X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/18686feffd9e3de30184d6667726bcff5db8b820..9bc0194676e3f22b41976fefc6146d7dd965d173:/services/keepproxy/keepproxy.go diff --git a/services/keepproxy/keepproxy.go b/services/keepproxy/keepproxy.go index 53bcddfa70..79ed51eb0e 100644 --- a/services/keepproxy/keepproxy.go +++ b/services/keepproxy/keepproxy.go @@ -37,7 +37,7 @@ func main() { pidfile string ) - flagset := flag.NewFlagSet("default", flag.ExitOnError) + flagset := flag.NewFlagSet("keepproxy", flag.ExitOnError) flagset.StringVar( &listen, @@ -84,6 +84,9 @@ func main() { log.Fatalf("Error setting up arvados client %s", err.Error()) } + if os.Getenv("ARVADOS_DEBUG") != "" { + keepclient.DebugPrintf = log.Printf + } kc, err := keepclient.MakeKeepClient(&arv) if err != nil { log.Fatalf("Error setting up keep client %s", err.Error()) @@ -201,7 +204,7 @@ func GetRemoteAddress(req *http.Request) string { return req.RemoteAddr } -func CheckAuthorizationHeader(kc keepclient.KeepClient, cache *ApiTokenCache, req *http.Request) (pass bool, tok string) { +func CheckAuthorizationHeader(kc *keepclient.KeepClient, cache *ApiTokenCache, req *http.Request) (pass bool, tok string) { var auth string if auth = req.Header.Get("Authorization"); auth == "" { return false, "" @@ -331,7 +334,7 @@ func (this GetBlockHandler) ServeHTTP(resp http.ResponseWriter, req *http.Reques var pass bool var tok string - if pass, tok = CheckAuthorizationHeader(kc, this.ApiTokenCache, req); !pass { + if pass, tok = CheckAuthorizationHeader(&kc, this.ApiTokenCache, req); !pass { status, err = http.StatusForbidden, BadAuthorizationHeader return } @@ -362,7 +365,7 @@ func (this GetBlockHandler) ServeHTTP(resp http.ResponseWriter, req *http.Reques log.Println("Warning:", GetRemoteAddress(req), req.Method, proxiedURI, "Content-Length not provided") } - switch err { + switch respErr := err.(type) { case nil: status = http.StatusOK resp.Header().Set("Content-Length", fmt.Sprint(expectLength)) @@ -375,10 +378,16 @@ func (this GetBlockHandler) ServeHTTP(resp http.ResponseWriter, req *http.Reques err = ContentLengthMismatch } } - case keepclient.BlockNotFound: - status = http.StatusNotFound + case keepclient.Error: + if respErr == keepclient.BlockNotFound { + status = http.StatusNotFound + } else if respErr.Temporary() { + status = http.StatusBadGateway + } else { + status = 422 + } default: - status = http.StatusBadGateway + status = http.StatusInternalServerError } } @@ -432,7 +441,7 @@ func (this PutBlockHandler) ServeHTTP(resp http.ResponseWriter, req *http.Reques var pass bool var tok string - if pass, tok = CheckAuthorizationHeader(kc, this.ApiTokenCache, req); !pass { + if pass, tok = CheckAuthorizationHeader(&kc, this.ApiTokenCache, req); !pass { err = BadAuthorizationHeader status = http.StatusForbidden return @@ -515,16 +524,15 @@ func (handler IndexHandler) ServeHTTP(resp http.ResponseWriter, req *http.Reques kc := *handler.KeepClient - var pass bool - var tok string - if pass, tok = CheckAuthorizationHeader(kc, handler.ApiTokenCache, req); !pass { + ok, token := CheckAuthorizationHeader(&kc, handler.ApiTokenCache, req) + if !ok { status, err = http.StatusForbidden, BadAuthorizationHeader return } // Copy ArvadosClient struct and use the client's API token arvclient := *kc.Arvados - arvclient.ApiToken = tok + arvclient.ApiToken = token kc.Arvados = &arvclient // Only GET method is supported @@ -542,7 +550,7 @@ func (handler IndexHandler) ServeHTTP(resp http.ResponseWriter, req *http.Reques return } - _, err := io.Copy(resp, reader) + _, err = io.Copy(resp, reader) if err != nil { status = http.StatusBadGateway return