func (proxy *Proxy) serveFirehose(paths []string, writer http.ResponseWriter, request *http.Request) {
clientAddress := request.RemoteAddr
authToken := getAuthToken(request)
firehoseParams := paths[2:]
var firehoseSubscriptionId string
if len(firehoseParams) == 1 {
firehoseSubscriptionId = firehoseParams[0]
}
if len(firehoseParams) != 1 || firehoseSubscriptionId == "" {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "Firehose SUBSCRIPTION_ID missing. Make request to /firehose/SUBSCRIPTION_ID")
return
}
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint(FIREHOSE_ID, firehoseSubscriptionId, true)
authorizer := func(authToken string, appId string, logger *gosteno.Logger) (bool, error) {
return proxy.adminAuthorize(authToken, logger)
}
authorized, errorMessage := proxy.isAuthorized(authorizer, FIREHOSE_ID, authToken, clientAddress)
if !authorized {
writer.Header().Set("WWW-Authenticate", "Basic")
writer.WriteHeader(http.StatusUnauthorized)
fmt.Fprintf(writer, "You are not authorized. %s", errorMessage.GetMessage())
return
}
proxy.serveWithDoppler(writer, request, dopplerEndpoint)
}
func (proxy *Proxy) serveFirehose(paths []string, writer http.ResponseWriter, request *http.Request) {
authToken := getAuthToken(request)
firehoseParams := paths[2:]
var firehoseSubscriptionId string
if len(firehoseParams) == 1 {
firehoseSubscriptionId = firehoseParams[0]
}
if len(firehoseParams) != 1 || firehoseSubscriptionId == "" {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "Firehose SUBSCRIPTION_ID missing. Make request to /firehose/SUBSCRIPTION_ID")
return
}
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint(FIREHOSE_ID, firehoseSubscriptionId, true)
authorized, err := proxy.adminAuthorize(authToken, proxy.logger)
if !authorized {
writer.Header().Set("WWW-Authenticate", "Basic")
writer.WriteHeader(http.StatusUnauthorized)
fmt.Fprintf(writer, "You are not authorized. %s", err.Error())
proxy.logger.Warnf("auth token not authorized to access appId [%s].", FIREHOSE_ID)
return
}
proxy.serveWithDoppler(writer, request, dopplerEndpoint)
}
// "^/apps/(.*)/(recentlogs|stream|containermetrics)$"
func (proxy *Proxy) serveAppLogs(paths []string, writer http.ResponseWriter, request *http.Request) {
badRequest := len(paths) != 4
if !badRequest {
switch paths[3] {
case "recentlogs", "stream", "containermetrics":
default:
badRequest = true
}
}
if badRequest {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "Resource Not Found.")
return
}
authToken := getAuthToken(request)
appId := paths[2]
if appId == "" {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "App ID missing. Make request to /apps/APP_ID/%s", paths[3])
return
}
status, err := proxy.logAuthorize(authToken, appId, proxy.logger)
if status != http.StatusOK {
proxy.logger.Warndf(map[string]interface{}{
"status": status,
"err": err,
}, "auth token not authorized to access appId [%s].", appId)
switch status {
case http.StatusUnauthorized:
writer.WriteHeader(status)
writer.Header().Set("WWW-Authenticate", "Basic")
case http.StatusForbidden, http.StatusNotFound:
status = http.StatusNotFound
default:
status = http.StatusInternalServerError
}
writer.WriteHeader(status)
writer.Write([]byte(http.StatusText(status)))
return
}
endpoint_type := paths[3]
reconnect := endpoint_type != "recentlogs" && endpoint_type != "containermetrics"
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint(endpoint_type, appId, reconnect)
proxy.serveWithDoppler(writer, request, dopplerEndpoint)
}
// "^/apps/(.*)/(recentlogs|stream|containermetrics)$"
func (proxy *Proxy) serveAppLogs(paths []string, writer http.ResponseWriter, request *http.Request) {
badRequest := len(paths) != 4
if !badRequest {
switch paths[3] {
case "recentlogs", "stream", "containermetrics":
default:
badRequest = true
}
}
if badRequest {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "Resource Not Found. %s", request.URL.Path)
return
}
clientAddress := request.RemoteAddr
authToken := getAuthToken(request)
appId := paths[2]
if appId == "" {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "App ID missing. Make request to /apps/APP_ID/%s", paths[3])
return
}
authorizer := func(authToken string, appId string, logger *gosteno.Logger) (bool, error) {
return proxy.logAuthorize(authToken, appId, logger)
}
authorized, errorMessage := proxy.isAuthorized(authorizer, appId, authToken, clientAddress)
if !authorized {
writer.Header().Set("WWW-Authenticate", "Basic")
writer.WriteHeader(http.StatusUnauthorized)
fmt.Fprintf(writer, "You are not authorized. %s", errorMessage.GetMessage())
return
}
endpoint_type := paths[3]
reconnect := endpoint_type != "recentlogs" && endpoint_type != "containermetrics"
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint(endpoint_type, appId, reconnect)
proxy.serveWithDoppler(writer, request, dopplerEndpoint)
