From 28b99557a864ef59c19d2ad96101196e401718f0 Mon Sep 17 00:00:00 2001
From: fyears <1142836+fyears@users.noreply.github.com>
Date: Fri, 5 Apr 2024 11:06:16 +0800
Subject: [PATCH] clean up reverse proxy

---
 src/baseTypes.ts     |  2 +-
 src/langs/en.json    |  4 ++--
 src/langs/zh_cn.json |  4 ++--
 src/langs/zh_tw.json |  4 ++--
 src/remoteForS3.ts   | 34 ++++++++++++++++++++++------------
 src/settings.ts      | 11 ++++++-----
 6 files changed, 35 insertions(+), 24 deletions(-)

diff --git a/src/baseTypes.ts b/src/baseTypes.ts
index 81e653e..caf4aa4 100644
--- a/src/baseTypes.ts
+++ b/src/baseTypes.ts
@@ -27,12 +27,12 @@ export interface S3Config {
   remotePrefix?: string;
 
   useAccurateMTime?: boolean;
+  reverseProxyNoSignUrl?: string;
 
   /**
    * @deprecated
    */
   bypassCorsLocally?: boolean;
-  reverseProxyUrl: string;
 }
 
 export interface DropboxConfig {
diff --git a/src/langs/en.json b/src/langs/en.json
index 6a5bbc6..2bd56fa 100644
--- a/src/langs/en.json
+++ b/src/langs/en.json
@@ -184,8 +184,8 @@
   "settings_s3_accuratemtime_desc": "Read the uploaded accurate last modified time for better sync algorithm. But it causes extra api requests / time / money to the S3 endpoint.",
   "settings_s3_urlstyle": "S3 URL style",
   "settings_s3_urlstyle_desc": "Whether to force path-style URLs for S3 objects (e.g., https://s3.amazonaws.com/*/ instead of https://*.s3.amazonaws.com/).",
-  "settings_s3_reverse_proxy_url": "S3 Reverse Proxy Url",
-  "settings_s3_reverse_proxy_url_desc": "S3 Reverse Proxy Url.(Leave blank if you don't have a reverse proxy)",
+  "settings_s3_reverse_proxy_no_sign_url": "S3 Reverse Proxy (No Sign) Url (experimental)",
+  "settings_s3_reverse_proxy_no_sign_url_desc": "S3 reverse proxy url without signature. This is useful if you use a revers proxy but do not change the original credential signature. No http(s):// prefix. Leave it blank if you don't know what it is.",
   "settings_s3_connect_succ": "Great! The bucket can be accessed.",
   "settings_s3_connect_fail": "The S3 bucket cannot be reached.",
   "settings_dropbox": "Remote For Dropbox",
diff --git a/src/langs/zh_cn.json b/src/langs/zh_cn.json
index 1b2fecd..8fd22e3 100644
--- a/src/langs/zh_cn.json
+++ b/src/langs/zh_cn.json
@@ -183,8 +183,8 @@
   "settings_s3_accuratemtime_desc": "读取（已上传的）准确的文件修改时间，有助于同步算法更加准确和稳定。但是它也会导致额外的 api 请求、时间、金钱花费。",
   "settings_s3_urlstyle": "S3 URL style",
   "settings_s3_urlstyle_desc": "是否对 S3 对象强制使用 path style URL（例如使用 https://s3.amazonaws.com/*/ 而不是 https://*.s3.amazonaws.com/）。",
-  "settings_s3_reverse_proxy_url": "S3 反向代理地址",
-  "settings_s3_reverse_proxy_url_desc": "S3 反向代理地址。（如果没有设置反向代理请留空）",
+  "settings_s3_reverse_proxy_no_sign_url": "S3 反向代理（不签名）地址（实验性质）",
+  "settings_s3_reverse_proxy_no_sign_url_desc": "不会参与到签名的 S3 反向代理地址。如果您有一个反向代理，但是不想修改原始鉴权签名，这里就可以填写。没有 http(s):// 前缀。如果您不知道这是什么，留空即可。",
   "settings_s3_connect_succ": "很好！可以访问到对应存储桶。",
   "settings_s3_connect_fail": "无法访问到对应存储桶。",
   "settings_dropbox": "Dropbox 设置",
diff --git a/src/langs/zh_tw.json b/src/langs/zh_tw.json
index 7d35cb5..56021c9 100644
--- a/src/langs/zh_tw.json
+++ b/src/langs/zh_tw.json
@@ -182,8 +182,8 @@
   "settings_s3_accuratemtime_desc": "讀取（已上傳的）準確的檔案修改時間，有助於同步演算法更加準確和穩定。但是它也會導致額外的 api 請求、時間、金錢花費。",
   "settings_s3_urlstyle": "S3 URL style",
   "settings_s3_urlstyle_desc": "是否對 S3 物件強制使用 path style URL（例如使用 https://s3.amazonaws.com/*/ 而不是 https://*.s3.amazonaws.com/）。",
-  "settings_s3_reverse_proxy_url": "S3 反向代理地址",
-  "settings_s3_reverse_proxy_url_desc": "S3 反向代理地址。（如果沒有設置反向代理請留空）",
+  "settings_s3_reverse_proxy_no_sign_url": "S3 反向代理（不簽名）地址（實驗性質）",
+  "settings_s3_reverse_proxy_no_sign_url_desc": "不會參與到簽名的 S3 反向代理地址。如果您有一個反向代理，但是不想修改原始鑑權簽名，這裡就可以填寫。沒有 http(s):// 字首。如果您不知道這是什麼，留空即可。",
   "settings_s3_connect_succ": "很好！可以訪問到對應儲存桶。",
   "settings_s3_connect_fail": "無法訪問到對應儲存桶。",
   "settings_dropbox": "Dropbox 設定",
diff --git a/src/remoteForS3.ts b/src/remoteForS3.ts
index 4bccce5..55b6697 100644
--- a/src/remoteForS3.ts
+++ b/src/remoteForS3.ts
@@ -56,12 +56,15 @@ import { Cipher } from "./encryptUnified";
  */
 class ObsHttpHandler extends FetchHttpHandler {
   requestTimeoutInMs: number | undefined;
-  s3Config: S3Config | undefined;
-  constructor(options?: FetchHttpHandlerOptions, s3Config?: S3Config) {
+  reverseProxyNoSignUrl: string | undefined;
+  constructor(
+    options?: FetchHttpHandlerOptions,
+    reverseProxyNoSignUrl?: string
+  ) {
     super(options);
     this.requestTimeoutInMs =
       options === undefined ? undefined : options.requestTimeout;
-    this.s3Config = s3Config;
+    this.reverseProxyNoSignUrl = reverseProxyNoSignUrl;
   }
   async handle(
     request: HttpRequest,
@@ -82,10 +85,16 @@ class ObsHttpHandler extends FetchHttpHandler {
     }
 
