2024-06-25 14:03:49 +02:00
|
|
|
package rewriter
|
|
|
|
|
|
|
|
|
|
import (
|
2024-09-24 15:46:42 +02:00
|
|
|
"context"
|
2024-06-25 14:03:49 +02:00
|
|
|
"net/http"
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
"forge.cadoles.com/cadoles/bouncer/internal/proxy/director"
|
2024-06-25 14:03:49 +02:00
|
|
|
"forge.cadoles.com/cadoles/bouncer/internal/rule"
|
|
|
|
|
ruleHTTP "forge.cadoles.com/cadoles/bouncer/internal/rule/http"
|
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
|
)
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
type RequestVars struct {
|
|
|
|
|
Request RequestVar `expr:"request"`
|
|
|
|
|
OriginalURL URLVar `expr:"original_url"`
|
2024-06-25 14:03:49 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
type URLVar struct {
|
|
|
|
|
Scheme string `expr:"scheme"`
|
|
|
|
|
Opaque string `expr:"opaque"`
|
|
|
|
|
User UserVar `expr:"user"`
|
|
|
|
|
Host string `expr:"host"`
|
|
|
|
|
Path string `expr:"path"`
|
|
|
|
|
RawPath string `expr:"raw_path"`
|
|
|
|
|
RawQuery string `expr:"raw_query"`
|
|
|
|
|
Fragment string `expr:"fragment"`
|
|
|
|
|
RawFragment string `expr:"raw_fragment"`
|
2024-06-28 10:46:38 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
type UserVar struct {
|
2024-06-28 10:46:38 +02:00
|
|
|
Username string `expr:"username"`
|
|
|
|
|
Password string `expr:"password"`
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
type RequestVar struct {
|
2024-06-25 14:03:49 +02:00
|
|
|
Method string `expr:"method"`
|
2024-09-24 15:46:42 +02:00
|
|
|
URL URLVar `expr:"url"`
|
|
|
|
|
RawURL string `expr:"raw_url"`
|
2024-06-25 14:03:49 +02:00
|
|
|
Proto string `expr:"proto"`
|
2024-09-24 15:46:42 +02:00
|
|
|
ProtoMajor int `expr:"proto_major"`
|
|
|
|
|
ProtoMinor int `expr:"proto_minor"`
|
2024-06-25 14:03:49 +02:00
|
|
|
Header map[string][]string `expr:"header"`
|
2024-09-24 15:46:42 +02:00
|
|
|
ContentLength int64 `expr:"content_length"`
|
|
|
|
|
TransferEncoding []string `expr:"transfer_encoding"`
|
2024-06-25 14:03:49 +02:00
|
|
|
Host string `expr:"host"`
|
|
|
|
|
Trailer map[string][]string `expr:"trailer"`
|
2024-09-24 15:46:42 +02:00
|
|
|
RemoteAddr string `expr:"remote_addr"`
|
|
|
|
|
RequestURI string `expr:"request_uri"`
|
2024-06-25 14:03:49 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
func (l *Layer) applyRequestRules(ctx context.Context, r *http.Request, layerRevision int, options *LayerOptions) error {
|
2024-06-25 14:03:49 +02:00
|
|
|
rules := options.Rules.Request
|
|
|
|
|
if len(rules) == 0 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
engine, err := l.getRequestRuleEngine(ctx, layerRevision, options)
|
2024-06-25 14:03:49 +02:00
|
|
|
if err != nil {
|
|
|
|
|
return errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
originalURL, err := director.OriginalURL(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vars := &RequestVars{
|
|
|
|
|
OriginalURL: URLVar{
|
|
|
|
|
Scheme: originalURL.Scheme,
|
|
|
|
|
Opaque: originalURL.Opaque,
|
|
|
|
|
User: UserVar{
|
|
|
|
|
Username: originalURL.User.Username(),
|
|
|
|
|
Password: func() string {
|
|
|
|
|
passwd, _ := originalURL.User.Password()
|
|
|
|
|
return passwd
|
|
|
|
|
}(),
|
|
|
|
|
},
|
|
|
|
|
Host: originalURL.Host,
