func NewProxy(args ProxyArgs) Proxy {
routeServiceConfig := routeservice.NewRouteServiceConfig(args.Logger, args.RouteServiceEnabled, args.RouteServiceTimeout, args.Crypto, args.CryptoPrev, args.RouteServiceRecommendHttps)
p := &proxy{
accessLogger: args.AccessLogger,
traceKey: args.TraceKey,
ip: args.Ip,
logger: args.Logger,
registry: args.Registry,
reporter: args.Reporter,
transport: &http.Transport{
Dial: func(network, addr string) (net.Conn, error) {
conn, err := net.DialTimeout(network, addr, 5*time.Second)
if err != nil {
return conn, err
}
if args.EndpointTimeout > 0 {
err = conn.SetDeadline(time.Now().Add(args.EndpointTimeout))
}
return conn, err
},
DisableKeepAlives: true,
DisableCompression: true,
TLSClientConfig: args.TLSConfig,
},
secureCookies: args.SecureCookies,
heartbeatOK: args.HeartbeatOK, // 1->true, 0->false
routeServiceConfig: routeServiceConfig,
extraHeadersToLog: args.ExtraHeadersToLog,
routeServiceRecommendHttps: args.RouteServiceRecommendHttps,
healthCheckUserAgent: args.HealthCheckUserAgent,
forceForwardedProtoHttps: args.ForceForwardedProtoHttps,
defaultLoadBalance: args.DefaultLoadBalance,
}
n := negroni.New()
n.Use(&proxyWriterHandler{})
n.Use(handlers.NewAccessLog(args.AccessLogger, args.ExtraHeadersToLog))
n.Use(handlers.NewHealthcheck(args.HealthCheckUserAgent, p.heartbeatOK, args.Logger))
n.Use(handlers.NewZipkin(args.EnableZipkin, args.ExtraHeadersToLog, args.Logger))
n.UseHandler(p)
handlers := &proxyHandler{
handlers: n,
proxy: p,
}
return handlers
}
Expect(err).ToNot(HaveOccurred())
Expect(r.Header.Get("X-CF-ApplicationID")).To(Equal(""))
// validate client request header
Expect(r.Header.Get("X-CF-Forwarded-Url")).To(Equal(forwardedUrl))
w.Write([]byte("My Special Snowflake Route Service\n"))
})
crypto, err := secure.NewAesGCM([]byte(cryptoKey))
Expect(err).ToNot(HaveOccurred())
config := routeservice.NewRouteServiceConfig(
logger,
conf.RouteServiceEnabled,
1*time.Hour,
crypto,
nil,
recommendHttps,
)
reqArgs, err := config.Request("", forwardedUrl)
Expect(err).ToNot(HaveOccurred())
signatureHeader, metadataHeader = reqArgs.Signature, reqArgs.Metadata
})
Context("with Route Services disabled", func() {
BeforeEach(func() {
conf.RouteServiceEnabled = false
conf.SkipSSLValidation = true
routeServiceHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
Fail("Should not get here into Route Service")
})
var _ = Describe("Route Service Config", func() {
var (
config *routeservice.RouteServiceConfig
crypto secure.Crypto
cryptoPrev secure.Crypto
cryptoKey = "ABCDEFGHIJKLMNOP"
logger lager.Logger
recommendHttps bool
)
BeforeEach(func() {
var err error
crypto, err = secure.NewAesGCM([]byte(cryptoKey))
Expect(err).ToNot(HaveOccurred())
logger = lagertest.NewTestLogger("test")
config = routeservice.NewRouteServiceConfig(logger, true, 1*time.Hour, crypto, cryptoPrev, recommendHttps)
})
AfterEach(func() {
crypto = nil
cryptoPrev = nil
config = nil
})
Describe("Request", func() {
It("decodes an encoded URL", func() {
encodedForwardedURL := url.QueryEscape("test.app.com?query=sample")
rsUrl := "https://example.com"
args, err := config.Request(rsUrl, encodedForwardedURL)
Expect(err).NotTo(HaveOccurred())
