Welcome to mirror list, hosted at ThFree Co, Russian Federation.

handlers.go « handlers « internal - gitlab.com/gitlab-org/gitlab-pages.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/internal/handlers/handlers.go
blob: 6c3b25abf85573c3d5ce6153f7cfcbc3292e6d51 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

package handlers

import (
	"net/http"

	"gitlab.com/gitlab-org/gitlab-pages/internal"
	"gitlab.com/gitlab-org/gitlab-pages/internal/logging"
)

// Handlers take care of handling specific requests
type Handlers struct {
	Auth     internal.Auth
	Artifact internal.Artifact
}

// New when provided the arguments defined herein, returns a pointer to an
// Handlers that is used to handle requests.
func New(auth internal.Auth, artifact internal.Artifact) *Handlers {
	return &Handlers{
		Auth:     auth,
		Artifact: artifact,
	}
}

func (a *Handlers) checkIfLoginRequiredOrInvalidToken(w http.ResponseWriter, r *http.Request, token string, domain internal.Domain) func(*http.Response) bool {
	return func(resp *http.Response) bool {
		// API will return 403 if the project does not have public pipelines (public_builds flag)
		if resp.StatusCode == http.StatusNotFound || resp.StatusCode == http.StatusForbidden {
			if token == "" {
				if !a.Auth.IsAuthSupported() {
					// Auth is not supported, probably means no access or does not exist but we cannot try with auth
					return false
				}

				logging.LogRequest(r).Debugf("Artifact API response was %d without token, try with authentication", resp.StatusCode)

				// Authenticate user
				if a.Auth.RequireAuth(w, r, domain) {
					return true
				}
			} else {
				logging.LogRequest(r).Debugf("Artifact API response was %d with authentication", resp.StatusCode)
			}
		}

		if a.Auth.CheckResponseForInvalidToken(w, r, resp) {
			return true
		}

		return false
	}
}

// HandleArtifactRequest handles all artifact related requests, will return true if request was handled here
func (a *Handlers) HandleArtifactRequest(w http.ResponseWriter, r *http.Request, domain internal.Domain) bool {
	// In the event a host is prefixed with the artifact prefix an artifact
	// value is created, and an attempt to proxy the request is made

	// Always try to add token to the request if it exists
	token, err := a.Auth.GetTokenIfExists(w, r)
	if err != nil {
		return true
	}

	//nolint: bodyclose // false positive
	// a.checkIfLoginRequiredOrInvalidToken returns a response.Body, closing this body is responsibility
	// of the TryMakeRequest implementation
	return a.Artifact.TryMakeRequest(w, r, token, a.checkIfLoginRequiredOrInvalidToken(w, r, token, domain))
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 17:05:00 +0300