2019-03-24 14:57:29 +01:00
|
|
|
package serv
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"errors"
|
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
2019-04-01 14:55:46 +02:00
|
|
|
"time"
|
2020-03-06 05:17:51 +01:00
|
|
|
|
|
|
|
"github.com/rs/cors"
|
2019-03-24 14:57:29 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2019-04-19 07:55:03 +02:00
|
|
|
maxReadBytes = 100000 // 100Kb
|
2019-03-24 14:57:29 +01:00
|
|
|
introspectionQuery = "IntrospectionQuery"
|
|
|
|
openVar = "{{"
|
|
|
|
closeVar = "}}"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2019-04-19 07:55:03 +02:00
|
|
|
errUnauthorized = errors.New("not authorized")
|
2019-03-24 14:57:29 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
type gqlReq struct {
|
2019-09-05 06:09:56 +02:00
|
|
|
OpName string `json:"operationName"`
|
|
|
|
Query string `json:"query"`
|
|
|
|
Vars json.RawMessage `json:"variables"`
|
2019-07-29 07:13:33 +02:00
|
|
|
ref string
|
2019-10-24 08:07:42 +02:00
|
|
|
role string
|
2019-09-20 06:19:11 +02:00
|
|
|
hdr http.Header
|
2019-03-24 14:57:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
type gqlResp struct {
|
2019-10-25 06:01:22 +02:00
|
|
|
Error string `json:"message,omitempty"`
|
|
|
|
Data json.RawMessage `json:"data,omitempty"`
|
2019-04-04 06:53:24 +02:00
|
|
|
Extensions *extensions `json:"extensions,omitempty"`
|
2019-04-01 14:55:46 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
type extensions struct {
|
2019-04-04 06:53:24 +02:00
|
|
|
Tracing *trace `json:"tracing,omitempty"`
|
2019-04-01 14:55:46 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
type trace struct {
|
|
|
|
Version int `json:"version"`
|
|
|
|
StartTime time.Time `json:"startTime"`
|
|
|
|
EndTime time.Time `json:"endTime"`
|
|
|
|
Duration time.Duration `json:"duration"`
|
|
|
|
Execution execution `json:"execution"`
|
|
|
|
}
|
|
|
|
|
|
|
|
type execution struct {
|
|
|
|
Resolvers []resolver `json:"resolvers"`
|
|
|
|
}
|
|
|
|
|
|
|
|
type resolver struct {
|
|
|
|
Path []string `json:"path"`
|
|
|
|
ParentType string `json:"parentType"`
|
|
|
|
FieldName string `json:"fieldName"`
|
|
|
|
ReturnType string `json:"returnType"`
|
|
|
|
StartOffset int `json:"startOffset"`
|
|
|
|
Duration time.Duration `json:"duration"`
|
2019-03-24 14:57:29 +01:00
|
|
|
}
|
|
|
|
|
2020-03-06 05:17:51 +01:00
|
|
|
func apiV1Handler() http.Handler {
|
|
|
|
h := withAuth(http.HandlerFunc(apiV1), conf.Auth)
|
|
|
|
|
|
|
|
if len(conf.AllowedOrigins) != 0 {
|
|
|
|
c := cors.New(cors.Options{
|
|
|
|
AllowedOrigins: conf.AllowedOrigins,
|
|
|
|
AllowCredentials: true,
|
|
|
|
Debug: conf.DebugCORS,
|
|
|
|
})
|
|
|
|
h = c.Handler(h)
|
|
|
|
}
|
|
|
|
|
|
|
|
return h
|
|
|
|
}
|
2019-12-31 07:30:20 +01:00
|
|
|
func apiV1(w http.ResponseWriter, r *http.Request) {
|
2019-05-13 01:27:26 +02:00
|
|
|
ctx := &coreContext{Context: r.Context()}
|
2019-03-24 14:57:29 +01:00
|
|
|
|
2019-11-28 07:25:46 +01:00
|
|
|
//nolint: errcheck
|
|
|
|
if conf.AuthFailBlock && !authCheck(ctx) {
|
2019-11-02 22:13:17 +01:00
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
json.NewEncoder(w).Encode(gqlResp{Error: errUnauthorized.Error()})
|
2019-03-24 14:57:29 +01:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-04-19 07:55:03 +02:00
|
|
|
b, err := ioutil.ReadAll(io.LimitReader(r.Body, maxReadBytes))
|
2019-03-24 14:57:29 +01:00
|
|
|
if err != nil {
|
2019-11-25 08:22:33 +01:00
|
|
|
errlog.Error().Err(err).Msg("failed to read request body")
|
2019-03-24 14:57:29 +01:00
|
|
|
errorResp(w, err)
|
|
|
|
return
|
|
|
|
}
|
2019-11-15 07:35:19 +01:00
|
|
|
defer r.Body.Close()
|
2019-03-24 14:57:29 +01:00
|
|
|
|
2019-06-17 07:58:00 +02:00
|
|
|
err = json.Unmarshal(b, &ctx.req)
|
|
|
|
if err != nil {
|
2019-11-25 08:22:33 +01:00
|
|
|
errlog.Error().Err(err).Msg("failed to decode json request body")
|
2019-03-24 14:57:29 +01:00
|
|
|
errorResp(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-05-13 01:27:26 +02:00
|
|
|
if strings.EqualFold(ctx.req.OpName, introspectionQuery) {
|
2019-10-15 08:30:19 +02:00
|
|
|
introspect(w)
|
2019-03-24 14:57:29 +01:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-05-13 01:27:26 +02:00
|
|
|
err = ctx.handleReq(w, r)
|
2019-03-24 14:57:29 +01:00
|
|
|
|
2019-11-28 07:25:46 +01:00
|
|
|
//nolint: errcheck
|
2019-04-19 07:55:03 +02:00
|
|
|
if err == errUnauthorized {
|
2019-10-25 06:01:22 +02:00
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
json.NewEncoder(w).Encode(gqlResp{Error: err.Error()})
|
|
|
|
return
|
2019-03-24 14:57:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
2020-03-14 06:35:42 +01:00
|
|
|
errlog.Error().Err(err).Msg(ctx.req.Query)
|
2019-03-24 14:57:29 +01:00
|
|
|
errorResp(w, err)
|
2019-11-15 07:35:19 +01:00
|
|
|
return
|
2019-03-24 14:57:29 +01:00
|
|
|
}
|
2019-04-01 14:55:46 +02:00
|
|
|
}
|
2019-05-13 01:27:26 +02:00
|
|
|
|
2019-11-28 07:25:46 +01:00
|
|
|
//nolint: errcheck
|
2019-05-13 01:27:26 +02:00
|
|
|
func errorResp(w http.ResponseWriter, err error) {
|
|
|
|
json.NewEncoder(w).Encode(gqlResp{Error: err.Error()})
|
|
|
|
}
|