diff options
-rw-r--r-- | include/proto-def.h | 4 | ||||
-rw-r--r-- | src/CMakeLists.txt | 3 | ||||
-rw-r--r-- | src/afb-api.c | 634 | ||||
-rw-r--r-- | src/afb-hreq.h | 1 | ||||
-rw-r--r-- | src/afb-plugins.c | 242 | ||||
-rw-r--r-- | src/afb-plugins.h | 30 | ||||
-rw-r--r-- | src/afb-req-itf.h | 16 | ||||
-rw-r--r-- | src/afb-websock.c | 79 | ||||
-rw-r--r-- | src/afb-websock.h | 21 | ||||
-rw-r--r-- | src/http-svc.c | 81 | ||||
-rw-r--r-- | src/main.c | 1 | ||||
-rw-r--r-- | src/rest-api.c | 668 |
12 files changed, 1044 insertions, 736 deletions
diff --git a/include/proto-def.h b/include/proto-def.h index 877fafe9..e96b0229 100644 --- a/include/proto-def.h +++ b/include/proto-def.h @@ -38,10 +38,6 @@ extern void endPostRequest(AFB_PostHandle *posthandle); extern int doRestApi(struct MHD_Connection *connection, AFB_session *session, const char* url, const char *method , const char *upload_data, size_t *upload_data_size, void **con_cls); -extern void initPlugins (AFB_session *session); - -extern AFB_plugin* pluginRegister (); - // Session handling #if defined(ALLOWS_SESSION_FILES) extern AFB_error sessionCheckdir (AFB_session *session); diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 605a0df1..6eeb431d 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -3,7 +3,8 @@ ADD_LIBRARY(src OBJECT main.c session.c http-svc.c - rest-api.c + afb-api.c + afb-plugins.c afb-method.c afb-hreq.c afb-websock.c diff --git a/src/afb-api.c b/src/afb-api.c new file mode 100644 index 00000000..a3ff07fd --- /dev/null +++ b/src/afb-api.c @@ -0,0 +1,634 @@ +/* + * Copyright (C) 2016 "IoT.bzh" + * Author "Fulup Ar Foll" + * Author José Bollo <jose.bollo@iot.bzh> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * Contain all generic part to handle REST/API + * + * https://www.gnu.org/software/libmicrohttpd/tutorial.html [search 'largepost.c'] + */ + +#define _GNU_SOURCE + +#include "../include/local-def.h" + +#include <dirent.h> +#include <dlfcn.h> +#include <setjmp.h> +#include <signal.h> + +#define AFB_MSG_JTYPE "AJB_reply" + +#define JSON_CONTENT "application/json" +#define FORM_CONTENT "multipart/form-data" /* TODO: replace with MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA */ + +static json_object *afbJsonType; + +// Because of POST call multiple time requestApi we need to free POST handle here +// Note this method is called from http-svc just before closing session +PUBLIC void endPostRequest(AFB_PostHandle * postHandle) +{ + + if (postHandle->type == AFB_POST_JSON) { + // if (verbose) fprintf(stderr, "End PostJson Request UID=%d\n", postHandle->uid); + } + + if (postHandle->type == AFB_POST_FORM) { + if (verbose) + fprintf(stderr, "End PostForm Request UID=%d\n", postHandle->uid); + } + if (postHandle->privatebuf) + free(postHandle->privatebuf); + free(postHandle); +} + +// Check of apiurl is declare in this plugin and call it +STATIC AFB_error callPluginApi(AFB_request * request, int plugidx, void *context) +{ + json_object *jresp, *jcall, *jreqt; + int idx, status, sig; + AFB_clientCtx *clientCtx = NULL; + AFB_plugin *plugin = request->plugins[plugidx]; + int signals[] = { SIGALRM, SIGSEGV, SIGFPE, 0 }; + + /*--------------------------------------------------------------- + | Signal handler defined inside CallPluginApi to access Request + +---------------------------------------------------------------- */ + void pluginError(int signum) { + sigset_t sigset; + + // unlock signal to allow a new signal to come + sigemptyset(&sigset); + sigaddset(&sigset, signum); + sigprocmask(SIG_UNBLOCK, &sigset, 0); + + fprintf(stderr, "Oops: Plugin Api Timeout timeout\n"); + longjmp(request->checkPluginCall, signum); + } + + // If a plugin hold this urlpath call its callback + for (idx = 0; plugin->apis[idx].callback != NULL; idx++) { + if (!strcmp(plugin->apis[idx].name, request->api)) { + + // Request was found and at least partially executed + jreqt = json_object_new_object(); + json_object_get(afbJsonType); // increate jsontype reference count + json_object_object_add(jreqt, "jtype", afbJsonType); + + // prepare an object to store calling values + jcall = json_object_new_object(); + json_object_object_add(jcall, "prefix", json_object_new_string(plugin->prefix)); + json_object_object_add(jcall, "api", json_object_new_string(plugin->apis[idx].name)); + + // save context before calling the API + status = setjmp(request->checkPluginCall); + if (status != 0) { + + // Plugin aborted somewhere during its execution + json_object_object_add(jcall, "status", json_object_new_string("abort")); + json_object_object_add(jcall, "info", json_object_new_string("Plugin broke during execution")); + json_object_object_add(jreqt, "request", jcall); + + } else { + + // If timeout protection==0 we are in debug and we do not apply signal protection + if (request->config->apiTimeout > 0) { + for (sig = 0; signals[sig] != 0; sig++) { + if (signal(signals[sig], pluginError) == SIG_ERR) { + request->errcode = MHD_HTTP_UNPROCESSABLE_ENTITY; + json_object_object_add(jcall, "status", json_object_new_string("fail")); + json_object_object_add(jcall, "info", json_object_new_string("Setting Timeout Handler Failed")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + } + } + // Trigger a timer to protect from unacceptable long time execution + alarm((unsigned)request->config->apiTimeout); + } + // Out of SessionNone every call get a client context session + if (AFB_SESSION_NONE != plugin->apis[idx].session) { + + // add client context to request + clientCtx = ctxClientGet(request, plugidx); + if (clientCtx == NULL) { + request->errcode = MHD_HTTP_INSUFFICIENT_STORAGE; + json_object_object_add(jcall, "status", json_object_new_string("fail")); + json_object_object_add(jcall, "info", json_object_new_string("Client Session Context Full !!!")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + }; + + if (verbose) + fprintf(stderr, "Plugin=[%s] Api=[%s] Middleware=[%d] Client=[%p] Uuid=[%s] Token=[%s]\n", request->prefix, request->api, plugin->apis[idx].session, clientCtx, clientCtx->uuid, clientCtx->token); + + switch (plugin->apis[idx].session) { + + case AFB_SESSION_CREATE: + if (clientCtx->token[0] != '\0' && request->config->token[0] != '\0') { + request->errcode = MHD_HTTP_UNAUTHORIZED; + json_object_object_add(jcall, "status", json_object_new_string("exist")); + json_object_object_add(jcall, "info", json_object_new_string("AFB_SESSION_CREATE Session already exist")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + } + + if (AFB_SUCCESS != ctxTokenCreate(clientCtx, request)) { + request->errcode = MHD_HTTP_UNAUTHORIZED; + json_object_object_add(jcall, "status", json_object_new_string("fail")); + json_object_object_add(jcall, "info", json_object_new_string("AFB_SESSION_CREATE Invalid Initial Token")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + } else { + json_object_object_add(jcall, "uuid", json_object_new_string(clientCtx->uuid)); + json_object_object_add(jcall, "token", json_object_new_string(clientCtx->token)); + json_object_object_add(jcall, "timeout", json_object_new_int(request->config->cntxTimeout)); + } + break; + + case AFB_SESSION_RENEW: + if (AFB_SUCCESS != ctxTokenRefresh(clientCtx, request)) { + request->errcode = MHD_HTTP_UNAUTHORIZED; + json_object_object_add(jcall, "status", json_object_new_string("fail")); + json_object_object_add(jcall, "info", json_object_new_string("AFB_SESSION_REFRESH Broken Exchange Token Chain")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + } else { + json_object_object_add(jcall, "uuid", json_object_new_string(clientCtx->uuid)); + json_object_object_add(jcall, "token", json_object_new_string(clientCtx->token)); + json_object_object_add(jcall, "timeout", json_object_new_int(request->config->cntxTimeout)); + } + break; + + case AFB_SESSION_CLOSE: + if (AFB_SUCCESS != ctxTokenCheck(clientCtx, request)) { + request->errcode = MHD_HTTP_UNAUTHORIZED; + json_object_object_add(jcall, "status", json_object_new_string("empty")); + json_object_object_add(jcall, "info", json_object_new_string("AFB_SESSION_CLOSE