imageproxy/proxy/proxy.go

// Package proxy provides the image proxy.
package proxy

import (
	"errors"
	"fmt"
	"io/ioutil"
	"net/http"
	"net/url"
	"strconv"
	"strings"
	"time"

	"github.com/golang/glog"
	"github.com/willnorris/go-imageproxy/cache"
	"github.com/willnorris/go-imageproxy/data"
)

// URLError reports a malformed URL error.
type URLError struct {
	Message string
	URL     *url.URL
}

func (e URLError) Error() string {
	return fmt.Sprintf("malformed URL %q: %s", e.URL, e.Message)
}

// NewRequest parses an http.Request into an image request.
func NewRequest(r *http.Request) (*data.Request, error) {
	path := strings.SplitN(r.URL.Path, "/", 3)
	if len(path) != 3 {
		return nil, URLError{"too few path segments", r.URL}
	}

	var err error
	req := new(data.Request)

	req.URL, err = url.Parse(path[2])
	if err != nil {
		return nil, URLError{
			fmt.Sprintf("unable to parse remote URL: %v", err),
			r.URL,
		}
	}

	if !req.URL.IsAbs() {
		return nil, URLError{"must provide absolute remote URL", r.URL}
	}

	if req.URL.Scheme != "http" && req.URL.Scheme != "https" {
		return nil, URLError{"remote URL must have http or https URL", r.URL}
	}

	// query string is always part of the remote URL
	req.URL.RawQuery = r.URL.RawQuery
	req.Options, err = data.ParseOptions(path[1])
	if err != nil {
		return nil, URLError{err.Error(), r.URL}
	}

	return req, nil
}

// Proxy serves image requests.
type Proxy struct {
	Client *http.Client // client used to fetch remote URLs
	Cache  cache.Cache

	// Whitelist specifies a list of remote hosts that images can be proxied from.  An empty list means all hosts are allowed.
	Whitelist []string
}

// NewProxy constructs a new proxy.  The provided http Client will be used to
// fetch remote URLs.  If nil is provided, http.DefaultClient will be used.
func NewProxy(client *http.Client) *Proxy {
	if client == nil {
		client = http.DefaultClient
	}
	return &Proxy{Client: client, Cache: cache.NopCache}
}

// ServeHTTP handles image requests.
func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	req, err := NewRequest(r)
	if err != nil {
		http.Error(w, fmt.Sprintf("invalid request URL: %v", err.Error()), http.StatusBadRequest)
		return
	}

	u := req.URL.String()
	glog.Infof("request for image: %v", u)

	if !p.allowed(req.URL) {
		http.Error(w, fmt.Sprintf("remote URL is not for an allowed host: %v", req.URL.Host), http.StatusForbidden)
		return
	}

	image, ok := p.Cache.Get(u)
	if !ok {
		glog.Infof("image not cached")
		image, err = p.fetchRemoteImage(u, nil)
		if err != nil {
			glog.Errorf("errorf fetching remote image: %v", err)
		}
		p.Cache.Save(image)
	} else if time.Now().After(image.Expires) {
		glog.Infof("cached image expired")
		image, err = p.fetchRemoteImage(u, image)
		if err != nil {
			glog.Errorf("errorf fetching remote image: %v", err)
		}
		p.Cache.Save(image)
	} else {
		glog.Infof("serving from cache")
	}

	w.Header().Add("Content-Length", strconv.Itoa(len(image.Bytes)))
	w.Header().Add("Expires", image.Expires.Format(time.RFC1123))
	w.Write(image.Bytes)
}

func (p *Proxy) fetchRemoteImage(u string, cached *data.Image) (*data.Image, error) {
	glog.Infof("fetching remote image: %s", u)

	req, err := http.NewRequest("GET", u, nil)
	if err != nil {
		return nil, err
	}

	if cached != nil && cached.Etag != "" {
		req.Header.Add("If-None-Match", cached.Etag)
	}

	resp, err := p.Client.Do(req)
	if err != nil {
		return nil, err
	}

	if resp.StatusCode == http.StatusNotModified {
		glog.Infof("remote image not modified (304 response)")
		cached.Expires = parseExpires(resp)
		return cached, nil
	}

	if resp.StatusCode != http.StatusOK {
		return nil, errors.New(fmt.Sprintf("HTTP status not OK: %v", resp.Status))
	}

	defer resp.Body.Close()
	b, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		return nil, err
	}

	return &data.Image{
		URL:     u,
		Expires: parseExpires(resp),
		Etag:    resp.Header.Get("Etag"),
		Bytes:   b,
	}, nil
}

