Class: Rack::RequestReplication::Forwarder

Inherits:

Object

• Object
• Rack::RequestReplication::Forwarder

Defined in:

lib/rack/request_replication/forwarder.rb

Overview

This class implements forwarding of requests to another host and/or port.

Instance Attribute Summary

• #app ⇒ Object readonly

  Returns the value of attribute app.

• #options ⇒ Object readonly

  Returns the value of attribute options.

Instance Method Summary

• #call(env) ⇒ Array(Integer, Hash, #each)
• #clean_scheme(request) ⇒ Object

  Request scheme without the ://.

• #cookies(request) ⇒ Object

  Cookies Hash to use for the forwarded request.

• #cookies_id(request) ⇒ Object

  The key to use when looking up cookie stores in Redis for forwarding requests.

• #create_delete_request(uri, opts = {}) ⇒ Object

  Prepare a DELETE request to the forward app.

• #create_get_request(uri, opts = {}) ⇒ Object

  Prepare a GET request to the forward app.

• #create_options_request(uri, opts = {}) ⇒ Object

  Prepare a OPTIONS request to the forward app.

• #create_patch_request(uri, opts = {}) ⇒ Object

  Prepare a PATCH request to the forward app.

• #create_post_request(uri, opts = {}) ⇒ Object

  Prepare a POST request to the forward app.

• #create_put_request(uri, opts = {}) ⇒ Object

  Prepare a PUT request to the forward app.

• #csrf_token(request) ⇒ Object

  The CSRF-token to use.

• #csrf_token_from(response) ⇒ Object

  Pull CSRF token from the HTML document’s header.

• #forward_host_with_port(request) ⇒ Object

  The host to forward to including the port if the port does not match the current scheme.

• #forward_uri(request) ⇒ Object

  Creates a URI based on the request info and the options set.

• #initialize(app, options = {}) ⇒ Forwarder constructor

  A new instance of Forwarder.

• #logger ⇒ Object

  Logger that logs to STDOUT.

• #port_matches_scheme?(request) ⇒ Boolean

  Checks if the request scheme matches the destination port.

• #redis ⇒ Object

  Persistent Redis connection that is used to store cookies.

• #replicate(request) ⇒ Object

  Replicates the request and passes it on to the request forwarder.

• #replicate_options_and_data(request) ⇒ Object

  Replicates all the options and data that was in the original request and puts them in a Hash.

• #update_cookies(request, response) ⇒ Object

  Update cookies from the forwarded request using the session id from the cookie of the source app as a key.

• #update_csrf_token(request, response) ⇒ Object

  Update CSRF token to bypass XSS errors in Rails.

• #update_csrf_token_and_cookies(request, response) ⇒ Object

  Update CSRF token and cookies.

Constructor Details

#initialize(app, options = {}) ⇒ Forwarder

Returns a new instance of Forwarder.

Options Hash (options):

• :host (String) — default: 'localhost'
• :port (Integer) — default: 8080
• :session_key (String) — default: 'rack.session'
• :use_ssl (Bool) — default: false
• :verify_ssl (Bool) — default: true
• :redis (Hash{Symbol => Object}) —

  @option redis [String] :host (‘localhost’) @option redis [Integer] :port (6379) @option redis [String] :db (‘rack-request-replication’)

# File 'lib/rack/request_replication/forwarder.rb', line 32

def initialize( app, options = {} )
  @app = app
  @options = {
    host: 'localhost',
    port: 8080,
    use_ssl: false,
    verify_ssl: true,
    session_key: 'rack.session',
    root_url: '/',
    redis: {}
  }.merge options
end

Instance Attribute Details

#app ⇒ Object (readonly)

Returns the value of attribute app.

# File 'lib/rack/request_replication/forwarder.rb', line 16

def app
  @app
end

#options ⇒ Object (readonly)

Returns the value of attribute options.