Not a Valid Access Token")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + } else { + json_object_object_add(jcall, "uuid", json_object_new_string(clientCtx->uuid)); + } + break; + + case AFB_SESSION_CHECK: + default: + // default action is check + if (AFB_SUCCESS != ctxTokenCheck(clientCtx, request)) { + request->errcode = MHD_HTTP_UNAUTHORIZED; + json_object_object_add(jcall, "status", json_object_new_string("fail")); + json_object_object_add(jcall, "info", json_object_new_string("AFB_SESSION_CHECK Invalid Active Token")); + json_object_object_add(jreqt, "request", jcall); + goto ExitOnDone; + } + break; + } + } + // Effectively CALL PLUGIN API with a subset of the context + jresp = plugin->apis[idx].callback(request, context); + + // Store context in case it was updated by plugins + if (request->context != NULL) + clientCtx->contexts[plugidx] = request->context; + + // handle intermediary Post Iterates out of band + if ((jresp == NULL) + && (request->errcode == MHD_HTTP_OK)) + return (AFB_SUCCESS); + + // Session close is done after the API call so API can still use session in closing API + if (AFB_SESSION_CLOSE == plugin->apis[idx].session) + ctxTokenReset(clientCtx, request); + + // API should return NULL of a valid Json Object + if (jresp == NULL) { + json_object_object_add(jcall, "status", json_object_new_string("null")); + json_object_object_add(jreqt, "request", jcall); + request->errcode = MHD_HTTP_NO_RESPONSE; + + } else { + json_object_object_add(jcall, "status", json_object_new_string("processed")); + json_object_object_add(jreqt, "request", jcall); + json_object_object_add(jreqt, "response", jresp); + } + // cancel timeout and plugin signal handle before next call + if (request->config->apiTimeout > 0) { + alarm(0); + for (sig = 0; signals[sig] != 0; sig++) { + signal(signals[sig], SIG_DFL); + } + } + } + goto ExitOnDone; + } + } + return (AFB_FAIL); + + ExitOnDone: + request->jresp = jreqt; + return (AFB_DONE); +} + +STATIC AFB_error findAndCallApi(AFB_request * request, void *context) +{ + int idx; + AFB_error status; + + if (!request->api || !request->prefix) + return (AFB_FAIL); + + // Search for a plugin with this urlpath + for (idx = 0; request->plugins[idx] != NULL; idx++) { + if (!strcmp(request->plugins[idx]->prefix, request->prefix)) { + status = callPluginApi(request, idx, context); + break; + } + } + // No plugin was found + if (request->plugins[idx] == NULL) { + request->jresp = jsonNewMessage(AFB_FATAL, "No Plugin=[%s] Url=%s", request->prefix, request->url); + goto ExitOnError; + } + // plugin callback did not return a valid Json Object + if (status == AFB_FAIL) { + request->jresp = jsonNewMessage(AFB_FATAL, "No API=[%s] for Plugin=[%s] url=[%s]", request->api, request->prefix, request->url); + goto ExitOnError; + } + // Everything look OK + return (status); + + ExitOnError: + request->errcode = MHD_HTTP_UNPROCESSABLE_ENTITY; + return (AFB_FAIL); +} + +// This CB is call for every item with a form post it reformat iterator values +// and callback Plugin API for each Item within PostForm. +STATIC int doPostIterate(void *cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *mimetype, const char *encoding, const char *data, uint64_t offset, size_t size) +{ + + AFB_error status; + AFB_PostItem item; + + // retrieve API request from Post iterator handle + AFB_PostHandle *postHandle = (AFB_PostHandle *) cls; + AFB_request *request = (AFB_request *) postHandle->privatebuf; + AFB_PostRequest postRequest; + + if (verbose) + fprintf(stderr, "postHandle key=%s filename=%s len=%zu mime=%s\n", key, filename, size, mimetype); + + // Create and Item value for Plugin API + item.kind = kind; + item.key = key; + item.filename = filename; + item.mimetype = mimetype; + item.encoding = encoding; + item.len = size; + item.data = data; + item.offset = offset; + + // Reformat Request to make it somehow similar to GET/PostJson case + postRequest.data = (char *)postHandle; + postRequest.len = size; + postRequest.type = AFB_POST_FORM;; + request->post = &postRequest; + + // effectively call plugin API + status = findAndCallApi(request, &item); + // when returning no processing of postform stop + if (status != AFB_SUCCESS) + return MHD_NO; + + // let's allow iterator to move to next item + return MHD_YES; +} + +STATIC void freeRequest(AFB_request * request) +{ + + free(request->prefix); + free(request->api); + free(request); +} + +STATIC AFB_request *createRequest(struct MHD_Connection *connection, AFB_session * session, const char *url) +{ + + AFB_request *request; + + // Start with a clean request + request = calloc(1, sizeof(AFB_request)); + char *urlcpy1, *urlcpy2; + char *baseapi, *baseurl; + + // Extract plugin urlpath from request and make two copy because strsep overload copy + urlcpy1 = urlcpy2 = strdup(url); + baseurl = strsep(&urlcpy2, "/"); + if (baseurl == NULL) { + request->jresp = jsonNewMessage(AFB_FATAL, "Invalid API call url=[%s]", url); + request->errcode = MHD_HTTP_BAD_REQUEST; + goto Done; + } + // let's compute URL and call API + baseapi = strsep(&urlcpy2, "/"); + if (baseapi == NULL) { + request->jresp = jsonNewMessage(AFB_FATAL, "Invalid API call plugin=[%s] url=[%s]", baseurl, url); + request->errcode = MHD_HTTP_BAD_REQUEST; + goto Done; + } + // build request structure + request->connection = connection; + request->config = session->config; + request->url = url; + request->prefix = strdup(baseurl); + request->api = strdup(baseapi); + request->plugins = session->plugins; + // note request->handle is fed with request->context in ctxClientGet + + Done: + free(urlcpy1); + return (request); +} + + + + + + + + + + + + + + + +static int doRestApiPost(struct MHD_Connection *connection, AFB_session * session, const char *url, const char *method, const char *upload_data, size_t * upload_data_size, void **con_cls) +{ + + static int postcount = 0; // static counter to debug POST protocol + json_object *errMessage; + AFB_error status; + struct MHD_Response *webResponse; + const char *serialized; + AFB_request *request = NULL; + AFB_PostHandle *postHandle; + AFB_PostRequest postRequest; + int ret; + + // fprintf (stderr, "doRestAPI method=%s posthandle=%p\n", method, con_cls); + + // if post data may come in multiple calls + const char *encoding, *param; + int contentlen = -1; + postHandle = *con_cls; + + // This is the initial post event let's create form post structure POST data come in multiple events + if (postHandle == NULL) { + + // allocate application POST processor handle to zero + postHandle = calloc(1, sizeof(AFB_PostHandle)); + postHandle->uid = postcount++; // build a UID for DEBUG + *con_cls = postHandle; // update context with posthandle + + // Let make sure we have the right encoding and a valid length + encoding = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_CONTENT_TYPE); + + // We are facing an empty post let's process it as a get + if (encoding == NULL) { + postHandle->type = AFB_POST_EMPTY; + return MHD_YES; + } + // Form post is handle through a PostProcessor and call API once per form key + if (strcasestr(encoding, FORM_CONTENT) != NULL) { + if (verbose) + fprintf(stderr, "Create doPostIterate[uid=%d posthandle=%p]\n", postHandle->uid, postHandle); + + request = createRequest(connection, session, url); + if (request->jresp != NULL) + goto ProcessApiCall; + postHandle->type = AFB_POST_FORM; + postHandle->privatebuf = (void *)request; + postHandle->pp = MHD_create_post_processor(connection, MAX_POST_SIZE, &doPostIterate, postHandle); + + if (NULL == postHandle->pp) { + fprintf(stderr, "OOPS: Internal error fail to allocate MHD_create_post_processor\n"); + free(postHandle); + return MHD_NO; + } + return MHD_YES; + } + // POST json is store into a buffer and present in one piece to API + if (strcasestr(encoding, JSON_CONTENT) != NULL) { + + param = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_CONTENT_LENGTH); + if (param) + sscanf(param, "%i", &contentlen); + + // Because PostJson are build in RAM size