lib/agent/webserver.go

   1 package agent
   2
   3 import (
   4         "fmt"
   5         "log"
   6         "net/http"
   7         "os"
   8         "path"
   9
  10         "github.com/Sirupsen/logrus"
  11         "github.com/gin-contrib/static"
  12         "github.com/gin-gonic/gin"
  13         "github.com/googollee/go-socket.io"
  14 )
  15
  16 // WebServer .
  17 type WebServer struct {
  18         *Context
  19         router    *gin.Engine
  20         api       *APIService
  21         sIOServer *socketio.Server
  22         webApp    *gin.RouterGroup
  23         stop      chan struct{} // signals intentional stop
  24 }
  25
  26 const indexFilename = "index.html"
  27
  28 // NewWebServer creates an instance of WebServer
  29 func NewWebServer(ctx *Context) *WebServer {
  30
  31         // Setup logging for gin router
  32         if ctx.Log.Level == logrus.DebugLevel {
  33                 gin.SetMode(gin.DebugMode)
  34         } else {
  35                 gin.SetMode(gin.ReleaseMode)
  36         }
  37
  38         // Redirect gin logs into another logger (LogVerboseOut may be stderr or a file)
  39         gin.DefaultWriter = ctx.Config.LogVerboseOut
  40         gin.DefaultErrorWriter = ctx.Config.LogVerboseOut
  41         log.SetOutput(ctx.Config.LogVerboseOut)
  42
  43         // Creates gin router
  44         r := gin.New()
  45
  46         svr := &WebServer{
  47                 Context:   ctx,
  48                 router:    r,
  49                 api:       nil,
  50                 sIOServer: nil,
  51                 webApp:    nil,
  52                 stop:      make(chan struct{}),
  53         }
  54
  55         return svr
  56 }
  57
  58 // Serve starts a new instance of the Web Server
  59 func (s *WebServer) Serve() error {
  60         var err error
  61
  62         // Setup middlewares
  63         s.router.Use(gin.Logger())
  64         s.router.Use(gin.Recovery())
  65         s.router.Use(s.middlewareCORS())
  66         s.router.Use(s.middlewareXDSDetails())
  67         s.router.Use(s.middlewareCSRF())
  68
  69         // Create REST API
  70         s.api = NewAPIV1(s.Context)
  71
  72         // Create connections to XDS Servers
  73         // XXX - not sure there is no side effect to do it in background !
  74         go func() {
  75                 for _, svrCfg := range s.Config.FileConf.ServersConf {
  76                         if svr, err := s.api.AddXdsServer(svrCfg); err != nil {
  77                                 // Just log error, don't consider as critical
  78                                 s.Log.Infof("Cannot connect to XDS Server url=%s: %v", svr.BaseURL, err.Error())
  79                         }
  80                 }
  81         }()
  82
  83         // Websocket routes
  84         s.sIOServer, err = socketio.NewServer(nil)
  85         if err != nil {
  86                 s.Log.Fatalln(err)
  87         }
  88
  89         s.router.GET("/socket.io/", s.socketHandler)
  90         s.router.POST("/socket.io/", s.socketHandler)
  91         /* TODO: do we want to support ws://...  ?
  92         s.router.Handle("WS", "/socket.io/", s.socketHandler)
  93         s.router.Handle("WSS", "/socket.io/", s.socketHandler)
  94         */
  95
  96         // Web Application (serve on / )
  97         idxFile := path.Join(s.Config.FileConf.WebAppDir, indexFilename)
  98         if _, err := os.Stat(idxFile); err != nil {
  99                 s.Log.Fatalln("Web app directory not found, check/use webAppDir setting in config file: ", idxFile)
 100         }
 101         s.Log.Infof("Serve WEB app dir: %s", s.Config.FileConf.WebAppDir)
 102         s.router.Use(static.Serve("/", static.LocalFile(s.Config.FileConf.WebAppDir, true)))
 103         s.webApp = s.router.Group("/", s.serveIndexFile)
 104         {
 105                 s.webApp.GET("/")
 106         }
 107
 108         // Serve in the background
 109         serveError := make(chan error, 1)
 110         go func() {
 111                 fmt.Printf("Web Server running on localhost:%s ...\n", s.Config.FileConf.HTTPPort)
 112                 serveError <- http.ListenAndServe(":"+s.Config.FileConf.HTTPPort, s.router)
 113         }()
 114
 115         fmt.Printf("XDS agent running...\n")
 116
 117         // Wait for stop, restart or error signals
 118         select {
 119         case <-s.stop:
 120                 // Shutting down permanently
 121                 s.sessions.Stop()
 122                 s.Log.Infoln("shutting down (stop)")
 123         case err = <-serveError:
 124                 // Error due to listen/serve failure
 125                 s.Log.Errorln(err)
 126         }
 127
 128         return nil
 129 }
 130
 131 // Stop web server
 132 func (s *WebServer) Stop() {
 133         s.api.Stop()
 134         close(s.stop)
 135 }
 136
