podman
126 строк · 3.7 Кб
1// Copyright 2015 go-swagger maintainers
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15package middleware
16
17import (
18"mime"
19"net/http"
20"strings"
21
22"github.com/go-openapi/errors"
23"github.com/go-openapi/swag"
24
25"github.com/go-openapi/runtime"
26)
27
28type validation struct {
29context *Context
30result []error
31request *http.Request
32route *MatchedRoute
33bound map[string]interface{}
34}
35
36// ContentType validates the content type of a request
37func validateContentType(allowed []string, actual string) error {
38debugLog("validating content type for %q against [%s]", actual, strings.Join(allowed, ", "))
39if len(allowed) == 0 {
40return nil
41}
42mt, _, err := mime.ParseMediaType(actual)
43if err != nil {
44return errors.InvalidContentType(actual, allowed)
45}
46if swag.ContainsStringsCI(allowed, mt) {
47return nil
48}
49if swag.ContainsStringsCI(allowed, "*/*") {
50return nil
51}
52parts := strings.Split(actual, "/")
53if len(parts) == 2 && swag.ContainsStringsCI(allowed, parts[0]+"/*") {
54return nil
55}
56return errors.InvalidContentType(actual, allowed)
57}
58
59func validateRequest(ctx *Context, request *http.Request, route *MatchedRoute) *validation {
60debugLog("validating request %s %s", request.Method, request.URL.EscapedPath())
61validate := &validation{
62context: ctx,
63request: request,
64route: route,
65bound: make(map[string]interface{}),
66}
67
68validate.contentType()
69if len(validate.result) == 0 {
70validate.responseFormat()
71}
72if len(validate.result) == 0 {
73validate.parameters()
74}
75
76return validate
77}
78
79func (v *validation) parameters() {
80debugLog("validating request parameters for %s %s", v.request.Method, v.request.URL.EscapedPath())
81if result := v.route.Binder.Bind(v.request, v.route.Params, v.route.Consumer, v.bound); result != nil {
82if result.Error() == "validation failure list" {
83for _, e := range result.(*errors.Validation).Value.([]interface{}) {
84v.result = append(v.result, e.(error))
85}
86return
87}
88v.result = append(v.result, result)
89}
90}
91
92func (v *validation) contentType() {
93if len(v.result) == 0 && runtime.HasBody(v.request) {
94debugLog("validating body content type for %s %s", v.request.Method, v.request.URL.EscapedPath())
95ct, _, req, err := v.context.ContentType(v.request)
96if err != nil {
97v.result = append(v.result, err)
98} else {
99v.request = req
100}
101
102if len(v.result) == 0 {
103if err := validateContentType(v.route.Consumes, ct); err != nil {
104v.result = append(v.result, err)
105}
106}
107if ct != "" && v.route.Consumer == nil {
108cons, ok := v.route.Consumers[ct]
109if !ok {
110v.result = append(v.result, errors.New(500, "no consumer registered for %s", ct))
111} else {
112v.route.Consumer = cons
113}
114}
115}
116}
117
118func (v *validation) responseFormat() {
119// if the route provides values for Produces and no format could be identify then return an error.
120// if the route does not specify values for Produces then treat request as valid since the API designer
121// choose not to specify the format for responses.
122if str, rCtx := v.context.ResponseFormat(v.request, v.route.Produces); str == "" && len(v.route.Produces) > 0 {
123v.request = rCtx
124v.result = append(v.result, errors.InvalidResponseFormat(v.request.Header.Get(runtime.HeaderAccept), v.route.Produces))
125}
126}
127