is constrained + if (contentlen > MAX_POST_SIZE) { + errMessage = jsonNewMessage(AFB_FATAL, "Post Date to big %d > %d", contentlen, MAX_POST_SIZE); + goto ExitOnError; + } + // Size is OK, let's allocate a buffer to hold post data + postHandle->type = AFB_POST_JSON; + postHandle->privatebuf = malloc((unsigned)contentlen + 1); // allocate memory for full POST data + 1 for '\0' enf of string + + // if (verbose) fprintf(stderr, "Create PostJson[uid=%d] Size=%d\n", postHandle->uid, contentlen); + return MHD_YES; + + } else { + // We only support Json and Form Post format + errMessage = jsonNewMessage(AFB_FATAL, "Post Date wrong type encoding=%s != %s", encoding, JSON_CONTENT); + goto ExitOnError; + } + } + // This time we receive partial/all Post data. Note that even if we get all POST data. We should nevertheless + // return MHD_YES and not process the request directly. Otherwise Libmicrohttpd is unhappy and fails with + // 'Internal application error, closing connection'. + if (*upload_data_size) { + + if (postHandle->type == AFB_POST_FORM) { + // if (verbose) fprintf(stderr, "Processing PostForm[uid=%d]\n", postHandle->uid); + MHD_post_process(postHandle->pp, upload_data, *upload_data_size); + } + // Process JsonPost request when buffer is completed let's call API + if (postHandle->type == AFB_POST_JSON) { + // if (verbose) fprintf(stderr, "Updating PostJson[uid=%d]\n", postHandle->uid); + memcpy(&postHandle->privatebuf[postHandle->len], upload_data, *upload_data_size); + postHandle->len = postHandle->len + *upload_data_size; + } + + *upload_data_size = 0; + return MHD_YES; + + } else { // we have finish with Post reception let's finish the work + + // Create a request structure to finalise the request + request = createRequest(connection, session, url); + if (request->jresp != NULL) { + errMessage = request->jresp; + goto ExitOnError; + } + postRequest.type = postHandle->type; + + // Postform add application context handle to request + if (postHandle->type == AFB_POST_FORM) { + postRequest.data = (char *)postHandle; + request->post = &postRequest; + } + + if (postHandle->type == AFB_POST_JSON) { + // if (verbose) fprintf(stderr, "Processing PostJson[uid=%d]\n", postHandle->uid); + + param = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_CONTENT_LENGTH); + if (param) + sscanf(param, "%i", &contentlen); + + // At this level we're may verify that we got everything and process DATA + if (postHandle->len != contentlen) { + errMessage = jsonNewMessage(AFB_FATAL, "Post Data Incomplete UID=%d Len %d != %d", postHandle->uid, contentlen, postHandle->len); + goto ExitOnError; + } + // Before processing data, make sure buffer string is properly ended + postHandle->privatebuf[postHandle->len] = '\0'; + postRequest.data = postHandle->privatebuf; + request->post = &postRequest; + + // if (verbose) fprintf(stderr, "Close Post[%d] Buffer=%s\n", postHandle->uid, request->post->data); + } + } + + ProcessApiCall: + // Request is ready let's call API without any extra handle + status = findAndCallApi(request, NULL); + + serialized = json_object_to_json_string(request->jresp); + webResponse = MHD_create_response_from_buffer(strlen(serialized), (void *)serialized, MHD_RESPMEM_MUST_COPY); + + // client did not pass token on URI let's use cookies + if ((!request->restfull) && (request->context != NULL)) { + char cookie[256]; + snprintf(cookie, sizeof(cookie), "%s-%d=%s; Path=%s; Max-Age=%d; HttpOnly", COOKIE_NAME, request->config->httpdPort, request->uuid, request->config->rootapi, request->config->cntxTimeout); + MHD_add_response_header(webResponse, MHD_HTTP_HEADER_SET_COOKIE, cookie); + } + // if requested add an error status + if (request->errcode != 0) + ret = MHD_queue_response(connection, request->errcode, webResponse); + else + MHD_queue_response(connection, MHD_HTTP_OK, webResponse); + + MHD_destroy_response(webResponse); + json_object_put(request->jresp); // decrease reference rqtcount to free the json object + freeRequest(request); + return MHD_YES; + + ExitOnError: + freeRequest(request); + serialized = json_object_to_json_string(errMessage); + webResponse = MHD_create_response_from_buffer(strlen(serialized), (void *)serialized, MHD_RESPMEM_MUST_COPY); + MHD_queue_response(connection, MHD_HTTP_BAD_REQUEST, webResponse); + MHD_destroy_response(webResponse); + json_object_put(errMessage); // decrease reference rqtcount to free the json object + return MHD_YES; +} + + + + + + + + + + + + + + + + + + + + +static int doRestApiGet(struct MHD_Connection *connection, AFB_session * session, const char *url, const char *method, const char *upload_data, size_t * upload_data_size, void **con_cls) +{ + + static int postcount = 0; // static counter to debug POST protocol + json_object *errMessage; + AFB_error status; + struct MHD_Response *webResponse; + const char *serialized; + AFB_request *request = NULL; + AFB_PostHandle *postHandle; + AFB_PostRequest postRequest; + int ret; + + // fprintf (stderr, "doRestAPI method=%s posthandle=%p\n", method, con_cls); + + // if post data may come in multiple calls + // this is a get we only need a request + request = createRequest(connection, session, url); + + ProcessApiCall: + // Request is ready let's call API without any extra handle + status = findAndCallApi(request, NULL); + + serialized = json_object_to_json_string(request->jresp); + webResponse = MHD_create_response_from_buffer(strlen(serialized), (void *)serialized, MHD_RESPMEM_MUST_COPY); + + // client did not pass token on URI let's use cookies + if ((!request->restfull) && (request->context != NULL)) { + char cookie[256]; + snprintf(cookie, sizeof(cookie), "%s-%d=%s; Path=%s; Max-Age=%d; HttpOnly", COOKIE_NAME, request->config->httpdPort, request->uuid, request->config->rootapi, request->config->cntxTimeout); + MHD_add_response_header(webResponse, MHD_HTTP_HEADER_SET_COOKIE, cookie); + } + // if requested add an error status + if (request->errcode != 0) + ret = MHD_queue_response(connection, request->errcode, webResponse); + else + MHD_queue_response(connection, MHD_HTTP_OK, webResponse); + + MHD_destroy_response(webResponse); + json_object_put(request->jresp); // decrease reference rqtcount to free the json object + freeRequest(request); + return MHD_YES; + + ExitOnError: + freeRequest(request); + serialized = json_object_to_json_string(errMessage); + webResponse = MHD_create_response_from_buffer(strlen(serialized), (void *)serialized, MHD_RESPMEM_MUST_COPY); + MHD_queue_response(connection, MHD_HTTP_BAD_REQUEST, webResponse); + MHD_destroy_response(webResponse); + json_object_put(errMessage); // decrease reference rqtcount to free the json object + return MHD_YES; +} + +int doRestApi(struct MHD_Connection *connection, AFB_session * session, const char *url, const char *method, const char *upload_data, size_t * upload_data_size, void **con_cls) +{ + int rc; + + if (0 == strcmp(method, MHD_HTTP_METHOD_POST)) { + rc = doRestApiPost(connection, session, url, method, upload_data, upload_data_size, con_cls); + } else { + rc = doRestApiGet(connection, session, url, method, upload_data, upload_data_size, con_cls); + } + return rc; +} + diff --git a/src/afb-hreq.h b/src/afb-hreq.h index f2362b10..b5f1e0b2 100644 --- a/src/afb-hreq.h +++ b/src/afb-hreq.h @@ -58,3 +58,4 @@ extern const char *afb_hreq_get_argument(struct afb_hreq *hreq, const char *name extern const char *afb_hreq_get_header(struct afb_hreq *hreq, const char *name); extern struct afb_req_itf afb_hreq_itf; + diff --git a/src/afb-plugins.c b/src/afb-plugins.c new file mode 100644 index 00000000..1658fc57 --- /dev/null +++ b/src/afb-plugins.c @@ -0,0 +1,242 @@ +/* + * Copyright (C) 2016 "IoT.bzh" + * Author "Fulup Ar Foll" + * Author José Bollo <jose.bollo@iot.bzh> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * Contain all generic part to handle REST/API + * + * https://www.gnu.org/software/libmicrohttpd/tutorial.html [search 'largepost.c'] + */ + +#define _GNU_SOURCE + +#include <stdio.h> +#include <string.h> +#include <dirent.h> +#include <dlfcn.h> +#include <unistd.h> +#include <limits.h> +#include <sys/types.h> +#include <sys/stat.h> + +#include "../include/local-def.h" + +#include "afb-plugins.h" + +static const char plugin_register_function[] = "pluginRegister"; + +AFB_plugin *afb_plugins_search(AFB_session *session, const char *prefix, size_t length) +{ + int i, n; + AFB_plugin **plugins, *p; + + if (!length) + length = strlen(prefix); + + n = session->config->pluginCount; + plugins = session->plugins; + + for (i = 0 ; i < n ; i++) { + p = plugins[i]; + if (p->prefixlen == length && !strcmp(p->prefix, prefix)) + return p; + } + return NULL; +} + +int afb_plugins_add_plugin(AFB_session *session, const char *path) +{ + AFB_plugin *desc, *check, **plugins; + AFB_plugin *(*pluginRegisterFct) (void); + void *handle; + size_t len; + + // This is a loadable library let's check if it's a plugin + handle = dlopen(path, RTLD_NOW | RTLD_LOCAL); + if (handle == NULL) { + fprintf(stderr, "[%s] not loadable, continuing...