23
"github.com/cubefs/cubefs/proto"
24
"github.com/cubefs/cubefs/util/cryptoutil"
25
"github.com/cubefs/cubefs/util/log"
28
func (m *Server) startHTTPService() {
31
if m.cluster.PKIKey.EnableHTTPS {
35
MinVersion: tls.VersionTLS12,
40
Addr: colonSplit + m.port,
42
ReadTimeout: 5 * time.Minute,
43
WriteTimeout: 5 * time.Minute,
45
if err := srv.ListenAndServeTLS("/app/server.crt", "/app/server.key"); err != nil {
46
log.LogErrorf("action[startHTTPService] failed,err[%v]", err)
51
if err := http.ListenAndServe(colonSplit+m.port, nil); err != nil {
52
log.LogErrorf("action[startHTTPService] failed,err[%v]", err)
60
func (m *Server) newAuthProxy() *AuthProxy {
65
if m.cluster.PKIKey.EnableHTTPS {
66
if authProxy.client, err = cryptoutil.CreateClientX(&m.cluster.PKIKey.AuthRootPublicKey); err != nil {
70
authProxy.reverseProxy = &httputil.ReverseProxy{
71
Director: func(request *http.Request) {
72
request.URL.Scheme = "http"
73
request.URL.Host = m.leaderInfo.addr
80
func (m *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
81
log.LogInfof("URL[%v],remoteAddr[%v]", r.URL, r.RemoteAddr)
83
case proto.ClientGetTicket:
85
case proto.AdminCreateKey:
87
case proto.AdminGetKey:
89
case proto.AdminDeleteKey:
91
case proto.AdminAddCaps:
93
case proto.AdminDeleteCaps:
95
case proto.AdminGetCaps:
96
m.apiAccessEntry(w, r)
97
case proto.AdminAddRaftNode:
99
case proto.AdminRemoveRaftNode:
101
case proto.OSAddCaps:
103
case proto.OSDeleteCaps:
105
case proto.OSGetCaps:
108
sendErrReply(w, r, &proto.HTTPAuthReply{Code: proto.ErrCodeParamError, Msg: "Invalid requst URL"})
112
func (m *Server) handleFunctions() {
113
http.HandleFunc(proto.ClientGetTicket, m.getTicket)
114
http.Handle(proto.AdminCreateKey, m.handlerWithInterceptor())
115
http.Handle(proto.AdminGetKey, m.handlerWithInterceptor())
116
http.Handle(proto.AdminDeleteKey, m.handlerWithInterceptor())
117
http.Handle(proto.AdminAddCaps, m.handlerWithInterceptor())
118
http.Handle(proto.AdminDeleteCaps, m.handlerWithInterceptor())
119
http.Handle(proto.AdminGetCaps, m.handlerWithInterceptor())
120
http.Handle(proto.AdminAddRaftNode, m.handlerWithInterceptor())
121
http.Handle(proto.AdminRemoveRaftNode, m.handlerWithInterceptor())
122
http.Handle(proto.OSAddCaps, m.handlerWithInterceptor())
123
http.Handle(proto.OSDeleteCaps, m.handlerWithInterceptor())
124
http.Handle(proto.OSGetCaps, m.handlerWithInterceptor())
128
func (m *Server) handlerWithInterceptor() http.Handler {
129
return http.HandlerFunc(
130
func(w http.ResponseWriter, r *http.Request) {
131
if m.partition.IsRaftLeader() {
136
log.LogWarnf("action[handlerWithInterceptor] leader meta has not ready")
137
http.Error(w, m.leaderInfo.addr, http.StatusBadRequest)
140
if m.leaderInfo.addr == "" {
141
log.LogErrorf("action[handlerWithInterceptor] no leader,request[%v]", r.URL)
142
http.Error(w, "no leader", http.StatusBadRequest)
149
func (m *Server) proxy(w http.ResponseWriter, r *http.Request) {
150
if m.cluster.PKIKey.EnableHTTPS {
155
jobj proto.HTTPAuthReply
157
target := "https://" + m.leaderInfo.addr + r.URL.Path
158
if plaintext, err = m.extractClientReqInfo(r); err != nil {
159
sendErrReply(w, r, &proto.HTTPAuthReply{Code: proto.ErrCodeParamError, Msg: err.Error()})
162
res, err = proto.SendBytes(m.authProxy.client, target, plaintext)
164
sendErrReply(w, r, &proto.HTTPAuthReply{Code: proto.ErrCodeAuthReqRedirectError, Msg: "[proxy] failed: " + err.Error()})
167
if jobj, err = proto.ParseAuthReply(res); err != nil {
168
sendErrReply(w, r, &proto.HTTPAuthReply{Code: proto.ErrCodeAuthReqRedirectError, Msg: "Target Server failed: " + err.Error()})
171
sendOkReply(w, r, newSuccessHTTPAuthReply(jobj.Data))
173
m.authProxy.reverseProxy.ServeHTTP(w, r)