// Copyright (c) 2015-2021 MinIO, Inc. // // This file is part of MinIO Object Storage stack // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . package madmin import ( "encoding/json" "io" "io/ioutil" "net" "net/http" "net/url" "strings" "github.com/minio/minio-go/v7/pkg/s3utils" ) // AdminAPIVersion - admin api version used in the request. const ( AdminAPIVersion = "v3" AdminAPIVersionV2 = "v2" adminAPIPrefix = "/" + AdminAPIVersion ) // jsonDecoder decode json to go type. func jsonDecoder(body io.Reader, v interface{}) error { d := json.NewDecoder(body) return d.Decode(v) } // getEndpointURL - construct a new endpoint. func getEndpointURL(endpoint string, secure bool) (*url.URL, error) { if strings.Contains(endpoint, ":") { host, _, err := net.SplitHostPort(endpoint) if err != nil { return nil, err } if !s3utils.IsValidIP(host) && !s3utils.IsValidDomain(host) { msg := "Endpoint: " + endpoint + " does not follow ip address or domain name standards." return nil, ErrInvalidArgument(msg) } } else { if !s3utils.IsValidIP(endpoint) && !s3utils.IsValidDomain(endpoint) { msg := "Endpoint: " + endpoint + " does not follow ip address or domain name standards." return nil, ErrInvalidArgument(msg) } } // If secure is false, use 'http' scheme. scheme := "https" if !secure { scheme = "http" } // Strip the obvious :443 and :80 from the endpoint // to avoid the signature mismatch error. if secure && strings.HasSuffix(endpoint, ":443") { endpoint = strings.TrimSuffix(endpoint, ":443") } if !secure && strings.HasSuffix(endpoint, ":80") { endpoint = strings.TrimSuffix(endpoint, ":80") } // Construct a secured endpoint URL. endpointURLStr := scheme + "://" + endpoint endpointURL, err := url.Parse(endpointURLStr) if err != nil { return nil, err } // Validate incoming endpoint URL. if err := isValidEndpointURL(endpointURL.String()); err != nil { return nil, err } return endpointURL, nil } // Verify if input endpoint URL is valid. func isValidEndpointURL(endpointURL string) error { if endpointURL == "" { return ErrInvalidArgument("Endpoint url cannot be empty.") } url, err := url.Parse(endpointURL) if err != nil { return ErrInvalidArgument("Endpoint url cannot be parsed.") } if url.Path != "/" && url.Path != "" { return ErrInvalidArgument("Endpoint url cannot have fully qualified paths.") } return nil } // closeResponse close non nil response with any response Body. // convenient wrapper to drain any remaining data on response body. // // Subsequently this allows golang http RoundTripper // to re-use the same connection for future requests. func closeResponse(resp *http.Response) { // Callers should close resp.Body when done reading from it. // If resp.Body is not closed, the Client's underlying RoundTripper // (typically Transport) may not be able to re-use a persistent TCP // connection to the server for a subsequent "keep-alive" request. if resp != nil && resp.Body != nil { // Drain any remaining Body and then close the connection. // Without this closing connection would disallow re-using // the same connection for future uses. // - http://stackoverflow.com/a/17961593/4465767 io.Copy(ioutil.Discard, resp.Body) resp.Body.Close() } }