// ServeHTTP serves an HTTP request and implements the http.Handler interface.
func (root *rootHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
ctx := ctxu.WithRequest(root.context, r)
ctx, w = ctxu.WithResponseWriter(ctx, w)
ctx = ctxu.WithLogger(ctx, ctxu.GetRequestLogger(ctx))
ctx = context.WithValue(ctx, "repo", vars["imageName"])
ctx = context.WithValue(ctx, "cryptoService", root.trust)
defer func() {
ctxu.GetResponseLogger(ctx).Info("response completed")
}()
if root.auth != nil {
access := buildAccessRecords(vars["imageName"], root.actions...)
var authCtx context.Context
var err error
if authCtx, err = root.auth.Authorized(ctx, access...); err != nil {
if err, ok := err.(auth.Challenge); ok {
err.ServeHTTP(w, r)
w.WriteHeader(http.StatusUnauthorized)
return
}
errcode.ServeJSON(w, v2.ErrorCodeUnauthorized)
return
}
ctx = authCtx
}
if err := root.handler(ctx, w, r); err != nil {
e := errcode.ServeJSON(w, err)
if e != nil {
logrus.Error(e)
}
return
}
}
// ServeHTTP serves an HTTP request and implements the http.Handler interface.
func (root *rootHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
ctx := context.WithValue(root.context, "repo", vars["imageName"])
ctx = context.WithValue(ctx, "cryptoService", root.trust)
ctx = context.WithValue(ctx, "http.request", r)
if root.auth != nil {
var err error
access := buildAccessRecords(vars["imageName"], root.actions...)
if ctx, err = root.auth.Authorized(ctx, access...); err != nil {
if err, ok := err.(auth.Challenge); ok {
err.ServeHTTP(w, r)
w.WriteHeader(http.StatusUnauthorized)
return
}
errcode.ServeJSON(w, v2.ErrorCodeUnauthorized)
return
}
}
if err := root.handler(ctx, w, r); err != nil {
logrus.Error("[Notary Server] ", err.Error())
e := errcode.ServeJSON(w, err)
if e != nil {
logrus.Error(e)
}
return
}
return
}
// authorized checks if the request can proceed with access to the requested
// repository. If it succeeds, the context may access the requested
// repository. An error will be returned if access is not available.
func (app *App) authorized(w http.ResponseWriter, r *http.Request, context *Context, nameRequired nameRequiredFunc, customAccessRecords []auth.Access) error {
ctxu.GetLogger(context).Debug("authorizing request")
repo := getName(context)
if app.accessController == nil {
return nil // access controller is not enabled.
}
var accessRecords []auth.Access
accessRecords = append(accessRecords, customAccessRecords...)
if repo != "" {
accessRecords = appendAccessRecords(accessRecords, r.Method, repo)
}
if len(accessRecords) == 0 {
// Only allow the name not to be set on the base route.
if nameRequired(r) {
// For this to be properly secured, repo must always be set for a
// resource that may make a modification. The only condition under
// which name is not set and we still allow access is when the
// base route is accessed. This section prevents us from making
// that mistake elsewhere in the code, allowing any operation to
// proceed.
if err := errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized); err != nil {
ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors)
}
return fmt.Errorf("forbidden: no repository name")
}
accessRecords = appendCatalogAccessRecord(accessRecords, r)
}
ctx, err := app.accessController.Authorized(context.Context, accessRecords...)
if err != nil {
switch err := err.(type) {
case auth.Challenge:
// Add the appropriate WWW-Auth header
err.SetHeaders(w)
if err := errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized.WithDetail(accessRecords)); err != nil {
ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors)
}
default:
// This condition is a potential security problem either in
// the configuration or whatever is backing the access
// controller. Just return a bad request with no information
// to avoid exposure. The request should not proceed.
ctxu.GetLogger(context).Errorf("error checking authorization: %v", err)
w.WriteHeader(http.StatusBadRequest)
}
return err
}
// TODO(stevvooe): This pattern needs to be cleaned up a bit. One context
// should be replaced by another, rather than replacing the context on a
// mutable object.
context.Context = ctx
return nil
}
func (root *rootHandler) doAuth(ctx context.Context, imageName string, w http.ResponseWriter) (context.Context, error) {
var access []auth.Access
if imageName == "" {
access = buildCatalogRecord(root.actions...)
} else {
access = buildAccessRecords(imageName, root.actions...)
}
log := ctxu.GetRequestLogger(ctx)
var authCtx context.Context
var err error
if authCtx, err = root.auth.Authorized(ctx, access...); err != nil {
if challenge, ok := err.(auth.Challenge); ok {
// Let the challenge write the response.
challenge.SetHeaders(w)
if err := errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized.WithDetail(access)); err != nil {
log.Errorf("failed to serve challenge response: %s", err.Error())
return nil, err
}
return nil, err
}
errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized)
return nil, err
}
return authCtx, nil
}
// ServeHTTP serves an HTTP request and implements the http.Handler interface.
func (root *rootHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
ctx := ctxu.WithRequest(root.context, r)
log := ctxu.GetRequestLogger(ctx)
ctx, w = ctxu.WithResponseWriter(ctx, w)
ctx = ctxu.WithLogger(ctx, log)
ctx = context.WithValue(ctx, "repo", vars["imageName"])
ctx = context.WithValue(ctx, "cryptoService", root.trust)
defer func() {
ctxu.GetResponseLogger(ctx).Info("response completed")
}()
if root.auth != nil {
access := buildAccessRecords(vars["imageName"], root.actions...)
