diff options
author | Vladimir Shushlin <vshushlin@gitlab.com> | 2022-04-14 10:36:34 +0300 |
---|---|---|
committer | Vladimir Shushlin <vshushlin@gitlab.com> | 2022-04-14 10:36:34 +0300 |
commit | 44212f34412ac17d8611163e9c20c1691c73a314 (patch) | |
tree | daa7dabb2d046155769928ce0010b3bc4935fa50 | |
parent | 3eed26c829eb421a7b20748ec3c7a2bf2a189c81 (diff) | |
parent | 0cdba9e694b9cef2bb09a7795a71db7706610a7c (diff) |
Merge branch 'fix-context-canceled-in-auth-and-artifacts' into 'master'
fix: handle context canceled gracefully for auth and artifacts
Closes #679
See merge request gitlab-org/gitlab-pages!721
-rw-r--r-- | internal/artifact/artifact.go | 6 | ||||
-rw-r--r-- | internal/artifact/artifact_test.go | 21 | ||||
-rw-r--r-- | internal/auth/auth.go | 10 | ||||
-rw-r--r-- | internal/auth/auth_test.go | 20 |
4 files changed, 57 insertions, 0 deletions
diff --git a/internal/artifact/artifact.go b/internal/artifact/artifact.go index 0a4f0ab4..dab1fb91 100644 --- a/internal/artifact/artifact.go +++ b/internal/artifact/artifact.go @@ -1,6 +1,7 @@ package artifact import ( + "context" "errors" "fmt" "io" @@ -89,6 +90,11 @@ func (a *Artifact) makeRequest(w http.ResponseWriter, r *http.Request, reqURL *u } resp, err := a.client.Do(req) if err != nil { + if errors.Is(err, context.Canceled) { + httperrors.Serve404(w) + return + } + logging.LogRequest(r).WithError(err).Error(artifactRequestErrMsg) errortracking.CaptureErrWithReqAndStackTrace(err, r) httperrors.Serve502(w) diff --git a/internal/artifact/artifact_test.go b/internal/artifact/artifact_test.go index ab25d16f..b8c2771b 100644 --- a/internal/artifact/artifact_test.go +++ b/internal/artifact/artifact_test.go @@ -1,6 +1,7 @@ package artifact_test import ( + "context" "fmt" "net/http" "net/http/httptest" @@ -275,3 +276,23 @@ func TestBuildURL(t *testing.T) { }) } } + +func TestContextCanceled(t *testing.T) { + content := "<!DOCTYPE html><html><head><title>Title of the document</title></head><body></body></html>" + contentType := "text/html; charset=utf-8" + testServer := makeArtifactServerStub(t, content, contentType) + t.Cleanup(testServer.Close) + + result := httptest.NewRecorder() + reqURL, err := url.Parse("/-/subgroup/project/-/jobs/1/artifacts/200.html") + require.NoError(t, err) + r := &http.Request{URL: reqURL} + ctx, cancel := context.WithCancel(context.Background()) + r = r.WithContext(ctx) + // cancel context explicitly + cancel() + art := artifact.New(testServer.URL, 1, "gitlab-example.io") + + require.True(t, art.TryMakeRequest("group.gitlab-example.io", result, r, "", func(resp *http.Response) bool { return false })) + require.Equal(t, http.StatusNotFound, result.Code) +} diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 21398e56..05542d21 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -151,6 +151,11 @@ func (a *Auth) checkAuthenticationResponse(session *hostSession, w http.Response // Fetch access token with authorization code token, err := a.fetchAccessToken(r.Context(), decryptedCode) if err != nil { + if errors.Is(err, context.Canceled) { + httperrors.Serve404(w) + return + } + // Fetching token not OK logRequest(r).WithError(err).WithField( "redirect_uri", redirectURI, @@ -476,6 +481,11 @@ func (a *Auth) checkAuthentication(w http.ResponseWriter, r *http.Request, domai req.Header.Add("Authorization", "Bearer "+session.Values["access_token"].(string)) resp, err := a.apiClient.Do(req) if err != nil { + if errors.Is(err, context.Canceled) { + httperrors.Serve404(w) + return true + } + logRequest(r).WithError(err).Error("Failed to retrieve info with token") errortracking.CaptureErrWithReqAndStackTrace(err, r) // call serve404 handler when auth fails diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 586c3839..4236d695 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -270,6 +270,26 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { require.Equal(t, http.StatusOK, result.Code) } +func TestCheckAuthenticationWhenContextCanceled(t *testing.T) { + apiServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) })) + t.Cleanup(apiServer.Close) + + auth := createTestAuth(t, apiServer.URL, "") + + result := httptest.NewRecorder() + r, err := http.NewRequest("Get", "https://example.com/", nil) + require.NoError(t, err) + ctx, cancel := context.WithCancel(r.Context()) + r = r.WithContext(ctx) + setSessionValues(t, r, auth, map[interface{}]interface{}{"access_token": "abc"}) + + // cancel context explicitly and expect not found + cancel() + contentServed := auth.CheckAuthentication(result, r, &domainMock{projectID: 1000}) + require.True(t, contentServed) + require.Equal(t, http.StatusNotFound, result.Code) +} + func TestCheckAuthenticationWhenNoAccess(t *testing.T) { apiServer := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { |