1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
package handlers
import (
"net/http"
"gitlab.com/gitlab-org/gitlab-pages/internal"
"gitlab.com/gitlab-org/gitlab-pages/internal/logging"
)
// Handlers take care of handling specific requests
type Handlers struct {
Auth internal.Auth
Artifact internal.Artifact
}
// New when provided the arguments defined herein, returns a pointer to an
// Handlers that is used to handle requests.
func New(auth internal.Auth, artifact internal.Artifact) *Handlers {
return &Handlers{
Auth: auth,
Artifact: artifact,
}
}
func (a *Handlers) checkIfLoginRequiredOrInvalidToken(w http.ResponseWriter, r *http.Request, token string, domain internal.Domain) func(*http.Response) bool {
return func(resp *http.Response) bool {
// API will return 403 if the project does not have public pipelines (public_builds flag)
if resp.StatusCode == http.StatusNotFound || resp.StatusCode == http.StatusForbidden {
if token == "" {
if !a.Auth.IsAuthSupported() {
// Auth is not supported, probably means no access or does not exist but we cannot try with auth
return false
}
logging.LogRequest(r).Debugf("Artifact API response was %d without token, try with authentication", resp.StatusCode)
// Authenticate user
if a.Auth.RequireAuth(w, r, domain) {
return true
}
} else {
logging.LogRequest(r).Debugf("Artifact API response was %d with authentication", resp.StatusCode)
}
}
if a.Auth.CheckResponseForInvalidToken(w, r, resp) {
return true
}
return false
}
}
// HandleArtifactRequest handles all artifact related requests, will return true if request was handled here
func (a *Handlers) HandleArtifactRequest(w http.ResponseWriter, r *http.Request, domain internal.Domain) bool {
// In the event a host is prefixed with the artifact prefix an artifact
// value is created, and an attempt to proxy the request is made
// Always try to add token to the request if it exists
token, err := a.Auth.GetTokenIfExists(w, r)
if err != nil {
return true
}
//nolint: bodyclose // false positive
// a.checkIfLoginRequiredOrInvalidToken returns a response.Body, closing this body is responsibility
// of the TryMakeRequest implementation
return a.Artifact.TryMakeRequest(w, r, token, a.checkIfLoginRequiredOrInvalidToken(w, r, token, domain))
}
|