emissary/internal/agent/controller/app/server.go

package app

import (
	"context"
	"net"
	"net/http"
	"strings"
	"sync"
	"time"

	appSpec "forge.cadoles.com/Cadoles/emissary/internal/agent/controller/app/spec"
	"forge.cadoles.com/Cadoles/emissary/internal/proxy/wildcard"
	edgeHTTP "forge.cadoles.com/arcad/edge/pkg/http"
	"gitlab.com/wpetit/goweb/logger"

	"forge.cadoles.com/arcad/edge/pkg/bundle"
	"github.com/go-chi/chi/v5"
	"github.com/go-chi/chi/v5/middleware"
	"github.com/pkg/errors"

	_ "forge.cadoles.com/Cadoles/emissary/internal/imports/passwd"
)

const defaultCookieDuration time.Duration = 24 * time.Hour

type Server struct {
	bundle         bundle.Bundle
	handlerOptions []edgeHTTP.HandlerOptionFunc
	server         *http.Server
	serverMutex    sync.RWMutex
	config         *appSpec.Config
}

func (s *Server) Start(ctx context.Context, addr string) (err error) {
	if s.Running() {
		if err := s.Stop(); err != nil {
			return errors.WithStack(err)
		}
	}

	s.serverMutex.Lock()
	defer s.serverMutex.Unlock()

	router := chi.NewRouter()

	router.Use(middleware.RealIP)
	router.Use(middleware.Logger)
	router.Use(middleware.Compress(5))

	handler := edgeHTTP.NewHandler(s.handlerOptions...)
	if err := handler.Load(ctx, s.bundle); err != nil {
		return errors.Wrap(err, "could not load app bundle")
	}

	if s.config != nil {
		if s.config.UnexpectedHostRedirect != nil {
			router.Use(unexpectedHostRedirect(
				s.config.UnexpectedHostRedirect.HostTarget,
				s.config.UnexpectedHostRedirect.AcceptedHostPatterns...,
			))
		}
	}

	router.Handle("/*", handler)

	server := &http.Server{
		Addr:    addr,
		Handler: router,
	}

	go func() {
		defer func() {
			if recovered := recover(); recovered != nil {
				if err, ok := recovered.(error); ok {
					err = errors.WithStack(err)
					logger.Error(ctx, err.Error(), logger.CapturedE(err))

					return
				}

				panic(recovered)
			}
		}()

		defer func() {
			if err := s.Stop(); err != nil {
				panic(errors.WithStack(err))
			}
		}()

		if err := server.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
			panic(errors.WithStack(err))
		}
	}()

	s.server = server

	return nil
}

func (s *Server) Running() bool {
	s.serverMutex.RLock()
	defer s.serverMutex.RUnlock()

	return s.server != nil
}

func (s *Server) Stop() error {
	if !s.Running() {
		return nil
	}

	s.serverMutex.Lock()
	defer s.serverMutex.Unlock()

	if s.server == nil {
		return nil
	}

	if err := s.server.Close(); err != nil {
		s.server = nil

		return errors.WithStack(err)
	}

	s.server = nil

	return nil
}

func NewServer(bundle bundle.Bundle, config *appSpec.Config, handlerOptions ...edgeHTTP.HandlerOptionFunc) *Server {
	return &Server{
		bundle:         bundle,
		config:         config,
		handlerOptions: handlerOptions,
	}
}

func getCookieDomain(r *http.Request) (string, error) {
	host, _, err := net.SplitHostPort(r.Host)
	if err != nil {
		host = r.Host
	}

	// If host is an IP address
	if ip := net.ParseIP(host); ip != nil {
		return "", nil
	}

	// If host is an domain, return top level domain
	domainParts := strings.Split(host, ".")
	if len(domainParts) >= 2 {
		topLevelDomain := strings.Join(domainParts[len(domainParts)-2:], ".")
		return topLevelDomain, nil
	}

	// By default, return host
	return host, nil
}

func unexpectedHostRedirect(hostTarget string, acceptedHostPatterns ...string) func(http.Handler) http.Handler {
	return func(h http.Handler) http.Handler {
		fn := func(w http.ResponseWriter, r *http.Request) {
			host, port, err := net.SplitHostPort(r.Host)
			if err != nil {
				host = r.Host
			}

			matched := wildcard.MatchAny(host, acceptedHostPatterns...)

