Class: Aws::Rails::EbsSqsActiveJobMiddleware

Inherits:
Object
  • Object
show all
Defined in:
lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb

Overview

Middleware to handle requests from the SQS Daemon present on Elastic Beanstalk worker environments.

Constant Summary collapse

INTERNAL_ERROR_MESSAGE =
'Failed to execute job - see Rails log for more details.'
INTERNAL_ERROR_RESPONSE =
[500, { 'Content-Type' => 'text/plain' }, [INTERNAL_ERROR_MESSAGE]].freeze
FORBIDDEN_MESSAGE =
'Request with aws-sqsd user agent was made from untrusted address.'
FORBIDDEN_RESPONSE =
[403, { 'Content-Type' => 'text/plain' }, [FORBIDDEN_MESSAGE]].freeze

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ EbsSqsActiveJobMiddleware

Returns a new instance of EbsSqsActiveJobMiddleware.



12
13
14
15
# File 'lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb', line 12

def initialize(app)
  @app = app
  @logger = ::Rails.logger
end

Instance Method Details

#call(env) ⇒ Object



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'lib/aws/rails/middleware/ebs_sqs_active_job_middleware.rb', line 17

def call(env)
  request = ActionDispatch::Request.new(env)

  # Pass through unless user agent is the SQS Daemon
  return @app.call(env) unless from_sqs_daemon?(request)

  @logger.debug('aws-sdk-rails middleware detected call from Elastic Beanstalk SQS Daemon.')

  # Only accept requests from this user agent if it is from localhost or a docker host in case of forgery.
  unless request.local? || sent_from_docker_host?(request)
    @logger.warn("SQSD request detected from untrusted address #{request.ip}; returning 403 forbidden.")
    return FORBIDDEN_RESPONSE
  end

  # Execute job or periodic task based on HTTP request context
  periodic_task?(request) ? execute_periodic_task(request) : execute_job(request)
end