问题

我觉得我离成功很近了，但是到目前为止，我在使用Go构建一个小型反向代理到GCP Cloud Run实例时遇到了问题。请求“通过了”，但是请求的响应是默认的GCP Cloud Run 404。看起来在将请求发送回Cloud Run时，Host头被忽略了，因此请求没有被正确路由。

我可能漏掉了什么？

package main

import (
	"log"
	"net/http"
	"net/http/httputil"
	"net/url"
)

const apiUrl = "MY_CLOUD_RUN.a.run.app"

func main() {
	http.HandleFunc("/", proxy)
	log.Fatal(http.ListenAndServe(":8081", nil))
}

func proxy(res http.ResponseWriter, req *http.Request) {
	// 绕过CORS检查
	if req.Method == http.MethodOptions {
		headers := res.Header()
		headers.Add("Access-Control-Allow-Origin", "*")
		headers.Add("Vary", "Origin")
		headers.Add("Vary", "Access-Control-Request-Method")
		headers.Add("Vary", "Access-Control-Request-Headers")
		headers.Add("Access-Control-Allow-Headers", "*")
		headers.Add("Access-Control-Allow-Methods", "GET,HEAD,PUT,PATCH,POST,DELETE")
		res.WriteHeader(http.StatusOK)
		return
	}

	p := httputil.NewSingleHostReverseProxy(&url.URL{
		Scheme: "http",
		Host:   apiUrl,
	})
	p.Director = func(req *http.Request) {
		req.Header.Add("X-Forwarded-Host", req.Host)
		req.Header.Add("X-Origin-Host", apiUrl)
		req.Header.Add("Host", apiUrl)
		req.Header.Add("Access-Control-Allow-Origin", "*")
		req.URL.Scheme = "https"
		req.URL.Host = apiUrl
	}
	p.ModifyResponse = func(res *http.Response) error {
		res.Header.Set("Access-Control-Allow-Methods", "GET,HEAD,PUT,PATCH,POST,DELETE")
		res.Header.Set("Access-Control-Allow-Credentials", "true")
		res.Header.Set("Access-Control-Allow-Origin", "*")
		res.Header.Set("Access-Control-Allow-Headers", "*")
		return nil
	}

	p.ServeHTTP(res, req)
}

英文:

I feel like I'm close to having this working but so far I"m running into an issue building a small reverse proxy in Go to a GCP Cloud Run instance. The request 'goes through' but the response from the request is the default GCP Cloud Run 404. It appears when making the request back to Cloud Run the Host header is being ignored and therefore the request is not being routed correction.

What might I be missing here?

package main
import (
&quot;log&quot;
&quot;net/http&quot;
&quot;net/http/httputil&quot;
&quot;net/url&quot;
)
const apiUrl = &quot;MY_CLOUD_RUN.a.run.app&quot;
func main() {
http.HandleFunc(&quot;/&quot;, proxy)
log.Fatal(http.ListenAndServe(&quot;:8081&quot;, nil))
}
func proxy(res http.ResponseWriter, req *http.Request) {
// gets past CORS checks
if req.Method == http.MethodOptions {
headers := res.Header()
headers.Add(&quot;Access-Control-Allow-Origin&quot;, &quot;*&quot;)
headers.Add(&quot;Vary&quot;, &quot;Origin&quot;)
headers.Add(&quot;Vary&quot;, &quot;Access-Control-Request-Method&quot;)
headers.Add(&quot;Vary&quot;, &quot;Access-Control-Request-Headers&quot;)
headers.Add(&quot;Access-Control-Allow-Headers&quot;, &quot;*&quot;)
headers.Add(&quot;Access-Control-Allow-Methods&quot;, &quot;GET,HEAD,PUT,PATCH,POST,DELETE&quot;)
res.WriteHeader(http.StatusOK)
return
}
p := httputil.NewSingleHostReverseProxy(&amp;url.URL{
Scheme: &quot;http&quot;,
Host:   apiUrl,
})
p.Director = func(req *http.Request) {
req.Header.Add(&quot;X-Forwarded-Host&quot;, req.Host)
req.Header.Add(&quot;X-Origin-Host&quot;, apiUrl)
req.Header.Add(&quot;Host&quot;, apiUrl)
req.Header.Add(&quot;Access-Control-Allow-Origin&quot;, &quot;*&quot;)
req.URL.Scheme = &quot;https&quot;
req.URL.Host = apiUrl
}
p.ModifyResponse = func(res *http.Response) error {
res.Header.Set(&quot;Access-Control-Allow-Methods&quot;, &quot;GET,HEAD,PUT,PATCH,POST,DELETE&quot;)
res.Header.Set(&quot;Access-Control-Allow-Credentials&quot;, &quot;true&quot;)
res.Header.Set(&quot;Access-Control-Allow-Origin&quot;, &quot;*&quot;)
res.Header.Set(&quot;Access-Control-Allow-Headers&quot;, &quot;*&quot;)
return nil
}
p.ServeHTTP(res, req)
}

