gemma: pkg/controllers/proxy.go annotate

annotate pkg/controllers/proxy.go @ 5490:5f47eeea988d logging

Use own logging package.

author	Sascha L. Teichmann <sascha.teichmann@intevation.de>
date	Mon, 20 Sep 2021 17:45:39 +0200
parents	f4ec3558460e
children	31973f6f5cca

rev	line source
1017 a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	1 // This is Free Software under GNU Affero General Public License v >= 3.0
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	2 // without warranty, see README.md and license for details.
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	3 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	4 // SPDX-License-Identifier: AGPL-3.0-or-later
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	5 // License-Filename: LICENSES/AGPL-3.0.txt
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	6 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	7 // Copyright (C) 2018 by via donau
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	8 // – Österreichische Wasserstraßen-Gesellschaft mbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	9 // Software engineering by Intevation GmbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	10 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	11 // Author(s):
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	12 // * Sascha L. Teichmann <sascha.teichmann@intevation.de>
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	13
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	14 package controllers
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	15
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	16 import (
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	17 "compress/flate"
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	18 "compress/gzip"
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	19 "crypto/hmac"
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	20 "crypto/sha256"
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	21 "encoding/base64"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	22 "encoding/xml"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	23 "io"
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	24 "io/ioutil"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	25 "net/http"
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	26 "net/url"
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	27 "regexp"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	28 "strings"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	29
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	30 "github.com/gorilla/mux"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	31 "golang.org/x/net/html/charset"
414 c1047fd04a3a Moved project specific Go packages to new pkg folder. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 409 diff changeset	32
c1047fd04a3a Moved project specific Go packages to new pkg folder. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 409 diff changeset	33 "gemma.intevation.de/gemma/pkg/config"
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	34 "gemma.intevation.de/gemma/pkg/log"
1127 71ba4a66ec95 Return 404 if a proxied service is not found. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1040 diff changeset	35 "gemma.intevation.de/gemma/pkg/middleware"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	36 )
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	37
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	38 // proxyBlackList is a set of URLs that should not be rewritten by the proxy.
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	39 var proxyBlackList = map[string]struct{}{
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	40 "http://www.w3.org/2001/XMLSchema-instance": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	41 "http://www.w3.org/1999/xlink": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	42 "http://www.w3.org/2001/XMLSchema": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	43 "http://www.w3.org/XML/1998/namespace": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	44 "http://www.opengis.net/wfs/2.0": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	45 "http://www.opengis.net/ows/1.1": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	46 "http://www.opengis.net/gml/3.2": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	47 "http://www.opengis.net/fes/2.0": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	48 "http://schemas.opengis.net/gml": struct{}{},
538 9ccf2c6b7275 WFS/WMS proxy: blacklist another namespace to make OpenLayers work. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 441 diff changeset	49 "http://www.opengis.net/wfs": struct{}{},
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	50 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	51
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	52 func proxyDirector(lookup func(string) (string, bool)) func(*http.Request) {
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	53
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	54 return func(req *http.Request) {
350 1ea90a22bd15 Better replacements for WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 349 diff changeset	55
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	56 //log.Debugf("proxyDirector: %s\n", req.RequestURI)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	57
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	58 abort := func(format string, args ...interface{}) {
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	59 log.Errorf(format, args...)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	60 panic(http.ErrAbortHandler)
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	61 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	62
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	63 vars := mux.Vars(req)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	64
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	65 var s string
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	66
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	67 if entry, found := vars["entry"]; found {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	68 if s, found = lookup(entry); !found {
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	69 log.Warnf("cannot find entry '%s'\n", entry)
1127 71ba4a66ec95 Return 404 if a proxied service is not found. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1040 diff changeset	70 panic(middleware.ErrNotFound)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	71 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	72 } else {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	73 expectedMAC, err := base64.URLEncoding.DecodeString(vars["hash"])
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	74 if err != nil {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	75 abort("Cannot base64 decode hash: %v\n", err)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	76 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	77 url, err := base64.URLEncoding.DecodeString(vars["url"])
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	78 if err != nil {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	79 abort("Cannot base64 decode url: %v\n", err)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	80 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	81
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	82 mac := hmac.New(sha256.New, config.ProxyKey())
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	83 mac.Write(url)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	84 messageMAC := mac.Sum(nil)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	85
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	86 s = string(url)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	87
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	88 if !hmac.Equal(messageMAC, expectedMAC) {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	89 abort("HMAC of URL %s failed.\n", s)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	90 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	91 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	92
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	93 nURL := s + "?" + req.URL.RawQuery
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	94 //log.Debugf("%v\n", nURL)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	95
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	96 u, err := url.Parse(nURL)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	97 if err != nil {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	98 abort("Invalid url: %v\n", err)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	99 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	100 req.URL = u
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	101
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	102 req.Host = u.Host
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	103 //req.Header.Del("If-None-Match")
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	104 //log.Debugf("headers: %v\n", req.Header)
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	105 }
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	106 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	107
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	108 type nopCloser struct {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	109 io.Writer
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	110 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	111
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	112 func (nopCloser) Close() error { return nil }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	113
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	114 func encoding(h http.Header) (
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	115 func(io.Reader) (io.ReadCloser, error),
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	116 func(io.Writer) (io.WriteCloser, error),
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	117 ) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	118 switch enc := h.Get("Content-Encoding"); {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	119 case strings.Contains(enc, "gzip"):
