2013-12-23 19:38:51 +00:00
|
|
|
package agent
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2014-11-18 16:03:36 +00:00
|
|
|
"fmt"
|
2013-12-23 19:38:51 +00:00
|
|
|
"net/http"
|
2014-03-20 00:50:57 +00:00
|
|
|
"net/http/pprof"
|
2015-04-14 00:31:53 +00:00
|
|
|
"net/url"
|
2017-07-15 07:07:08 +00:00
|
|
|
"regexp"
|
2014-02-05 22:36:13 +00:00
|
|
|
"strconv"
|
2014-08-22 19:59:47 +00:00
|
|
|
"strings"
|
2013-12-23 22:26:34 +00:00
|
|
|
"time"
|
2014-08-22 19:59:47 +00:00
|
|
|
|
2016-08-09 22:41:15 +00:00
|
|
|
"github.com/armon/go-metrics"
|
pkg refactor
command/agent/* -> agent/*
command/consul/* -> agent/consul/*
command/agent/command{,_test}.go -> command/agent{,_test}.go
command/base/command.go -> command/base.go
command/base/* -> command/*
commands.go -> command/commands.go
The script which did the refactor is:
(
cd $GOPATH/src/github.com/hashicorp/consul
git mv command/agent/command.go command/agent.go
git mv command/agent/command_test.go command/agent_test.go
git mv command/agent/flag_slice_value{,_test}.go command/
git mv command/agent .
git mv command/base/command.go command/base.go
git mv command/base/config_util{,_test}.go command/
git mv commands.go command/
git mv consul agent
rmdir command/base/
gsed -i -e 's|package agent|package command|' command/agent{,_test}.go
gsed -i -e 's|package agent|package command|' command/flag_slice_value{,_test}.go
gsed -i -e 's|package base|package command|' command/base.go command/config_util{,_test}.go
gsed -i -e 's|package main|package command|' command/commands.go
gsed -i -e 's|base.Command|BaseCommand|' command/commands.go
gsed -i -e 's|agent.Command|AgentCommand|' command/commands.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/commands.go
gsed -i -e 's|base\.||' command/commands.go
gsed -i -e 's|command\.||' command/commands.go
gsed -i -e 's|command|c|' main.go
gsed -i -e 's|range Commands|range command.Commands|' main.go
gsed -i -e 's|Commands: Commands|Commands: command.Commands|' main.go
gsed -i -e 's|base\.BoolValue|BoolValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.DurationValue|DurationValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.StringValue|StringValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.UintValue|UintValue|' command/operator_autopilot_set.go
gsed -i -e 's|\bCommand\b|BaseCommand|' command/base.go
gsed -i -e 's|BaseCommand Options|Command Options|' command/base.go
gsed -i -e 's|base.Command|BaseCommand|' command/*.go
gsed -i -e 's|c\.Command|c.BaseCommand|g' command/*.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/*_test.go
gsed -i -e 's|base\.||' command/*_test.go
gsed -i -e 's|\bCommand\b|AgentCommand|' command/agent{,_test}.go
gsed -i -e 's|cmd.AgentCommand|cmd.BaseCommand|' command/agent.go
gsed -i -e 's|cli.AgentCommand = new(Command)|cli.Command = new(AgentCommand)|' command/agent_test.go
gsed -i -e 's|exec.AgentCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|exec.BaseCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|NewTestAgent|agent.NewTestAgent|' command/agent_test.go
gsed -i -e 's|= TestConfig|= agent.TestConfig|' command/agent_test.go
gsed -i -e 's|: RetryJoin|: agent.RetryJoin|' command/agent_test.go
gsed -i -e 's|\.\./\.\./|../|' command/config_util_test.go
gsed -i -e 's|\bverifyUniqueListeners|VerifyUniqueListeners|' agent/config{,_test}.go command/agent.go
gsed -i -e 's|\bserfLANKeyring\b|SerfLANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bserfWANKeyring\b|SerfWANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bNewAgent\b|agent.New|g' command/agent{,_test}.go
gsed -i -e 's|\bNewAgent|New|' agent/{acl_test,agent,testagent}.go
gsed -i -e 's|\bAgent\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bBool\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDefaultConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDevConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bMergeConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bReadConfigPaths\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bParseMetaPair\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfLANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfWANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|circonus\.agent|circonus|g' command/agent{,_test}.go
gsed -i -e 's|logger\.agent|logger|g' command/agent{,_test}.go
gsed -i -e 's|metrics\.agent|metrics|g' command/agent{,_test}.go
gsed -i -e 's|// agent.Agent|// agent|' command/agent{,_test}.go
gsed -i -e 's|a\.agent\.Config|a.Config|' command/agent{,_test}.go
gsed -i -e 's|agent\.AppendSliceValue|AppendSliceValue|' command/{configtest,validate}.go
gsed -i -e 's|consul/consul|agent/consul|' GNUmakefile
gsed -i -e 's|\.\./test|../../test|' agent/consul/server_test.go
# fix imports
f=$(grep -rl 'github.com/hashicorp/consul/command/agent' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/command/agent|github.com/hashicorp/consul/agent|' $f
goimports -w $f
f=$(grep -rl 'github.com/hashicorp/consul/consul' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/consul|github.com/hashicorp/consul/agent/consul|' $f
goimports -w $f
goimports -w command/*.go main.go
)
2017-06-09 22:28:28 +00:00
|
|
|
"github.com/hashicorp/consul/agent/consul/structs"
|
2014-08-22 19:59:47 +00:00
|
|
|
"github.com/mitchellh/mapstructure"
|
2013-12-23 19:38:51 +00:00
|
|
|
)
|
|
|
|
|
2017-05-19 09:53:41 +00:00
|
|
|
// HTTPServer provides an HTTP api for an agent.