|
|
|
|
|
Path: originalURL.Path,
|
|
|
|
|
RawPath: originalURL.RawPath,
|
|
|
|
|
RawQuery: originalURL.RawQuery,
|
|
|
|
|
Fragment: originalURL.Fragment,
|
|
|
|
|
RawFragment: originalURL.RawFragment,
|
|
|
|
|
},
|
|
|
|
|
Request: RequestVar{
|
2024-06-28 10:46:38 +02:00
|
|
|
Method: r.Method,
|
2024-09-24 15:46:42 +02:00
|
|
|
URL: URLVar{
|
2024-06-28 10:46:38 +02:00
|
|
|
Scheme: r.URL.Scheme,
|
|
|
|
|
Opaque: r.URL.Opaque,
|
2024-09-24 15:46:42 +02:00
|
|
|
User: UserVar{
|
2024-06-28 10:46:38 +02:00
|
|
|
Username: r.URL.User.Username(),
|
|
|
|
|
Password: func() string {
|
|
|
|
|
passwd, _ := r.URL.User.Password()
|
|
|
|
|
return passwd
|
|
|
|
|
}(),
|
|
|
|
|
},
|
|
|
|
|
Host: r.URL.Host,
|
|
|
|
|
Path: r.URL.Path,
|
|
|
|
|
RawPath: r.URL.RawPath,
|
|
|
|
|
RawQuery: r.URL.RawQuery,
|
|
|
|
|
Fragment: r.URL.Fragment,
|
|
|
|
|
RawFragment: r.URL.RawFragment,
|
|
|
|
|
},
|
|
|
|
|
RawURL: r.URL.String(),
|
2024-06-25 14:03:49 +02:00
|
|
|
Proto: r.Proto,
|
|
|
|
|
ProtoMajor: r.ProtoMajor,
|
|
|
|
|
ProtoMinor: r.ProtoMinor,
|
|
|
|
|
Header: r.Header,
|
|
|
|
|
ContentLength: r.ContentLength,
|
|
|
|
|
TransferEncoding: r.TransferEncoding,
|
|
|
|
|
Host: r.Host,
|
|
|
|
|
Trailer: r.Trailer,
|
|
|
|
|
RemoteAddr: r.RemoteAddr,
|
|
|
|
|
RequestURI: r.RequestURI,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
ctx = ruleHTTP.WithRequest(ctx, r)
|
|
|
|
|
|
|
|
|
|
if _, err := engine.Apply(ctx, vars); err != nil {
|
2024-06-25 14:03:49 +02:00
|
|
|
return errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
func (l *Layer) getRequestRuleEngine(ctx context.Context, layerRevision int, options *LayerOptions) (*rule.Engine[*RequestVars], error) {
|
|
|
|
|
engine, err := l.requestRuleEngine.Get(ctx, layerRevision, options)
|
2024-06-28 10:46:38 +02:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return engine, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
type ResponseVars struct {
|
|
|
|
|
OriginalURL URLVar `expr:"original_url"`
|
|
|
|
|
Request RequestVar `expr:"request"`
|
|
|
|
|
Response ResponseVar `expr:"response"`
|
2024-06-25 14:03:49 +02:00
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
type ResponseVar struct {
|
2024-06-25 14:03:49 +02:00
|
|
|
Status string `expr:"status"`
|
2024-09-24 15:46:42 +02:00
|
|
|
StatusCode int `expr:"status_code"`
|
2024-06-25 14:03:49 +02:00
|
|
|
Proto string `expr:"proto"`
|
2024-09-24 15:46:42 +02:00
|
|
|
ProtoMajor int `expr:"proto_major"`
|
|
|
|
|
ProtoMinor int `expr:"proto_minor"`
|
2024-06-25 14:03:49 +02:00
|
|
|
Header map[string][]string `expr:"header"`
|
2024-09-24 15:46:42 +02:00
|
|
|
ContentLength int64 `expr:"content_length"`
|
|
|
|
|
TransferEncoding []string `expr:"transfer_encoding"`
|
2024-06-25 14:03:49 +02:00
|
|
|
Uncompressed bool `expr:"uncompressed"`
|
|
|
|
|
Trailer map[string][]string `expr:"trailer"`
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
func (l *Layer) applyResponseRules(ctx context.Context, r *http.Response, layerRevision int, options *LayerOptions) error {
|
2024-06-28 10:46:38 +02:00
|
|
|
rules := options.Rules.Response
|
2024-06-25 14:03:49 +02:00
|
|
|
if len(rules) == 0 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
