gemma: pkg/controllers/proxy.go annotate

annotate pkg/controllers/proxy.go @ 5688:6281c18b109f sr-v2

Finsh serializing v2 meshes.

author	Sascha L. Teichmann <sascha.teichmann@intevation.de>
date	Mon, 12 Feb 2024 02:27:41 +0100
parents	31973f6f5cca
children	6270951dda28

rev	line source
1017 a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	1 // This is Free Software under GNU Affero General Public License v >= 3.0
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	2 // without warranty, see README.md and license for details.
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	3 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	4 // SPDX-License-Identifier: AGPL-3.0-or-later
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	5 // License-Filename: LICENSES/AGPL-3.0.txt
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	6 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	7 // Copyright (C) 2018 by via donau
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	8 // – Österreichische Wasserstraßen-Gesellschaft mbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	9 // Software engineering by Intevation GmbH
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	10 //
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	11 // Author(s):
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	12 // * Sascha L. Teichmann <sascha.teichmann@intevation.de>
a244b18cb916 Added GNU Affero General Public License. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 847 diff changeset	13
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	14 package controllers
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	15
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	16 import (
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	17 "compress/flate"
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	18 "compress/gzip"
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	19 "crypto/hmac"
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	20 "crypto/sha256"
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	21 "encoding/base64"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	22 "encoding/xml"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	23 "io"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	24 "net/http"
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	25 "net/url"
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	26 "regexp"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	27 "strings"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	28
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	29 "github.com/gorilla/mux"
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	30 "golang.org/x/net/html/charset"
414 c1047fd04a3a Moved project specific Go packages to new pkg folder. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 409 diff changeset	31
c1047fd04a3a Moved project specific Go packages to new pkg folder. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 409 diff changeset	32 "gemma.intevation.de/gemma/pkg/config"
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	33 "gemma.intevation.de/gemma/pkg/log"
1127 71ba4a66ec95 Return 404 if a proxied service is not found. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1040 diff changeset	34 "gemma.intevation.de/gemma/pkg/middleware"
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	35 )
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	36
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	37 // proxyBlackList is a set of URLs that should not be rewritten by the proxy.
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	38 var proxyBlackList = map[string]struct{}{
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	39 "http://www.w3.org/2001/XMLSchema-instance": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	40 "http://www.w3.org/1999/xlink": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	41 "http://www.w3.org/2001/XMLSchema": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	42 "http://www.w3.org/XML/1998/namespace": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	43 "http://www.opengis.net/wfs/2.0": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	44 "http://www.opengis.net/ows/1.1": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	45 "http://www.opengis.net/gml/3.2": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	46 "http://www.opengis.net/fes/2.0": struct{}{},
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	47 "http://schemas.opengis.net/gml": struct{}{},
538 9ccf2c6b7275 WFS/WMS proxy: blacklist another namespace to make OpenLayers work. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 441 diff changeset	48 "http://www.opengis.net/wfs": struct{}{},
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	49 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	50
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	51 func proxyDirector(lookup func(string) (string, bool)) func(*http.Request) {
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	52
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	53 return func(req *http.Request) {
350 1ea90a22bd15 Better replacements for WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 349 diff changeset	54
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	55 //log.Debugf("proxyDirector: %s\n", req.RequestURI)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	56
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	57 abort := func(format string, args ...interface{}) {
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	58 log.Errorf(format, args...)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	59 panic(http.ErrAbortHandler)
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	60 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	61
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	62 vars := mux.Vars(req)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	63
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	64 var s string
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	65
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	66 if entry, found := vars["entry"]; found {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	67 if s, found = lookup(entry); !found {
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	68 log.Warnf("cannot find entry '%s'\n", entry)
1127 71ba4a66ec95 Return 404 if a proxied service is not found. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1040 diff changeset	69 panic(middleware.ErrNotFound)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	70 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	71 } else {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	72 expectedMAC, err := base64.URLEncoding.DecodeString(vars["hash"])
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	73 if err != nil {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	74 abort("Cannot base64 decode hash: %v\n", err)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	75 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	76 url, err := base64.URLEncoding.DecodeString(vars["url"])
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	77 if err != nil {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	78 abort("Cannot base64 decode url: %v\n", err)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	79 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	80
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	81 mac := hmac.New(sha256.New, config.ProxyKey())
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	82 mac.Write(url)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	83 messageMAC := mac.Sum(nil)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	84
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	85 s = string(url)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	86
