1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
package website
import (
"encoding/json"
"net/http"
"path"
"strings"
"website/internal/config"
"website/internal/log"
"github.com/benpate/digit"
"github.com/kevinpollet/nego"
"github.com/pkg/errors"
)
type HTTPError struct {
Error error
Message string
Code int
}
func canonicalisePath(path string) (cPath string, differs bool) {
cPath = path
if strings.HasSuffix(path, "/index.html") {
cPath, differs = strings.CutSuffix(path, "index.html")
} else if !strings.HasSuffix(path, "/") && files[path+"/"] != nil {
cPath, differs = path+"/", true
}
return cPath, differs
}
type webHandler func(http.ResponseWriter, *http.Request) *HTTPError
func (fn webHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
defer func() {
if fail := recover(); fail != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Error("runtime panic!", "error", fail)
}
}()
if err := fn(w, r); err != nil {
if strings.Contains(r.Header.Get("Accept"), "text/html") {
w.WriteHeader(err.Code)
notFoundPage := "website/private/404.html"
http.ServeFile(w, r, notFoundPage)
} else {
http.Error(w, err.Message, err.Code)
}
}
}
func NewMux(cfg *config.Config, root string) (mux *http.ServeMux, err error) {
mux = &http.ServeMux{}
prefix := path.Join(root, "public")
log.Debug("registering content files", "prefix", prefix)
err = registerContentFiles(prefix)
if err != nil {
return nil, errors.WithMessagef(err, "registering content files")
}
mux.Handle("/", webHandler(func(w http.ResponseWriter, r *http.Request) *HTTPError {
urlPath, shouldRedirect := canonicalisePath(r.URL.Path)
if shouldRedirect {
http.Redirect(w, r, urlPath, 302)
return nil
}
file := GetFile(urlPath)
if file == nil {
return &HTTPError{
Message: "File not found",
Code: http.StatusNotFound,
}
}
w.Header().Add("ETag", file.etag)
w.Header().Add("Vary", "Accept-Encoding")
w.Header().Add("Content-Security-Policy", cfg.CSP.String())
for k, v := range cfg.Extra.Headers {
w.Header().Add(k, v)
}
enc := nego.NegotiateContentEncoding(r, file.AvailableEncodings()...)
switch enc {
case "br", "gzip":
w.Header().Add("Content-Encoding", enc)
w.Header().Add("Content-Type", file.contentType)
}
http.ServeFile(w, r, files[urlPath].alternatives[enc])
return nil
}))
var acctResource = "acct:" + cfg.Email
me := digit.NewResource(acctResource).
Link("http://openid.net/specs/connect/1.0/issuer", "", cfg.OIDCHost.String())
mux.HandleFunc("/.well-known/webfinger", func(w http.ResponseWriter, r *http.Request) {
if r.URL.Query().Get("resource") == acctResource {
obj, err := json.Marshal(me)
if err != nil {
http.Error(
w,
http.StatusText(http.StatusInternalServerError),
http.StatusInternalServerError,
)
return
}
w.Header().Add("Content-Type", "application/jrd+json")
w.Header().Add("Access-Control-Allow-Origin", "*")
_, err = w.Write(obj)
if err != nil {
log.Warn("error writing webfinger request", "error", err)
}
}
})
const oidcPath = "/.well-known/openid-configuration"
mux.HandleFunc(
oidcPath,
func(w http.ResponseWriter, r *http.Request) {
u := cfg.OIDCHost.JoinPath(oidcPath)
http.Redirect(w, r, u.String(), 302)
})
return mux, nil
}
|