engine, err := l.getResponseRuleEngine(ctx, layerRevision, options)
|
2024-06-25 14:03:49 +02:00
|
|
|
if err != nil {
|
|
|
|
|
return errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
originalURL, err := director.OriginalURL(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vars := &ResponseVars{
|
|
|
|
|
OriginalURL: URLVar{
|
|
|
|
|
Scheme: originalURL.Scheme,
|
|
|
|
|
Opaque: originalURL.Opaque,
|
|
|
|
|
User: UserVar{
|
|
|
|
|
Username: originalURL.User.Username(),
|
|
|
|
|
Password: func() string {
|
|
|
|
|
passwd, _ := originalURL.User.Password()
|
|
|
|
|
return passwd
|
|
|
|
|
}(),
|
|
|
|
|
},
|
|
|
|
|
Host: originalURL.Host,
|
|
|
|
|
Path: originalURL.Path,
|
|
|
|
|
RawPath: originalURL.RawPath,
|
|
|
|
|
RawQuery: originalURL.RawQuery,
|
|
|
|
|
Fragment: originalURL.Fragment,
|
|
|
|
|
RawFragment: originalURL.RawFragment,
|
|
|
|
|
},
|
|
|
|
|
Request: RequestVar{
|
2024-06-28 10:46:38 +02:00
|
|
|
Method: r.Request.Method,
|
2024-09-24 15:46:42 +02:00
|
|
|
URL: URLVar{
|
2024-06-28 10:46:38 +02:00
|
|
|
Scheme: r.Request.URL.Scheme,
|
|
|
|
|
Opaque: r.Request.URL.Opaque,
|
2024-09-24 15:46:42 +02:00
|
|
|
User: UserVar{
|
2024-06-28 10:46:38 +02:00
|
|
|
Username: r.Request.URL.User.Username(),
|
|
|
|
|
Password: func() string {
|
|
|
|
|
passwd, _ := r.Request.URL.User.Password()
|
|
|
|
|
return passwd
|
|
|
|
|
}(),
|
|
|
|
|
},
|
|
|
|
|
Host: r.Request.URL.Host,
|
|
|
|
|
Path: r.Request.URL.Path,
|
|
|
|
|
RawPath: r.Request.URL.RawPath,
|
|
|
|
|
RawQuery: r.Request.URL.RawQuery,
|
|
|
|
|
Fragment: r.Request.URL.Fragment,
|
|
|
|
|
RawFragment: r.Request.URL.RawFragment,
|
|
|
|
|
},
|
|
|
|
|
RawURL: r.Request.URL.String(),
|
2024-06-25 14:03:49 +02:00
|
|
|
Proto: r.Request.Proto,
|
|
|
|
|
ProtoMajor: r.Request.ProtoMajor,
|
|
|
|
|
ProtoMinor: r.Request.ProtoMinor,
|
|
|
|
|
Header: r.Request.Header,
|
|
|
|
|
ContentLength: r.Request.ContentLength,
|
|
|
|
|
TransferEncoding: r.Request.TransferEncoding,
|
|
|
|
|
Host: r.Request.Host,
|
|
|
|
|
Trailer: r.Request.Trailer,
|
|
|
|
|
RemoteAddr: r.Request.RemoteAddr,
|
|
|
|
|
RequestURI: r.Request.RequestURI,
|
|
|
|
|
},
|
2024-09-24 15:46:42 +02:00
|
|
|
Response: ResponseVar{
|
2024-06-25 14:03:49 +02:00
|
|
|
Proto: r.Proto,
|
|
|
|
|
ProtoMajor: r.ProtoMajor,
|
|
|
|
|
ProtoMinor: r.ProtoMinor,
|
|
|
|
|
Header: r.Header,
|
|
|
|
|
ContentLength: r.ContentLength,
|
|
|
|
|
TransferEncoding: r.TransferEncoding,
|
|
|
|
|
Trailer: r.Trailer,
|
|
|
|
|
Status: r.Status,
|
|
|
|
|
StatusCode: r.StatusCode,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
ctx = ruleHTTP.WithResponse(ctx, r)
|
|
|
|
|
|
|
|
|
|
if _, err := engine.Apply(ctx, vars); err != nil {
|
2024-06-25 14:03:49 +02:00
|
|
|
return errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2024-06-28 10:46:38 +02:00
|
|
|
|
2024-09-24 15:46:42 +02:00
|
|
|
func (l *Layer) getResponseRuleEngine(ctx context.Context, layerRevision int, options *LayerOptions) (*rule.Engine[*ResponseVars], error) {
|
|
|
|
|
engine, err := l.responseRuleEngine.Get(ctx, layerRevision, options)
|
2024-06-28 10:46:38 +02:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.WithStack(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return engine, nil
|
|
|
|
|
}
|