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	87 if !hmac.Equal(messageMAC, expectedMAC) {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	88 abort("HMAC of URL %s failed.\n", s)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	89 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	90 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	91
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	92 nURL := s + "?" + req.URL.RawQuery
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	93 //log.Debugf("%v\n", nURL)
421 c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	94
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	95 u, err := url.Parse(nURL)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	96 if err != nil {
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	97 abort("Invalid url: %v\n", err)
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	98 }
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	99 req.URL = u
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	100
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	101 req.Host = u.Host
c37457f12b8e Differ between internal and external proxies. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 419 diff changeset	102 //req.Header.Del("If-None-Match")
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	103 //log.Debugf("headers: %v\n", req.Header)
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	104 }
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	105 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	106
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	107 type nopCloser struct {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	108 io.Writer
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	109 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	110
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	111 func (nopCloser) Close() error { return nil }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	112
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	113 func encoding(h http.Header) (
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	114 func(io.Reader) (io.ReadCloser, error),
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	115 func(io.Writer) (io.WriteCloser, error),
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	116 ) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	117 switch enc := h.Get("Content-Encoding"); {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	118 case strings.Contains(enc, "gzip"):
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	119 //log.Debugf("gzip compression")
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	120 return func(r io.Reader) (io.ReadCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	121 return gzip.NewReader(r)
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	122 },
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	123 func(w io.Writer) (io.WriteCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	124 return gzip.NewWriter(w), nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	125 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	126 case strings.Contains(enc, "deflate"):
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	127 //log.Debugf("deflate compression")
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	128 return func(r io.Reader) (io.ReadCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	129 return flate.NewReader(r), nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	130 },
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	131 func(w io.Writer) (io.WriteCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	132 return flate.NewWriter(w, flate.DefaultCompression)
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	133 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	134 default:
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	135 //log.Debugf("no content compression")
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	136 return func(r io.Reader) (io.ReadCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	137 if r2, ok := r.(io.ReadCloser); ok {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	138 return r2, nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	139 }
5683 31973f6f5cca Get rid of deprecation warnings from staticcheck. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 5490 diff changeset	140 return io.NopCloser(r), nil
352 23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	141 },
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	142 func(w io.Writer) (io.WriteCloser, error) {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	143 if w2, ok := w.(io.WriteCloser); ok {
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	144 return w2, nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	145 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	146 return nopCloser{w}, nil
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	147 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	148 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	149 }
23d4a9104b0c Support deflate compression in WFS proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 351 diff changeset	150
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	151 func proxyModifyResponse(suffix string) func(*http.Response) error {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	152
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	153 return func(resp *http.Response) error {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	154
4829 f4ec3558460e Set some nosniff http headers. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 3113 diff changeset	155 resp.Header.Set("X-Content-Type-Options", "nosniff")
f4ec3558460e Set some nosniff http headers. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 3113 diff changeset	156
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	157 if !isXML(resp.Header) {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	158 return nil
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	159 }
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	160
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	161 pr, pw := io.Pipe()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	162
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	163 var (
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	164 r io.ReadCloser
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	165 w io.WriteCloser
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	166 err error
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	167 )
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	168
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	169 reader, writer := encoding(resp.Header)
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	170
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	171 if r, err = reader(resp.Body); err != nil {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	172 return err
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	173 }
346 ad0e47c1fedf Use httputil.ReverseProxy for WFS proxying. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 344 diff changeset	174
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	175 if w, err = writer(pw); err != nil {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	176 return err
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	177 }
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	178
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	179 go func(force io.ReadCloser) {
3113 b7673a704b0a OGC proxy: Made rewriting less spammy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1752 diff changeset	180 //start := time.Now()
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	181 defer func() {
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	182 //r.Close()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	183 w.Close()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	184 pw.Close()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	185 force.Close()