			if !matched {
				url := r.URL

				url.Host = hostTarget
				if port != "" {
					url.Host += ":" + port
				}

				http.Redirect(w, r, url.String(), http.StatusTemporaryRedirect)

				return
			}

			h.ServeHTTP(w, r)
		}

		return http.HandlerFunc(fn)
	}
}
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`package app`

			`import (`
			`"context"`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`"net"`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`"net/http"`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00			`"strings"`
feat: basic authorization model 2023-03-13 10:44:58 +01:00			`"sync"`
feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`"time"`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00
feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`appSpec "forge.cadoles.com/Cadoles/emissary/internal/agent/controller/app/spec"`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00			`"forge.cadoles.com/Cadoles/emissary/internal/proxy/wildcard"`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`edgeHTTP "forge.cadoles.com/arcad/edge/pkg/http"`
feat: basic authorization model 2023-03-13 10:44:58 +01:00			`"gitlab.com/wpetit/goweb/logger"`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00
			`"forge.cadoles.com/arcad/edge/pkg/bundle"`
			`"github.com/go-chi/chi/v5"`
feat: update edge library 2023-11-30 16:01:35 +01:00			`"github.com/go-chi/chi/v5/middleware"`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`"github.com/pkg/errors"`
feat(spec,app): handle local accounts 2023-03-21 15:21:19 +01:00
feat(controller,sysupgrade): openwrt upgrade controller 2023-03-24 23:17:55 +01:00			`_ "forge.cadoles.com/Cadoles/emissary/internal/imports/passwd"`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`)`

feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`const defaultCookieDuration time.Duration = 24 * time.Hour`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`type Server struct {`
feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`bundle bundle.Bundle`
			`handlerOptions []edgeHTTP.HandlerOptionFunc`
			`server *http.Server`
			`serverMutex sync.RWMutex`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`config *appSpec.Config`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`}`

feat: basic authorization model 2023-03-13 10:44:58 +01:00			`func (s *Server) Start(ctx context.Context, addr string) (err error) {`
chore(controller,app): refactor app server mutex usage 2023-03-31 17:28:52 +02:00			`if s.Running() {`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`if err := s.Stop(); err != nil {`
			`return errors.WithStack(err)`
			`}`
			`}`

chore(controller,app): refactor app server mutex usage 2023-03-31 17:28:52 +02:00			`s.serverMutex.Lock()`
			`defer s.serverMutex.Unlock()`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`router := chi.NewRouter()`

fix(app,handler): use real ip 2023-04-21 20:04:37 +02:00			`router.Use(middleware.RealIP)`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`router.Use(middleware.Logger)`
feat(controller,app): compress http responses 2023-04-20 10:59:27 +02:00			`router.Use(middleware.Compress(5))`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00
feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`handler := edgeHTTP.NewHandler(s.handlerOptions...)`
feat(edge): update lib 2023-10-19 20:12:46 +02:00			`if err := handler.Load(ctx, s.bundle); err != nil {`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`return errors.Wrap(err, "could not load app bundle")`
			`}`

feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`if s.config != nil {`
			`if s.config.UnexpectedHostRedirect != nil {`
			`router.Use(unexpectedHostRedirect(`
			`s.config.UnexpectedHostRedirect.HostTarget,`
			`s.config.UnexpectedHostRedirect.AcceptedHostPatterns...,`
			`))`
			`}`
feat(spec,app): handle local accounts 2023-03-21 15:21:19 +01:00			`}`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`router.Handle("/*", handler)`

			`server := &http.Server{`
			`Addr: addr,`
			`Handler: router,`
			`}`

			`go func() {`
feat: basic authorization model 2023-03-13 10:44:58 +01:00			`defer func() {`
			`if recovered := recover(); recovered != nil {`
			`if err, ok := recovered.(error); ok {`
feat: sentry integration 2023-10-13 12:30:52 +02:00			`err = errors.WithStack(err)`
feat: use new logger.CapturedE() api 2023-10-19 22:09:18 +02:00			`logger.Error(ctx, err.Error(), logger.CapturedE(err))`
feat: basic authorization model 2023-03-13 10:44:58 +01:00
			`return`
			`}`

