lib/controller/proxy.go

   1 // Copyright (C) The Arvados Authors. All rights reserved.
   2 //
   3 // SPDX-License-Identifier: AGPL-3.0
   4
   5 package controller
   6
   7 import (
   8         "io"
   9         "net/http"
  10         "net/url"
  11
  12         "git.arvados.org/arvados.git/sdk/go/httpserver"
  13 )
  14
  15 type proxy struct {
  16         Name string // to use in Via header
  17 }
  18
  19 type HTTPError struct {
  20         Message string
  21         Code    int
  22 }
  23
  24 func (h HTTPError) Error() string {
  25         return h.Message
  26 }
  27
  28 var dropHeaders = map[string]bool{
  29         // Headers that shouldn't be forwarded when proxying. See
  30         // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
  31         "Connection":          true,
  32         "Keep-Alive":          true,
  33         "Proxy-Authenticate":  true,
  34         "Proxy-Authorization": true,
  35         // (comment/space here makes gofmt1.10 agree with gofmt1.11)
  36         "TE":      true,
  37         "Trailer": true,
  38         "Upgrade": true,
  39
  40         // Headers that would interfere with Go's automatic
  41         // compression/decompression if we forwarded them.
  42         "Accept-Encoding":   true,
  43         "Content-Encoding":  true,
  44         "Transfer-Encoding": true,
  45
  46         // Content-Length depends on encoding.
  47         "Content-Length": true,
  48 }
  49
  50 type ResponseFilter func(*http.Response, error) (*http.Response, error)
  51
  52 // Forward a request to upstream service, and return response or error.
  53 func (p *proxy) Do(
  54         reqIn *http.Request,
  55         urlOut *url.URL,
  56         client *http.Client) (*http.Response, error) {
  57
  58         // Copy headers from incoming request, then add/replace proxy
  59         // headers like Via and X-Forwarded-For.
  60         hdrOut := http.Header{}
  61         for k, v := range reqIn.Header {
  62                 if !dropHeaders[k] {
  63                         hdrOut[k] = v
  64                 }
  65         }
  66         xff := ""
  67         for _, xffIn := range reqIn.Header["X-Forwarded-For"] {
  68                 if xffIn != "" {
  69                         xff += xffIn + ","
  70                 }
  71         }
  72         xff += reqIn.RemoteAddr
  73         hdrOut.Set("X-Forwarded-For", xff)
  74         if hdrOut.Get("X-Forwarded-Proto") == "" {
  75                 hdrOut.Set("X-Forwarded-Proto", reqIn.URL.Scheme)
  76         }
  77         hdrOut.Add("Via", reqIn.Proto+" arvados-controller")
  78
  79         reqOut := (&http.Request{
  80                 Method: reqIn.Method,
  81                 URL:    urlOut,
  82                 Host:   reqIn.Host,
  83                 Header: hdrOut,
  84                 Body:   reqIn.Body,
  85         }).WithContext(reqIn.Context())
  86         return client.Do(reqOut)
  87 }
  88
  89 // Copy a response (or error) to the downstream client
  90 func (p *proxy) ForwardResponse(w http.ResponseWriter, resp *http.Response, err error) (int64, error) {
  91         if err != nil {
  92                 if he, ok := err.(HTTPError); ok {
  93                         httpserver.Error(w, he.Message, he.Code)
  94                 } else {
  95                         httpserver.Error(w, err.Error(), http.StatusBadGateway)
  96                 }
  97                 return 0, nil
  98         }
  99
 100         defer resp.Body.Close()
 101         for k, v := range resp.Header {
 102                 for _, v := range v {
 103                         w.Header().Add(k, v)
 104                 }
 105         }
 106         w.WriteHeader(resp.StatusCode)
 107         return io.Copy(w, resp.Body)
 108 }