|
2013-12-23 19:38:51 +00:00
|
|
|
type HTTPServer struct {
|
2017-05-19 09:53:41 +00:00
|
|
|
*http.Server
|
2017-07-10 20:51:25 +00:00
|
|
|
agent *Agent
|
|
|
|
blacklist *Blacklist
|
|
|
|
|
|
|
|
// proto is filled by the agent to "http" or "https".
|
2017-05-24 13:22:56 +00:00
|
|
|
proto string
|
2013-12-23 19:38:51 +00:00
|
|
|
}
|
|
|
|
|
2017-05-19 09:53:41 +00:00
|
|
|
func NewHTTPServer(addr string, a *Agent) *HTTPServer {
|
2017-07-10 20:51:25 +00:00
|
|
|
s := &HTTPServer{
|
|
|
|
Server: &http.Server{Addr: addr},
|
|
|
|
agent: a,
|
|
|
|
blacklist: NewBlacklist(a.config.HTTPConfig.BlockEndpoints),
|
|
|
|
}
|
|
|
|
s.Server.Handler = s.handler(a.config.EnableDebug)
|
2017-05-19 09:53:41 +00:00
|
|
|
return s
|
2014-11-14 19:39:19 +00:00
|
|
|
}
|
|
|
|
|
2017-05-19 09:53:41 +00:00
|
|
|
// handler is used to attach our handlers to the mux
|
|
|
|
func (s *HTTPServer) handler(enableDebug bool) http.Handler {
|
|
|
|
mux := http.NewServeMux()
|
|
|
|
|
|
|
|
// handleFuncMetrics takes the given pattern and handler and wraps to produce
|
|
|
|
// metrics based on the pattern and request.
|
|
|
|
handleFuncMetrics := func(pattern string, handler http.HandlerFunc) {
|
|
|
|
// Get the parts of the pattern. We omit any initial empty for the
|
|
|
|
// leading slash, and put an underscore as a "thing" placeholder if we
|
|
|
|
// see a trailing slash, which means the part after is parsed. This lets
|
|
|
|
// us distinguish from things like /v1/query and /v1/query/<query id>.
|
|
|
|
var parts []string
|
|
|
|
for i, part := range strings.Split(pattern, "/") {
|
|
|
|
if part == "" {
|
|
|
|
if i == 0 {
|
|
|
|
continue
|
|
|
|
}
|
2016-08-09 22:41:15 +00:00
|
|
|
part = "_"
|
|
|
|
}
|
2017-05-19 09:53:41 +00:00
|
|
|
parts = append(parts, part)
|
2016-08-09 22:41:15 +00:00
|
|
|
}
|
|
|
|
|
2017-05-19 09:53:41 +00:00
|
|
|
// Register the wrapper, which will close over the expensive-to-compute
|
|
|
|
// parts from above.
|
|
|
|
wrapper := func(resp http.ResponseWriter, req *http.Request) {
|
|
|
|
start := time.Now()
|
|
|
|
handler(resp, req)
|
|
|
|
key := append([]string{"consul", "http", req.Method}, parts...)
|
|
|
|
metrics.MeasureSince(key, start)
|
|
|
|
}
|
|
|
|
mux.HandleFunc(pattern, wrapper)
|
2016-08-09 22:41:15 +00:00
|
|
|
}
|
|
|
|
|
2017-05-19 09:53:41 +00:00
|
|
|
mux.HandleFunc("/", s.Index)
|
2013-12-25 01:09:51 +00:00
|
|
|
|
2016-10-26 02:20:24 +00:00
|
|
|
// API V1.
