1
0
Fork 0
mirror of https://github.com/Luzifer/nginx-sso.git synced 2024-12-21 05:11:17 +00:00
nginx-sso/vendor/google.golang.org/appengine/remote_api/remote_api.go

153 lines
4.3 KiB
Go
Raw Normal View History

// Copyright 2012 Google Inc. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.
/*
Package remote_api implements the /_ah/remote_api endpoint.
This endpoint is used by offline tools such as the bulk loader.
*/
package remote_api // import "google.golang.org/appengine/remote_api"
import (
"fmt"
"io"
"io/ioutil"
"net/http"
"strconv"
"github.com/golang/protobuf/proto"
"google.golang.org/appengine"
"google.golang.org/appengine/internal"
pb "google.golang.org/appengine/internal/remote_api"
"google.golang.org/appengine/log"
"google.golang.org/appengine/user"
)
func init() {
http.HandleFunc("/_ah/remote_api", handle)
}
func handle(w http.ResponseWriter, req *http.Request) {
c := appengine.NewContext(req)
u := user.Current(c)
if u == nil {
u, _ = user.CurrentOAuth(c,
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/appengine.apis",
)
}
if !appengine.IsDevAppServer() && (u == nil || !u.Admin) {
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusUnauthorized)
io.WriteString(w, "You must be logged in as an administrator to access this.\n")
return
}
if req.Header.Get("X-Appcfg-Api-Version") == "" {
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusForbidden)
io.WriteString(w, "This request did not contain a necessary header.\n")
return
}
if req.Method != "POST" {
// Response must be YAML.
rtok := req.FormValue("rtok")
if rtok == "" {
rtok = "0"
}
w.Header().Set("Content-Type", "text/yaml; charset=utf-8")
fmt.Fprintf(w, `{app_id: %q, rtok: %q}`, internal.FullyQualifiedAppID(c), rtok)
return
}
defer req.Body.Close()
body, err := ioutil.ReadAll(req.Body)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
log.Errorf(c, "Failed reading body: %v", err)
return
}
remReq := &pb.Request{}
if err := proto.Unmarshal(body, remReq); err != nil {
w.WriteHeader(http.StatusBadRequest)
log.Errorf(c, "Bad body: %v", err)
return
}
service, method := *remReq.ServiceName, *remReq.Method
if !requestSupported(service, method) {
w.WriteHeader(http.StatusBadRequest)
log.Errorf(c, "Unsupported RPC /%s.%s", service, method)
return
}
rawReq := &rawMessage{remReq.Request}
rawRes := &rawMessage{}
err = internal.Call(c, service, method, rawReq, rawRes)
remRes := &pb.Response{}
if err == nil {
remRes.Response = rawRes.buf
} else if ae, ok := err.(*internal.APIError); ok {
remRes.ApplicationError = &pb.ApplicationError{
Code: &ae.Code,
Detail: &ae.Detail,
}
} else {
// This shouldn't normally happen.
log.Errorf(c, "appengine/remote_api: Unexpected error of type %T: %v", err, err)
remRes.ApplicationError = &pb.ApplicationError{
Code: proto.Int32(0),
Detail: proto.String(err.Error()),
}
}
out, err := proto.Marshal(remRes)
if err != nil {
// This should not be possible.
w.WriteHeader(500)
log.Errorf(c, "proto.Marshal: %v", err)
return
}
log.Infof(c, "Spooling %d bytes of response to /%s.%s", len(out), service, method)
w.Header().Set("Content-Type", "application/octet-stream")
w.Header().Set("Content-Length", strconv.Itoa(len(out)))
w.Write(out)
}
// rawMessage is a protocol buffer type that is already serialised.
// This allows the remote_api code here to handle messages
// without having to know the real type.
type rawMessage struct {
buf []byte
}
func (rm *rawMessage) Marshal() ([]byte, error) {
return rm.buf, nil
}
func (rm *rawMessage) Unmarshal(buf []byte) error {
rm.buf = make([]byte, len(buf))
copy(rm.buf, buf)
return nil
}
func requestSupported(service, method string) bool {
// This list of supported services is taken from SERVICE_PB_MAP in remote_api_services.py
switch service {
case "app_identity_service", "blobstore", "capability_service", "channel", "datastore_v3",
"datastore_v4", "file", "images", "logservice", "mail", "matcher", "memcache", "remote_datastore",
"remote_socket", "search", "modules", "system", "taskqueue", "urlfetch", "user", "xmpp":
return true
}
return false
}
// Methods to satisfy proto.Message.
func (rm *rawMessage) Reset() { rm.buf = nil }
func (rm *rawMessage) String() string { return strconv.Quote(string(rm.buf)) }
func (*rawMessage) ProtoMessage() {}