Class: Aws::Rails::EbsSqsActiveJobMiddleware

Inherits:

Object

Object
Aws::Rails::EbsSqsActiveJobMiddleware

show all

Defined in:: lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb

Overview

Middleware to handle requests from the SQS Daemon present on Elastic Beanstalk worker environments.

Constant Summary collapse

INTERNAL_ERROR_MESSAGE =

'Failed to execute job - see Rails log for more details.'

INTERNAL_ERROR_RESPONSE =

[500, { 'Content-Type' => 'text/plain' }, [INTERNAL_ERROR_MESSAGE]].freeze

FORBIDDEN_MESSAGE =

'Request with aws-sqsd user agent was made from untrusted address.'

FORBIDDEN_RESPONSE =

[403, { 'Content-Type' => 'text/plain' }, [FORBIDDEN_MESSAGE]].freeze

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app) ⇒ EbsSqsActiveJobMiddleware constructor

A new instance of EbsSqsActiveJobMiddleware.

Constructor Details

#initialize(app) ⇒ `EbsSqsActiveJobMiddleware`

Returns a new instance of EbsSqsActiveJobMiddleware.

# File 'lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb', line 12

def initialize(app)
  @app = app
  @logger = ActiveSupport::Logger.new(STDOUT)
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb', line 17

def call(env)
  request = ActionDispatch::Request.new(env)

  # Pass through unless user agent is the SQS Daemon
  return @app.call(env) unless from_sqs_daemon?(request)

  @logger.debug('aws-rails-sdk middleware detected call from Elastic Beanstalk SQS Daemon.')

  # Only accept requests from this user agent if it is from localhost or a docker host in case of forgery.
  unless request.local? || sent_from_docker_host?(request)
    @logger.warn("SQSD request detected from untrusted address #{request.remote_ip}; returning 403 forbidden.")
    return FORBIDDEN_RESPONSE
  end

  # Execute job or periodic task based on HTTP request context
  periodic_task?(request) ? execute_periodic_task(request) : execute_job(request)
end