\n", path); + goto error; + } + + /* retrieves the register function */ + pluginRegisterFct = dlsym(handle, plugin_register_function); + if (!pluginRegisterFct) { + fprintf(stderr, "[%s] not an AFB plugin, continuing...\n", path); + goto error2; + } + if (verbose) + fprintf(stderr, "[%s] is a valid AFB plugin\n", path); + + /* allocates enough memory */ + plugins = realloc(session->plugins, ((unsigned)session->config->pluginCount + 2) * sizeof(AFB_plugin*)); + if (plugins == NULL) { + fprintf(stderr, "ERROR: plugin [%s] memory missing. continuing...\n", path); + goto error2; + } + session->plugins = plugins; + + /* init the plugin */ + desc = pluginRegisterFct(); + if (desc == NULL) { + fprintf(stderr, "ERROR: plugin [%s] register function failed. continuing...\n", path); + goto error2; + } + + /* check the returned structure */ + if (desc->type != AFB_PLUGIN_JSON) { + fprintf(stderr, "ERROR: plugin [%s] invalid type %d...\n", path, desc->type); + goto error2; + } + if (desc->prefix == NULL || *desc->prefix == 0) { + fprintf(stderr, "ERROR: plugin [%s] bad prefix...\n", path); + goto error2; + } + if (desc->info == NULL || *desc->info == 0) { + fprintf(stderr, "ERROR: plugin [%s] bad description...\n", path); + goto error2; + } + if (desc->apis == NULL) { + fprintf(stderr, "ERROR: plugin [%s] no APIs...\n", path); + goto error2; + } + + /* check previously existing plugin */ + len = strlen(desc->prefix); + check = afb_plugins_search(session, desc->prefix, len); + if (check != NULL) { + fprintf(stderr, "ERROR: plugin [%s] prefix %s duplicated...\n", path, desc->prefix); + goto error2; + } + + /* Prebuild plugin jtype to boost API response */ + desc->jtype = json_object_new_string(desc->prefix); + desc->prefixlen = len; + + /* record the plugin */ + session->plugins[session->config->pluginCount] = desc; + session->plugins[++session->config->pluginCount] = NULL; + + if (verbose) + fprintf(stderr, "Loading plugin[%d] prefix=[%s] info=%s\n", session->config->pluginCount, desc->prefix, desc->info); + + return 0; + +error2: + dlclose(handle); +error: + return -1; +} + +static int adddirs(AFB_session * session, char path[PATH_MAX], size_t end) +{ + int rc; + DIR *dir; + struct dirent ent, *result; + size_t len; + + /* open the DIR now */ + dir = opendir(path); + if (dir == NULL) { + fprintf(stderr, "ERROR in scanning plugin directory %s, %m\n", path); + return -1; + } + if (verbose) + fprintf(stderr, "Scanning dir=[%s] for plugins\n", path); + + /* scan each entry */ + if (end) + path[end++] = '/'; + for (;;) { + readdir_r(dir, &ent, &result); + if (result == NULL) + break; + + len = strlen(ent.d_name); + if (len + end >= PATH_MAX) { + fprintf(stderr, "path too long for %s\n", ent.d_name); + continue; + } + memcpy(&path[end], ent.d_name, len+1); + if (ent.d_type == DT_DIR) { + /* case of directories */ + if (ent.d_name[0] == '.') { + if (len == 1) + continue; + if (ent.d_name[1] == '.' && len == 2) + continue; + } + rc = adddirs(session, path, end+len);; + } else if (ent.d_type == DT_REG) { + /* case of files */ + if (!strstr(ent.d_name, ".so")) + continue; + rc = afb_plugins_add_plugin(session, path); + } + } + closedir(dir); + return 0; +} + +int afb_plugins_add_directory(AFB_session * session, const char *path) +{ + size_t length; + char buffer[PATH_MAX]; + + length = strlen(path); + if (length >= sizeof(buffer)) { + fprintf(stderr, "path too long %lu [%.99s...]\n", (unsigned long)length, path); + return -1; + } + + memcpy(buffer, path, length + 1); + return adddirs(session, buffer, length); +} + +int afb_plugins_add_path(AFB_session * session, const char *path) +{ + struct stat st; + int rc; + + rc = stat(path, &st); + if (rc < 0) + fprintf(stderr, "Invalid plugin path [%s]: %m\n", path); + else if (S_ISDIR(st.st_mode)) + rc = afb_plugins_add_directory(session, path); + else + rc = afb_plugins_add_plugin(session, path); + return rc; +} + +int afb_plugins_add_pathset(AFB_session * session, const char *pathset) +{ + static char sep[] = ":"; + char *ps, *p; + int rc; + + ps = strdupa(pathset); + for (;;) { + p = strsep(&ps, sep); + if (!p) + return 0; + rc = afb_plugins_add_path(session, p); + }; +} + +void initPlugins(AFB_session * session) +{ + int rc = afb_plugins_add_pathset(session, session->config->ldpaths); +} + diff --git a/src/afb-plugins.h b/src/afb-plugins.h new file mode 100644 index 00000000..c2db2e4c --- /dev/null +++ b/src/afb-plugins.h @@ -0,0 +1,30 @@ +/* + * Copyright 2016 IoT.bzh + * Author: José Bollo <jose.bollo@iot.bzh> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +AFB_plugin *afb_plugins_search(AFB_session *session, const char *prefix, size_t length); + +int afb_plugins_add_plugin(AFB_session *session, const char *path); + +int afb_plugins_add_directory(AFB_session * session, const char *path); + +int afb_plugins_add_path(AFB_session * session, const char *path); + +int afb_plugins_add_pathset(AFB_session * session, const char *pathset); + +void initPlugins(AFB_session * session); + diff --git a/src/afb-req-itf.h b/src/afb-req-itf.h index 004d2c6c..e1d9dc84 100644 --- a/src/afb-req-itf.h +++ b/src/afb-req-itf.h @@ -21,5 +21,21 @@ struct afb_req_itf { const char *(*get_argument)(void *data, const char *name); }; +struct afb_req { + struct afb_req_itf *itf; + void *data; +}; + +inline const char *afb_get_cookie(struct afb_req req, const char *name) +{ + return req.itf->get_cookie(req.data, name); +} + +inline const char *afb_get_argument(struct afb_req req, const char *name) +{ + return req.itf->get_argument(req.data, name); +} + + diff --git a/src/afb-websock.c b/src/afb-websock.c index 1134ba80..90148ecf 100644 --- a/src/afb-websock.c +++ b/src/afb-websock.c @@ -24,12 +24,13 @@ #include <sys/uio.h> #include <openssl/sha.h> +#include <openssl/bio.h> +#include <openssl/evp.h> #include "websock.h" #include "../include/local-def.h" - #include "afb-method.h" #include "afb-hreq.h" @@ -124,46 +125,70 @@ static void make_accept_value(const char *key, char result[29]) result[28] = 0; } -static int handshake(struct afb_hreq *hreq, struct afb_websock **ws) +static int headerhas(const char *header, const char *needle) +{ + static const char sep[] = " \t,"; + size_t len, n; + + n = strlen(needle); + for(;;) { + header += strspn(header, sep); + if (!*header) + return 0; + len = strcspn(header, sep); +printf("!!!%.*s!!!