Exemple #1
0
func custom(log, cors, validate bool, f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
	return func(w http.ResponseWriter, r *http.Request) {
		addr := r.RemoteAddr
		if ip, found := header(r, "X-Forwarded-For"); found {
			addr = ip
		}

		// reject if the request is invalid
		if validate {
			if (!misc.ZeroOrNil(cfg.ValidHost) && !strings.Contains(r.Host, cfg.ValidHost)) ||
				(!misc.ZeroOrNil(cfg.ValidUserAgent) && !strings.Contains(r.UserAgent(), cfg.ValidUserAgent)) {
				logs.Info.Printf("%s %s %s %s", addr, strconv.Itoa(http.StatusForbidden), r.Method, r.URL)
				http.Error(w, "403 Forbidden", http.StatusForbidden)
				return
			}
		}
		// compress settings
		ioWriter := w.(io.Writer)
		for _, val := range misc.ParseCsvLine(r.Header.Get("Accept-Encoding")) {
			if val == "gzip" {
				w.Header().Set("Content-Encoding", "gzip")
				g := gzip.NewWriter(w)
				defer g.Close()
				ioWriter = g
				break
			}
			if val == "deflate" {
				w.Header().Set("Content-Encoding", "deflate")
				z := zlib.NewWriter(w)
				defer z.Close()
				ioWriter = z
				break
			}
		}
		writer := &customResponseWriter{Writer: ioWriter, ResponseWriter: w, status: 200}

		// CORS headers
		if cors && !misc.ZeroOrNil(cfg.CorsMethods) {
			w.Header().Set("Access-Control-Allow-Headers", "*")
			w.Header().Set("Access-Control-Allow-Methods", cfg.CorsMethods)
			w.Header().Set("Access-Control-Allow-Origin", cfg.CorsOrigin)
		}

		// route to the controllers
		f(writer, r)

		// access log
		if log && cfg.AccessLog {
			logs.Info.Printf("%s %s %s %s", addr, strconv.Itoa(writer.status), r.Method, r.URL)
		}
	}
}
Exemple #2
0
// RenderHTML write data as a HTML text with template
func RenderHTML(w http.ResponseWriter, templatePath []string, data interface{}, err error) {
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}

	relatives := append([]string{"base.tmpl"}, templatePath...)
	templates := make([]string, len(relatives))
	for idx, template := range relatives {
		templates[idx] = path.Join(cfg.StaticFilePath, "views", template)
	}

	tmpl, err := template.ParseFiles(templates...)
	if IsInvalid(w, err, "@RenderHTML") {
		return
	}
	stage := cfg.Stage
	if !misc.ZeroOrNil(stage) {
		stage = stage + "/"
	}
	if err := tmpl.Execute(w, struct {
		AppName        string
		AppStage       string
		StaticFileHost string
		Data           interface{}
	}{cfg.Name, stage, cfg.StaticFileHost, data}); err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		logs.Error.Printf("ERROR: @RenderHTML %s", err.Error())
		return
	}
	w.Header().Set("Content-Type", "text/html")
}
Exemple #3
0
func header(r *http.Request, key string) (string, bool) {
	if r.Header == nil {
		return "", false
	}
	if candidate := r.Header[key]; !misc.ZeroOrNil(candidate) {
		return candidate[0], true
	}
	return "", false
}
func (config *Config) complete() bool {
	cfgs := reflect.ValueOf(config).Elem()

	for i := 0; i < cfgs.NumField(); i++ {
		if misc.ZeroOrNil(cfgs.Field(i).Interface()) {
			return false
		}
	}
	return true
}
func (config *Config) merge(arg Config) *Config {
	mine := reflect.ValueOf(config).Elem()
	theirs := reflect.ValueOf(&arg).Elem()