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	186 //log.Debugf("rewrite took %s\n", time.Since(start))
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	187 }()
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	188 if err := rewrite(suffix, w, r); err != nil {
5490 5f47eeea988d Use own logging package. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 4829 diff changeset	189 log.Errorf("rewrite failed: %v\n", err)
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	190 return
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	191 }
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	192 }(resp.Body)
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	193
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	194 resp.Body = pr
6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	195
355 e170075c22ac Cosmetics: Unindent some code in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 354 diff changeset	196 return nil
e170075c22ac Cosmetics: Unindent some code in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 354 diff changeset	197 }
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	198 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	199
365 765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	200 var xmlContentTypes = []string{
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	201 "application/xml",
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	202 "text/xml",
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	203 "application/gml+xml",
847 82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	204 "application/vnd.ogc.wms_xml",
1335 813342f2e927 OGC proxy: Rewrite service exceptions documents, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 1127 diff changeset	205 "application/vnd.ogc.se_xml",
365 765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	206 }
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	207
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	208 func isXML(h http.Header) bool {
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	209 for _, t := range h["Content-Type"] {
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	210 t = strings.ToLower(t)
365 765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	211 for _, ct := range xmlContentTypes {
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	212 if strings.Contains(t, ct) {
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	213 return true
765e056ab4e8 Recognize more XML content types in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 359 diff changeset	214 }
344 e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	215 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	216 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	217 return false
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	218 }
e98033e3683a Be more precise with HTTP headers in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 335 diff changeset	219
847 82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	220 var replaceRe = regexp.MustCompile(`\b(https?://[^\s\?'"]*)`)
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	221
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	222 func replace(suffix, s string) string {
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	223
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	224 proxyKey := config.ProxyKey()
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	225 proxyPrefix := config.ProxyPrefix() + suffix
408 ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	226
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	227 return replaceRe.ReplaceAllStringFunc(s, func(s string) string {
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	228 if _, found := proxyBlackList[s]; found {
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	229 return s
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	230 }
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	231 mac := hmac.New(sha256.New, proxyKey)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	232 b := []byte(s)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	233 mac.Write(b)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	234 expectedMAC := mac.Sum(nil)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	235
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	236 hash := base64.URLEncoding.EncodeToString(expectedMAC)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	237 enc := base64.URLEncoding.EncodeToString(b)
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	238 return proxyPrefix + hash + "/" + enc
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	239 })
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	240 }
ac23905e64b1 Improve WFS proxy a lot. It now generates signed re-writings. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 372 diff changeset	241
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	242 func rewrite(suffix string, w io.Writer, r io.Reader) error {
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	243
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	244 decoder := xml.NewDecoder(r)
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	245 decoder.CharsetReader = charset.NewReaderLabel
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	246
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	247 encoder := xml.NewEncoder(w)
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	248
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	249 var n nsdef
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	250
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	251 tokens:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	252 for {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	253 tok, err := decoder.Token()
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	254 switch {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	255 case tok == nil && err == io.EOF:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	256 break tokens
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	257 case err != nil:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	258 return err
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	259 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	260
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	261 switch t := tok.(type) {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	262 case xml.StartElement:
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	263 t = t.Copy()
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	264
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	265 isDef := n.isDef(t.Name.Space)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	266 n = n.push()
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	267
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	268 for i := range t.Attr {
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	269 t.Attr[i].Value = replace(suffix, t.Attr[i].Value)
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	270 n.checkDef(&t.Attr[i])
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	271 }
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	272
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	273 for i := range t.Attr {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	274 n.adjust(&t.Attr[i])
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	275 }
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	276
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	277 switch {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	278 case isDef:
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	279 t.Name.Space = ""
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	280 default:
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	281 if s := n.lookup(t.Name.Space); s != "" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	282 t.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	283 t.Name.Local = s + ":" + t.Name.Local
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	284 }