|
|
|
|
if s.agent.config.ACLDatacenter != "" {
|
2017-08-03 00:05:18 +00:00
|
|
|
handleFuncMetrics("/v1/acl/bootstrap", s.wrap(s.ACLBootstrap))
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/v1/acl/create", s.wrap(s.ACLCreate))
|
|
|
|
handleFuncMetrics("/v1/acl/update", s.wrap(s.ACLUpdate))
|
|
|
|
handleFuncMetrics("/v1/acl/destroy/", s.wrap(s.ACLDestroy))
|
|
|
|
handleFuncMetrics("/v1/acl/info/", s.wrap(s.ACLGet))
|
|
|
|
handleFuncMetrics("/v1/acl/clone/", s.wrap(s.ACLClone))
|
|
|
|
handleFuncMetrics("/v1/acl/list", s.wrap(s.ACLList))
|
|
|
|
handleFuncMetrics("/v1/acl/replication", s.wrap(s.ACLReplicationStatus))
|
2017-07-26 18:03:43 +00:00
|
|
|
handleFuncMetrics("/v1/agent/token/", s.wrap(s.AgentToken))
|
2015-07-30 18:23:09 +00:00
|
|
|
} else {
|
2017-08-03 00:05:18 +00:00
|
|
|
handleFuncMetrics("/v1/acl/bootstrap", s.wrap(ACLDisabled))
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/v1/acl/create", s.wrap(ACLDisabled))
|
|
|
|
handleFuncMetrics("/v1/acl/update", s.wrap(ACLDisabled))
|
|
|
|
handleFuncMetrics("/v1/acl/destroy/", s.wrap(ACLDisabled))
|
|
|
|
handleFuncMetrics("/v1/acl/info/", s.wrap(ACLDisabled))
|
|
|
|
handleFuncMetrics("/v1/acl/clone/", s.wrap(ACLDisabled))
|
|
|
|
handleFuncMetrics("/v1/acl/list", s.wrap(ACLDisabled))
|
|
|
|
handleFuncMetrics("/v1/acl/replication", s.wrap(ACLDisabled))
|
2017-07-26 18:03:43 +00:00
|
|
|
handleFuncMetrics("/v1/agent/token/", s.wrap(ACLDisabled))
|
2015-07-29 23:33:25 +00:00
|
|
|
}
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/v1/agent/self", s.wrap(s.AgentSelf))
|
|
|
|
handleFuncMetrics("/v1/agent/maintenance", s.wrap(s.AgentNodeMaintenance))
|
|
|
|
handleFuncMetrics("/v1/agent/reload", s.wrap(s.AgentReload))
|
|
|
|
handleFuncMetrics("/v1/agent/monitor", s.wrap(s.AgentMonitor))
|
|
|
|
handleFuncMetrics("/v1/agent/services", s.wrap(s.AgentServices))
|
|
|
|
handleFuncMetrics("/v1/agent/checks", s.wrap(s.AgentChecks))
|
|
|
|
handleFuncMetrics("/v1/agent/members", s.wrap(s.AgentMembers))
|
|
|
|
handleFuncMetrics("/v1/agent/join/", s.wrap(s.AgentJoin))
|
|
|
|
handleFuncMetrics("/v1/agent/leave", s.wrap(s.AgentLeave))
|
|
|
|
handleFuncMetrics("/v1/agent/force-leave/", s.wrap(s.AgentForceLeave))
|
|
|
|
handleFuncMetrics("/v1/agent/check/register", s.wrap(s.AgentRegisterCheck))
|
|
|
|
handleFuncMetrics("/v1/agent/check/deregister/", s.wrap(s.AgentDeregisterCheck))
|
|
|
|
handleFuncMetrics("/v1/agent/check/pass/", s.wrap(s.AgentCheckPass))
|
|
|
|
handleFuncMetrics("/v1/agent/check/warn/", s.wrap(s.AgentCheckWarn))
|
|
|
|
handleFuncMetrics("/v1/agent/check/fail/", s.wrap(s.AgentCheckFail))
|
|
|
|
handleFuncMetrics("/v1/agent/check/update/", s.wrap(s.AgentCheckUpdate))
|
|
|
|
handleFuncMetrics("/v1/agent/service/register", s.wrap(s.AgentRegisterService))
|
|
|
|
handleFuncMetrics("/v1/agent/service/deregister/", s.wrap(s.AgentDeregisterService))
|
|
|
|
handleFuncMetrics("/v1/agent/service/maintenance/", s.wrap(s.AgentServiceMaintenance))
|
|
|
|
handleFuncMetrics("/v1/catalog/register", s.wrap(s.CatalogRegister))
|
|
|
|
handleFuncMetrics("/v1/catalog/deregister", s.wrap(s.CatalogDeregister))
|
|
|
|
handleFuncMetrics("/v1/catalog/datacenters", s.wrap(s.CatalogDatacenters))
|
|
|
|
handleFuncMetrics("/v1/catalog/nodes", s.wrap(s.CatalogNodes))
|
|
|
|
