diff --git a/gateway/server.go b/gateway/server.go index a525a228..71d1e554 100644 --- a/gateway/server.go +++ b/gateway/server.go @@ -65,13 +65,6 @@ func (s *Server) build() error { source <- up } }, func(up Upstream, writer mr.Writer[rest.Route], cancel func(error)) { - target, err := up.Grpc.BuildTarget() - if err != nil { - cancel(err) - return - } - - up.Name = target var cli zrpc.Client if s.dialer != nil { cli = s.dialer(up.Grpc) diff --git a/rest/engine.go b/rest/engine.go index b1bdd06d..5f2ffd91 100644 --- a/rest/engine.go +++ b/rest/engine.go @@ -290,13 +290,15 @@ func (ng *engine) signatureVerifier(signature signatureSetting) (func(chain.Chai decrypters[fingerprint] = decrypter } + return func(chn chain.Chain) chain.Chain { - var unsignedCallbacks []handler.UnsignedCallback - if ng.unsignedCallback != nil { - unsignedCallbacks = append(unsignedCallbacks, ng.unsignedCallback) + if ng.unsignedCallback == nil { + return chn.Append(handler.LimitContentSecurityHandler(ng.conf.MaxBytes, + decrypters, signature.Expiry, signature.Strict)) } - return chn.Append(handler.LimitContentSecurityHandler(ng.conf.MaxBytes, decrypters, signature.Expiry, signature.Strict, unsignedCallbacks)) + return chn.Append(handler.LimitContentSecurityHandler(ng.conf.MaxBytes, + decrypters, signature.Expiry, signature.Strict, ng.unsignedCallback)) }, nil } diff --git a/rest/handler/contentsecurityhandler.go b/rest/handler/contentsecurityhandler.go index ca89dc68..a5b9c182 100644 --- a/rest/handler/contentsecurityhandler.go +++ b/rest/handler/contentsecurityhandler.go @@ -18,12 +18,12 @@ type UnsignedCallback func(w http.ResponseWriter, r *http.Request, next http.Han // ContentSecurityHandler returns a middleware to verify content security. func ContentSecurityHandler(decrypters map[string]codec.RsaDecrypter, tolerance time.Duration, strict bool, callbacks ...UnsignedCallback) func(http.Handler) http.Handler { - return LimitContentSecurityHandler(maxBytes, decrypters, tolerance, strict, callbacks) + return LimitContentSecurityHandler(maxBytes, decrypters, tolerance, strict, callbacks...) } // LimitContentSecurityHandler returns a middleware to verify content security. -func LimitContentSecurityHandler(maxBytesSize int64, decrypters map[string]codec.RsaDecrypter, tolerance time.Duration, - strict bool, callbacks []UnsignedCallback) func(http.Handler) http.Handler { +func LimitContentSecurityHandler(limitBytes int64, decrypters map[string]codec.RsaDecrypter, + tolerance time.Duration, strict bool, callbacks ...UnsignedCallback) func(http.Handler) http.Handler { if len(callbacks) == 0 { callbacks = append(callbacks, handleVerificationFailure) } @@ -42,7 +42,7 @@ func LimitContentSecurityHandler(maxBytesSize int64, decrypters map[string]codec r.Header.Get(contentSecurity)) executeCallbacks(w, r, next, strict, code, callbacks) } else if r.ContentLength > 0 && header.Encrypted() { - LimitCryptionHandler(maxBytesSize, header.Key)(next).ServeHTTP(w, r) + LimitCryptionHandler(limitBytes, header.Key)(next).ServeHTTP(w, r) } else { next.ServeHTTP(w, r) } diff --git a/rest/handler/cryptionhandler.go b/rest/handler/cryptionhandler.go index df54ee46..0ef92379 100644 --- a/rest/handler/cryptionhandler.go +++ b/rest/handler/cryptionhandler.go @@ -23,7 +23,7 @@ func CryptionHandler(key []byte) func(http.Handler) http.Handler { } // LimitCryptionHandler returns a middleware to handle cryption. -func LimitCryptionHandler(maxBytesSize int64, key []byte) func(http.Handler) http.Handler { +func LimitCryptionHandler(limitBytes int64, key []byte) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { cw := newCryptionResponseWriter(w) @@ -34,7 +34,7 @@ func LimitCryptionHandler(maxBytesSize int64, key []byte) func(http.Handler) htt return } - if err := decryptBody(maxBytesSize, key, r); err != nil { + if err := decryptBody(limitBytes, key, r); err != nil { w.WriteHeader(http.StatusBadRequest) return } @@ -44,8 +44,8 @@ func LimitCryptionHandler(maxBytesSize int64, key []byte) func(http.Handler) htt } } -func decryptBody(maxBytesSize int64, key []byte, r *http.Request) error { - if maxBytesSize > 0 && r.ContentLength > maxBytesSize { +func decryptBody(limitBytes int64, key []byte, r *http.Request) error { + if limitBytes > 0 && r.ContentLength > limitBytes { return errContentLengthExceeded }