lib/controller/proxy.go

   1 // Copyright (C) The Arvados Authors. All rights reserved.
   2 //
   3 // SPDX-License-Identifier: AGPL-3.0
   4
   5 package controller
   6
   7 import (
   8         "io"
   9         "net/http"
  10         "net/url"
  11
  12         "git.curoverse.com/arvados.git/sdk/go/httpserver"
  13 )
  14
  15 type proxy struct {
  16         Name string // to use in Via header
  17 }
  18
  19 type HTTPError struct {
  20         Message string
  21         Code    int
  22 }
  23
  24 func (h HTTPError) Error() string {
  25         return h.Message
  26 }
  27
  28 // headers that shouldn't be forwarded when proxying. See
  29 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
  30 var dropHeaders = map[string]bool{
  31         "Connection":          true,
  32         "Keep-Alive":          true,
  33         "Proxy-Authenticate":  true,
  34         "Proxy-Authorization": true,
  35         "TE":                true,
  36         "Trailer":           true,
  37         "Transfer-Encoding": true, // *-Encoding headers interfer with Go's automatic compression/decompression
  38         "Content-Encoding":  true,
  39         "Accept-Encoding":   true,
  40         "Upgrade":           true,
  41 }
  42
  43 type ResponseFilter func(*http.Response, error) (*http.Response, error)
  44
  45 // Forward a request to upstream service, and return response or error.
  46 func (p *proxy) Do(
  47         reqIn *http.Request,
  48         urlOut *url.URL,
  49         client *http.Client) (*http.Response, error) {
  50
  51         // Copy headers from incoming request, then add/replace proxy
  52         // headers like Via and X-Forwarded-For.
  53         hdrOut := http.Header{}
  54         for k, v := range reqIn.Header {
  55                 if !dropHeaders[k] {
  56                         hdrOut[k] = v
  57                 }
  58         }
  59         xff := reqIn.RemoteAddr
  60         if xffIn := reqIn.Header.Get("X-Forwarded-For"); xffIn != "" {
  61                 xff = xffIn + "," + xff
  62         }
  63         hdrOut.Set("X-Forwarded-For", xff)
  64         if hdrOut.Get("X-Forwarded-Proto") == "" {
  65                 hdrOut.Set("X-Forwarded-Proto", reqIn.URL.Scheme)
  66         }
  67         hdrOut.Add("Via", reqIn.Proto+" arvados-controller")
  68
  69         reqOut := (&http.Request{
  70                 Method: reqIn.Method,
  71                 URL:    urlOut,
  72                 Host:   reqIn.Host,
  73                 Header: hdrOut,
  74                 Body:   reqIn.Body,
  75         }).WithContext(reqIn.Context())
  76
  77         resp, err := client.Do(reqOut)
  78         return resp, err
  79 }
  80
  81 // Copy a response (or error) to the downstream client
  82 func (p *proxy) ForwardResponse(w http.ResponseWriter, resp *http.Response, err error) (int64, error) {
  83         if err != nil {
  84                 if he, ok := err.(HTTPError); ok {
  85                         httpserver.Error(w, he.Message, he.Code)
  86                 } else {
  87                         httpserver.Error(w, err.Error(), http.StatusBadGateway)
  88                 }
  89                 return 0, nil
  90         }
  91
  92         defer resp.Body.Close()
  93         for k, v := range resp.Header {
  94                 for _, v := range v {
  95                         w.Header().Add(k, v)
  96                 }
  97         }
  98         w.WriteHeader(resp.StatusCode)
  99         return io.Copy(w, resp.Body)
 100 }