From dec2b17e171df62f6c09d585790a108ee7dbe6ed Mon Sep 17 00:00:00 2001 From: Vadimka Komissarov Date: Wed, 25 Sep 2024 09:41:59 +0000 Subject: [PATCH] add bypass for otp requests --- internal/proxy/validator.go | 16 +++++++++++++++- internal/proxy/whitelist.go | 6 ++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/internal/proxy/validator.go b/internal/proxy/validator.go index a9eff41..02ac8d5 100644 --- a/internal/proxy/validator.go +++ b/internal/proxy/validator.go @@ -74,6 +74,10 @@ func (m *Validator) ValidateRequest() (e error) { return errors.New("invalid query detected") } + if m.isQueryBypassListed() { + m.customs = m.customs | CHCacheBypass + } + // delete or update cache key for futher request processing // controlled by CustomHeaders m.postValidationMutate(m.requestArgs.QueryString()) @@ -238,7 +242,7 @@ var declinedKeysPool = sync.Pool{ func (m *Validator) isArgsWhitelisted() (_ bool) { // []string pool without allocations - // researched from https://vk.cc/cys872 + // researched here - https://vk.cc/cys872 declinedKeysPtr := declinedKeysPool.Get().(*[]string) declinedKeys := *declinedKeysPtr @@ -279,6 +283,16 @@ func (m *Validator) isQueryWhitelisted() (ok bool) { return } +func (m *Validator) isQueryBypassListed() (ok bool) { + var query []byte + if query = m.requestArgs.PeekBytes([]byte("query")); len(query) == 0 { + return true + } + + _, ok = queryBypasslist[futils.UnsafeString(query)] + return ok +} + func (m *Validator) queryLookup(equal []byte) (_ bool) { var query []byte if query = m.requestArgs.PeekBytes([]byte("query")); len(query) == 0 { diff --git a/internal/proxy/whitelist.go b/internal/proxy/whitelist.go index b35eef9..a3ad79f 100644 --- a/internal/proxy/whitelist.go +++ b/internal/proxy/whitelist.go @@ -94,3 +94,9 @@ var queryWhitelist = map[string]interface{}{ "auth_accept_otp": nil, "auth_login_otp": nil, } + +var queryBypasslist = map[string]interface{}{ + "auth_get_otp": nil, + "auth_accept_otp": nil, + "auth_login_otp": nil, +}