Mercurial > gemma
comparison pkg/controllers/proxy.go @ 421:c37457f12b8e
Differ between internal and external proxies.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Thu, 16 Aug 2018 15:17:21 +0200 |
parents | 6627c48363a0 |
children | 76a76691a298 |
comparison
equal
deleted
inserted
replaced
420:be38eec5cc25 | 421:c37457f12b8e |
---|---|
33 "http://www.opengis.net/gml/3.2": struct{}{}, | 33 "http://www.opengis.net/gml/3.2": struct{}{}, |
34 "http://www.opengis.net/fes/2.0": struct{}{}, | 34 "http://www.opengis.net/fes/2.0": struct{}{}, |
35 "http://schemas.opengis.net/gml": struct{}{}, | 35 "http://schemas.opengis.net/gml": struct{}{}, |
36 } | 36 } |
37 | 37 |
38 func findEntry(entry string) (string, bool) { | 38 func findProxy(key string) func(string) (string, bool) { |
39 external := config.ExternalWFSs() | 39 entries := config.Proxies(key) |
40 if external == nil || len(external) == 0 { | 40 return func(entry string) (string, bool) { |
41 return "", false | 41 if entries == nil || len(entries) == 0 { |
42 } | 42 return "", false |
43 alias, found := external[entry] | 43 } |
44 if !found { | 44 alias, found := entries[entry] |
45 return "", false | 45 if !found { |
46 } | 46 return "", false |
47 data, ok := alias.(map[string]interface{}) | 47 } |
48 if !ok { | 48 data, ok := alias.(map[string]interface{}) |
49 return "", false | 49 if !ok { |
50 } | 50 return "", false |
51 urlS, found := data["url"] | 51 } |
52 if !found { | 52 urlS, found := data["url"] |
53 return "", false | 53 if !found { |
54 } | 54 return "", false |
55 url, ok := urlS.(string) | 55 } |
56 return url, ok | 56 url, ok := urlS.(string) |
57 } | 57 return url, ok |
58 | 58 } |
59 func proxyDirector(req *http.Request) { | 59 } |
60 | 60 |
61 log.Printf("proxyDirector: %s\n", req.RequestURI) | 61 func proxyDirector(lookup func(string) (string, bool)) func(*http.Request) { |
62 | 62 |
63 abort := func(format string, args ...interface{}) { | 63 return func(req *http.Request) { |
64 log.Printf(format, args...) | 64 |
65 panic(http.ErrAbortHandler) | 65 log.Printf("proxyDirector: %s\n", req.RequestURI) |
66 } | 66 |
67 | 67 abort := func(format string, args ...interface{}) { |
68 vars := mux.Vars(req) | 68 log.Printf(format, args...) |
69 | 69 panic(http.ErrAbortHandler) |
70 var s string | 70 } |
71 | 71 |
72 if entry, found := vars["entry"]; found { | 72 vars := mux.Vars(req) |
73 if s, found = findEntry(entry); !found { | 73 |
74 abort("Cannot find entry '%s'\n", entry) | 74 var s string |
75 } | 75 |
76 } else { | 76 if entry, found := vars["entry"]; found { |
77 expectedMAC, err := base64.URLEncoding.DecodeString(vars["hash"]) | 77 if s, found = lookup(entry); !found { |
78 abort("Cannot find entry '%s'\n", entry) | |
79 } | |
80 } else { | |
81 expectedMAC, err := base64.URLEncoding.DecodeString(vars["hash"]) | |
82 if err != nil { | |
83 abort("Cannot base64 decode hash: %v\n", err) | |
84 } | |
85 url, err := base64.URLEncoding.DecodeString(vars["url"]) | |
86 if err != nil { | |
87 abort("Cannot base64 decode url: %v\n", err) | |
88 } | |
89 | |
90 mac := hmac.New(sha256.New, config.ProxyKey()) | |
91 mac.Write(url) | |
92 messageMAC := mac.Sum(nil) | |
93 | |
94 s = string(url) | |
95 | |
96 if !hmac.Equal(messageMAC, expectedMAC) { | |
97 abort("HMAC of URL %s failed.\n", s) | |
98 } | |
99 } | |
100 | |
101 nURL := s + "?" + req.URL.RawQuery | |
102 //log.Printf("%v\n", nURL) | |
103 | |
104 u, err := url.Parse(nURL) | |
78 if err != nil { | 105 if err != nil { |
79 abort("Cannot base64 decode hash: %v\n", err) | 106 abort("Invalid url: %v\n", err) |
80 } | 107 } |
81 url, err := base64.URLEncoding.DecodeString(vars["url"]) | 108 req.URL = u |
82 if err != nil { | 109 |
83 abort("Cannot base64 decode url: %v\n", err) | 110 req.Host = u.Host |
84 } | 111 //req.Header.Del("If-None-Match") |
85 | 112 //log.Printf("headers: %v\n", req.Header) |
86 mac := hmac.New(sha256.New, config.ProxyKey()) | 113 } |
87 mac.Write(url) | |
88 messageMAC := mac.Sum(nil) | |
89 | |
90 s = string(url) | |
91 | |
92 if !hmac.Equal(messageMAC, expectedMAC) { | |
93 abort("HMAC of URL %s failed.\n", s) | |
94 } | |
95 } | |
96 | |
97 nURL := s + "?" + req.URL.RawQuery | |
98 //log.Printf("%v\n", nURL) | |
99 | |
100 u, err := url.Parse(nURL) | |
101 if err != nil { | |
102 abort("Invalid url: %v\n", err) | |
103 } | |
104 req.URL = u | |
105 | |
106 req.Host = u.Host | |
107 //req.Header.Del("If-None-Match") | |
108 //log.Printf("headers: %v\n", req.Header) | |
109 } | 114 } |
110 | 115 |
111 type nopCloser struct { | 116 type nopCloser struct { |
112 io.Writer | 117 io.Writer |
113 } | 118 } |