handleFuncMetrics("/v1/catalog/services", s.wrap(s.CatalogServices))
|
|
|
|
handleFuncMetrics("/v1/catalog/service/", s.wrap(s.CatalogServiceNodes))
|
|
|
|
handleFuncMetrics("/v1/catalog/node/", s.wrap(s.CatalogNodeServices))
|
2016-10-26 02:20:24 +00:00
|
|
|
if !s.agent.config.DisableCoordinates {
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/v1/coordinate/datacenters", s.wrap(s.CoordinateDatacenters))
|
|
|
|
handleFuncMetrics("/v1/coordinate/nodes", s.wrap(s.CoordinateNodes))
|
2016-10-26 02:20:24 +00:00
|
|
|
} else {
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/v1/coordinate/datacenters", s.wrap(coordinateDisabled))
|
|
|
|
handleFuncMetrics("/v1/coordinate/nodes", s.wrap(coordinateDisabled))
|
2016-10-26 02:20:24 +00:00
|
|
|
}
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/v1/event/fire/", s.wrap(s.EventFire))
|
|
|
|
handleFuncMetrics("/v1/event/list", s.wrap(s.EventList))
|
|
|
|
handleFuncMetrics("/v1/health/node/", s.wrap(s.HealthNodeChecks))
|
|
|
|
handleFuncMetrics("/v1/health/checks/", s.wrap(s.HealthServiceChecks))
|
|
|
|
handleFuncMetrics("/v1/health/state/", s.wrap(s.HealthChecksInState))
|
|
|
|
handleFuncMetrics("/v1/health/service/", s.wrap(s.HealthServiceNodes))
|
|
|
|
handleFuncMetrics("/v1/internal/ui/nodes", s.wrap(s.UINodes))
|
|
|
|
handleFuncMetrics("/v1/internal/ui/node/", s.wrap(s.UINodeInfo))
|
|
|
|
handleFuncMetrics("/v1/internal/ui/services", s.wrap(s.UIServices))
|
|
|
|
handleFuncMetrics("/v1/kv/", s.wrap(s.KVSEndpoint))
|
|
|
|
handleFuncMetrics("/v1/operator/raft/configuration", s.wrap(s.OperatorRaftConfiguration))
|
|
|
|
handleFuncMetrics("/v1/operator/raft/peer", s.wrap(s.OperatorRaftPeer))
|
|
|
|
handleFuncMetrics("/v1/operator/keyring", s.wrap(s.OperatorKeyringEndpoint))
|
|
|
|
handleFuncMetrics("/v1/operator/autopilot/configuration", s.wrap(s.OperatorAutopilotConfiguration))
|
|
|
|
handleFuncMetrics("/v1/operator/autopilot/health", s.wrap(s.OperatorServerHealth))
|
|
|
|
handleFuncMetrics("/v1/query", s.wrap(s.PreparedQueryGeneral))
|
|
|
|
handleFuncMetrics("/v1/query/", s.wrap(s.PreparedQuerySpecific))
|
|
|
|
handleFuncMetrics("/v1/session/create", s.wrap(s.SessionCreate))
|
|
|
|
handleFuncMetrics("/v1/session/destroy/", s.wrap(s.SessionDestroy))
|
|
|
|
handleFuncMetrics("/v1/session/renew/", s.wrap(s.SessionRenew))
|
|
|
|
handleFuncMetrics("/v1/session/info/", s.wrap(s.SessionGet))
|
|
|
|
handleFuncMetrics("/v1/session/node/", s.wrap(s.SessionsForNode))
|
|
|
|
handleFuncMetrics("/v1/session/list", s.wrap(s.SessionList))
|
|
|
|
handleFuncMetrics("/v1/status/leader", s.wrap(s.StatusLeader))
|
|
|
|
handleFuncMetrics("/v1/status/peers", s.wrap(s.StatusPeers))
|
|
|
|
handleFuncMetrics("/v1/snapshot", s.wrap(s.Snapshot))
|
|
|
|
handleFuncMetrics("/v1/txn", s.wrap(s.Txn))
|
2016-05-11 04:41:47 +00:00
|
|
|
|
2016-10-26 02:20:24 +00:00
|
|
|
// Debug endpoints.
|
2014-03-20 00:50:57 +00:00
|
|
|
if enableDebug {
|
2017-05-19 09:53:41 +00:00
|
|
|
handleFuncMetrics("/debug/pprof/", pprof.Index)
|
|
|
|
handleFuncMetrics("/debug/pprof/cmdline", pprof.Cmdline)
|
|
|
|
handleFuncMetrics("/debug/pprof/profile", pprof.Profile)
|
|
|
|
handleFuncMetrics("/debug/pprof/symbol", pprof.Symbol)
|
2014-03-20 00:50:57 +00:00
|
|
|
}
|
2014-04-23 19:57:06 +00:00
|
|
|
|
2015-11-30 19:24:08 +00:00
|
|
|
// Use the custom UI dir if provided.