\n",len,header); + if (n == len && 0 == strncasecmp(needle, header, n)) + return 1; + header += len; + } +} + +int afb_websock_check(struct afb_hreq *hreq, int *later) { const char *connection, *upgrade, *key, *version, *protocols; char acceptval[29]; int vernum; struct MHD_Response *response; + /* is an upgrade to websocket ? */ upgrade = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_UPGRADE); +printf("upgrade %s\n", upgrade); if (upgrade == NULL || strcasecmp(upgrade, websocket_s)) return 0; + /* is a connection for upgrade ? */ connection = afb_hreq_get_header(hreq, MHD_HTTP_HEADER_CONNECTION); - if (connection == NULL || strcasecmp (connection, MHD_HTTP_HEADER_UPGRADE)) +printf("connection %s\n", connection); + if (connection == NULL || !headerhas (connection, MHD_HTTP_HEADER_UPGRADE)) return 0; + /* is a get ? */ if(hreq->method != afb_method_get || strcasecmp(hreq->version, MHD_HTTP_VERSION_1_1)) return 0; + /* has a key and a version ? */ key = afb_hreq_get_header(hreq, sec_websocket_key_s); version = afb_hreq_get_header(hreq, sec_websocket_version_s); +printf("key %s\n", key); +printf("version %s\n", connection); if (key == NULL || version == NULL) return 0; + /* is a supported version ? */ vernum = atoi(version); - if (vernum != 13) - return 0; - - if (*ws == NULL) - return 1; - - protocols = afb_hreq_get_header(hreq, sec_websocket_protocol_s); - if (vernum != 13) { response = MHD_create_response_from_data(0,NULL,0,0); MHD_add_response_header (response, sec_websocket_version_s, "13"); MHD_queue_response (hreq->connection, MHD_HTTP_BAD_REQUEST, response); MHD_destroy_response (response); - return 2; + *later = 1; + return 1; } + /* is the protocol supported ? */ + protocols = afb_hreq_get_header(hreq, sec_websocket_protocol_s); + + /* send the accept connection */ make_accept_value(key, acceptval); response = MHD_create_response_from_data(0,NULL,0,0); MHD_add_response_header (response, sec_websocket_accept_s, acceptval); @@ -172,24 +197,24 @@ static int handshake(struct afb_hreq *hreq, struct afb_websock **ws) MHD_queue_response (hreq->connection, MHD_HTTP_SWITCHING_PROTOCOLS, response); MHD_destroy_response (response); + *later = 0; return 1; } -int afb_websock_is_handshake(struct afb_hreq *hreq) -{ - return handshake(hreq, NULL); -} - -int afb_websock_open_if(struct afb_hreq *hreq, struct afb_websock **ws) +struct afb_websock *afb_websock_create(struct MHD_Connection *connection) { - assert(*ws != NULL); - *ws = NULL; - return handshake(hreq, ws); -} - -int afb_websock_open(struct afb_hreq *hreq, struct afb_websock **ws) -{ - int rc = afb_websock_open_if(hreq, ws); - return rc ? rc : -1; + struct afb_websock *result; + + result = malloc(sizeof * result); + if (result) { + result->connection = connection; + result->fd = MHD_get_connection_info(connection, MHD_CONNECTION_INFO_CONNECTION_FD)->connect_fd; + result->ws = websock_create(&afb_websock_itf, result); + if (result->ws == NULL) { + free(result); + result = NULL; + } + } + return result; } diff --git a/src/afb-websock.h b/src/afb-websock.h new file mode 100644 index 00000000..db40b9ae --- /dev/null +++ b/src/afb-websock.h @@ -0,0 +1,21 @@ +/* + * Copyright 2016 IoT.bzh + * Author: José Bollo <jose.bollo@iot.bzh> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +int afb_websock_check(struct afb_hreq *hreq, int *later); +struct afb_websock *afb_websock_create(struct MHD_Connection *connection); + + diff --git a/src/http-svc.c b/src/http-svc.c index ff09650f..f281bbf9 100644 --- a/src/http-svc.c +++ b/src/http-svc.c @@ -24,6 +24,7 @@ #include "../include/local-def.h" #include "afb-method.h" #include "afb-hreq.h" +#include "afb-websock.h" struct afb_hsrv_handler { @@ -42,15 +43,15 @@ struct afb_diralias { int dirfd; }; -int afb_request_one_page_api_redirect( - struct afb_hreq *request, +int afb_hreq_one_page_api_redirect( + struct afb_hreq *hreq, struct afb_hreq_post *post, void *data) { size_t plen; char *url; - if (request->lentail >= 2 && request->tail[1] == '#') + if (hreq->lentail >= 2 && hreq->tail[1] == '#') return 0; /* * Here we have for example: @@ -61,13 +62,13 @@ int afb_request_one_page_api_redirect( * * Let compute plen that include the / at end (for "/pre/") */ - plen = request->lenurl - request->lentail + 1; - url = alloca(request->lenurl + 3); - memcpy(url, request->url, plen); + plen = hreq->lenurl - hreq->lentail + 1; + url = alloca(hreq->lenurl + 3); + memcpy(url, hreq->url, plen); url[plen++] = '#'; url[plen++] = '!'; - memcpy(&url[plen], &request->tail[1], request->lentail); - return afb_hreq_redirect_to(request, url); + memcpy(&url[plen], &hreq->tail[1], hreq->lentail); + return afb_hreq_redirect_to(hreq, url); } struct afb_hsrv_handler *afb_hsrv_handler_new( @@ -127,27 +128,35 @@ int afb_req_add_handler( return 1; } -static int relay_to_doRestApi(struct afb_hreq *request, struct afb_hreq_post *post, void *data) +static int relay_to_doRestApi(struct afb_hreq *hreq, struct afb_hreq_post *post, void *data) { - return doRestApi(request->connection, request->session, &request->tail[1], get_method_name(request->method), - post->upload_data, post->upload_data_size, (void **)request->recorder); + int later; + if (afb_websock_check(hreq, &later)) { + if (!later) { + struct afb_websock *ws = afb_websock_create(hreq->connection); + } + return 1; + } + + return doRestApi(hreq->connection, hreq->session, &hreq->tail[1], get_method_name(hreq->method), + post->upload_data, post->upload_data_size, (void **)hreq->recorder); } -static int handle_alias(struct afb_hreq *request, struct afb_hreq_post *post, void *data) +static int handle_alias(struct afb_hreq *hreq, struct afb_hreq_post *post, void *data) { struct afb_diralias *da = data; - if (request->method != afb_method_get) { - afb_hreq_reply_error(request, MHD_HTTP_METHOD_NOT_ALLOWED); + if (hreq->method != afb_method_get) { + afb_hreq_reply_error(hreq, MHD_HTTP_METHOD_NOT_ALLOWED); return 1; } - if (!afb_hreq_valid_tail(request)) { - afb_hreq_reply_error(request, MHD_HTTP_FORBIDDEN); + if (!afb_hreq_valid_tail(hreq)) { + afb_hreq_reply_error(hreq, MHD_HTTP_FORBIDDEN); return 1; } - return afb_hreq_reply_file(request, da->dirfd, &request->tail[1]); + return afb_hreq_reply_file(hreq, da->dirfd, &hreq->tail[1]); } int afb_req_add_alias(AFB_session * session, const char *prefix, const char *alias, int priority) @@ -189,7 +198,7 @@ static int my_default_init(AFB_session * session) if (!afb_req_add_alias(session, "", session->config->rootdir, -10)) return 0; - if (!afb_req_add_handler(session, session->config->rootbase, afb_request_one_page_api_redirect, NULL, -20)) + if (!afb_req_add_handler(session, session->config->rootbase, afb_hreq_one_page_api_redirect, NULL, -20)) return 0; return 1; @@ -206,7 +215,7 @@ static int access_handler( void **recorder) { struct afb_hreq_post post; - struct afb_hreq request; + struct afb_hreq hreq; enum afb_method method; AFB_session *session; struct afb_hsrv_handler *iter; @@ -237,36 +246,36 @@ static int access_handler( method = get_method(methodstr); if (method == afb_method_none) { - afb_hreq_reply_error(&request, MHD_HTTP_BAD_REQUEST); + afb_hreq_reply_error(&hreq, MHD_HTTP_BAD_REQUEST); return MHD_YES; } /* init the request */ - request.session = cls; - request.connection = connection; - request.method = method; - request.version = version; - request.tail = request.url = url; - request.lentail = request.lenurl = strlen(url); - request.recorder = (struct afb_hreq **)recorder; - request.post_handler = NULL; - request.post_completed = NULL; - request.post_data = NULL; + hreq.session = cls; + hreq.connection = connection; + hreq.method = method; + hreq.version = version; + hreq.tail = hreq.url = url; + hreq.lentail = hreq.lenurl = strlen(url); + hreq.recorder = (struct afb_hreq **)recorder; + hreq.post_handler = NULL; + hreq.post_completed = NULL; + hreq.post_data = NULL; /* search an handler for the request */ iter = session->handlers; while (iter) { - if (afb_hreq_unprefix(&request, iter->prefix, iter->length)) { - if (iter->handler(&request, &post, iter->data)) + if (afb_hreq_unprefix(&hreq, iter->prefix, iter->length)) { + if (iter->handler(&hreq, &post, iter->data)) return MHD_YES; - request.tail = request.url; - request.lentail = request.lenurl; + hreq.tail = hreq.url; + hreq.lentail = hreq.lenurl; } iter = iter->next; } /* no handler */ - afb_hreq_reply_error(&request, method != afb_method_get ? MHD_HTTP_BAD_REQUEST : MHD_HTTP_NOT_FOUND); + afb_hreq_reply_error(&hreq, method != afb_method_get ? MHD_HTTP_BAD_REQUEST : MHD_HTTP_NOT_FOUND); return MHD_YES; } @@ -337,7 +346,7 @@ AFB_error httpdStart(AFB_session * session) } session->httpd = MHD_start_daemon( - MHD_USE_EPOLL_LINUX_ONLY | MHD_USE_TCP_FASTOPEN | MHD_USE_DEBUG, + MHD_USE_EPOLL_LINUX_ONLY | MHD_USE_TCP_FASTOPEN | MHD_USE_DEBUG | MHD_USE_SUSPEND_RESUME, (uint16_t) session->config->httpdPort, /* port */ new_client_handler, NULL, /* Tcp Accept call back + extra attribute */ access_handler, session, /* Http Request Call back + extra attribute */ @@ -25,6 +25,7 @@ #include <sys/types.h> #include "local-def.h" +#include "afb-plugins.h" #if !defined(PLUGIN_INSTALL_DIR) #error "you should define PLUGIN_INSTALL_DIR" diff --git a/src/rest-api.c b/src/rest-api.c deleted file mode 100644 index 12f4a448..00000000 --- a/src/rest-api.c +++ /dev/null @@ -1,668 +0,0 @@ -/* - * Copyright (C) 2015 "IoT.bzh" - * Author "Fulup Ar Foll" - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - * Contain all generic part to handle REST/API - * - * https://www.gnu.org/software/libmicrohttpd/tutorial.html [search 'largepost.c'] - */ - -#include "../include/local-def.h" - -#include <dirent.h> -#include <dlfcn.h> -#include <setjmp.h> -#include <signal.h> - -#define AFB_MSG_JTYPE "AJB_reply" - -#define JSON_CONTENT "application/json" -#define FORM_CONTENT "multipart/form-data" /* TODO: replace with MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA */ - - -static json_object *afbJsonType; - - -// Because of POST call multiple time requestApi we need to free POST handle here -// Note this method is called from http-svc just before closing session -PUBLIC void endPostRequest(AFB_PostHandle *postHandle) { - - if (postHandle->type == AFB_POST_JSON) { - // if (verbose) fprintf(stderr, "End PostJson Request UID=%d\n", postHandle->uid); - } - - if (postHandle->type == AFB_POST_FORM) { - if (verbose) fprintf(stderr, "End PostForm Request UID=%d\n", postHandle->uid); - } - if (postHandle->privatebuf) free(postHandle->privatebuf); - free(postHandle); -} - -// Check of apiurl is declare in this plugin and call it -STATIC AFB_error callPluginApi(AFB_request *request, int plugidx, void *context) { - json_object *jresp, *jcall, *jreqt; - int idx, status, sig; - AFB_clientCtx *clientCtx = NULL; - AFB_plugin *plugin = request->plugins[plugidx]; - int signals[]= {SIGALRM, SIGSEGV, SIGFPE, 0}; - - /*--------------------------------------------------------------- - | Signal handler defined inside CallPluginApi to access Request - +---------------------------------------------------------------- */ - void pluginError (int signum) { - sigset_t sigset; - - - // unlock signal to allow a new signal to come - sigemptyset (&sigset); - sigaddset (&sigset, signum); - sigprocmask (SIG_UNBLOCK, &sigset, 0); - - fprintf (stderr, "Oops: Plugin Api Timeout timeout\n"); - longjmp (request->checkPluginCall, signum); - } - - - // If a plugin hold this urlpath call its callback - for (idx = 0; plugin->apis[idx].callback != NULL; idx++) { - if (!strcmp(plugin->apis[idx].name, request->api)) { - - // Request was found and at least partially executed - jreqt = json_object_new_object(); - json_object_get (afbJsonType); // increate jsontype reference count - json_object_object_add (jreqt, "jtype", afbJsonType); - - // prepare an object to store calling values - jcall=json_object_new_object(); - json_object_object_add(jcall, "prefix", json_object_new_string (plugin->prefix)); - json_object_object_add(jcall, "api" , json_object_new_string (plugin->apis[idx].name)); - - // save context before calling the API - status = setjmp (request->checkPluginCall); - if (status != 0) { - - // Plugin aborted somewhere during its execution - json_object_object_add(jcall, "status", json_object_new_string ("abort")); - json_object_object_add(jcall, "info" , json_object_new_string ("Plugin broke during execution")); - json_object_object_add(jreqt, "request", jcall); - - } else { - - // If timeout protection==0 we are in debug and we do not apply signal protection - if (request->config->apiTimeout > 0) { - for (sig=0; signals[sig] != 0; sig++) { - if (signal (signals[sig], pluginError) == SIG_ERR) { - request->errcode = MHD_HTTP_UNPROCESSABLE_ENTITY; - json_object_object_add(jcall, "status", json_object_new_string ("fail")); - json_object_object_add(jcall, "info", json_object_new_string ("Setting Timeout Handler Failed")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - } - } - // Trigger a timer to protect from unacceptable long time execution - alarm ((unsigned)request->config->apiTimeout); - } - - // Out of SessionNone every call get a client context session - if (AFB_SESSION_NONE != plugin->apis[idx].session) { - - // add client context to request - clientCtx = ctxClientGet(request, plugidx); - if (clientCtx == NULL) { - request->errcode=MHD_HTTP_INSUFFICIENT_STORAGE; - json_object_object_add(jcall, "status", json_object_new_string ("fail")); - json_object_object_add(jcall, "info", json_object_new_string ("Client Session Context Full !!!")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - }; - - if (verbose) fprintf(stderr, "Plugin=[%s] Api=[%s] Middleware=[%d] Client=[%p] Uuid=[%s] Token=[%s]\n" - , request->prefix, request->api, plugin->apis[idx].session, clientCtx, clientCtx->uuid, clientCtx->token); - - switch(plugin->apis[idx].session) { - - case AFB_SESSION_CREATE: - if (clientCtx->token[0] != '\0' && request->config->token[0] != '\0') { - request->errcode=MHD_HTTP_UNAUTHORIZED; - json_object_object_add(jcall, "status", json_object_new_string ("exist")); - json_object_object_add(jcall, "info", json_object_new_string ("AFB_SESSION_CREATE Session already exist")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - } - - if (AFB_SUCCESS != ctxTokenCreate (clientCtx, request)) { - request->errcode=MHD_HTTP_UNAUTHORIZED; - json_object_object_add(jcall, "status", json_object_new_string ("fail")); - json_object_object_add(jcall, "info", json_object_new_string ("AFB_SESSION_CREATE Invalid Initial Token")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - } else { - json_object_object_add(jcall, "uuid", json_object_new_string (clientCtx->uuid)); - json_object_object_add(jcall, "token", json_object_new_string (clientCtx->token)); - json_object_object_add(jcall, "timeout", json_object_new_int (request->config->cntxTimeout)); - } - break; - - - case AFB_SESSION_RENEW: - if (AFB_SUCCESS != ctxTokenRefresh (clientCtx, request)) { - request->errcode=MHD_HTTP_UNAUTHORIZED; - json_object_object_add(jcall, "status", json_object_new_string ("fail")); - json_object_object_add(jcall, "info", json_object_new_string ("AFB_SESSION_REFRESH Broken Exchange Token Chain")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - } else { - json_object_object_add(jcall, "uuid", json_object_new_string (clientCtx->uuid)); - json_object_object_add(jcall, "token", json_object_new_string (clientCtx->token)); - json_object_object_add(jcall, "timeout", json_object_new_int (request->config->cntxTimeout)); - } - break; - - case AFB_SESSION_CLOSE: - if (AFB_SUCCESS != ctxTokenCheck (clientCtx, request)) { - request->errcode=MHD_HTTP_UNAUTHORIZED; - json_object_object_add(jcall, "status", json_object_new_string ("empty")); - json_object_object_add(jcall, "info", json_object_new_string ("AFB_SESSION_CLOSE Not a Valid Access Token")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - } else { - json_object_object_add(jcall, "uuid", json_object_new_string (clientCtx->uuid)); - } - break; - - case AFB_SESSION_CHECK: - default: - // default action is check - if (AFB_SUCCESS != ctxTokenCheck (clientCtx, request)) { - request->errcode=MHD_HTTP_UNAUTHORIZED; - json_object_object_add(jcall, "status", json_object_new_string ("fail")); - json_object_object_add(jcall, "info", json_object_new_string ("AFB_SESSION_CHECK Invalid Active Token")); - json_object_object_add(jreqt, "request", jcall); - goto ExitOnDone; - } - break; - } - } - - // Effectively CALL PLUGIN API with a subset of the context - jresp = plugin->apis[idx].callback(request, context); - - // Store context in case it was updated by plugins - if (request->context != NULL) clientCtx->contexts[plugidx] = request->context; - - // handle intermediary Post Iterates out of band - if ((jresp == NULL) && (request->errcode == MHD_HTTP_OK)) return (AFB_SUCCESS); - - // Session close is done after the API call so API can still use session in closing API - if (AFB_SESSION_CLOSE == plugin->apis[idx].session) ctxTokenReset (clientCtx, request); - - // API should return NULL of a valid Json Object - if (jresp == NULL) { - json_object_object_add(jcall, "status", json_object_new_string ("null")); - json_object_object_add(jreqt, "request", jcall); - request->errcode = MHD_HTTP_NO_RESPONSE; - - } else { - json_object_object_add(jcall, "status", json_object_new_string ("processed")); - json_object_object_add(jreqt, "request", jcall); - json_object_object_add(jreqt, "response", jresp); - } - // cancel timeout and plugin signal handle before next call - if (request->config->apiTimeout > 0) { - alarm (0); - for (sig=0; signals[sig] != 0; sig++) { - signal (signals[sig], SIG_DFL); - } - } - } - goto ExitOnDone; - } - } - return (AFB_FAIL); - -ExitOnDone: - request->jresp = jreqt; - return (AFB_DONE); -} - -STATIC AFB_error findAndCallApi (AFB_request *request, void *context) { - int idx; - AFB_error status; - - if (!request->api || !request->prefix) return (AFB_FAIL); - - // Search for a plugin with this urlpath - for (idx = 0; request->plugins[idx] != NULL; idx++) { - if (!strcmp(request->plugins[idx]->prefix, request->prefix)) { - status =callPluginApi(request, idx, context); - break; - } - } - // No plugin was found - if (request->plugins[idx] == NULL) { - request->jresp = jsonNewMessage(AFB_FATAL, "No Plugin=[%s] Url=%s", request->prefix, request->url); - goto ExitOnError; - } - - // plugin callback did not return a valid Json Object - if (status == AFB_FAIL) { - request->jresp = jsonNewMessage(AFB_FATAL, "No API=[%s] for Plugin=[%s] url=[%s]", request->api, request->prefix, request->url); - goto ExitOnError; - } - - // Everything look OK - return (status); - -ExitOnError: - request->errcode = MHD_HTTP_UNPROCESSABLE_ENTITY; - return (AFB_FAIL); -} - -// This CB is call for every item with a form post it reformat iterator values -// and callback Plugin API for each Item within PostForm. -STATIC int doPostIterate (void *cls, enum MHD_ValueKind kind, const char *key, - const char *filename, const char *mimetype, - const char *encoding, const char *data, uint64_t offset, - size_t size) { - - AFB_error status; - AFB_PostItem item; - - // retrieve API request from Post iterator handle - AFB_PostHandle *postHandle = (AFB_PostHandle*)cls; - AFB_request *request = (AFB_request*)postHandle->privatebuf; - AFB_PostRequest postRequest; - - if (verbose) - fprintf (stderr, "postHandle key=%s filename=%s len=%zu mime=%s\n", key, filename, size, mimetype); - - // Create and Item value for Plugin API - item.kind = kind; - item.key = key; - item.filename = filename; - item.mimetype = mimetype; - item.encoding = encoding; - item.len = size; - item.data = data; - item.offset = offset; - - // Reformat Request to make it somehow similar to GET/PostJson case - postRequest.data= (char*) postHandle; - postRequest.len = size; - postRequest.type= AFB_POST_FORM;; - request->post = &postRequest; - - // effectively call plugin API - status = findAndCallApi (request, &item); - // when returning no processing of postform stop - if (status != AFB_SUCCESS) return MHD_NO; - - // let's allow iterator to move to next item - return MHD_YES; -} - -STATIC void freeRequest (AFB_request *request) { - - free (request->prefix); - free (request->api); - free (request); -} - -STATIC AFB_request *createRequest (struct MHD_Connection *connection, AFB_session *session, const char* url) { - - AFB_request *request; - - // Start with a clean request - request = calloc (1, sizeof (AFB_request)); - char *urlcpy1, *urlcpy2; - char *baseapi, *baseurl; - - // Extract plugin urlpath from request and make two copy because strsep overload copy - urlcpy1 = urlcpy2 = strdup(url); - baseurl = strsep(&urlcpy2, "/"); - if (baseurl == NULL) { - request->jresp = jsonNewMessage(AFB_FATAL, "Invalid API call url=[%s]", url); - request->errcode = MHD_HTTP_BAD_REQUEST; - goto Done; - } - - // let's compute URL and call API - baseapi = strsep(&urlcpy2, "/"); - if (baseapi == NULL) { - request->jresp = jsonNewMessage(AFB_FATAL, "Invalid API call plugin=[%s] url=[%s]", baseurl, url); - request->errcode = MHD_HTTP_BAD_REQUEST; - goto Done; - } - - // build request structure - request->connection = connection; - request->config = session->config; - request->url = url; - request->prefix = strdup (baseurl); - request->api = strdup (baseapi); - request->plugins= session->plugins; - // note request->handle is fed with request->context in ctxClientGet - -Done: - free(urlcpy1); - return (request); -} - -// process rest API query -PUBLIC int doRestApi(struct MHD_Connection *connection, AFB_session *session, const char* url, const char *method - , const char *upload_data, size_t *upload_data_size, void **con_cls) { - - static int postcount = 0; // static counter to debug POST protocol - json_object *errMessage; - AFB_error status; - struct MHD_Response *webResponse; - const char *serialized; - AFB_request *request = NULL; - AFB_PostHandle *postHandle; - AFB_PostRequest postRequest; - int ret; - - // fprintf (stderr, "doRestAPI method=%s posthandle=%p\n", method, con_cls); - - // if post data may come in multiple calls - if (0 == strcmp(method, MHD_HTTP_METHOD_POST)) { - const char *encoding, *param; - int contentlen = -1; - postHandle = *con_cls; - - // This is the initial post event let's create form post structure POST data come in multiple events - if (postHandle == NULL) { - - // allocate application POST processor handle to zero - postHandle = calloc(1, sizeof (AFB_PostHandle)); - postHandle->uid = postcount++; // build a UID for DEBUG - *con_cls = postHandle; // update context with posthandle - - // Let make sure we have the right encoding and a valid length - encoding = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_CONTENT_TYPE); - - // We are facing an empty post let's process it as a get - if (encoding == NULL) { - postHandle->type = AFB_POST_EMPTY; - return MHD_YES; - } - - // Form post is handle through a PostProcessor and call API once per form key - if (strcasestr(encoding, FORM_CONTENT) != NULL) { - if (verbose) fprintf(stderr, "Create doPostIterate[uid=%d posthandle=%p]\n", postHandle->uid, postHandle); - - request = createRequest (connection, session, url); - if (request->jresp != NULL) goto ProcessApiCall; - postHandle->type = AFB_POST_FORM; - postHandle->privatebuf = (void*)request; - postHandle->pp = MHD_create_post_processor (connection, MAX_POST_SIZE, &doPostIterate, postHandle); - - if (NULL == postHandle->pp) { - fprintf(stderr,"OOPS: Internal error fail to allocate MHD_create_post_processor\n"); - free (postHandle); - return MHD_NO; - } - return MHD_YES; - } - - // POST json is store into a buffer and present in one piece to API - if (strcasestr(encoding, JSON_CONTENT) != NULL) { - - param = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_CONTENT_LENGTH); - if (param) sscanf(param, "%i", &contentlen); - - // Because PostJson are build in RAM size is constrained - if (contentlen > MAX_POST_SIZE) { - errMessage = jsonNewMessage(AFB_FATAL, "Post Date to big %d > %d", contentlen, MAX_POST_SIZE); - goto ExitOnError; - } - - // Size is OK, let's allocate a buffer to hold post data - postHandle->type = AFB_POST_JSON; - postHandle->privatebuf = malloc((unsigned)contentlen + 1); // allocate memory for full POST data + 1 for '\0' enf of string - - // if (verbose) fprintf(stderr, "Create PostJson[uid=%d] Size=%d\n", postHandle->uid, contentlen); - return MHD_YES; - - } else { - // We only support Json and Form Post format - errMessage = jsonNewMessage(AFB_FATAL, "Post Date wrong type encoding=%s != %s", encoding, JSON_CONTENT); - goto ExitOnError; - } - } - - // This time we receive partial/all Post data. Note that even if we get all POST data. We should nevertheless - // return MHD_YES and not process the request directly. Otherwise Libmicrohttpd is unhappy and fails