adrien/middleman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

call ServeHTTP

Browse Source
This commit is contained in:
Adrien PONSIN 2025-04-17 14:17:04 +02:00
parent 8adf4be96e
commit 47538621c9
No known key found for this signature in database
GPG Key ID: 7B4D4A32C05C475E
1 changed files with 1 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
command/serve.go
View File

@ -179,14 +179,8 @@ func (ph *ProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Str("path", r.URL.Path). Str("path", r.URL.Path).
Str("decision", "authorized"). Str("decision", "authorized").
Msg("incoming request matches a registered regular expression") Msg("incoming request matches a registered regular expression")
ph.rp.ServeHTTP(w, r)
return return
/*
if err := checkMethodPath(r, mr); err != nil {
handleError(w, err)
log.Err(err).Send()
return
}
*/
} }
var ( var (
containerName string containerName string
@ -195,7 +189,6 @@ func (ph *ProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
for containerName, mr = range containerMethodRegex { for containerName, mr = range containerMethodRegex {
resolvedIPs, err := net.LookupIP(containerName) resolvedIPs, err := net.LookupIP(containerName)
if err != nil { if err != nil {
// log.Warn().Err(err).Msg("this error may be transient due to the unavailability of one of the services")
continue continue
} }
for _, resolvedIP := range resolvedIPs { for _, resolvedIP := range resolvedIPs {
@ -222,13 +215,6 @@ func (ph *ProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
return return
} }
/*
if err = checkMethodPath(r, mr); err != nil {
handleError(w, err)
log.Err(err).Send()
return
}
*/
log.Info(). log.Info().
Str("remote_addr", r.RemoteAddr). Str("remote_addr", r.RemoteAddr).
Str("method", r.Method). Str("method", r.Method).
@ -249,29 +235,6 @@ func (ph *ProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Msg("this container is not on the list of authorized ones") Msg("this container is not on the list of authorized ones")
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return return
/*
log.Warn().
Str("remote_addr", r.RemoteAddr).
Str("method", r.Method).
Str("path", r.URL.Path).
Str("decision", "denied").
Msg("this error may be transient due to the unavailability of one of the services")
http.Error(w, http.StatusText(http.StatusServiceUnavailable), http.StatusServiceUnavailable)
return
*/
}
// checkMethodPath executes the regular expression on the path of the HTTP request if and only if
// the latter's HTTP method is actually present in the list of authorized HTTP methods.
func checkMethodPath(r *http.Request, mr methodRegex) error {
req, ok := mr[r.Method]
if !ok {
return ErrHTTPMethodNotAllowed{httpMethod: r.Method}
}
if !req.MatchString(r.URL.Path) {
return ErrNoMatch{path: r.URL.Path, httpMethod: r.Method}
}
return nil
} }
// action is executed when the ServeCmd command is called. // action is executed when the ServeCmd command is called.
@ -540,15 +503,3 @@ func registerMethodRegex(containerName, urlRegex string, httpMethods []string) e
} }
return nil return nil
} }
func handleError(w http.ResponseWriter, err error) {
var methodNotAllowedErr ErrHTTPMethodNotAllowed
var noMatchErr ErrNoMatch
if errors.As(err, &methodNotAllowedErr) {
http.Error(w, err.Error(), http.StatusMethodNotAllowed)
} else if errors.As(err, &noMatchErr) {
http.Error(w, err.Error(), http.StatusForbidden)
} else {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
}