صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
oscarleiva
/
energylink
1
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 8a95c563bb
شاخه‌ها تگ‌ها
energylink
/
pkg
/
api
/
dataproxy.go

dataproxy.go 4.2 KB
تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159 
  1. package api
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"io/ioutil"
    6. 

  6. 	"net/http"
    7. 

  7. 	"net/http/httputil"
    8. 

  8. 	"net/url"
    9. 

  9. 	"time"
    10. 

  10. 

  11. 	"github.com/grafana/grafana/pkg/api/cloudwatch"
    12. 

  12. 	"github.com/grafana/grafana/pkg/bus"
    13. 

  13. 	"github.com/grafana/grafana/pkg/log"
    14. 

  14. 	"github.com/grafana/grafana/pkg/metrics"
    15. 

  15. 	"github.com/grafana/grafana/pkg/middleware"
    16. 

  16. 	m "github.com/grafana/grafana/pkg/models"
    17. 

  17. 	"github.com/grafana/grafana/pkg/setting"
    18. 

  18. 	"github.com/grafana/grafana/pkg/util"
    19. 

  19. )
    20. 

  20. 

  21. var (
    22. 

  22. 	dataproxyLogger log.Logger = log.New("data-proxy-log")
    23. 

  23. )
    24. 

  24. 

  25. func NewReverseProxy(ds *m.DataSource, proxyPath string, targetUrl *url.URL) *httputil.ReverseProxy {
    26. 

  26. 	director := func(req *http.Request) {
    27. 

  27. 		req.URL.Scheme = targetUrl.Scheme
    28. 

  28. 		req.URL.Host = targetUrl.Host
    29. 

  29. 		req.Host = targetUrl.Host
    30. 

  30. 

  31. 		reqQueryVals := req.URL.Query()
    32. 

  32. 

  33. 		if ds.Type == m.DS_INFLUXDB_08 {
    34. 

  34. 			req.URL.Path = util.JoinUrlFragments(targetUrl.Path, "db/"+ds.Database+"/"+proxyPath)
    35. 

  35. 			reqQueryVals.Add("u", ds.User)
    36. 

  36. 			reqQueryVals.Add("p", ds.Password)
    37. 

  37. 			req.URL.RawQuery = reqQueryVals.Encode()
    38. 

  38. 		} else if ds.Type == m.DS_INFLUXDB {
    39. 

  39. 			req.URL.Path = util.JoinUrlFragments(targetUrl.Path, proxyPath)
    40. 

  40. 			req.URL.RawQuery = reqQueryVals.Encode()
    41. 

  41. 			if !ds.BasicAuth {
    42. 

  42. 				req.Header.Del("Authorization")
    43. 

  43. 				req.Header.Add("Authorization", util.GetBasicAuthHeader(ds.User, ds.Password))
    44. 

  44. 			}
    45. 

  45. 		} else {
    46. 

  46. 			req.URL.Path = util.JoinUrlFragments(targetUrl.Path, proxyPath)
    47. 

  47. 		}
    48. 

  48. 

  49. 		if ds.BasicAuth {
    50. 

  50. 			req.Header.Del("Authorization")
    51. 

  51. 			req.Header.Add("Authorization", util.GetBasicAuthHeader(ds.BasicAuthUser, ds.BasicAuthPassword))
    52. 

  52. 		}
    53. 

  53. 

  54. 		dsAuth := req.Header.Get("X-DS-Authorization")
    55. 

  55. 		if len(dsAuth) > 0 {
    56. 

  56. 			req.Header.Del("X-DS-Authorization")
    57. 

  57. 			req.Header.Del("Authorization")
    58. 

  58. 			req.Header.Add("Authorization", dsAuth)
    59. 

  59. 		}
    60. 

  60. 

  61. 		// clear cookie headers
    62. 

  62. 		req.Header.Del("Cookie")
    63. 

  63. 		req.Header.Del("Set-Cookie")
    64. 

  64. 	}
    65. 

  65. 

  66. 	return &httputil.ReverseProxy{Director: director, FlushInterval: time.Millisecond * 200}
    67. 

  67. }
    68. 

  68. 

  69. func getDatasource(id int64, orgId int64) (*m.DataSource, error) {
    70. 

  70. 	query := m.GetDataSourceByIdQuery{Id: id, OrgId: orgId}
    71. 

  71. 	if err := bus.Dispatch(&query); err != nil {
    72. 

  72. 		return nil, err
    73. 

  73. 	}
    74. 

  74. 

  75. 	return query.Result, nil
    76. 