# File 'lib/rack/request_replication/forwarder.rb', line 17

def options
  @options
end

Instance Method Details

#call(env) ⇒ Array(Integer, Hash, #each)

See Also:

• http://rack.rubyforge.org/doc/SPEC.html

# File 'lib/rack/request_replication/forwarder.rb', line 50

def call( env )
  request = Rack::Request.new env
  replicate request
  app.call env
end

#clean_scheme(request) ⇒ Object

Request scheme without the ://

# File 'lib/rack/request_replication/forwarder.rb', line 362

def clean_scheme( request )
  request.scheme.match(/^\w+/)[0]
end

#cookies(request) ⇒ Object

Cookies Hash to use for the forwarded request.

Tries to find the cookies from earlier forwarded requests in the Redis store, otherwise falls back to the cookies from the source app.

# File 'lib/rack/request_replication/forwarder.rb', line 165

def cookies( request )
  return ( request.cookies || "" ) unless cookies_id( request )
  redis.get( cookies_id( request )) ||
    request.cookies ||
    {}
end

#cookies_id(request) ⇒ Object

The key to use when looking up cookie stores in Redis for forwarding requests. Needed for session persistence over forwarded requests for the same user in the source app.

# File 'lib/rack/request_replication/forwarder.rb', line 181

def cookies_id( request )
  cs = request.cookies
  sess = cs && cs[options[:session_key]]
  sess_id = sess && sess.split("\n--").last
  sess_id
end

#create_delete_request(uri, opts = {}) ⇒ Object

Prepare a DELETE request to the forward app.

The passed in options hash is ignored.

# File 'lib/rack/request_replication/forwarder.rb', line 258

def create_delete_request( uri, opts = {} )
  Net::HTTP::Delete.new uri.request_uri
end

#create_get_request(uri, opts = {}) ⇒ Object

Prepare a GET request to the forward app.

The passed in options hash is ignored.

# File 'lib/rack/request_replication/forwarder.rb', line 197

def create_get_request( uri, opts = {} )
  Net::HTTP::Get.new uri.request_uri
end

#create_options_request(uri, opts = {}) ⇒ Object

Prepare a OPTIONS request to the forward app.

The passed in options hash is ignored.

# File 'lib/rack/request_replication/forwarder.rb', line 271

def create_options_request( uri, opts = {} )
  Net::HTTP::Options.new uri.request_uri
end

#create_patch_request(uri, opts = {}) ⇒ Object

Prepare a PATCH request to the forward app.

The passed in options hash contains all the data from the request that needs to be forwarded.

# File 'lib/rack/request_replication/forwarder.rb', line 243

def create_patch_request( uri, opts = {} )
  forward_request = Net::HTTP::Patch.new uri.request_uri
  forward_request.set_form_data opts[:params]
  forward_request
end

#create_post_request(uri, opts = {}) ⇒ Object

Prepare a POST request to the forward app.

The passed in options hash contains all the data from the request that needs to be forwarded.

# File 'lib/rack/request_replication/forwarder.rb', line 211

def create_post_request( uri, opts = {} )
  forward_request = Net::HTTP::Post.new uri.request_uri
  forward_request.set_form_data opts[:params]
  forward_request
end

#create_put_request(uri, opts = {}) ⇒ Object

Prepare a PUT request to the forward app.

The passed in options hash contains all the data from the request that needs to be forwarded.

# File 'lib/rack/request_replication/forwarder.rb', line 227

def create_put_request( uri, opts = {} )
  forward_request = Net::HTTP::Put.new uri.request_uri
  forward_request.set_form_data opts[:params]
  forward_request
end

#csrf_token(request) ⇒ Object

The CSRF-token to use.

# File 'lib/rack/request_replication/forwarder.rb', line 102

def csrf_token( request )
  token = request.params["authenticity_token"]
  return if token.nil?

  redis.get( "csrf-#{token}" ) || token
end

#csrf_token_from(response) ⇒ Object

Pull CSRF token from the HTML document’s header.

# File 'lib/rack/request_replication/forwarder.rb', line 130

def csrf_token_from( response )
  response.split("\n").
    select{|l| l.match(/csrf-token/) }.
    first.split(" ").
    select{|t| t.match(/^content=/)}.first.
    match(/content="(.*)"/)[1]
rescue
  nil
end

#forward_host_with_port(request) ⇒ Object

The host to forward to including the port if the port does not match the current scheme.