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	120 //log.Debugf("gzip compression")
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	121 return func(r io.Reader) (io.ReadCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	122 return gzip.NewReader(r)
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	123 },
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	124 func(w io.Writer) (io.WriteCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	125 return gzip.NewWriter(w), nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	126 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	127 case strings.Contains(enc, "deflate"):
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	128 //log.Debugf("deflate compression")
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	129 return func(r io.Reader) (io.ReadCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	130 return flate.NewReader(r), nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	131 },
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	132 func(w io.Writer) (io.WriteCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	133 return flate.NewWriter(w, flate.DefaultCompression)
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	134 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	135 default:
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	136 //log.Debugf("no content compression")
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	137 return func(r io.Reader) (io.ReadCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	138 if r2, ok := r.(io.ReadCloser); ok {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	139 return r2, nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	140 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	141 return ioutil.NopCloser(r), nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	142 },
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	143 func(w io.Writer) (io.WriteCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	144 if w2, ok := w.(io.WriteCloser); ok {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	145 return w2, nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	146 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	147 return nopCloser{w}, nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	148 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	149 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	150 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	151
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	152 func proxyModifyResponse(suffix string) func(*http.Response) error {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	153
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	154 return func(resp *http.Response) error {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	155
4829 f4ec3558460e Set some nosniff http headers. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 3113 diff changeset	156 resp.Header.Set("X-Content-Type-Options", "nosniff")
f4ec3558460e Set some nosniff http headers. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 3113 diff changeset	157
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	158 if !isXML(resp.Header) {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	159 return nil
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	160 }
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	161
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	162 pr, pw := io.Pipe()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	163
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	164 var (
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	165 r io.ReadCloser
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	166 w io.WriteCloser
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	167 err error
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	168 )
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	169
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	170 reader, writer := encoding(resp.Header)
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	171
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	172 if r, err = reader(resp.Body); err != nil {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	173 return err
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	174 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	175
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	176 if w, err = writer(pw); err != nil {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	177 return err
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	178 }
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	179
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	180 go func(force io.ReadCloser) {
3113 b7673a704b0a OGC proxy: Made rewriting less spammy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1752 diff changeset	181 //start := time.Now()
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	182 defer func() {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	183 //r.Close()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	184 w.Close()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	185 pw.Close()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	186 force.Close()
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	187 //log.Debugf("rewrite took %s\n", time.Since(start))
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	188 }()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	189 if err := rewrite(suffix, w, r); err != nil {
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	190 log.Errorf("rewrite failed: %v\n", err)
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	191 return
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	192 }
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	193 }(resp.Body)
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	194
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	195 resp.Body = pr
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	196
355 e170075c22ac Cosmetics: Unindent some code in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 354 diff changeset	197 return nil
e170075c22ac Cosmetics: Unindent some code in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 354 diff changeset	198 }
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	199 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	200
365 765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	201 var xmlContentTypes = []string{
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	202 "application/xml",
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	203 "text/xml",
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	204 "application/gml+xml",
847 82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	205 "application/vnd.ogc.wms_xml",
1335 813342f2e927 OGC proxy: Rewrite service exceptions documents, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1127 diff changeset	206 "application/vnd.ogc.se_xml",
365 765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	207 }
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	208
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	209 func isXML(h http.Header) bool {
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	210 for _, t := range h["Content-Type"] {
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	211 t = strings.ToLower(t)
365 765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	212 for _, ct := range xmlContentTypes {
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	213 if strings.Contains(t, ct) {
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	214 return true
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	215 }
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	216 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	217 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	218 return false
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	219 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	220
847 82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	221 var replaceRe = regexp.MustCompile(`\b(https?://[^\s\?'"]*)`)
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	222
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	223 func replace(suffix, s string) string {
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	224
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	225 proxyKey := config.ProxyKey()
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	226 proxyPrefix := config.ProxyPrefix() + suffix
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	227
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	228 return replaceRe.ReplaceAllStringFunc(s, func(s string) string {
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	229 if _, found := proxyBlackList[s]; found {
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	230 return s
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	231 }
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	232 mac := hmac.New(sha256.New, proxyKey)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	233 b := []byte(s)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	234 mac.Write(b)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	235 expectedMAC := mac.Sum(nil)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	236
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	237 hash := base64.URLEncoding.EncodeToString(expectedMAC)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	238 enc := base64.URLEncoding.EncodeToString(b)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	239 return proxyPrefix + hash + "/" + enc
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	240 })
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	241 }
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	242
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	243 func rewrite(suffix string, w io.Writer, r io.Reader) error {
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	244
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	245 decoder := xml.NewDecoder(r)
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	246 decoder.CharsetReader = charset.NewReaderLabel
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	247