// allowed returns whether the specified URL is on the whitelist of remote hosts.
func (p *Proxy) allowed(u *url.URL) bool {
	if len(p.Whitelist) == 0 {
		return true
	}

	for _, host := range p.Whitelist {
		if u.Host == host {
			return true
		}
	}

	return false
}

func parseExpires(resp *http.Response) time.Time {
	exp := resp.Header.Get("Expires")
	if exp == "" {
		return time.Now()
	}

	t, err := time.Parse(time.RFC1123, exp)
	if err != nil {
		return time.Now()
	}

	return t
}
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`// Package proxy provides the image proxy.`
			`package proxy`

			`import (`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`"errors"`
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`"fmt"`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`"io/ioutil"`
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`"net/http"`
			`"net/url"`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`"strconv"`
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`"strings"`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`"time"`
move data structures to data package also use io.Copy to copy fetched image to http.ResponseWriter. 2013-12-04 03:37:13 -05:00
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`"github.com/golang/glog"`
			`"github.com/willnorris/go-imageproxy/cache"`
move data structures to data package also use io.Copy to copy fetched image to http.ResponseWriter. 2013-12-04 03:37:13 -05:00			`"github.com/willnorris/go-imageproxy/data"`
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`)`

			`// URLError reports a malformed URL error.`
			`type URLError struct {`
			`Message string`
			`URL *url.URL`
			`}`

			`func (e URLError) Error() string {`
			`return fmt.Sprintf("malformed URL %q: %s", e.URL, e.Message)`
			`}`

			`// NewRequest parses an http.Request into an image request.`
move data structures to data package also use io.Copy to copy fetched image to http.ResponseWriter. 2013-12-04 03:37:13 -05:00			`func NewRequest(r http.Request) (data.Request, error) {`
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`path := strings.SplitN(r.URL.Path, "/", 3)`
			`if len(path) != 3 {`
			`return nil, URLError{"too few path segments", r.URL}`
			`}`

			`var err error`
move data structures to data package also use io.Copy to copy fetched image to http.ResponseWriter. 2013-12-04 03:37:13 -05:00			`req := new(data.Request)`
parse http requests to image requests 2013-11-27 14:02:21 -05:00
			`req.URL, err = url.Parse(path[2])`
			`if err != nil {`
			`return nil, URLError{`
			`fmt.Sprintf("unable to parse remote URL: %v", err),`
			`r.URL,`
			`}`
			`}`

			`if !req.URL.IsAbs() {`
			`return nil, URLError{"must provide absolute remote URL", r.URL}`
			`}`

			`if req.URL.Scheme != "http" && req.URL.Scheme != "https" {`
			`return nil, URLError{"remote URL must have http or https URL", r.URL}`
			`}`

			`// query string is always part of the remote URL`
			`req.URL.RawQuery = r.URL.RawQuery`
rename Transform back to Options 2013-12-05 02:12:44 -05:00			`req.Options, err = data.ParseOptions(path[1])`
move data structures to data package also use io.Copy to copy fetched image to http.ResponseWriter. 2013-12-04 03:37:13 -05:00			`if err != nil {`
			`return nil, URLError{err.Error(), r.URL}`
parse http requests to image requests 2013-11-27 14:02:21 -05:00			`}`

			`return req, nil`
			`}`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00
			`// Proxy serves image requests.`
			`type Proxy struct {`
			`Client *http.Client // client used to fetch remote URLs`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`Cache cache.Cache`
add whitelist of allowed remote hosts 2013-12-04 06:12:56 -05:00
			`// Whitelist specifies a list of remote hosts that images can be proxied from. An empty list means all hosts are allowed.`
			`Whitelist []string`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`}`