with - // 'Internal application error, closing connection'. - if (*upload_data_size) { - - if (postHandle->type == AFB_POST_FORM) { - // if (verbose) fprintf(stderr, "Processing PostForm[uid=%d]\n", postHandle->uid); - MHD_post_process (postHandle->pp, upload_data, *upload_data_size); - } - - // Process JsonPost request when buffer is completed let's call API - if (postHandle->type == AFB_POST_JSON) { - // if (verbose) fprintf(stderr, "Updating PostJson[uid=%d]\n", postHandle->uid); - memcpy(&postHandle->privatebuf[postHandle->len], upload_data, *upload_data_size); - postHandle->len = postHandle->len + *upload_data_size; - } - - *upload_data_size = 0; - return MHD_YES; - - } else { // we have finish with Post reception let's finish the work - - // Create a request structure to finalise the request - request= createRequest (connection, session, url); - if (request->jresp != NULL) { - errMessage = request->jresp; - goto ExitOnError; - } - postRequest.type = postHandle->type; - - // Postform add application context handle to request - if (postHandle->type == AFB_POST_FORM) { - postRequest.data = (char*) postHandle; - request->post = &postRequest; - } - - if (postHandle->type == AFB_POST_JSON) { - // if (verbose) fprintf(stderr, "Processing PostJson[uid=%d]\n", postHandle->uid); - - param = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_CONTENT_LENGTH); - if (param) sscanf(param, "%i", &contentlen); - - // At this level we're may verify that we got everything and process DATA - if (postHandle->len != contentlen) { - errMessage = jsonNewMessage(AFB_FATAL, "Post Data Incomplete UID=%d Len %d != %d", postHandle->uid, contentlen, postHandle->len); - goto ExitOnError; - } - - // Before processing data, make sure buffer string is properly ended - postHandle->privatebuf[postHandle->len] = '\0'; - postRequest.data = postHandle->privatebuf; - request->post = &postRequest; - - // if (verbose) fprintf(stderr, "Close Post[%d] Buffer=%s\n", postHandle->uid, request->post->data); - } - } - } else { - // this is a get we only need a request - request= createRequest (connection, session, url); - }; - -ProcessApiCall: - // Request is ready let's call API without any extra handle - status = findAndCallApi (request, NULL); - - serialized = json_object_to_json_string(request->jresp); - webResponse = MHD_create_response_from_buffer(strlen(serialized), (void*) serialized, MHD_RESPMEM_MUST_COPY); - - // client did not pass token on URI let's use cookies - if ((!request->restfull) && (request->context != NULL)) { - char cookie[256]; - snprintf (cookie, sizeof (cookie), "%s-%d=%s; Path=%s; Max-Age=%d; HttpOnly", COOKIE_NAME, request->config->httpdPort, request->uuid, request->config->rootapi,request->config->cntxTimeout); - MHD_add_response_header (webResponse, MHD_HTTP_HEADER_SET_COOKIE, cookie); - } - - // if requested add an error status - if (request->errcode != 0) ret=MHD_queue_response (connection, request->errcode, webResponse); - else MHD_queue_response(connection, MHD_HTTP_OK, webResponse); - - MHD_destroy_response(webResponse); - json_object_put(request->jresp); // decrease reference rqtcount to free the json object - freeRequest (request); - return MHD_YES; - -ExitOnError: - freeRequest (request); - serialized = json_object_to_json_string(errMessage); - webResponse = MHD_create_response_from_buffer(strlen(serialized), (void*) serialized, MHD_RESPMEM_MUST_COPY); - MHD_queue_response(connection, MHD_HTTP_BAD_REQUEST, webResponse); - MHD_destroy_response(webResponse); - json_object_put(errMessage); // decrease reference rqtcount to free the json object - return MHD_YES; -} - - -// Loop on plugins. Check that they have the right type, prepare a JSON object with prefix -STATIC AFB_plugin ** RegisterJsonPlugins(AFB_plugin **plugins) { - int idx; - - for (idx = 0; plugins[idx] != NULL; idx++) { - if (plugins[idx]->type != AFB_PLUGIN_JSON) { - fprintf(stderr, "ERROR: AFSV plugin[%d] invalid type=%d != %d\n", idx, AFB_PLUGIN_JSON, plugins[idx]->type); - } else { - // some sanity controls - if ((plugins[idx]->prefix == NULL) || (plugins[idx]->info == NULL) || (plugins[idx]->apis == NULL)) { - if (plugins[idx]->prefix == NULL) plugins[idx]->prefix = "No URL prefix for APIs"; - if (plugins[idx]->info == NULL) plugins[idx]->info = "No Info describing plugin APIs"; - fprintf(stderr, "ERROR: plugin[%d] invalid prefix=%s info=%s", idx, plugins[idx]->prefix, plugins[idx]->info); - return NULL; - } - - if (verbose) fprintf(stderr, "Loading plugin[%d] prefix=[%s] info=%s\n", idx, plugins[idx]->prefix, plugins[idx]->info); - - // Prebuild plugin jtype to boost API response - plugins[idx]->jtype = json_object_new_string(plugins[idx]->prefix); - json_object_get(plugins[idx]->jtype); // increase reference count to make it permanent - plugins[idx]->prefixlen = strlen(plugins[idx]->prefix); - } - } - return (plugins); -} - -STATIC void scanDirectory(char *dirpath, int dirfd, AFB_plugin **plugins, int *count) { - DIR *dir; - void *libso; - struct dirent pluginDir, *result; - AFB_plugin* (*pluginRegisterFct)(void); - char pluginPath[255]; - - // Open Directory to scan over it - dir = fdopendir (dirfd); - if (dir == NULL) { - fprintf(stderr, "ERROR in scanning directory\n"); - return; - } - if (verbose) fprintf (stderr, "Scanning dir=[%s] for plugins\n", dirpath); - - for (;;) { - readdir_r(dir, &pluginDir, &result); - if (result == NULL) break; - - // Loop on any contained directory - if ((pluginDir.d_type == DT_DIR) && (pluginDir.d_name[0] != '.')) { - int fd = openat (dirfd, pluginDir.d_name, O_DIRECTORY); - char newpath[255]; - strncpy (newpath, dirpath, sizeof(newpath)); - strncat (newpath, "/", sizeof(newpath)); - strncat (newpath, pluginDir.d_name, sizeof(newpath)); - - scanDirectory (newpath, fd, plugins, count); - close (fd); - - } else { - - // This is a file but not a plugin let's move to next directory element - if (!strstr (pluginDir.d_name, ".so")) continue; - - // This is a loadable library let's check if it's a plugin - snprintf (pluginPath, sizeof(pluginPath), "%s/%s", dirpath, pluginDir.d_name); - libso = dlopen (pluginPath, RTLD_NOW | RTLD_LOCAL); - - // Load fail we ignore this .so file - if (!libso) { - fprintf(stderr, "[%s] is not loadable, continuing...\n", pluginDir.d_name); - continue; - } - - pluginRegisterFct = dlsym (libso, "pluginRegister"); - - if (!pluginRegisterFct) { - fprintf(stderr, "[%s] is not an AFB plugin, continuing...\n", pluginDir.d_name); - continue; - } - - // if max plugin is reached let's stop searching - if (*count == AFB_MAX_PLUGINS) { - fprintf(stderr, "[%s] is not loaded [Max Count=%d reached]\n", pluginDir.d_name, *count); - continue; - } - - if (verbose) fprintf(stderr, "[%s] is a valid AFB plugin, loading pos[%d]\n", pluginDir.d_name, *count); - plugins[*count] = pluginRegisterFct(); - if (!plugins[*count]) { - if (verbose) fprintf(stderr, "ERROR: plugin [%s] register function failed. continuing...\n", pluginDir.d_name); - } else - *count = *count +1; - } - } - closedir (dir); -} - -void initPlugins(AFB_session *session) { - AFB_plugin **plugins; - - afbJsonType = json_object_new_string (AFB_MSG_JTYPE); - int count = 0; - char *dirpath; - int dirfd; - - /* pre-allocate for AFB_MAX_PLUGINS plugins, we will downsize later */ - plugins = (AFB_plugin **) malloc (AFB_MAX_PLUGINS *sizeof(AFB_plugin*)); - - // Loop on every directory passed in --plugins=xxx - while ((dirpath = strsep(&session->config->ldpaths, ":"))) { - // Ignore any directory we fail to open - if ((dirfd = open(dirpath, O_DIRECTORY)) <= 0) { - fprintf(stderr, "Invalid directory path=[%s]\n", dirpath); - continue; - } - scanDirectory (dirpath, dirfd, plugins, &count); - close (dirfd); - } - - // downsize structure to effective number of loaded plugins - plugins = (AFB_plugin **)realloc (plugins, (unsigned)(count+1)*sizeof(AFB_plugin*)); - plugins[count] = NULL; - - // complete plugins and save them within current sessions - session->plugins = RegisterJsonPlugins(plugins); - session->config->pluginCount = count; -} - |