	for i := 0; i < mine.NumField(); i++ {
		myField := mine.Field(i)
		if misc.ZeroOrNil(myField.Interface()) {
			myField.Set(reflect.ValueOf(theirs.Field(i).Interface()))
		}
	}
	return config
}
func TestCrons(t *testing.T) {
	if misc.ZeroOrNil(crons) {
		t.Errorf("Expected %v, but got %v", 1, len(crons))
		return
	}
	actual := len(crons)
	if actual <= 0 {
		t.Errorf("Expected larger than 0 but got %v", actual)
		return
	}
	actual = len(crons[0].Entries())
	if actual <= 0 {
		t.Errorf("Expected larger than 0 but got %v", actual)
		return
	}
}
func dwrQueryStrings(script, method, param, page, sessionID string) *url.Values {
	values := url.Values{}
	values.Add("callCount", "1")
	values.Add("c0-scriptName", script)
	values.Add("c0-methodName", method)
	values.Add("c0-id", "0")
	if !misc.ZeroOrNil(param) {
		values.Add("c0-param0", param)
	}
	values.Add("batchId", "0")
	values.Add("instanceId", "0")
	values.Add("page", page)
	values.Add("scriptSessionId", sessionID)
	values.Add("windowName", "")
	return &values
}
func init() {
	cfg := config.NewConfig()
	stage := cfg.Stage
	if !misc.ZeroOrNil(stage) {
		stage = "/" + stage
	}

	/**
	 * sessions
	 * @param string output [The formatting style for response body (html | json).]
	 * @param string q [Space seperated words to use in filtering the response data (for example, best practice).]
	 * @param int type
	 * @param int track
	 * @param int level
	 * @param int date
	 */
	http.Handle("/reinvent/sessions", util.Chain(func(w http.ResponseWriter, r *http.Request) {
		id, found := util.RequestGetParam(r, "id")
		if found {
			session, err := models.GetSession(id)
			if util.IsInvalid(w, err, "@aws.DynamoRecords") {
				return
			}
			util.RenderJSON(w, session, nil)
			return
		}
		output, found := util.RequestGetParam(r, "output")
		if found && (strings.ToLower(output) == "html") {
			token, _, _ := checkTwitterSession(w, r)
			util.RenderHTML(w, []string{"reinvent/index.tmpl"}, struct{ Token models.OAuthAuthorizedToken }{token}, nil)
			return
		}
		cron, err1 := models.GetCronResult("SyncReInventSessions")
		if util.IsInvalid(w, err1, "@aws.DynamoRecord") {
			return
		}
		// get sessions
		sessions, _, err2 := models.GetSessions()
		if util.IsInvalid(w, err2, "@aws.DynamoRecords") {
			return
		}
		// filter
		if q, found := util.RequestGetParam(r, "q"); found {
			splitted := strings.FieldsFunc(q, func(c rune) bool {
				return !unicode.IsLetter(c) && !unicode.IsNumber(c)
			})
			words := make([]string, len(splitted))
			for i, val := range splitted {
				words[i] = strings.ToUpper(val)
			}
			filtered := models.Sessions{}
			for _, session := range sessions {
				if session.Contains(words) {
					filtered = append(filtered, session)
				}
			}
			sessions = filtered
		}
		util.RenderJSON(w, struct {
			Count    int              `json:"count"`
			Sessions []models.Session `json:"sessions"`
			Sync     time.Time        `json:"sync"`
		}{
			Count:    len(sessions),
			Sessions: sessions,
			Sync:     cron.LastEndDate,
		}, nil)
	}))
	http.Handle("/reinvent-sessions", util.Chain(func(w http.ResponseWriter, r *http.Request) {
		http.Redirect(w, r, stage+"/reinvent/sessions", http.StatusFound)
	}))

	http.Handle("/reinvent/sync-sessions", util.Chain(func(w http.ResponseWriter, r *http.Request) {
		sessions, err := models.SyncReInventSessions(true)
		util.RenderJSON(w, sessions, err)
	}))

}
func init() {
	sessions = map[string]*oauth1a.UserConfig{}
	cfg := config.NewConfig()
	twitter = &oauth1a.Service{
		RequestURL:   "https://api.twitter.com/oauth/request_token",
		AuthorizeURL: "https://api.twitter.com/oauth/authorize",
		AccessURL:    "https://api.twitter.com/oauth/access_token",
		ClientConfig: &oauth1a.ClientConfig{
			ConsumerKey:    cfg.TwitterKey,
			ConsumerSecret: cfg.TwitterSecret,
			CallbackURL:    cfg.TwitterCallback,
		},
		Signer: new(oauth1a.HmacSha1Signer),
	}
	stage := cfg.Stage
	if !misc.ZeroOrNil(stage) {
		stage = "/" + stage
	}
	re := regexp.MustCompile("https*:")