var authCtx context.Context
var err error
if authCtx, err = root.auth.Authorized(ctx, access...); err != nil {
if challenge, ok := err.(auth.Challenge); ok {
// Let the challenge write the response.
challenge.SetHeaders(w)
if err := errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized.WithDetail(access)); err != nil {
log.Errorf("failed to serve challenge response: %s", err.Error())
}
return
}
errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized)
return
}
ctx = authCtx
}
if err := root.handler(ctx, w, r); err != nil {
if httpErr, ok := err.(errcode.ErrorCoder); ok {
// info level logging for non-5XX http errors
httpErrCode := httpErr.ErrorCode().Descriptor().HTTPStatusCode
if httpErrCode >= http.StatusInternalServerError {
// error level logging for 5XX http errors
log.Error(httpErr)
} else {
log.Info(httpErr)
}
}
e := errcode.ServeJSON(w, err)
if e != nil {
log.Error(e)
}
return
}
}
func handleError(ctx context.Context, err error, w http.ResponseWriter) {
ctx, w = context.WithResponseWriter(ctx, w)
if serveErr := errcode.ServeJSON(w, err); serveErr != nil {
context.GetResponseLogger(ctx).Errorf("error sending error response: %v", serveErr)
return
}
context.GetResponseLogger(ctx).Info("application error")
}
// Handler returns a handler that will return 503 response code if the health
// checks have failed. If everything is okay with the health checks, the
// handler will pass through to the provided handler. Use this handler to
// disable a web application when the health checks fail.
func Handler(handler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
checks := CheckStatus()
if len(checks) != 0 {
errcode.ServeJSON(w, errcode.ErrorCodeUnavailable.
WithDetail("health check failed: please see /debug/health"))
return
}
handler.ServeHTTP(w, r) // pass through
})
}
func serveError(log ctxu.Logger, w http.ResponseWriter, err error) {
if httpErr, ok := err.(errcode.Error); ok {
// info level logging for non-5XX http errors
httpErrCode := httpErr.ErrorCode().Descriptor().HTTPStatusCode
if httpErrCode >= http.StatusInternalServerError {
// error level logging for 5XX http errors
log.Errorf("%s: %s: %v", httpErr.ErrorCode().Error(), httpErr.Message, httpErr.Detail)
} else {
log.Infof("%s: %s: %v", httpErr.ErrorCode().Error(), httpErr.Message, httpErr.Detail)
}
}
e := errcode.ServeJSON(w, err)
if e != nil {
log.Error(e)
}
return
}
// assumes that required prefixes is not empty
func filterImagePrefixes(requiredPrefixes []string, err error, handler http.Handler) http.Handler {
if len(requiredPrefixes) == 0 {
return handler
}
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
imageName := mux.Vars(r)["imageName"]
for _, prefix := range requiredPrefixes {
if strings.HasPrefix(imageName, prefix) {
handler.ServeHTTP(w, r)
return
}
}
errcode.ServeJSON(w, err)
})
}
// dispatcher returns a handler that constructs a request specific context and
// handler, using the dispatch factory function.
func (app *App) dispatcher(dispatch dispatchFunc) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
for headerName, headerValues := range app.Config.HTTP.Headers {
for _, value := range headerValues {
w.Header().Add(headerName, value)
}
}
context := app.context(w, r)
if err := app.authorized(w, r, context); err != nil {
ctxu.GetLogger(context).Warnf("error authorizing context: %v", err)
return
}
// Add username to request logging
context.Context = ctxu.WithLogger(context.Context, ctxu.GetLogger(context.Context, "auth.user.name"))
if app.nameRequired(r) {
repository, err := app.registry.Repository(context, getName(context))
if err != nil {
ctxu.GetLogger(context).Errorf("error resolving repository: %v", err)
switch err := err.(type) {
case distribution.ErrRepositoryUnknown:
context.Errors = append(context.Errors, v2.ErrorCodeNameUnknown.WithDetail(err))
case distribution.ErrRepositoryNameInvalid:
context.Errors = append(context.Errors, v2.ErrorCodeNameInvalid.WithDetail(err))
}
if err := errcode.ServeJSON(w, context.Errors); err != nil {
ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors)
}
return
}
// assign and decorate the authorized repository with an event bridge.
context.Repository = notifications.Listen(
repository,
app.eventBridge(context, r))
context.Repository, err = applyRepoMiddleware(context.Context, context.Repository, app.Config.Middleware["repository"])
if err != nil {
ctxu.GetLogger(context).Errorf("error initializing repository middleware: %v", err)
context.Errors = append(context.Errors, errcode.ErrorCodeUnknown.WithDetail(err))
if err := errcode.ServeJSON(w, context.Errors); err != nil {
ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors)
}
return
}
}
dispatch(context, r).ServeHTTP(w, r)
// Automated error response handling here. Handlers may return their
// own errors if they need different behavior (such as range errors
// for layer upload).
if context.Errors.Len() > 0 {
if err := errcode.ServeJSON(w, context.Errors); err != nil {
ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors)
}
app.logError(context, context.Errors)
}
})
}