|
2017-05-11 17:31:58 +00:00
|
|
|
if s.agent.config.UIDir != "" {
|
2017-05-19 09:53:41 +00:00
|
|
|
mux.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(http.Dir(s.agent.config.UIDir))))
|
2017-04-21 00:02:42 +00:00
|
|
|
} else if s.agent.config.EnableUI {
|
2017-05-19 09:53:41 +00:00
|
|
|
mux.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(assetFS())))
|
2015-02-11 21:25:04 +00:00
|
|
|
}
|
2017-05-19 09:53:41 +00:00
|
|
|
return mux
|
2013-12-23 19:38:51 +00:00
|
|
|
}
|
|
|
|
|
2017-07-15 07:07:08 +00:00
|
|
|
// aclEndpointRE is used to find old ACL endpoints that take tokens in the URL
|
|
|
|
// so that we can redact them. The ACL endpoints that take the token in the URL
|
|
|
|
// are all of the form /v1/acl/<verb>/<token>, and can optionally include query
|
|
|
|
// parameters which are indicated by a question mark. We capture the part before
|
|
|
|
// the token, the token, and any query parameters after, and then reassemble as
|
|
|
|
// $1<hidden>$3 (the token in $2 isn't used), which will give:
|
|
|
|
//
|
|
|
|
// /v1/acl/clone/foo -> /v1/acl/clone/<hidden>
|
|
|
|
// /v1/acl/clone/foo?token=bar -> /v1/acl/clone/<hidden>?token=<hidden>
|
|
|
|
//
|
|
|
|
// The query parameter in the example above is obfuscated like any other, after
|
|
|
|
// this regular expression is applied, so the regular expression substitution
|
|
|
|
// results in:
|
|
|
|
//
|
|
|
|
// /v1/acl/clone/foo?token=bar -> /v1/acl/clone/<hidden>?token=bar
|
|
|
|
// ^---- $1 ----^^- $2 -^^-- $3 --^
|
|
|
|
//
|
|
|
|
// And then the loop that looks for parameters called "token" does the last
|
|
|
|
// step to get to the final redacted form.
|
|
|
|
var (
|
|
|
|
aclEndpointRE = regexp.MustCompile("^(/v1/acl/[^/]+/)([^?]+)([?]?.*)$")
|
|
|
|
)
|
|
|
|
|
2013-12-23 19:38:51 +00:00
|
|
|
// wrap is used to wrap functions to make them more convenient
|
2017-05-11 17:37:47 +00:00
|
|
|
func (s *HTTPServer) wrap(handler func(resp http.ResponseWriter, req *http.Request) (interface{}, error)) http.HandlerFunc {
|
|
|
|
return func(resp http.ResponseWriter, req *http.Request) {
|
2017-06-16 11:58:19 +00:00
|
|
|
setHeaders(resp, s.agent.config.HTTPConfig.ResponseHeaders)
|
2016-08-16 18:31:41 +00:00
|
|
|
setTranslateAddr(resp, s.agent.config.TranslateWanAddrs)
|
2014-12-28 04:53:19 +00:00
|
|
|
|
2015-04-12 18:17:31 +00:00
|
|
|
// Obfuscate any tokens from appearing in the logs
|
2015-04-14 00:31:53 +00:00
|
|
|
formVals, err := url.ParseQuery(req.URL.RawQuery)
|
|
|
|
if err != nil {
|
2017-05-19 09:53:41 +00:00
|
|
|
s.agent.logger.Printf("[ERR] http: Failed to decode query: %s from=%s", err, req.RemoteAddr)
|
2016-02-05 22:06:42 +00:00
|
|
|
resp.WriteHeader(http.StatusInternalServerError) // 500
|
2015-04-14 00:31:53 +00:00
|
|
|
return
|
|
|
|
}
|
2015-04-12 18:17:31 +00:00
|
|
|
logURL := req.URL.String()
|
2015-04-14 00:31:53 +00:00
|
|
|
if tokens, ok := formVals["token"]; ok {
|
2015-04-12 18:17:31 +00:00
|
|
|
for _, token := range tokens {
|
2015-06-12 07:09:51 +00:00
|
|
|
if token == "" {
|
|
|
|
logURL += "<hidden>"
|
|
|
|
continue
|
|
|
|
}
|
2015-04-12 18:17:31 +00:00
|
|
|
logURL = strings.Replace(logURL, token, "<hidden>", -1)
|
|
|
|
}
|
|
|
|
}
|
2017-07-15 07:07:08 +00:00
|
|
|
logURL = aclEndpointRE.ReplaceAllString(logURL, "$1<hidden>$3")
|
2015-04-12 18:17:31 +00:00
|
|
|
|
2017-07-10 20:51:25 +00:00
|
|
|
if s.blacklist.Block(req.URL.Path) {
|
|
|
|
errMsg := "Endpoint is blocked by agent configuration"
|
|
|
|
s.agent.logger.Printf("[ERR] http: Request %s %v, error: %v from=%s", req.Method, logURL, err, req.RemoteAddr)
|
|
|
|
resp.WriteHeader(http.StatusForbidden)
|
|
|
|
fmt.Fprint(resp, errMsg)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-05-11 17:37:47 +00:00
|
|
|
handleErr := func(err error) {
|
2017-05-19 09:53:41 +00:00
|
|
|
s.agent.logger.Printf("[ERR] http: Request %s %v, error: %v from=%s", req.Method, logURL, err, req.RemoteAddr)
|
2017-05-11 17:37:47 +00:00
|
|
|
code := http.StatusInternalServerError // 500
|
|
|
|
errMsg := err.Error()
|
|
|
|
if strings.Contains(errMsg, "Permission denied") || strings.Contains(errMsg, "ACL not found") {