  76. }
    77. 

  77. 

  78. func ProxyDataSourceRequest(c *middleware.Context) {
    79. 

  79. 	c.TimeRequest(metrics.M_DataSource_ProxyReq_Timer)
    80. 

  80. 

  81. 	ds, err := getDatasource(c.ParamsInt64(":id"), c.OrgId)
    82. 

  82. 

  83. 	if err != nil {
    84. 

  84. 		c.JsonApiErr(500, "Unable to load datasource meta data", err)
    85. 

  85. 		return
    86. 

  86. 	}
    87. 

  87. 

  88. 	if ds.Type == m.DS_CLOUDWATCH {
    89. 

  89. 		cloudwatch.HandleRequest(c, ds)
    90. 

  90. 		return
    91. 

  91. 	}
    92. 

  92. 

  93. 	if ds.Type == m.DS_INFLUXDB {
    94. 

  94. 		if c.Query("db") != ds.Database {
    95. 

  95. 			c.JsonApiErr(403, "Datasource is not configured to allow this database", nil)
    96. 

  96. 			return
    97. 

  97. 		}
    98. 

  98. 	}
    99. 

  99. 

  100. 	targetUrl, _ := url.Parse(ds.Url)
    101. 

  101. 	if len(setting.DataProxyWhiteList) > 0 {
    102. 

  102. 		if _, exists := setting.DataProxyWhiteList[targetUrl.Host]; !exists {
    103. 

  103. 			c.JsonApiErr(403, "Data proxy hostname and ip are not included in whitelist", nil)
    104. 

  104. 			return
    105. 

  105. 		}
    106. 

  106. 	}
    107. 

  107. 

  108. 	proxyPath := c.Params("*")
    109. 

  109. 

  110. 	if ds.Type == m.DS_ES {
    111. 

  111. 		if c.Req.Request.Method == "DELETE" {
    112. 

  112. 			c.JsonApiErr(403, "Deletes not allowed on proxied Elasticsearch datasource", nil)
    113. 

  113. 			return
    114. 

  114. 		}
    115. 

  115. 		if c.Req.Request.Method == "PUT" {
    116. 

  116. 			c.JsonApiErr(403, "Puts not allowed on proxied Elasticsearch datasource", nil)
    117. 

  117. 			return
    118. 

  118. 		}
    119. 

  119. 		if c.Req.Request.Method == "POST" && proxyPath != "_msearch" {
    120. 

  120. 			c.JsonApiErr(403, "Posts not allowed on proxied Elasticsearch datasource except on /_msearch", nil)
    121. 

  121. 			return
    122. 

  122. 		}
    123. 

  123. 	}
    124. 

  124. 

  125. 	proxy := NewReverseProxy(ds, proxyPath, targetUrl)
    126. 

  126. 	proxy.Transport, err = ds.GetHttpTransport()
    127. 

  127. 	if err != nil {
    128. 

  128. 		c.JsonApiErr(400, "Unable to load TLS certificate", err)
    129. 

  129. 		return
    130. 

  130. 	}
    131. 

  131. 

  132. 	logProxyRequest(ds.Type, c)
    133. 

  133. 	proxy.ServeHTTP(c.Resp, c.Req.Request)
    134. 

  134. 	c.Resp.Header().Del("Set-Cookie")
    135. 

  135. }
    136. 

  136. 

  137. func logProxyRequest(dataSourceType string, c *middleware.Context) {
    138. 

  138. 	if !setting.DataProxyLogging {
    139. 

  139. 		return
    140. 

  140. 	}
    141. 

  141. 

  142. 	var body string
    143. 

  143. 	if c.Req.Request.Body != nil {
    144. 

  144. 		buffer, err := ioutil.ReadAll(c.Req.Request.Body)
    145. 

  145. 		if err == nil {
    146. 

  146. 			c.Req.Request.Body = ioutil.NopCloser(bytes.NewBuffer(buffer))
    147. 

  147. 			body = string(buffer)
    148. 

  148. 		}
    149. 

  149. 	}
    150. 

  150. 

  151. 	dataproxyLogger.Info("Proxying incoming request",
    152. 

  152. 		"userid", c.UserId,
    153. 

  153. 		"orgid", c.OrgId,
    154. 

  154. 		"username", c.Login,
    155. 

  155. 		"datasource", dataSourceType,
    156. 

  156. 		"uri", c.Req.RequestURI,
    157. 

  157. 		"method", c.Req.Request.Method,
    158. 

  158. 		"body", body)
    159. 

  159. }
    160.