2021-04-18 12:41:13 -07:00
|
|
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
|
|
//
|
|
|
|
// This file is part of MinIO Object Storage stack
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2016-12-20 23:45:17 +01:00
|
|
|
|
|
|
|
package madmin
|
|
|
|
|
|
|
|
import (
|
2018-01-22 14:54:55 -08:00
|
|
|
"encoding/json"
|
2016-12-20 23:45:17 +01:00
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
"strings"
|
|
|
|
|
2020-07-14 17:38:05 +01:00
|
|
|
"github.com/minio/minio-go/v7/pkg/s3utils"
|
2016-12-20 23:45:17 +01:00
|
|
|
)
|
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// AdminAPIVersion - admin api version used in the request.
|
2019-10-23 09:31:14 +05:30
|
|
|
const (
|
2020-04-07 19:30:59 -07:00
|
|
|
AdminAPIVersion = "v3"
|
|
|
|
AdminAPIVersionV2 = "v2"
|
|
|
|
adminAPIPrefix = "/" + AdminAPIVersion
|
2019-10-23 09:31:14 +05:30
|
|
|
)
|
|
|
|
|
2018-01-22 14:54:55 -08:00
|
|
|
// jsonDecoder decode json to go type.
|
|
|
|
func jsonDecoder(body io.Reader, v interface{}) error {
|
|
|
|
d := json.NewDecoder(body)
|
2017-01-17 23:25:59 +01:00
|
|
|
return d.Decode(v)
|
|
|
|
}
|
|
|
|
|
2016-12-20 23:45:17 +01:00
|
|
|
// getEndpointURL - construct a new endpoint.
|
|
|
|
func getEndpointURL(endpoint string, secure bool) (*url.URL, error) {
|
|
|
|
if strings.Contains(endpoint, ":") {
|
|
|
|
host, _, err := net.SplitHostPort(endpoint)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if !s3utils.IsValidIP(host) && !s3utils.IsValidDomain(host) {
|
|
|
|
msg := "Endpoint: " + endpoint + " does not follow ip address or domain name standards."
|
|
|
|
return nil, ErrInvalidArgument(msg)
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if !s3utils.IsValidIP(endpoint) && !s3utils.IsValidDomain(endpoint) {
|
|
|
|
msg := "Endpoint: " + endpoint + " does not follow ip address or domain name standards."
|
|
|
|
return nil, ErrInvalidArgument(msg)
|
|
|
|
}
|
|
|
|
}
|
2020-06-29 20:31:07 +01:00
|
|
|
|
2016-12-20 23:45:17 +01:00
|
|
|
// If secure is false, use 'http' scheme.
|
|
|
|
scheme := "https"
|
|
|
|
if !secure {
|
|
|
|
scheme = "http"
|
|
|
|
}
|
|
|
|
|
2020-06-29 20:31:07 +01:00
|
|
|
// Strip the obvious :443 and :80 from the endpoint
|
|
|
|
// to avoid the signature mismatch error.
|
|
|
|
if secure && strings.HasSuffix(endpoint, ":443") {
|
|
|
|
endpoint = strings.TrimSuffix(endpoint, ":443")
|
|
|
|
}
|
|
|
|
if !secure && strings.HasSuffix(endpoint, ":80") {
|
|
|
|
endpoint = strings.TrimSuffix(endpoint, ":80")
|
|
|
|
}
|
|
|
|
|
2016-12-20 23:45:17 +01:00
|
|
|
// Construct a secured endpoint URL.
|
|
|
|
endpointURLStr := scheme + "://" + endpoint
|
|
|
|
endpointURL, err := url.Parse(endpointURLStr)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Validate incoming endpoint URL.
|
|
|
|
if err := isValidEndpointURL(endpointURL.String()); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return endpointURL, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Verify if input endpoint URL is valid.
|
|
|
|
func isValidEndpointURL(endpointURL string) error {
|
|
|
|
if endpointURL == "" {
|
|
|
|
return ErrInvalidArgument("Endpoint url cannot be empty.")
|
|
|
|
}
|
|
|
|
url, err := url.Parse(endpointURL)
|
|
|
|
if err != nil {
|
|
|
|
return ErrInvalidArgument("Endpoint url cannot be parsed.")
|
|
|
|
}
|
|
|
|
if url.Path != "/" && url.Path != "" {
|
|
|
|
return ErrInvalidArgument("Endpoint url cannot have fully qualified paths.")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// closeResponse close non nil response with any response Body.
|
|
|
|
// convenient wrapper to drain any remaining data on response body.
|
|
|
|
//
|
|
|
|
// Subsequently this allows golang http RoundTripper
|
|
|
|
// to re-use the same connection for future requests.
|
|
|
|
func closeResponse(resp *http.Response) {
|
|
|
|
// Callers should close resp.Body when done reading from it.
|
|
|
|
// If resp.Body is not closed, the Client's underlying RoundTripper
|
|
|
|
// (typically Transport) may not be able to re-use a persistent TCP
|
|
|
|
// connection to the server for a subsequent "keep-alive" request.
|
|
|
|
if resp != nil && resp.Body != nil {
|
|
|
|
// Drain any remaining Body and then close the connection.
|
|
|
|
// Without this closing connection would disallow re-using
|
|
|
|
// the same connection for future uses.
|
|
|
|
// - http://stackoverflow.com/a/17961593/4465767
|
|
|
|
io.Copy(ioutil.Discard, resp.Body)
|
|
|
|
resp.Body.Close()
|
|
|
|
}
|
|
|
|
}
|