before, after, isSelfSigned, err := s.wafformatter.ParseCert(ctx, req.WebForwardingData.HttpsCert, req.WebForwardingData.HttpsKey)
|
|
|
if err != nil {
|
|
|
- return nil, fmt.Errorf("解析证书失败: %w", err)
|
|
|
+ return nil, 0, fmt.Errorf("解析证书失败: %w", err)
|
|
|
}
|
|
|
|
|
|
// 添加 SSL 证书
|
|
|
@@ -271,7 +273,7 @@ func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1
|
|
|
IsSelfSigned: isSelfSigned,
|
|
|
})
|
|
|
if err != nil {
|
|
|
- return nil, fmt.Errorf("添加SSL证书失败: %w", err)
|
|
|
+ return nil, 0, fmt.Errorf("添加SSL证书失败: %w", err)
|
|
|
}
|
|
|
|
|
|
// 添加 SSL 策略
|
|
|
@@ -287,16 +289,16 @@ func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1
|
|
|
})
|
|
|
sslCertsJson, err := json.Marshal(sslCertsSlice)
|
|
|
if err != nil {
|
|
|
- return nil, fmt.Errorf("序列化SSL证书失败: %w", err)
|
|
|
+ return nil, 0, fmt.Errorf("序列化SSL证书失败: %w", err)
|
|
|
}
|
|
|
|
|
|
- sslPolicyId, err := s.cdn.AddSSLPolicy(ctx, v1.AddSSLPolicy{
|
|
|
+ sslPolicyId, err = s.cdn.AddSSLPolicy(ctx, v1.AddSSLPolicy{
|
|
|
Http2Enabled: true,
|
|
|
SslCertsJSON: sslCertsJson,
|
|
|
MinVersion: "TLS 1.1",
|
|
|
})
|
|
|
if err != nil {
|
|
|
- return nil, fmt.Errorf("添加SSL策略失败: %w", err)
|
|
|
+ return nil, 0, fmt.Errorf("添加SSL策略失败: %w", err)
|
|
|
}
|
|
|
jsonData.SslPolicyRef.SslPolicyId = sslPolicyId
|
|
|
}
|
|
|
@@ -317,10 +319,10 @@ func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1
|
|
|
// 序列化为 JSON
|
|
|
byteData, err := json.Marshal(jsonData)
|
|
|
if err != nil {
|
|
|
- return nil, fmt.Errorf("序列化WAF配置失败: %w", err)
|
|
|
+ return nil, 0, fmt.Errorf("序列化WAF配置失败: %w", err)
|
|
|
}
|
|
|
|
|
|
- return byteData, nil
|
|
|
+ return byteData,sslPolicyId, nil
|
|
|
}
|
|
|
|
|
|
// 查找两个列表的差异
|