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	248 encoder := xml.NewEncoder(w)
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	249
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	250 var n nsdef
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	251
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	252 tokens:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	253 for {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	254 tok, err := decoder.Token()
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	255 switch {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	256 case tok == nil && err == io.EOF:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	257 break tokens
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	258 case err != nil:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	259 return err
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	260 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	261
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	262 switch t := tok.(type) {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	263 case xml.StartElement:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	264 t = t.Copy()
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	265
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	266 isDef := n.isDef(t.Name.Space)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	267 n = n.push()
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	268
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	269 for i := range t.Attr {
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	270 t.Attr[i].Value = replace(suffix, t.Attr[i].Value)
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	271 n.checkDef(&t.Attr[i])
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	272 }
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	273
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	274 for i := range t.Attr {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	275 n.adjust(&t.Attr[i])
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	276 }
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	277
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	278 switch {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	279 case isDef:
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	280 t.Name.Space = ""
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	281 default:
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	282 if s := n.lookup(t.Name.Space); s != "" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	283 t.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	284 t.Name.Local = s + ":" + t.Name.Local
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	285 }
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	286 }
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	287 tok = t
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	288
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	289 case xml.CharData:
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	290 tok = xml.CharData(replace(suffix, string(t)))
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	291
847 82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	292 case xml.Directive:
82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	293 tok = xml.Directive(replace(suffix, string(t)))
82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	294
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	295 case xml.EndElement:
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	296 s := n.lookup(t.Name.Space)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	297
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	298 n = n.pop()
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	299
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	300 if n.isDef(t.Name.Space) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	301 t.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	302 } else if s != "" {
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	303 t.Name.Space = ""
b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	304 t.Name.Local = s + ":" + t.Name.Local
b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	305 }
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	306 tok = t
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	307 }
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	308
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	309 if err := encoder.EncodeToken(tok); err != nil {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	310 return err
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	311 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	312 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	313
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	314 return encoder.Flush()
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	315 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	316
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	317 type nsframe struct {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	318 def string
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	319 ns map[string]string
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	320 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	321
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	322 type nsdef []nsframe
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	323
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	324 func (n nsdef) setDef(def string) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	325 if l := len(n); l > 0 {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	326 n[l-1].def = def
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	327 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	328 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	329
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	330 func (n nsdef) isDef(s string) bool {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	331 for i := len(n) - 1; i >= 0; i-- {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	332 if x := n[i].def; x != "" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	333 return s == x
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	334 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	335 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	336 return false
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	337 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	338
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	339 func (n nsdef) define(ns, s string) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	340 if l := len(n); l > 0 {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	341 n[l-1].ns[ns] = s
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	342 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	343 }
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	344
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	345 func (n nsdef) lookup(ns string) string {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	346 for i := len(n) - 1; i >= 0; i-- {
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	347 if s := n[i].ns[ns]; s != "" {
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	348 return s
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	349 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	350 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	351 return ""
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	352 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	353
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	354 func (n nsdef) checkDef(at *xml.Attr) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	355 if at.Name.Space == "" && at.Name.Local == "xmlns" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	356 n.setDef(at.Value)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	357 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	358 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	359
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	360 func (n nsdef) adjust(at *xml.Attr) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	361 switch {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	362 case at.Name.Space == "xmlns":
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	363 n.define(at.Value, at.Name.Local)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	364 at.Name.Local = "xmlns:" + at.Name.Local
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	365 at.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	366
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	367 case at.Name.Space != "":
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	368 if n.isDef(at.Name.Space) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	369 at.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	370 } else if s := n.lookup(at.Name.Space); s != "" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	371 at.Name.Local = s + ":" + at.Name.Local
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	372 at.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	373 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	374 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	375 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	376
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	377 func (n nsdef) push() nsdef {
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	378 return append(n, nsframe{ns: make(map[string]string)})
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	379 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	380
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	381 func (n nsdef) pop() nsdef {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	382 if l := len(n); l > 0 {
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	383 n[l-1] = nsframe{}
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	384 n = n[:l-1]
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	385 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	386 return n
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	387 }

Mercurial > gemma

annotate pkg/controllers/proxy.go @ 5490:5f47eeea988d logging