From 90f84455d34148b89d8e61b0f4a9f3df585fd788 Mon Sep 17 00:00:00 2001
From: xboard <xboard@xboard.one>
Date: Mon, 9 Mar 2026 07:31:37 +0800
Subject: [PATCH] feat(surge): add SS2022, SOCKS5, HTTP support

---
 app/Protocols/Surge.php | 71 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 70 insertions(+), 1 deletion(-)

diff --git a/app/Protocols/Surge.php b/app/Protocols/Surge.php
index 5acbe50..c9fabb6 100644
--- a/app/Protocols/Surge.php
+++ b/app/Protocols/Surge.php
@@ -19,6 +19,8 @@ class Surge extends AbstractProtocol
         Server::TYPE_TROJAN,
         Server::TYPE_HYSTERIA,
         Server::TYPE_ANYTLS,
+        Server::TYPE_SOCKS,
+        Server::TYPE_HTTP,
     ];
     protected $protocolRequirements = [
         'surge.hysteria.protocol_settings.version' => [2 => '2398'],
@@ -41,7 +43,9 @@ class Surge extends AbstractProtocol
                     'aes-128-gcm',
                     'aes-192-gcm',
                     'aes-256-gcm',
-                    'chacha20-ietf-poly1305'
+                    'chacha20-ietf-poly1305',
+                    '2022-blake3-aes-128-gcm',
+                    '2022-blake3-aes-256-gcm'
                 ])
             ) {
                 $proxies .= self::buildShadowsocks($item['password'], $item);
@@ -63,6 +67,14 @@ class Surge extends AbstractProtocol
                 $proxies .= self::buildAnyTLS($item['password'], $item);
                 $proxyGroup .= $item['name'] . ', ';
             }
+            if ($item['type'] === Server::TYPE_SOCKS) {
+                $proxies .= self::buildSocks($item['password'], $item);
+                $proxyGroup .= $item['name'] . ', ';
+            }
+            if ($item['type'] === Server::TYPE_HTTP) {
+                $proxies .= self::buildHttp($item['password'], $item);
+                $proxyGroup .= $item['name'] . ', ';
+            }
         }
 
 
@@ -249,4 +261,61 @@ class Surge extends AbstractProtocol
         $uri .= "\r\n";
         return $uri;
     }
+
+    //参考文档: https://manual.nssurge.com/policy/proxy.html
+    public static function buildSocks($password, $server)
+    {
+        $protocol_settings = data_get($server, 'protocol_settings', []);
+        $type = data_get($protocol_settings, 'tls') ? 'socks5-tls' : 'socks5';
+        $config = [
+            "{$server['name']}={$type}",
+            "{$server['host']}",
+            "{$server['port']}",
+            "{$password}",
+            "{$password}",
+        ];
+
+        if (data_get($protocol_settings, 'tls')) {
+            if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
+                $config[] = "sni={$serverName}";
+            }
+            if (data_get($protocol_settings, 'tls_settings.allow_insecure')) {
+                $config[] = 'skip-cert-verify=true';
+            }
+        }
+        $config[] = 'udp-relay=true';
+
+        $config = array_filter($config);
+        $uri = implode(',', $config);
+        $uri .= "\r\n";
+        return $uri;
+    }
+
+    //参考文档: https://manual.nssurge.com/policy/proxy.html
+    public static function buildHttp($password, $server)
+    {
+        $protocol_settings = data_get($server, 'protocol_settings', []);
+        $type = data_get($protocol_settings, 'tls') ? 'https' : 'http';
+        $config = [
+            "{$server['name']}={$type}",
+            "{$server['host']}",
+            "{$server['port']}",
+            "{$password}",
+            "{$password}",
+        ];
+
+        if (data_get($protocol_settings, 'tls')) {
+            if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
+                $config[] = "sni={$serverName}";
+            }
+            if (data_get($protocol_settings, 'tls_settings.allow_insecure')) {
+                $config[] = 'skip-cert-verify=true';
+            }
+        }
+
+        $config = array_filter($config);
+        $uri = implode(',', $config);
+        $uri .= "\r\n";
+        return $uri;
+    }
 }