gotty/server/server.go
2017-08-22 12:11:11 +09:00

243 lines
6.5 KiB
Go

package server
import (
"context"
"crypto/tls"
"crypto/x509"
"html/template"
"io/ioutil"
"log"
"net"
"net/http"
"net/url"
"regexp"
noesctmpl "text/template"
"time"
"github.com/elazarl/go-bindata-assetfs"
"github.com/gorilla/websocket"
"github.com/pkg/errors"
"github.com/yudai/gotty/pkg/homedir"
"github.com/yudai/gotty/pkg/randomstring"
"github.com/yudai/gotty/webtty"
)
// Server provides a webtty HTTP endpoint.
type Server struct {
factory Factory
options *Options
upgrader *websocket.Upgrader
indexTemplate *template.Template
titleTemplate *noesctmpl.Template
}
// New creates a new instance of Server.
// Server will use the New() of the factory provided to handle each request.
func New(factory Factory, options *Options) (*Server, error) {
indexData, err := Asset("static/index.html")
if err != nil {
panic("index not found") // must be in bindata
}
if options.IndexFile != "" {
path := homedir.Expand(options.IndexFile)
indexData, err = ioutil.ReadFile(path)
if err != nil {
return nil, errors.Wrapf(err, "failed to read custom index file at `%s`", path)
}
}
indexTemplate, err := template.New("index").Parse(string(indexData))
if err != nil {
panic("index template parse failed") // must be valid
}
titleTemplate, err := noesctmpl.New("title").Parse(options.TitleFormat)
if err != nil {
return nil, errors.Wrapf(err, "failed to parse window title format `%s`", options.TitleFormat)
}
var originChekcer func(r *http.Request) bool
if options.WSOrigin != "" {
matcher, err := regexp.Compile(options.WSOrigin)
if err != nil {
return nil, errors.Wrapf(err, "failed to compile regular expression of Websocket Origin: %s", options.WSOrigin)
}
originChekcer = func(r *http.Request) bool {
return matcher.MatchString(r.Header.Get("Origin"))
}
}
return &Server{
factory: factory,
options: options,
upgrader: &websocket.Upgrader{
ReadBufferSize: 1024,
WriteBufferSize: 1024,
Subprotocols: webtty.Protocols,
CheckOrigin: originChekcer,
},
indexTemplate: indexTemplate,
titleTemplate: titleTemplate,
}, nil
}
// Run starts the main process of the Server.
// The cancelation of ctx will shutdown the server immediately with aborting
// existing connections. Use WithGracefullContext() to support gracefull shutdown.
func (server *Server) Run(ctx context.Context, options ...RunOption) error {
cctx, cancel := context.WithCancel(ctx)
opts := &RunOptions{gracefullCtx: context.Background()}
for _, opt := range options {
opt(opts)
}
counter := newCounter(time.Duration(server.options.Timeout) * time.Second)
path := "/"
if server.options.EnableRandomUrl {
path = "/" + randomstring.Generate(server.options.RandomUrlLength) + "/"
}
url := server.setupURL(server.options.Address, path)
handlers := server.setupHandlers(cctx, cancel, url, counter)
srv, err := server.setupHTTPServer(handlers, url)
if err != nil {
return errors.Wrapf(err, "failed to setup an HTTP server")
}
log.Printf("HTTP server is listening at: %s", url.String())
if server.options.Address == "0.0.0.0" {
for _, address := range listAddresses() {
log.Printf("Alternative URL: %s", server.setupURL(address, path).String())
}
}
if server.options.PermitWrite {
log.Printf("Permitting clients to write input to the PTY.")
}
if server.options.Once {
log.Printf("Once option is provided, accepting only one client")
}
listenErr := make(chan error, 1)
go func() {
if server.options.EnableTLS {
crtFile := homedir.Expand(server.options.TLSCrtFile)
keyFile := homedir.Expand(server.options.TLSKeyFile)
log.Printf("TLS crt file: " + crtFile)
log.Printf("TLS key file: " + keyFile)
err = srv.ListenAndServeTLS(crtFile, keyFile)
} else {
err = srv.ListenAndServe()
}
if err != nil {
listenErr <- err
}
}()
go func() {
select {
case <-opts.gracefullCtx.Done():
srv.Shutdown(context.Background())
case <-cctx.Done():
}
}()
select {
case err = <-listenErr:
if err == http.ErrServerClosed { // by gracefull ctx
err = nil
} else {
cancel()
}
case <-cctx.Done():
srv.Close()
err = cctx.Err()
}
conn := counter.count()
if conn > 0 {
log.Printf("Waiting for %d connections to be closed", conn)
}
counter.wait()
return err
}
func (server *Server) setupURL(ip string, path string) *url.URL {
host := net.JoinHostPort(ip, server.options.Port)
scheme := "http"
if server.options.EnableTLS {
scheme = "https"
}
return &url.URL{Scheme: scheme, Host: host, Path: path}
}
func (server *Server) setupHandlers(ctx context.Context, cancel context.CancelFunc, url *url.URL, counter *counter) http.Handler {
staticFileHandler := http.FileServer(
&assetfs.AssetFS{Asset: Asset, AssetDir: AssetDir, Prefix: "static"},
)
var siteMux = http.NewServeMux()
siteMux.HandleFunc(url.Path, server.handleIndex)
siteMux.Handle(url.Path+"js/", http.StripPrefix(url.Path, staticFileHandler))
siteMux.Handle(url.Path+"favicon.png", http.StripPrefix(url.Path, staticFileHandler))
siteMux.Handle(url.Path+"css/", http.StripPrefix(url.Path, staticFileHandler))
siteMux.HandleFunc(url.Path+"auth_token.js", server.handleAuthToken)
siteMux.HandleFunc(url.Path+"config.js", server.handleConfig)
siteHandler := http.Handler(siteMux)
if server.options.EnableBasicAuth {
log.Printf("Using Basic Authentication")
siteHandler = server.wrapBasicAuth(siteHandler, server.options.Credential)
}
siteHandler = server.wrapLogger(server.wrapHeaders(siteHandler))
wsMux := http.NewServeMux()
wsMux.Handle("/", siteHandler)
wsMux.HandleFunc(url.Path+"ws", server.generateHandleWS(ctx, cancel, counter))
siteHandler = http.Handler(wsMux)
return siteHandler
}
func (server *Server) setupHTTPServer(handler http.Handler, url *url.URL) (*http.Server, error) {
srv := &http.Server{
Addr: url.Host,
Handler: handler,
}
if server.options.EnableTLSClientAuth {
tlsConfig, err := server.tlsConfig()
if err != nil {
return nil, errors.Wrapf(err, "failed to setup TLS configuration")
}
srv.TLSConfig = tlsConfig
}
return srv, nil
}
func (server *Server) tlsConfig() (*tls.Config, error) {
caFile := homedir.Expand(server.options.TLSCACrtFile)
caCert, err := ioutil.ReadFile(caFile)
if err != nil {
return nil, errors.New("could not open CA crt file " + caFile)
}
caCertPool := x509.NewCertPool()
if !caCertPool.AppendCertsFromPEM(caCert) {
return nil, errors.New("could not parse CA crt file data in " + caFile)
}
tlsConfig := &tls.Config{
ClientCAs: caCertPool,
ClientAuth: tls.RequireAndVerifyClientCert,
}
return tlsConfig, nil
}