podman
126 строк · 3.7 Кб
1// Copyright 2015 go-swagger maintainers2//3// Licensed under the Apache License, Version 2.0 (the "License");4// you may not use this file except in compliance with the License.5// You may obtain a copy of the License at6//7// http://www.apache.org/licenses/LICENSE-2.08//9// Unless required by applicable law or agreed to in writing, software10// distributed under the License is distributed on an "AS IS" BASIS,11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.12// See the License for the specific language governing permissions and13// limitations under the License.14package middleware16import (18"mime"19"net/http"20"strings"21"github.com/go-openapi/errors"23"github.com/go-openapi/swag"24"github.com/go-openapi/runtime"26)27type validation struct {29context *Context30result []error31request *http.Request32route *MatchedRoute33bound map[string]interface{}34}35// ContentType validates the content type of a request37func validateContentType(allowed []string, actual string) error {38debugLog("validating content type for %q against [%s]", actual, strings.Join(allowed, ", "))39if len(allowed) == 0 {40return nil41}42mt, _, err := mime.ParseMediaType(actual)43if err != nil {44return errors.InvalidContentType(actual, allowed)45}46if swag.ContainsStringsCI(allowed, mt) {47return nil48}49if swag.ContainsStringsCI(allowed, "*/*") {50return nil51}52parts := strings.Split(actual, "/")53if len(parts) == 2 && swag.ContainsStringsCI(allowed, parts[0]+"/*") {54return nil55}56return errors.InvalidContentType(actual, allowed)57}58func validateRequest(ctx *Context, request *http.Request, route *MatchedRoute) *validation {60debugLog("validating request %s %s", request.Method, request.URL.EscapedPath())61validate := &validation{62context: ctx,63request: request,64route: route,65bound: make(map[string]interface{}),66}67validate.contentType()69if len(validate.result) == 0 {70validate.responseFormat()71}72if len(validate.result) == 0 {73validate.parameters()74}75return validate77}78func (v *validation) parameters() {80debugLog("validating request parameters for %s %s", v.request.Method, v.request.URL.EscapedPath())81if result := v.route.Binder.Bind(v.request, v.route.Params, v.route.Consumer, v.bound); result != nil {82if result.Error() == "validation failure list" {83for _, e := range result.(*errors.Validation).Value.([]interface{}) {84v.result = append(v.result, e.(error))85}86return87}88v.result = append(v.result, result)89}90}91func (v *validation) contentType() {93if len(v.result) == 0 && runtime.HasBody(v.request) {94debugLog("validating body content type for %s %s", v.request.Method, v.request.URL.EscapedPath())95ct, _, req, err := v.context.ContentType(v.request)96if err != nil {97v.result = append(v.result, err)98} else {99v.request = req100}101if len(v.result) == 0 {103if err := validateContentType(v.route.Consumes, ct); err != nil {104v.result = append(v.result, err)105}106}107if ct != "" && v.route.Consumer == nil {108cons, ok := v.route.Consumers[ct]109if !ok {110v.result = append(v.result, errors.New(500, "no consumer registered for %s", ct))111} else {112v.route.Consumer = cons113}114}115}116}117func (v *validation) responseFormat() {119// if the route provides values for Produces and no format could be identify then return an error.120// if the route does not specify values for Produces then treat request as valid since the API designer121// choose not to specify the format for responses.122if str, rCtx := v.context.ResponseFormat(v.request, v.route.Produces); str == "" && len(v.route.Produces) > 0 {123v.request = rCtx124v.result = append(v.result, errors.InvalidResponseFormat(v.request.Header.Get(runtime.HeaderAccept), v.route.Produces))125}126}127