	/**
	 * Twitter OAuth
	 */
	// in  -> Cookie: tw-temp=X
	// out -> Location: https://api.twitter.com/oauth/authorize?oauth_token=X
	//        Set-Cookie: tw-sess=
	http.Handle("/twitter/signin", util.Chain(func(w http.ResponseWriter, r *http.Request) {
		http.SetCookie(w, util.SetCookie(twitterSessionKey, "", -1))
		_, sessionID, ok := checkTwitterSession(w, r)
		if !ok {
			logs.Error.Print("Could not generate new sessionID.")
			http.Error(w, "Problem generating new session", http.StatusInternalServerError)
			return
		}
		session := &oauth1a.UserConfig{}
		if err := session.GetRequestToken(twitter, new(http.Client)); err != nil {
			logs.Error.Printf("Could not get request token: %v", err)
			http.Error(w, fmt.Sprintf("Problem getting the request token: %v", err), http.StatusInternalServerError)
			return
		}
		url, err := session.GetAuthorizeURL(twitter)
		if err != nil {
			logs.Error.Printf("Could not get authorization URL: %v", err)
			http.Error(w, "Problem getting the authorization URL", http.StatusInternalServerError)
			return
		}
		sessions[sessionID] = session
		http.Redirect(w, r, url, http.StatusFound)
	}))

	// in  -> Cookie: tw-temp=X
	//        /twitter/callback?oauth_token=X&oauth_verifier=Y
	//        /twitter/callback?denied=Z
	// out -> Location: /reinvent/sessions?output=html
	//        Set-Cookie: tw-sess=Y
	http.Handle("/twitter/callback", util.Chain(func(w http.ResponseWriter, r *http.Request) {
		_, found := util.RequestGetParam(r, "denied")
		if found {
			http.Redirect(w, r, stage+"/reinvent/sessions?output=html", http.StatusFound)
			return
		}
		authorizedToken, sessionID, ok := checkTwitterSession(w, r)
		if !ok {
			logs.Error.Print("Could not generate new sessionID.")
			http.Error(w, "Problem generating new session", http.StatusInternalServerError)
			return
		}
		if authorizedToken.ID != "" {
			http.Redirect(w, r, "/", http.StatusFound)
			return
		}
		session, ok := sessions[sessionID]
		if !ok {
			logs.Error.Print("Could not find user config in sesions storage.")
			http.Error(w, "Invalid session", http.StatusBadRequest)
			return
		}
		token, verifier, err := session.ParseAuthorize(r, twitter)
		if err != nil {
			logs.Error.Printf("Could not parse authorization: %v", err)
			http.Error(w, "Problem parsing authorization", http.StatusInternalServerError)
			return
		}
		if err = session.GetAccessToken(token, verifier, twitter, new(http.Client)); err != nil {
			logs.Error.Printf("Error getting access token: %v", err)
			http.Error(w, "Problem getting an access token", http.StatusInternalServerError)
			return
		}
		delete(sessions, sessionID)

		authorized := models.OAuthAuthorizedToken{
			ID:                session.AccessValues.Get("user_id"),
			ScreenName:        session.AccessValues.Get("screen_name"),
			AccessTokenKey:    session.AccessTokenKey,
			AccessTokenSecret: session.AccessTokenSecret,
			CognitoPoolID:     strings.Replace(cfg.CognitoPoolID, ":", "*", -1),
			CognitoRoleArn:    strings.Replace(cfg.CognitoRoleArn, ":", "*", -1),
		}
		authorized.ScreenImage = re.ReplaceAllLiteralString(twitterImage(authorized), "")

		bytes, _ := json.Marshal(authorized)
		formatted := strings.Replace(string(bytes), ",", "|", -1)
		http.SetCookie(w, util.SetCookie(twitterSessionKey, formatted, 60*60*24))
		http.Redirect(w, r, stage+"/reinvent/sessions?output=html", http.StatusFound)
	}))

	// out -> Location: /reinvent/sessions?output=html
	//        Set-Cookie: tw-sess=
	http.Handle("/twitter/logout", util.Chain(func(w http.ResponseWriter, r *http.Request) {
		http.SetCookie(w, util.SetCookie(twitterSessionKey, "", -1))
		http.Redirect(w, r, stage+"/reinvent/sessions?output=html", http.StatusFound)
	}))
}