答案1

得分: 1

这比最初的初步写作要复杂一些，但我们最终得到的结果如下所示。

package main

import (
	"context"
	"fmt"
	"log"
	"net/http"
	"net/http/httputil"
	"net/url"
	"os"
	"os/signal"
	"time"

	"golang.org/x/oauth2"
	"google.golang.org/api/idtoken"
)

var port = ":8080"
var backend = "[CLOUD_RUN_INSTANCE_TO_PROXY].a.run.app"

func main() {
	logger := log.New(os.Stdout, "proxy: ", log.LstdFlags)
	logger.Println(fmt.Sprintf("代理服务器正在启动：%s，端口：%s", backend, port))

	router := http.NewServeMux()
	router.Handle("/", proxyHandler())

	server := &http.Server{
		Addr:         port,
		Handler:      logging(logger)(router),
		ErrorLog:     logger,
		ReadTimeout:  30 * time.Second,
		WriteTimeout: 30 * time.Second,
		IdleTimeout:  15 * time.Second,
	}

	done := make(chan bool)
	quit := make(chan os.Signal, 1)
	signal.Notify(quit, os.Interrupt)

	go func() {
		<-quit
		logger.Println("代理服务器正在关闭...")

		ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
		defer cancel()

		server.SetKeepAlivesEnabled(false)
		if err := server.Shutdown(ctx); err != nil {
			logger.Fatalf("无法正常关闭服务器：%v\n", err)
		}
		close(done)
	}()

	if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed {
		logger.Fatalf("无法监听端口%s：%v\n", port, err)
	}

	<-done
	logger.Println("服务器已停止")
}

func proxyHandler() http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if r.Method == http.MethodOptions {
			headers := w.Header()
			headers.Add("Access-Control-Allow-Origin", "*")
			headers.Add("Access-Control-Allow-Headers", "*")
			headers.Add("Access-Control-Allow-Methods", "GET,HEAD,PUT,PATCH,POST,DELETE")
			w.WriteHeader(http.StatusOK)
			return
		}

		path := fmt.Sprintf("https://%s%s", backend, r.RequestURI)
		at, _ := idTokenTokenSource(path)

		p := httputil.NewSingleHostReverseProxy(&url.URL{
			Scheme: "https",
			Host:   backend,
		})
		p.Director = func(r *http.Request) {
			if at != nil {
				at.SetAuthHeader(r)
			}
		}
		p.ModifyResponse = func(res *http.Response) error {
			res.Header.Set("Access-Control-Allow-Methods", "GET,HEAD,PUT,PATCH,POST,DELETE")
			res.Header.Set("Access-Control-Allow-Credentials", "true")
			res.Header.Set("Access-Control-Allow-Origin", "*")
			res.Header.Set("Access-Control-Allow-Headers", "*")
			return nil
		}

		r.URL.Scheme = "https"
		r.URL.Host = backend
		r.Header.Set("X-Forwarded-Host", r.Header.Get("Host"))
		r.Host = backend

		if at != nil {
			at.SetAuthHeader(r)
		}

		p.ServeHTTP(w, r)
	})
}

func logging(l *log.Logger) func(http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			defer func() {
				requestId := r.Header.Get("X-Request-Id")
				if requestId == "" {
					requestId = fmt.Sprintf("%d", time.Now().UnixNano())
				}
				w.Header().Set("X-Request-Id", requestId)
				l.Println(requestId, r.Method, r.URL.Path, r.RemoteAddr, r.UserAgent())
			}()

			next.ServeHTTP(w, r)
		})
	}
}

func idTokenTokenSource(audience string) (*oauth2.Token, error) {
	ts, err := idtoken.NewTokenSource(context.Background(), audience)
	if err != nil {
		return nil, err
	}

	t, err := ts.Token()
	if err != nil {
		return nil, err
	}

	return t, nil
}

其中一部分优雅关闭、HTTP设置和日志记录的代码来自：https://gist.github.com/enricofoltran/10b4a980cd07cb02836f70a4ab3e72d7

英文:

This is a bit more elaborate than the original initial write-up but what we wound up with was as follows.