|
|
|
|
code = http.StatusForbidden // 403
|
|
|
|
}
|
|
|
|
resp.WriteHeader(code)
|
|
|
|
fmt.Fprint(resp, errMsg)
|
|
|
|
}
|
|
|
|
|
2013-12-23 19:38:51 +00:00
|
|
|
// Invoke the handler
|
2013-12-23 22:26:34 +00:00
|
|
|
start := time.Now()
|
|
|
|
defer func() {
|
2017-05-19 09:53:41 +00:00
|
|
|
s.agent.logger.Printf("[DEBUG] http: Request %s %v (%v) from=%s", req.Method, logURL, time.Now().Sub(start), req.RemoteAddr)
|
2013-12-23 22:26:34 +00:00
|
|
|
}()
|
2013-12-24 00:20:51 +00:00
|
|
|
obj, err := handler(resp, req)
|
2013-12-23 19:38:51 +00:00
|
|
|
if err != nil {
|
2017-05-11 17:37:47 +00:00
|
|
|
handleErr(err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if obj == nil {
|
2013-12-23 19:38:51 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-05-11 17:37:47 +00:00
|
|
|
buf, err := s.marshalJSON(req, obj)
|
|
|
|
if err != nil {
|
|
|
|
handleErr(err)
|
|
|
|
return
|
2013-12-23 19:38:51 +00:00
|
|
|
}
|
2017-05-11 17:37:47 +00:00
|
|
|
resp.Header().Set("Content-Type", "application/json")
|
|
|
|
resp.Write(buf)
|
2013-12-23 19:38:51 +00:00
|
|
|
}
|
|
|
|
}
|
2013-12-24 00:20:51 +00:00
|
|
|
|
2016-05-07 00:50:58 +00:00
|
|
|
// marshalJSON marshals the object into JSON, respecting the user's pretty-ness
|
|
|
|
// configuration.
|
|
|
|
func (s *HTTPServer) marshalJSON(req *http.Request, obj interface{}) ([]byte, error) {
|
2016-11-18 06:31:19 +00:00
|
|
|
if _, ok := req.URL.Query()["pretty"]; ok || s.agent.config.DevMode {
|
2016-05-07 00:50:58 +00:00
|
|
|
buf, err := json.MarshalIndent(obj, "", " ")
|
2016-05-10 21:37:05 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
buf = append(buf, "\n"...)
|
|
|
|
return buf, nil
|
2016-05-07 00:50:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
buf, err := json.Marshal(obj)
|
2016-05-10 21:37:05 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2016-05-07 00:50:58 +00:00
|
|
|
return buf, err
|
|
|
|
}
|
|
|
|
|
2016-02-13 00:11:32 +00:00
|
|
|
// Returns true if the UI is enabled.
|
|
|
|
func (s *HTTPServer) IsUIEnabled() bool {
|
2017-05-11 17:31:58 +00:00
|
|
|
return s.agent.config.UIDir != "" || s.agent.config.EnableUI
|
2016-02-13 00:11:32 +00:00
|
|
|
}
|
|
|
|
|
2013-12-25 01:09:51 +00:00
|
|
|
// Renders a simple index page
|
|
|
|
func (s *HTTPServer) Index(resp http.ResponseWriter, req *http.Request) {
|
2014-04-27 19:10:38 +00:00
|
|
|
// Check if this is a non-index path
|
|
|
|
if req.URL.Path != "/" {
|
2016-02-05 22:06:42 +00:00
|
|
|
resp.WriteHeader(http.StatusNotFound) // 404
|
2014-04-27 19:10:38 +00:00
|
|
|
return
|
2013-12-25 01:09:51 +00:00
|
|
|
}
|
2014-04-27 19:10:38 +00:00
|
|
|
|
2016-02-13 00:11:32 +00:00
|
|
|
// Give them something helpful if there's no UI so they at least know
|
|
|
|
// what this server is.
|
|
|
|
if !s.IsUIEnabled() {
|
Use fmt.Fprint/Fprintf/Fprintln
Used the following rewrite rules:
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
2017-04-20 14:07:42 +00:00
|
|
|
fmt.Fprint(resp, "Consul Agent")
|
2014-04-27 19:10:38 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Redirect to the UI endpoint
|
2016-02-05 22:06:42 +00:00
|
|
|
http.Redirect(resp, req, "/ui/", http.StatusMovedPermanently) // 301
|
2013-12-25 01:09:51 +00:00
|
|
|
}
|
|
|
|
|
2013-12-24 00:20:51 +00:00
|
|
|
// decodeBody is used to decode a JSON request body
|
2014-04-21 22:02:36 +00:00
|
|
|
func decodeBody(req *http.Request, out interface{}, cb func(interface{}) error) error {
|
|
|
|
var raw interface{}
|
2013-12-24 00:20:51 +00:00
|
|
|
dec := json.NewDecoder(req.Body)
|
2014-04-21 22:02:36 +00:00
|
|
|
if err := dec.Decode(&raw); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Invoke the callback prior to decode
|
|
|
|
if cb != nil {
|
|
|
|
if err := cb(raw); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return mapstructure.Decode(raw, out)
|
2013-12-24 00:20:51 +00:00
|
|
|
}
|
2014-02-05 22:36:13 +00:00
|
|
|
|
2016-08-16 18:31:41 +00:00
|
|
|
// setTranslateAddr is used to set the address translation header. This is only
|
|
|
|
// present if the feature is active.
