示例#1
0
文件: handler.go 项目: kapalhq/envoy
func convertError(err error) errors.ProxyError {
	switch e := err.(type) {
	case errors.ProxyError:
		return e
	case net.Error:
		if e.Timeout() {
			return errors.FromStatus(http.StatusRequestTimeout)
		}
	case *httputils.MaxSizeReachedError:
		return errors.FromStatus(http.StatusRequestEntityTooLarge)
	}
	return errors.FromStatus(http.StatusBadGateway)
}
示例#2
0
文件: handler.go 项目: kapalhq/envoy
// Round trips the request to the selected proxy and writes back the response
func (p *Handler) proxyRequest(w http.ResponseWriter, r *http.Request) error {
	// Lookup the Proxy registered for the given pair: method, path.
	proxy, params, _ := p.GetRouter().Lookup(r.Method, r.URL.Path)
	if len(params) > 0 {
		// fmt.Printf("params: %+v \n", params)
		r.URL.RawQuery = url.Values(params).Encode() + "&" + r.URL.RawQuery
	}
	if proxy == nil {
		p.logger.Warn("Handler failed to route: %s ", r.URL.Path)
		return errors.FromStatus(http.StatusBadGateway)
	}

	// Create a unique request with sequential ids that will be passed to all interfaces.
	fctx := context.NewFlowContext(r, w, atomic.AddInt64(&p.lastRequestId, 1), nil)

	// The roundtrip thru the whole pipeline of modules
	response, err := proxy.ProcessChain(fctx)

	// Preparing the response back to the client if applicable
	if response != nil {
		httputils.CopyHeaders(w.Header(), response.Header)
		w.WriteHeader(response.StatusCode)
		if response.Body == nil {
			logutils.FileLogger.Warn("Empty body contained on the response")
		} else {
			io.Copy(w, response.Body)
			defer response.Body.Close()
		}
		return nil
	} else {
		return err
	}
}
示例#3
0
文件: access.go 项目: kapalhq/envoy
func (a *Access) ProcessRequest(c ContextSpec) (*http.Response, error) {
	// Get the client IP address
	ip, _, _ := net.SplitHostPort(c.GetHttpRequest().RemoteAddr)

	fba := a.getFallbackAccess()
	if (fba == "ALLOW" && a.isExplicitlyDenied(ip)) || (fba == "DENY" && !a.isExplicitlyAllowed(ip)) {
		return nil, errors.FromStatus(http.StatusForbidden)
	} else {
		return nil, nil
	}
}
示例#4
0
文件: docker.go 项目: kapalhq/envoy
func (uds *ModDocker) ProcessRequest(c ContextSpec) (*http.Response, error) {
	fmt.Println("[mod_docker] Request received")
	fmt.Printf("[mod_docker] Dialing socket: %s ...\n", uds.socket)

	config, _ := parseObjJSON(c.GetHttpRequest().Body)
	status, resp, err := uds.sockRequest(c.GetHttpRequest().Method, c.GetHttpRequest().URL.String(), config)
	if err != nil {
		return nil, errors.FromStatus(status)
	}
	fmt.Println("[mod_docker]", string(resp))
	return &http.Response{
		StatusCode: status,
		Body:       ioutil.NopCloser(bytes.NewReader(resp))}, nil
}
示例#5
0
func (ba *BasicAuth) ProcessRequest(c context.ContextSpec) (*http.Response, error) {
	authHeaderValue := c.GetHttpRequest().Header.Get("Authorization")
	if authHeaderValue == "" {
		logutils.FileLogger.Error("Attempted access with malformed header, no auth header found. Path: %s, Origin: %s", c.GetHttpRequest().URL, c.GetHttpRequest().Referer())
		return nil, errors.FromStatus(http.StatusUnauthorized) // 401
	}
	// Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
	parts := strings.Fields(authHeaderValue)
	if len(parts) != 2 {
		logutils.FileLogger.Error("Attempted access with malformed header, header not in basic auth format.")
		return nil, errors.FromStatus(http.StatusBadRequest) //400
	}

	// Decode the username:password string
	authvaluesStr, err := base64.StdEncoding.DecodeString(parts[1])
	if err != nil {
		logutils.FileLogger.Error("Base64 Decoding failed of basic auth data: %s", err)
		return nil, errors.FromStatus(http.StatusBadRequest) //400
	}

	authValues := strings.Split(string(authvaluesStr), ":")
	if len(authValues) != 2 {
		// Header malformed
		logutils.FileLogger.Error("Attempted access with malformed header, values not in basic auth format.")
		return nil, errors.FromStatus(http.StatusBadRequest) //400
	}

	// CHANGELOG.md - check session and identity for valid key

	// Ensure that username and password match up
	if ba.username != authValues[0] || ba.password != authValues[1] {
		logutils.FileLogger.Error("User not authorized")
		return nil, errors.FromStatus(http.StatusForbidden) //403
	}

	return nil, nil // all good
}
示例#6
0
文件: fsm.go 项目: kapalhq/envoy
func upstreamFn(chain ChainSpec, ctx context.ContextSpec) handleStateFn {
	mods := chain.GetModules()
	for i, mod := range mods {
		resp, err := mod.ProcessRequest(ctx)
		chain.SetCursor(i)
		if resp != nil {
			//log.Printf("Module: %s writing response ...", mods[i].GetId())
			ctx.SetHttpResponse(resp)
			return downstreamFn
		}
		if err != nil {
			//log.Printf("Module: %s found error ...", mods[i].GetId())
			ctx.SetError(err)
			return errorFoundFn
		}
	}
	log.Printf("Error. At least one module must to respond")
	ctx.SetError(errors.FromStatus(http.StatusNoContent))
	return errorFoundFn
}