package main
import (
&quot;context&quot;
&quot;fmt&quot;
&quot;log&quot;
&quot;net/http&quot;
&quot;net/http/httputil&quot;
&quot;net/url&quot;
&quot;os&quot;
&quot;os/signal&quot;
&quot;time&quot;
&quot;golang.org/x/oauth2&quot;
&quot;google.golang.org/api/idtoken&quot;
)
var port = &quot;:8080&quot;
var backend = &quot;[CLOUD_RUN_INSTANCE_TO_PROXY].a.run.app&quot;
func main() {
logger := log.New(os.Stdout, &quot;proxy: &quot;, log.LstdFlags)
logger.Println(fmt.Sprintf(&quot;Proxy server is starting for: %s on port: %s&quot;, backend, port))
router := http.NewServeMux()
router.Handle(&quot;/&quot;, proxyHandler())
server := &amp;http.Server{
Addr:         port,
Handler:      logging(logger)(router),
ErrorLog:     logger,
ReadTimeout:  30 * time.Second,
WriteTimeout: 30 * time.Second,
IdleTimeout:  15 * time.Second,
}
done := make(chan bool)
quit := make(chan os.Signal, 1)
signal.Notify(quit, os.Interrupt)
go func() {
&lt;-quit
logger.Println(&quot;Proxy server is shutting down...&quot;)
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
server.SetKeepAlivesEnabled(false)
if err := server.Shutdown(ctx); err != nil {
logger.Fatalf(&quot;Could not gracefully shutdown the server: %v\n&quot;, err)
}
close(done)
}()
if err := server.ListenAndServe(); err != nil &amp;&amp; err != http.ErrServerClosed {
logger.Fatalf(&quot;Could not listen on %s: %v\n&quot;, port, err)
}
&lt;-done
logger.Println(&quot;Server stopped&quot;)
}
func proxyHandler() http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodOptions {
headers := w.Header()
headers.Add(&quot;Access-Control-Allow-Origin&quot;, &quot;*&quot;)
headers.Add(&quot;Access-Control-Allow-Headers&quot;, &quot;*&quot;)
headers.Add(&quot;Access-Control-Allow-Methods&quot;, &quot;GET,HEAD,PUT,PATCH,POST,DELETE&quot;)
w.WriteHeader(http.StatusOK)
return
}
path := fmt.Sprintf(&quot;https://%s%s&quot;, backend, r.RequestURI)
at, _ := idTokenTokenSource(path)
p := httputil.NewSingleHostReverseProxy(&amp;url.URL{
Scheme: &quot;https&quot;,
Host:   backend,
})
p.Director = func(r *http.Request) {
if at != nil {
at.SetAuthHeader(r)
}
}
p.ModifyResponse = func(res *http.Response) error {
res.Header.Set(&quot;Access-Control-Allow-Methods&quot;, &quot;GET,HEAD,PUT,PATCH,POST,DELETE&quot;)
res.Header.Set(&quot;Access-Control-Allow-Credentials&quot;, &quot;true&quot;)
res.Header.Set(&quot;Access-Control-Allow-Origin&quot;, &quot;*&quot;)
res.Header.Set(&quot;Access-Control-Allow-Headers&quot;, &quot;*&quot;)
return nil
}
r.URL.Scheme = &quot;https&quot;
r.URL.Host = backend
r.Header.Set(&quot;X-Forwarded-Host&quot;, r.Header.Get(&quot;Host&quot;))
r.Host = backend
if at != nil {
at.SetAuthHeader(r)
}
p.ServeHTTP(w, r)
})
}
func logging(l *log.Logger) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
defer func() {
requestId := r.Header.Get(&quot;X-Request-Id&quot;)
if requestId == &quot;&quot; {
requestId = fmt.Sprintf(&quot;%d&quot;, time.Now().UnixNano())
}
w.Header().Set(&quot;X-Request-Id&quot;, requestId)
l.Println(requestId, r.Method, r.URL.Path, r.RemoteAddr, r.UserAgent())
}()
next.ServeHTTP(w, r)
})
}
}
func idTokenTokenSource(audience string) (*oauth2.Token, error) {
ts, err := idtoken.NewTokenSource(context.Background(), audience)
if err != nil {
return nil, err
}
t, err := ts.Token()
if err != nil {
return nil, err
}
return t, nil
}

A good chunk of some of the graceful shutdown, http setup, and logging came from: https://gist.github.com/enricofoltran/10b4a980cd07cb02836f70a4ab3e72d7

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

使用Go语言实现反向代理到Cloud Run实例

问题

答案1

索引超出范围 [113]，长度为10。

在Go中的换行符 – 理解Go Tour中的这个例子

在Go程序中，有三个后台goroutine。

如何正确编译一个包含C代码的Golang项目？

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论