			`// NewProxy constructs a new proxy. The provided http Client will be used to`
			`// fetch remote URLs. If nil is provided, http.DefaultClient will be used.`
			`func NewProxy(client http.Client) Proxy {`
			`if client == nil {`
			`client = http.DefaultClient`
			`}`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`return &Proxy{Client: client, Cache: cache.NopCache}`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`}`

			`// ServeHTTP handles image requests.`
			`func (p Proxy) ServeHTTP(w http.ResponseWriter, r http.Request) {`
			`req, err := NewRequest(r)`
			`if err != nil {`
			`http.Error(w, fmt.Sprintf("invalid request URL: %v", err.Error()), http.StatusBadRequest)`
			`return`
			`}`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00
			`u := req.URL.String()`
			`glog.Infof("request for image: %v", u)`

add whitelist of allowed remote hosts 2013-12-04 06:12:56 -05:00			`if !p.allowed(req.URL) {`
			`http.Error(w, fmt.Sprintf("remote URL is not for an allowed host: %v", req.URL.Host), http.StatusForbidden)`
			`return`
			`}`

add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`image, ok := p.Cache.Get(u)`
			`if !ok {`
			`glog.Infof("image not cached")`
			`image, err = p.fetchRemoteImage(u, nil)`
			`if err != nil {`
			`glog.Errorf("errorf fetching remote image: %v", err)`
			`}`
			`p.Cache.Save(image)`
			`} else if time.Now().After(image.Expires) {`
			`glog.Infof("cached image expired")`
			`image, err = p.fetchRemoteImage(u, image)`
			`if err != nil {`
			`glog.Errorf("errorf fetching remote image: %v", err)`
			`}`
			`p.Cache.Save(image)`
			`} else {`
			`glog.Infof("serving from cache")`
			`}`

			`w.Header().Add("Content-Length", strconv.Itoa(len(image.Bytes)))`
			`w.Header().Add("Expires", image.Expires.Format(time.RFC1123))`
			`w.Write(image.Bytes)`
			`}`

			`func (p Proxy) fetchRemoteImage(u string, cached data.Image) (*data.Image, error) {`
			`glog.Infof("fetching remote image: %s", u)`

			`req, err := http.NewRequest("GET", u, nil)`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`if err != nil {`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`return nil, err`
			`}`

			`if cached != nil && cached.Etag != "" {`
			`req.Header.Add("If-None-Match", cached.Etag)`
			`}`

			`resp, err := p.Client.Do(req)`
			`if err != nil {`
			`return nil, err`
			`}`

			`if resp.StatusCode == http.StatusNotModified {`
			`glog.Infof("remote image not modified (304 response)")`
			`cached.Expires = parseExpires(resp)`
			`return cached, nil`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`}`

			`if resp.StatusCode != http.StatusOK {`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`return nil, errors.New(fmt.Sprintf("HTTP status not OK: %v", resp.Status))`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`}`

			`defer resp.Body.Close()`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`b, err := ioutil.ReadAll(resp.Body)`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`if err != nil {`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`return nil, err`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`}`
add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00
			`return &data.Image{`
			`URL: u,`
			`Expires: parseExpires(resp),`
			`Etag: resp.Header.Get("Etag"),`
			`Bytes: b,`
			`}, nil`
			`}`

add whitelist of allowed remote hosts 2013-12-04 06:12:56 -05:00			`// allowed returns whether the specified URL is on the whitelist of remote hosts.`
			`func (p Proxy) allowed(u url.URL) bool {`
			`if len(p.Whitelist) == 0 {`
			`return true`
			`}`

			`for _, host := range p.Whitelist {`
			`if u.Host == host {`
			`return true`
			`}`
			`}`

			`return false`
			`}`

add basic caching support includes two implementations, a no-op NopCache and an in-memory MemoryCache. 2013-12-04 05:55:56 -05:00			`func parseExpires(resp *http.Response) time.Time {`
			`exp := resp.Header.Get("Expires")`
			`if exp == "" {`
			`return time.Now()`
			`}`

			`t, err := time.Parse(time.RFC1123, exp)`
			`if err != nil {`
			`return time.Now()`
			`}`

			`return t`
add initial (pretty naive) server implementation 2013-11-27 15:10:29 -05:00			`}`