X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/2dfb886e960cf918e54b5f03477f464afb322a9b..918e16de43e993894dcaffbe0cafa0fc1d2f16b3:/services/arv-git-httpd/auth_handler.go diff --git a/services/arv-git-httpd/auth_handler.go b/services/arv-git-httpd/auth_handler.go index ff1a1d5e9b..9f92cd1b72 100644 --- a/services/arv-git-httpd/auth_handler.go +++ b/services/arv-git-httpd/auth_handler.go @@ -3,7 +3,6 @@ package main import ( "log" "net/http" - "net/http/cgi" "os" "strings" "sync" @@ -14,22 +13,24 @@ import ( "git.curoverse.com/arvados.git/sdk/go/httpserver" ) -func newArvadosClient() interface{} { - arv, err := arvadosclient.MakeArvadosClient() - if err != nil { - log.Println("MakeArvadosClient:", err) - return nil - } - return &arv +type authHandler struct { + handler http.Handler + clientPool *arvadosclient.ClientPool + setupOnce sync.Once } -var connectionPool = &sync.Pool{New: newArvadosClient} - -type authHandler struct { - handler *cgi.Handler +func (h *authHandler) setup() { + ac, err := arvadosclient.New(&theConfig.Client) + if err != nil { + log.Fatal(err) + } + h.clientPool = &arvadosclient.ClientPool{Prototype: ac} + log.Printf("%+v", h.clientPool.Prototype) } func (h *authHandler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { + h.setupOnce.Do(h.setup) + var statusCode int var statusText string var apiToken string @@ -57,7 +58,7 @@ func (h *authHandler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { passwordToLog = apiToken[0:10] } - log.Println(quoteStrings(r.RemoteAddr, passwordToLog, w.WroteStatus(), statusText, repoName, r.Method, r.URL.Path)...) + httpserver.Log(r.RemoteAddr, passwordToLog, w.WroteStatus(), statusText, repoName, r.Method, r.URL.Path) }() creds := auth.NewCredentialsFromHTTPRequest(r) @@ -79,12 +80,12 @@ func (h *authHandler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { repoName = pathParts[0] repoName = strings.TrimRight(repoName, "/") - arv, ok := connectionPool.Get().(*arvadosclient.ArvadosClient) - if !ok || arv == nil { - statusCode, statusText = http.StatusInternalServerError, "connection pool failed" + arv := h.clientPool.Get() + if arv == nil { + statusCode, statusText = http.StatusInternalServerError, "connection pool failed: "+h.clientPool.Err().Error() return } - defer connectionPool.Put(arv) + defer h.clientPool.Put(arv) // Ask API server whether the repository is readable using // this token (by trying to read it!) @@ -140,7 +141,7 @@ func (h *authHandler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { "/" + repoName + "/.git", } for _, dir := range tryDirs { - if fileInfo, err := os.Stat(theConfig.Root + dir); err != nil { + if fileInfo, err := os.Stat(theConfig.RepoRoot + dir); err != nil { if !os.IsNotExist(err) { statusCode, statusText = http.StatusInternalServerError, err.Error() return @@ -152,7 +153,7 @@ func (h *authHandler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { } if rewrittenPath == "" { log.Println("WARNING:", repoUUID, - "git directory not found in", theConfig.Root, tryDirs) + "git directory not found in", theConfig.RepoRoot, tryDirs) // We say "content not found" to disambiguate from the // earlier "API says that repo does not exist" error. statusCode, statusText = http.StatusNotFound, "content not found" @@ -160,20 +161,5 @@ func (h *authHandler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { } r.URL.Path = rewrittenPath - handlerCopy := *h.handler - handlerCopy.Env = append(handlerCopy.Env, "REMOTE_USER="+r.RemoteAddr) // Should be username - handlerCopy.ServeHTTP(&w, r) -} - -var escaper = strings.NewReplacer("\"", "\\\"", "\\", "\\\\", "\n", "\\n") - -// Transform strings so they are safer to write in logs (e.g., -// 'foo"bar' becomes '"foo\"bar"'). Non-string args are left alone. -func quoteStrings(args ...interface{}) []interface{} { - for i, arg := range args { - if s, ok := arg.(string); ok { - args[i] = "\"" + escaper.Replace(s) + "\"" - } - } - return args + h.handler.ServeHTTP(&w, r) }