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	285 }
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	286 tok = t
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	287
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	288 case xml.CharData:
419 6627c48363a0 First attempt for user injection of proxy for using GeoServer with role based security. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 414 diff changeset	289 tok = xml.CharData(replace(suffix, string(t)))
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	290
847 82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	291 case xml.Directive:
82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	292 tok = xml.Directive(replace(suffix, string(t)))
82765aa6de53 Rewrite WMS capabilities documents (content type "application/vnd.ogc.wms_xml") in proxy, too. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 538 diff changeset	293
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	294 case xml.EndElement:
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	295 s := n.lookup(t.Name.Space)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	296
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	297 n = n.pop()
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	298
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	299 if n.isDef(t.Name.Space) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	300 t.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	301 } else if s != "" {
351 b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	302 t.Name.Space = ""
b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	303 t.Name.Local = s + ":" + t.Name.Local
b89138a25f9e Fixed namespace compression in WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 350 diff changeset	304 }
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	305 tok = t
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	306 }
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	307
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	308 if err := encoder.EncodeToken(tok); err != nil {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	309 return err
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	310 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	311 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	312
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	313 return encoder.Flush()
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	314 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	315
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	316 type nsframe struct {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	317 def string
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	318 ns map[string]string
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	319 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	320
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	321 type nsdef []nsframe
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	322
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	323 func (n nsdef) setDef(def string) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	324 if l := len(n); l > 0 {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	325 n[l-1].def = def
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	326 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	327 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	328
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	329 func (n nsdef) isDef(s string) bool {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	330 for i := len(n) - 1; i >= 0; i-- {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	331 if x := n[i].def; x != "" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	332 return s == x
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	333 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	334 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	335 return false
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	336 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	337
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	338 func (n nsdef) define(ns, s string) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	339 if l := len(n); l > 0 {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	340 n[l-1].ns[ns] = s
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	341 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	342 }
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	343
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	344 func (n nsdef) lookup(ns string) string {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	345 for i := len(n) - 1; i >= 0; i-- {
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	346 if s := n[i].ns[ns]; s != "" {
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	347 return s
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	348 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	349 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	350 return ""
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	351 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	352
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	353 func (n nsdef) checkDef(at *xml.Attr) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	354 if at.Name.Space == "" && at.Name.Local == "xmlns" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	355 n.setDef(at.Value)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	356 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	357 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	358
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	359 func (n nsdef) adjust(at *xml.Attr) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	360 switch {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	361 case at.Name.Space == "xmlns":
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	362 n.define(at.Value, at.Name.Local)
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	363 at.Name.Local = "xmlns:" + at.Name.Local
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	364 at.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	365
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	366 case at.Name.Space != "":
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	367 if n.isDef(at.Name.Space) {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	368 at.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	369 } else if s := n.lookup(at.Name.Space); s != "" {
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	370 at.Name.Local = s + ":" + at.Name.Local
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	371 at.Name.Space = ""
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	372 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	373 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	374 }
15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	375
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	376 func (n nsdef) push() nsdef {
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	377 return append(n, nsframe{ns: make(map[string]string)})
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	378 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	379
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	380 func (n nsdef) pop() nsdef {
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	381 if l := len(n); l > 0 {
372 15369b41be74 Teach WFS proxy about default namespaces. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: 369 diff changeset	382 n[l-1] = nsframe{}
335 bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	383 n = n[:l-1]
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	384 }
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	385 return n
bd292a554b6e Made gemma a WFS proxy. Sascha L. Teichmann <sascha.teichmann@intevation.de> parents: diff changeset	386 }

Mercurial > gemma

annotate pkg/controllers/proxy.go @ 5688:6281c18b109f sr-v2