|
|
|
|
func setTranslateAddr(resp http.ResponseWriter, active bool) {
|
|
|
|
if active {
|
|
|
|
resp.Header().Set("X-Consul-Translate-Addresses", "true")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-02-05 22:36:13 +00:00
|
|
|
// setIndex is used to set the index response header
|
|
|
|
func setIndex(resp http.ResponseWriter, index uint64) {
|
2014-10-14 00:53:54 +00:00
|
|
|
resp.Header().Set("X-Consul-Index", strconv.FormatUint(index, 10))
|
2014-02-05 22:36:13 +00:00
|
|
|
}
|
|
|
|
|
2014-04-21 19:40:11 +00:00
|
|
|
// setKnownLeader is used to set the known leader header
|
|
|
|
func setKnownLeader(resp http.ResponseWriter, known bool) {
|
|
|
|
s := "true"
|
|
|
|
if !known {
|
|
|
|
s = "false"
|
|
|
|
}
|
2014-10-14 00:53:54 +00:00
|
|
|
resp.Header().Set("X-Consul-KnownLeader", s)
|
2014-04-21 19:40:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// setLastContact is used to set the last contact header
|
|
|
|
func setLastContact(resp http.ResponseWriter, last time.Duration) {
|
2017-06-01 11:53:27 +00:00
|
|
|
if last < 0 {
|
|
|
|
last = 0
|
|
|
|
}
|
2014-04-21 19:40:11 +00:00
|
|
|
lastMsec := uint64(last / time.Millisecond)
|
2014-10-14 00:53:54 +00:00
|
|
|
resp.Header().Set("X-Consul-LastContact", strconv.FormatUint(lastMsec, 10))
|
2014-04-21 19:40:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// setMeta is used to set the query response meta data
|
|
|
|
func setMeta(resp http.ResponseWriter, m *structs.QueryMeta) {
|
|
|
|
setIndex(resp, m.Index)
|
|
|
|
setLastContact(resp, m.LastContact)
|
|
|
|
setKnownLeader(resp, m.KnownLeader)
|
|
|
|
}
|
|
|
|
|
2014-12-28 04:53:19 +00:00
|
|
|
// setHeaders is used to set canonical response header fields
|
|
|
|
func setHeaders(resp http.ResponseWriter, headers map[string]string) {
|
|
|
|
for field, value := range headers {
|
|
|
|
resp.Header().Set(http.CanonicalHeaderKey(field), value)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-02-05 22:36:13 +00:00
|
|
|
// parseWait is used to parse the ?wait and ?index query params
|
|
|
|
// Returns true on error
|
2014-04-21 19:26:12 +00:00
|
|
|
func parseWait(resp http.ResponseWriter, req *http.Request, b *structs.QueryOptions) bool {
|
2014-02-05 22:36:13 +00:00
|
|
|
query := req.URL.Query()
|
|
|
|
if wait := query.Get("wait"); wait != "" {
|
|
|
|
dur, err := time.ParseDuration(wait)
|
|
|
|
if err != nil {
|
2016-02-05 22:06:42 +00:00
|
|
|
resp.WriteHeader(http.StatusBadRequest) // 400
|
Use fmt.Fprint/Fprintf/Fprintln
Used the following rewrite rules:
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
2017-04-20 14:07:42 +00:00
|
|
|
fmt.Fprint(resp, "Invalid wait time")
|
2014-02-05 22:36:13 +00:00
|
|
|
return true
|
|
|
|
}
|
|
|
|
b.MaxQueryTime = dur
|
|
|
|
}
|
|
|
|
if idx := query.Get("index"); idx != "" {
|
|
|
|
index, err := strconv.ParseUint(idx, 10, 64)
|
|
|
|
if err != nil {
|
2016-02-05 22:06:42 +00:00
|
|
|
resp.WriteHeader(http.StatusBadRequest) // 400
|
Use fmt.Fprint/Fprintf/Fprintln
Used the following rewrite rules:
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
2017-04-20 14:07:42 +00:00
|
|
|
fmt.Fprint(resp, "Invalid index")
|
2014-02-05 22:36:13 +00:00
|
|
|
return true
|
|
|
|
}
|
|
|
|
b.MinQueryIndex = index
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2014-04-21 19:26:12 +00:00
|
|
|
// parseConsistency is used to parse the ?stale and ?consistent query params.
