gboolean
cockpit_handler_logout (CockpitWebServer *server,
CockpitWebServerRequestType reqtype,
const gchar *path,
GHashTable *headers,
GBytes *input,
CockpitWebResponse *response,
CockpitHandlerData *ws)
{
GIOStream *io_stream;
GHashTable *out_headers;
const gchar *body;
gboolean secure;
GBytes *content;
io_stream = cockpit_web_response_get_stream (response);
secure = !G_IS_SOCKET_CONNECTION (io_stream);
out_headers = cockpit_web_server_new_table ();
cockpit_auth_logout (ws->auth, headers, secure, out_headers);
body ="<html><head><title>Logged out</title></head>"
"<body>Logged out</body></html>";
content = g_bytes_new_static (body, strlen (body));
cockpit_web_response_content (response, out_headers, content, NULL);
g_bytes_unref (content);
g_hash_table_unref (out_headers);
return TRUE;
}
gboolean
cockpit_handler_deauthorize (CockpitWebServer *server,
CockpitWebServerRequestType reqtype,
const gchar *path,
GHashTable *headers,
GBytes *input,
CockpitWebResponse *response,
CockpitHandlerData *ws)
{
CockpitWebService *service;
CockpitCreds *creds;
const gchar *body;
GBytes *bytes;
service = cockpit_auth_check_cookie (ws->auth, headers);
if (!service)
{
cockpit_web_response_error (response, 401, NULL, "Unauthorized");
return TRUE;
}
/* Poison the creds, so they no longer work for new reauthorization */
creds = cockpit_web_service_get_creds (service);
cockpit_creds_poison (creds);
g_object_unref (service);
body ="<html><head><title>Deauthorized</title></head>"
"<body>Deauthorized</body></html>";
bytes = g_bytes_new_static (body, strlen (body));
cockpit_web_response_content (response, NULL, bytes, NULL);
g_bytes_unref (bytes);
return TRUE;
}
gboolean
cockpit_handler_ping (CockpitWebServer *server,
const gchar *path,
GHashTable *headers,
CockpitWebResponse *response,
CockpitHandlerData *ws)
{
GHashTable *out_headers;
const gchar *body;
GBytes *content;
out_headers = cockpit_web_server_new_table ();
/*
* The /ping request has unrestricted CORS enabled on it. This allows javascript
* in the browser on embedding websites to check if Cockpit is available. These
* websites could do this in another way (such as loading an image from Cockpit)
* but this does it in the correct manner.
*
* See: http://www.w3.org/TR/cors/
*/
g_hash_table_insert (out_headers, g_strdup ("Access-Control-Allow-Origin"), g_strdup ("*"));
g_hash_table_insert (out_headers, g_strdup ("Content-Type"), g_strdup ("application/json"));
body ="{ \"service\": \"cockpit\" }";
content = g_bytes_new_static (body, strlen (body));
cockpit_web_response_content (response, out_headers, content, NULL);
g_bytes_unref (content);
g_hash_table_unref (out_headers);
return TRUE;
}
static void
handle_raw_data (CockpitWebResponse *response,
const gchar *data)
{
GBytes *block;
/* For testing code that uses "manifests" return empty manifests for now */
block = g_bytes_new_static (data, strlen (data));
cockpit_web_response_content (response, NULL, block, NULL);
g_bytes_unref (block);
}
static void
send_login_response (CockpitWebResponse *response,
JsonObject *object,
GHashTable *headers)
{
GBytes *content;
content = cockpit_json_write_bytes (object);
g_hash_table_replace (headers, g_strdup ("Content-Type"), g_strdup ("application/json"));
cockpit_web_response_content (response, headers, content, NULL);
g_bytes_unref (content);
}
static void
send_login_response (CockpitWebResponse *response,
CockpitCreds *creds,
GHashTable *headers)
{
JsonObject *object;
GBytes *content;
object = json_object_new ();
json_object_set_string_member (object, "user", cockpit_creds_get_user (creds));
content = cockpit_json_write_bytes (object);