}
// "^/apps/(.*)/(recentlogs|stream|containermetrics)$"
func (proxy *Proxy) serveAppLogs(paths []string, writer http.ResponseWriter, request *http.Request) {
badRequest := len(paths) != 4
if !badRequest {
switch paths[3] {
case "recentlogs", "stream", "containermetrics":
default:
badRequest = true
}
}
if badRequest {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "Resource Not Found. %s", request.URL.Path)
return
}
authToken := getAuthToken(request)
appId := paths[2]
if appId == "" {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "App ID missing. Make request to /apps/APP_ID/%s", paths[3])
return
}
authorized, err := proxy.logAuthorize(authToken, appId, proxy.logger)
if !authorized {
writer.Header().Set("WWW-Authenticate", "Basic")
writer.WriteHeader(http.StatusUnauthorized)
fmt.Fprintf(writer, "You are not authorized. %s", err.Error())
proxy.logger.Warnf("auth token not authorized to access appId [%s].", appId)
return
}
endpoint_type := paths[3]
reconnect := endpoint_type != "recentlogs" && endpoint_type != "containermetrics"
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint(endpoint_type, appId, reconnect)
proxy.serveWithDoppler(writer, request, dopplerEndpoint)
}
func (proxy *Proxy) serveAppLogs(writer http.ResponseWriter, request *http.Request) {
clientAddress := request.RemoteAddr
authToken := getAuthToken(request)
validPaths := regexp.MustCompile("^/apps/(.*)/(recentlogs|stream|containermetrics)$")
matches := validPaths.FindStringSubmatch(request.URL.Path)
if len(matches) != 3 {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "Resource Not Found. %s", request.URL.Path)
return
}
appId := matches[1]
if appId == "" {
writer.WriteHeader(http.StatusNotFound)
fmt.Fprintf(writer, "App ID missing. Make request to /apps/APP_ID/%s", matches[2])
return
}
authorizer := func(authToken string, appId string, logger *gosteno.Logger) (bool, error) {
return proxy.logAuthorize(authToken, appId, logger)
}
authorized, errorMessage := proxy.isAuthorized(authorizer, appId, authToken, clientAddress)
if !authorized {
writer.Header().Set("WWW-Authenticate", "Basic")
writer.WriteHeader(http.StatusUnauthorized)
fmt.Fprintf(writer, "You are not authorized. %s", errorMessage.GetMessage())
return
}
endpoint_type := matches[2]
reconnect := endpoint_type != "recentlogs" && endpoint_type != "containermetrics"
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint(endpoint_type, appId, reconnect)
proxy.serveWithDoppler(writer, request, dopplerEndpoint)
}
BeforeEach(func() {
messageChan1 <- expectedMessage1
close(messageChan1)
finder.WebsocketServersOutput.ret0 <- []string{"10.0.0.1:1234"}
})
AfterEach(func() {
close(messageChan2)
})
It("opens a listener with the correct app path", func() {
channelConnector := channel_group_connector.NewChannelGroupConnector(finder, listenerConstructor, marshaller.DropsondeLogMessage, logger)
outputChan := make(chan []byte, 10)
stopChan := make(chan struct{})
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint("recentlogs", "abc123", true)
go channelConnector.Connect(dopplerEndpoint, outputChan, stopChan)
Eventually(fakeListeners[0].ConnectedHost).Should(Equal("ws://10.0.0.1:1234/apps/abc123/recentlogs"))
close(stopChan)
Eventually(outputChan).Should(BeClosed())
})
It("opens a listener with the firehose path", func() {
channelConnector := channel_group_connector.NewChannelGroupConnector(finder, listenerConstructor, marshaller.DropsondeLogMessage, logger)
outputChan := make(chan []byte, 10)
stopChan := make(chan struct{})
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint("firehose", "subscription-123", true)
go channelConnector.Connect(dopplerEndpoint, outputChan, stopChan)
import (
"github.com/cloudfoundry/dropsonde/emitter"
"github.com/cloudfoundry/dropsonde/factories"
"github.com/cloudfoundry/loggregatorlib/server/handlers"
"github.com/gogo/protobuf/proto"
"time"
"trafficcontroller/doppler_endpoint"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
var _ = Describe("NewDopplerEndpoint", func() {
Context("when endpoint is 'recentlogs'", func() {
It("uses an HTTP handler", func() {
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint("recentlogs", "abc123", true)
knownHttpHandler := handlers.NewHttpHandler(nil, nil)
Expect(dopplerEndpoint.HProvider(nil, nil)).To(BeAssignableToTypeOf(knownHttpHandler))
})
It("sets a timeout of five seconds", func() {
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint("recentlogs", "abc123", true)
Expect(dopplerEndpoint.Timeout).To(Equal(5 * time.Second))
})
})
Context("when endpoint is 'containermetrics'", func() {
It("uses an HTTP Container metrics handler", func() {
dopplerEndpoint := doppler_endpoint.NewDopplerEndpoint("containermetrics", "abc123", true)
handler := handlers.NewHttpHandler(nil, nil)
closedChan := make(chan []byte)