|
|
|
|
// Returns true on error
|
2017-06-27 05:04:55 +00:00
|
|
|
func parseConsistency(resp http.ResponseWriter, req *http.Request, b *structs.QueryOptions) bool {
|
2014-04-21 19:26:12 +00:00
|
|
|
query := req.URL.Query()
|
2017-06-16 08:55:53 +00:00
|
|
|
if _, ok := query["stale"]; ok {
|
|
|
|
b.AllowStale = true
|
|
|
|
}
|
2017-06-27 05:04:55 +00:00
|
|
|
if _, ok := query["consistent"]; ok {
|
|
|
|
b.RequireConsistent = true
|
|
|
|
}
|
2014-04-21 19:26:12 +00:00
|
|
|
if b.AllowStale && b.RequireConsistent {
|
2016-02-05 22:06:42 +00:00
|
|
|
resp.WriteHeader(http.StatusBadRequest) // 400
|
Use fmt.Fprint/Fprintf/Fprintln
Used the following rewrite rules:
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
2017-04-20 14:07:42 +00:00
|
|
|
fmt.Fprint(resp, "Cannot specify ?stale with ?consistent, conflicting semantics.")
|
2014-04-21 19:26:12 +00:00
|
|
|
return true
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2014-02-05 22:36:13 +00:00
|
|
|
// parseDC is used to parse the ?dc query param
|
|
|
|
func (s *HTTPServer) parseDC(req *http.Request, dc *string) {
|
|
|
|
if other := req.URL.Query().Get("dc"); other != "" {
|
|
|
|
*dc = other
|
|
|
|
} else if *dc == "" {
|
|
|
|
*dc = s.agent.config.Datacenter
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-10-19 13:59:24 +00:00
|
|
|
// parseToken is used to parse the ?token query param or the X-Consul-Token header
|
2014-08-12 18:35:22 +00:00
|
|
|
func (s *HTTPServer) parseToken(req *http.Request, token *string) {
|
|
|
|
if other := req.URL.Query().Get("token"); other != "" {
|
|
|
|
*token = other
|
2015-02-06 22:10:01 +00:00
|
|
|
return
|
2014-08-12 18:35:22 +00:00
|
|
|
}
|
2015-02-06 22:10:01 +00:00
|
|
|
|
2015-10-19 13:59:24 +00:00
|
|
|
if other := req.Header.Get("X-Consul-Token"); other != "" {
|
|
|
|
*token = other
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2015-02-06 22:10:01 +00:00
|
|
|
// Set the default ACLToken
|
2017-07-26 18:03:43 +00:00
|
|
|
*token = s.agent.tokens.UserToken()
|
2014-08-12 18:35:22 +00:00
|
|
|
}
|
|
|
|
|
2015-06-30 21:25:40 +00:00
|
|
|
// parseSource is used to parse the ?near=<node> query parameter, used for
|
|
|
|
// sorting by RTT based on a source node. We set the source's DC to the target
|
|
|
|
// DC in the request, if given, or else the agent's DC.
|
|
|
|
func (s *HTTPServer) parseSource(req *http.Request, source *structs.QuerySource) {
|
|
|
|
s.parseDC(req, &source.Datacenter)
|
|
|
|
if node := req.URL.Query().Get("near"); node != "" {
|
2015-07-28 17:39:37 +00:00
|
|
|
if node == "_agent" {
|
2015-07-24 21:30:53 +00:00
|
|
|
source.Node = s.agent.config.NodeName
|
|
|
|
} else {
|
|
|
|
source.Node = node
|
|
|
|
}
|
2015-06-30 21:25:40 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-09 19:21:49 +00:00
|
|
|
// parseMetaFilter is used to parse the ?node-meta=key:value query parameter, used for
|
|
|
|
// filtering results to nodes with the given metadata key/value
|
2017-01-11 19:41:12 +00:00
|
|
|
func (s *HTTPServer) parseMetaFilter(req *http.Request) map[string]string {
|
|
|
|
if filterList, ok := req.URL.Query()["node-meta"]; ok {
|
|
|
|
filters := make(map[string]string)
|
|
|
|
for _, filter := range filterList {
|
2017-06-02 10:04:04 +00:00
|
|
|
key, value := ParseMetaPair(filter)
|
2017-01-11 21:07:11 +00:00
|
|
|
filters[key] = value
|
2017-01-09 19:21:49 +00:00
|
|
|
}
|
2017-01-11 19:41:12 +00:00
|
|
|
return filters
|
2017-01-09 19:21:49 +00:00
|
|
|
}
|
2017-01-11 19:41:12 +00:00
|
|
|
return nil
|
2017-01-09 19:21:49 +00:00
|
|
|
}
|
|
|
|
|
2014-02-05 22:36:13 +00:00
|
|
|
// parse is a convenience method for endpoints that need
|
|
|
|
// to use both parseWait and parseDC.
|
2014-04-21 19:26:12 +00:00
|
|
|
func (s *HTTPServer) parse(resp http.ResponseWriter, req *http.Request, dc *string, b *structs.QueryOptions) bool {
|
2014-02-05 22:36:13 +00:00
|
|
|
s.parseDC(req, dc)
|
2014-08-12 18:35:22 +00:00
|
|
|
s.parseToken(req, &b.Token)
|
2017-06-27 05:04:55 +00:00
|
|
|
if parseConsistency(resp, req, b) {
|
2014-04-21 19:26:12 +00:00
|
|
|
return true
|
|
|
|
}
|
2014-02-05 22:36:13 +00:00
|
|
|
return parseWait(resp, req, b)
|
|
|
|
}
|