 137 // serveIndexFile provides initial file (eg. index.html) of webapp
 138 func (s *WebServer) serveIndexFile(c *gin.Context) {
 139         c.HTML(200, indexFilename, gin.H{})
 140 }
 141
 142 // Add details in Header
 143 func (s *WebServer) middlewareXDSDetails() gin.HandlerFunc {
 144         return func(c *gin.Context) {
 145                 c.Header("XDS-Agent-Version", s.Config.Version)
 146                 c.Header("XDS-API-Version", s.Config.APIVersion)
 147                 c.Next()
 148         }
 149 }
 150
 151 func (s *WebServer) isValidAPIKey(key string) bool {
 152         return (s.Config.FileConf.XDSAPIKey != "" && key == s.Config.FileConf.XDSAPIKey)
 153 }
 154
 155 func (s *WebServer) middlewareCSRF() gin.HandlerFunc {
 156         return func(c *gin.Context) {
 157                 // XXX - not used for now
 158                 c.Next()
 159                 return
 160                 /*
 161                         // Allow requests carrying a valid API key
 162                         if s.isValidAPIKey(c.Request.Header.Get("X-API-Key")) {
 163                                 // Set the access-control-allow-origin header for CORS requests
 164                                 // since a valid API key has been provided
 165                                 c.Header("Access-Control-Allow-Origin", "*")
 166                                 c.Next()
 167                                 return
 168                         }
 169
 170                         // Allow io.socket request
 171                         if strings.HasPrefix(c.Request.URL.Path, "/socket.io") {
 172                                 c.Next()
 173                                 return
 174                         }
 175
 176                         // FIXME Add really CSRF support
 177
 178                         // Allow requests for anything not under the protected path prefix,
 179                         // and set a CSRF cookie if there isn't already a valid one.
 180                         //if !strings.HasPrefix(c.Request.URL.Path, prefix) {
 181                         //      cookie, err := c.Cookie("CSRF-Token-" + unique)
 182                         //      if err != nil || !validCsrfToken(cookie.Value) {
 183                         //              s.Log.Debugln("new CSRF cookie in response to request for", c.Request.URL)
 184                         //              c.SetCookie("CSRF-Token-"+unique, newCsrfToken(), 600, "/", "", false, false)
 185                         //      }
 186                         //      c.Next()
 187                         //      return
 188                         //}
 189
 190                         // Verify the CSRF token
 191                         //token := c.Request.Header.Get("X-CSRF-Token-" + unique)
 192                         //if !validCsrfToken(token) {
 193                         //      c.AbortWithError(403, "CSRF Error")
 194                         //      return
 195                         //}
 196
 197                         //c.Next()
 198
 199                         c.AbortWithError(403, fmt.Errorf("Not valid API key"))
 200                 */
 201         }
 202 }
 203
 204 // CORS middleware
 205 func (s *WebServer) middlewareCORS() gin.HandlerFunc {
 206         return func(c *gin.Context) {
 207                 if c.Request.Method == "OPTIONS" {
 208                         c.Header("Access-Control-Allow-Origin", "*")
 209                         c.Header("Access-Control-Allow-Headers", "Content-Type, X-API-Key")
 210                         c.Header("Access-Control-Allow-Methods", "GET, POST, DELETE")
 211                         c.Header("Access-Control-Max-Age", cookieMaxAge)
 212                         c.AbortWithStatus(204)
 213                         return
 214                 }
 215                 c.Next()
 216         }
 217 }
 218
 219 // socketHandler is the handler for the "main" websocket connection
 220 func (s *WebServer) socketHandler(c *gin.Context) {
 221
 222         // Retrieve user session
 223         sess := s.sessions.Get(c)
 224         if sess == nil {
 225                 c.JSON(500, gin.H{"error": "Cannot retrieve session"})
 226                 return
 227         }
 228
 229         s.sIOServer.On("connection", func(so socketio.Socket) {
 230                 s.Log.Debugf("WS Connected (SID=%v)", so.Id())
 231                 s.sessions.UpdateIOSocket(sess.ID, &so)
 232
 233                 so.On("disconnection", func() {
 234                         s.Log.Debugf("WS disconnected (SID=%v)", so.Id())
 235                         s.sessions.UpdateIOSocket(sess.ID, nil)
 236                 })
 237         })
 238
 239         s.sIOServer.On("error", func(so socketio.Socket, err error) {
 240                 s.Log.Errorf("WS SID=%v Error : %v", so.Id(), err.Error())
 241         })
 242
 243         s.sIOServer.ServeHTTP(c.Writer, c.Request)
 244 }