# File 'lib/rack/request_replication/forwarder.rb', line 328

def forward_host_with_port( request )
  host = options[:host].to_s
  host = "#{host}:#{options[:port]}" unless port_matches_scheme? request
  host
end

#forward_uri(request) ⇒ Object

Creates a URI based on the request info and the options set.

# File 'lib/rack/request_replication/forwarder.rb', line 315

def forward_uri( request )
  url = "#{request.scheme}://#{forward_host_with_port( request )}"
  url << request.fullpath
  URI(url)
end

#logger ⇒ Object

Logger that logs to STDOUT

# File 'lib/rack/request_replication/forwarder.rb', line 371

def logger
  @logger ||= ::Logger.new(STDOUT)
end

#port_matches_scheme?(request) ⇒ Boolean

Checks if the request scheme matches the destination port.

# File 'lib/rack/request_replication/forwarder.rb', line 352

def port_matches_scheme?( request )
  options[:port].to_i == DEFAULT_PORTS[clean_scheme(request)]
end

#redis ⇒ Object

Persistent Redis connection that is used to store cookies.

# File 'lib/rack/request_replication/forwarder.rb', line 338

def redis
  @redis ||= Redis.new({
    host: 'localhost',
    port: 6379,
    db: 'rack-request-replication'
  }.merge(options[:redis]))
end

#replicate(request) ⇒ Object

Replicates the request and passes it on to the request forwarder.

# File 'lib/rack/request_replication/forwarder.rb', line 62

def replicate( request )
  opts = replicate_options_and_data request
  uri = forward_uri request

  http = Net::HTTP.new uri.host, uri.port
  http.use_ssl = @options[:use_ssl]
  http.verify_mode = OpenSSL::SSL::VERIFY_NONE unless @options[:verify_ssl]

  forward_request = send("create_#{opts[:request_method].downcase}_request", uri, opts)
  forward_request.add_field("Accept", opts[:accept])
  forward_request.add_field("Accept-Encoding", opts[:accept_encoding])
  forward_request.add_field("Host", request.host)

  Thread.new do
    begin
      forward_request.add_field("Cookie", cookies( request ))
      update_csrf_token_and_cookies( request, http.request(forward_request) )
    rescue => e
      logger.debug "Replicating request failed with: #{e.message}"
    end
  end
end

#replicate_options_and_data(request) ⇒ Object

Replicates all the options and data that was in the original request and puts them in a Hash.

# File 'lib/rack/request_replication/forwarder.rb', line 282

def replicate_options_and_data( request )
  replicated_options ||= {}
  %w(
    accept_encoding
    body
    request_method
    content_charset
    media_type
    media_type_params
    params
    referer
    request_method
    user_agent
    url
  ).map(&:to_sym).each do |m|
    value = request.send( m )
    replicated_options[m] = value unless value.nil?
  end

  if replicated_options[:params]["authenticity_token"]
    replicated_options[:params]["authenticity_token"] = csrf_token( request )
  end

  replicated_options
end

#update_cookies(request, response) ⇒ Object

Update cookies from the forwarded request using the session id from the cookie of the source app as a key. The cookie is stored in Redis.

# File 'lib/rack/request_replication/forwarder.rb', line 148

def update_cookies( request, response )
  return unless cookies_id( request )
  cookie = response.to_hash['set-cookie'].collect{|ea|ea[/^.*?;/]}.join rescue {}
  cookie = Hash[cookie.split(";").map{|d|d.split('=')}] rescue {}
  redis.set( cookies_id( request), cookie )
end

#update_csrf_token(request, response) ⇒ Object

Update CSRF token to bypass XSS errors in Rails.

# File 'lib/rack/request_replication/forwarder.rb', line 114

def update_csrf_token( request, response )
  token = request.params["authenticity_token"]
  return if token.nil?

  response_token = csrf_token_from response
  return token if response_token.nil?

  redis.set "csrf-#{token}", response_token
end

#update_csrf_token_and_cookies(request, response) ⇒ Object

Update CSRF token and cookies.

# File 'lib/rack/request_replication/forwarder.rb', line 91

def update_csrf_token_and_cookies( request, response )
  update_csrf_token( request, response )
  update_cookies( request, response )
end