			`panic(recovered)`
			`}`
			`}()`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`defer func() {`
			`if err := s.Stop(); err != nil {`
			`panic(errors.WithStack(err))`
			`}`
			`}()`

			`if err := server.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {`
			`panic(errors.WithStack(err))`
			`}`
			`}()`

			`s.server = server`

			`return nil`
			`}`

feat: basic authorization model 2023-03-13 10:44:58 +01:00			`func (s *Server) Running() bool {`
			`s.serverMutex.RLock()`
			`defer s.serverMutex.RUnlock()`

			`return s.server != nil`
			`}`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`func (s *Server) Stop() error {`
chore(controller,app): refactor app server mutex usage 2023-03-31 17:28:52 +02:00			`if !s.Running() {`
			`return nil`
			`}`

			`s.serverMutex.Lock()`
			`defer s.serverMutex.Unlock()`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`if s.server == nil {`
			`return nil`
			`}`

chore(controller,app): refactor app server mutex usage 2023-03-31 17:28:52 +02:00			`if err := s.server.Close(); err != nil {`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`s.server = nil`

feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00			`return errors.WithStack(err)`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`}`

chore(controller,app): refactor app server mutex usage 2023-03-31 17:28:52 +02:00			`s.server = nil`

feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`return nil`
			`}`

feat(auth): automatically create session for anonymous users ref https://forge.cadoles.com/arcad/edge-menu/issues/86 2023-09-20 18:02:59 +02:00			`func NewServer(bundle bundle.Bundle, config appSpec.Config, handlerOptions ...edgeHTTP.HandlerOptionFunc) Server {`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`return &Server{`
feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`bundle: bundle,`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`config: config,`
feat(controller,app): add app module 2023-03-28 20:43:45 +02:00			`handlerOptions: handlerOptions,`
feat(controller,app): add edge apps controller 2023-03-03 20:37:09 +01:00			`}`
			`}`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`func getCookieDomain(r *http.Request) (string, error) {`
			`host, _, err := net.SplitHostPort(r.Host)`
			`if err != nil {`
fix(module,app): handle host without port in cookie domain identification 2023-04-06 11:00:35 +02:00			`host = r.Host`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`}`

			`// If host is an IP address`
fix(controller,app): correctly detect ip address for cookie domain resolution 2023-04-24 13:49:53 +02:00			`if ip := net.ParseIP(host); ip != nil {`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`return "", nil`
			`}`

			`// If host is an domain, return top level domain`
			`domainParts := strings.Split(host, ".")`
			`if len(domainParts) >= 2 {`
			`topLevelDomain := strings.Join(domainParts[len(domainParts)-2:], ".")`
			`return topLevelDomain, nil`
			`}`

			`// By default, return host`
			`return host, nil`
			`}`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`func unexpectedHostRedirect(hostTarget string, acceptedHostPatterns ...string) func(http.Handler) http.Handler {`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00			`return func(h http.Handler) http.Handler {`
			`fn := func(w http.ResponseWriter, r *http.Request) {`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`host, port, err := net.SplitHostPort(r.Host)`
			`if err != nil {`
fix(module,app): handle hosts without port 2023-04-06 10:21:52 +02:00			`host = r.Host`
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`}`

			`matched := wildcard.MatchAny(host, acceptedHostPatterns...)`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00
feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`if !matched {`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00			`url := r.URL`

feat(module,app): iface-based app url resolving 2023-04-05 23:21:43 +02:00			`url.Host = hostTarget`
			`if port != "" {`
			`url.Host += ":" + port`
feat(controller,app): automatically redirect requests to cookie domain 2023-03-29 17:29:16 +02:00			`}`

			`http.Redirect(w, r, url.String(), http.StatusTemporaryRedirect)`

			`return`
			`}`

			`h.ServeHTTP(w, r)`
			`}`

			`return http.HandlerFunc(fn)`
			`}`
			`}`