json_object_unref (object);
g_hash_table_replace (headers, g_strdup ("Content-Type"), g_strdup ("application/json"));
cockpit_web_response_content (response, headers, content, NULL);
g_bytes_unref (content);
}
static gboolean
mock_http_connection (CockpitWebResponse *response)
{
GIOStream *io;
GBytes *bytes;
gchar *output;
/* Lets caller have an indication of which IO stream is being used */
io = cockpit_web_response_get_stream (response);
output = g_strdup_printf ("%p", io);
bytes = g_bytes_new_take (output, strlen (output));
cockpit_web_response_content (response, NULL, bytes, NULL);
g_bytes_unref (bytes);
return TRUE;
}
static gboolean
mock_http_qs (CockpitWebResponse *response)
{
const gchar *qs;
GBytes *bytes;
qs = cockpit_web_response_get_query (response);
if (!qs)
{
cockpit_web_response_error (response, 400, NULL, "No query string");
}
else
{
bytes = g_bytes_new (qs, strlen (qs));
cockpit_web_response_content (response, NULL, bytes, NULL);
g_bytes_unref (bytes);
}
return TRUE;
}
static void
on_login_modules (GObject *source,
GAsyncResult *result,
gpointer user_data)
{
LoginResponse *lr = user_data;
CockpitWebService *service;
JsonObject *modules;
GBytes *content;
service = COCKPIT_WEB_SERVICE (source);
modules = cockpit_web_service_modules_finish (service, result);
content = build_environment (service, modules);
g_hash_table_replace (lr->headers, g_strdup ("Content-Type"), g_strdup ("application/json"));
cockpit_web_response_content (lr->response, lr->headers, content, NULL);
g_bytes_unref (content);
if (modules)
json_object_unref (modules);
}
static void
send_index_response (CockpitWebResponse *response,
CockpitWebService *service,
JsonObject *modules)
{
GHashTable *out_headers;
GError *error = NULL;
GMappedFile *file = NULL;
GBytes *body = NULL;
GBytes *prefix = NULL;
GBytes *environ = NULL;
GBytes *suffix = NULL;
gchar *index_html;
const gchar *needle;
const gchar *data;
const gchar *pos;
gsize needle_len;
gsize length;
gsize offset;
/*
* Since the index file cannot be properly cached, it can change on
* each request, so we include full environment information directly
* rather than making the client do another round trip later.
*
* If the caller is already logged in, then this is included in the
* environment.
*/
index_html = g_build_filename (cockpit_ws_static_directory, "index.html", NULL);
file = g_mapped_file_new (index_html, FALSE, &error);
if (file == NULL)
{
g_warning ("%s: %s", index_html, error->message);
cockpit_web_response_error (response, 500, NULL, NULL);
g_clear_error (&error);
goto out;
}
body = g_mapped_file_get_bytes (file);
data = g_bytes_get_data (body, &length);
needle = "cockpit_environment_info";
pos = g_strstr_len (data, length, needle);
if (!pos)
{
g_warning ("couldn't find 'cockpit_environment_info' string in index.html");
cockpit_web_response_error (response, 500, NULL, NULL);
goto out;
}
environ = build_environment (service, modules);
offset = (pos - data);
prefix = g_bytes_new_from_bytes (body, 0, offset);
needle_len = strlen (needle);
suffix = g_bytes_new_from_bytes (body, offset + needle_len,
length - (offset + needle_len));
out_headers = cockpit_web_server_new_table ();
g_hash_table_insert (out_headers, g_strdup ("Content-Type"), g_strdup ("text/html; charset=utf8"));
cockpit_web_response_content (response, out_headers, prefix, environ, suffix, NULL);
g_hash_table_unref (out_headers);
out:
g_free (index_html);
if (prefix)
g_bytes_unref (prefix);
if (body)
g_bytes_unref (body);
if (environ)
g_bytes_unref (environ);
if (suffix)
g_bytes_unref (suffix);
if (file)
g_mapped_file_unref (file);
}