     const { port, method } = request;
-    let url = `${request.protocol}//${request.hostname}${port ? `:${port}` : ""
-      }${path}`;
-    if (this.s3Config && this.s3Config.reverseProxyUrl && this.s3Config.reverseProxyUrl !== "") {
-      url = url.replace(this.s3Config.s3Endpoint, this.s3Config.reverseProxyUrl);
+    let url = `${request.protocol}//${request.hostname}${
+      port ? `:${port}` : ""
+    }${path}`;
+    if (
+      this.reverseProxyNoSignUrl !== undefined &&
+      this.reverseProxyNoSignUrl !== ""
+    ) {
+      const urlObj = new URL(url);
+      urlObj.host = this.reverseProxyNoSignUrl;
+      url = urlObj.href;
     }
     const body =
       method === "GET" || method === "HEAD" ? undefined : request.body;
@@ -171,7 +180,7 @@ export const DEFAULT_S3_CONFIG: S3Config = {
   forcePathStyle: false,
   remotePrefix: "",
   useAccurateMTime: false, // it causes money, disable by default
-  reverseProxyUrl: "",
+  reverseProxyNoSignUrl: "",
 };
 
 export type S3ObjectType = _Object;
@@ -310,9 +319,7 @@ export const getS3Client = (s3Config: S3Config) => {
   }
 
   let s3Client: S3Client;
-  if ((VALID_REQURL && s3Config.bypassCorsLocally) || (s3Config.reverseProxyUrl && s3Config.reverseProxyUrl !== "")) {
-    console.log("reverseProxyUrl", s3Config.reverseProxyUrl);
-
+  if (VALID_REQURL && s3Config.bypassCorsLocally) {
     s3Client = new S3Client({
       region: s3Config.s3Region,
       endpoint: endpoint,
@@ -321,7 +328,10 @@ export const getS3Client = (s3Config: S3Config) => {
         accessKeyId: s3Config.s3AccessKeyID,
         secretAccessKey: s3Config.s3SecretAccessKey,
       },
-      requestHandler: new ObsHttpHandler(undefined, s3Config),
+      requestHandler: new ObsHttpHandler(
+        undefined,
+        s3Config.reverseProxyNoSignUrl
+      ),
     });
   } else {
     s3Client = new S3Client({
diff --git a/src/settings.ts b/src/settings.ts
index 5ef155c..532a110 100644
--- a/src/settings.ts
+++ b/src/settings.ts
@@ -976,7 +976,8 @@ export class RemotelySaveSettingTab extends PluginSettingTab {
 
           dropdown
             .setValue(
-              `${this.plugin.settings.s3.bypassCorsLocally ? "enable" : "disable"
+              `${
+                this.plugin.settings.s3.bypassCorsLocally ? "enable" : "disable"
               }`
             )
             .onChange(async (value) => {
@@ -1056,14 +1057,14 @@ export class RemotelySaveSettingTab extends PluginSettingTab {
         });
       });
     new Setting(s3Div)
-      .setName(t("settings_s3_reverse_proxy_url"))
-      .setDesc(t("settings_s3_reverse_proxy_url_desc"))
+      .setName(t("settings_s3_reverse_proxy_no_sign_url"))
+      .setDesc(t("settings_s3_reverse_proxy_no_sign_url_desc"))
       .addText((text) =>
         text
           .setPlaceholder("")
-          .setValue(this.plugin.settings.s3.reverseProxyUrl)
+          .setValue(this.plugin.settings.s3.reverseProxyNoSignUrl ?? "")
           .onChange(async (value) => {
-            this.plugin.settings.s3.reverseProxyUrl = value.trim();
+            this.plugin.settings.s3.reverseProxyNoSignUrl = value.trim();
             await this.plugin.saveSettings();
           })
       );