package website import ( "encoding/json" "net/http" "path" "strings" "website/internal/config" ihttp "website/internal/http" "website/internal/log" "website/templates" "github.com/benpate/digit" "github.com/kevinpollet/nego" "github.com/pkg/errors" ) func CanonicalisePath(path string) (cPath string, differs bool) { cPath = path if strings.HasSuffix(path, "/index.html") { cPath, differs = strings.CutSuffix(path, "index.html") } else if !strings.HasSuffix(path, "/") && files[path+"/"] != nil { cPath, differs = path+"/", true } return cPath, differs } type webHandler func(http.ResponseWriter, *http.Request) *ihttp.Error type WrappedWebHandler struct { config *config.Config handler webHandler } func wrapHandler(cfg *config.Config, webHandler webHandler) WrappedWebHandler { return WrappedWebHandler{ config: cfg, handler: webHandler, } } func (fn WrappedWebHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { defer func() { if fail := recover(); fail != nil { w.WriteHeader(http.StatusInternalServerError) log.Error("runtime panic!", "error", fail) } }() if err := fn.handler(w, r); err != nil { if strings.Contains(r.Header.Get("Accept"), "text/html") { w.WriteHeader(err.Code) err := templates.Error(*fn.config, r.URL.Path, err).Render(r.Context(), w) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) } } else { http.Error(w, err.Message, err.Code) } } } func NewMux(cfg *config.Config, root string) (mux *http.ServeMux, err error) { mux = &http.ServeMux{} prefix := path.Join(root, "public") log.Debug("registering content files", "prefix", prefix) err = registerContentFiles(prefix) if err != nil { return nil, errors.WithMessagef(err, "registering content files") } templates.Setup() mux.Handle("/", wrapHandler(cfg, func(w http.ResponseWriter, r *http.Request) *ihttp.Error { urlPath, shouldRedirect := CanonicalisePath(r.URL.Path) if shouldRedirect { http.Redirect(w, r, urlPath, 302) return nil } file := GetFile(urlPath) if file == nil { return &ihttp.Error{ Message: "File not found", Code: http.StatusNotFound, } } w.Header().Add("ETag", file.etag) w.Header().Add("Vary", "Accept-Encoding") w.Header().Add("Content-Security-Policy", cfg.CSP.String()) for k, v := range cfg.Extra.Headers { w.Header().Add(k, v) } enc := nego.NegotiateContentEncoding(r, file.AvailableEncodings()...) switch enc { case "br", "gzip": w.Header().Add("Content-Encoding", enc) w.Header().Add("Content-Type", file.contentType) } http.ServeFile(w, r, files[urlPath].alternatives[enc]) return nil })) var acctResource = "acct:" + cfg.Email me := digit.NewResource(acctResource). Link("http://openid.net/specs/connect/1.0/issuer", "", cfg.OIDCHost.String()) mux.HandleFunc("/.well-known/webfinger", func(w http.ResponseWriter, r *http.Request) { if r.URL.Query().Get("resource") == acctResource { obj, err := json.Marshal(me) if err != nil { http.Error( w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, ) return } w.Header().Add("Content-Type", "application/jrd+json") w.Header().Add("Access-Control-Allow-Origin", "*") _, err = w.Write(obj) if err != nil { log.Warn("error writing webfinger request", "error", err) } } }) const oidcPath = "/.well-known/openid-configuration" mux.HandleFunc( oidcPath, func(w http.ResponseWriter, r *http.Request) { u := cfg.OIDCHost.JoinPath(oidcPath) http.Redirect(w, r, u.String(), 302) }) return mux, nil }