// Package http implements the HTTP transport protocol.
package http
import (
"bytes"
"context"
"fmt"
"net"
"net/http"
"strconv"
"strings"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/protocol/packp"
"github.com/go-git/go-git/v5/plumbing/transport"
"github.com/go-git/go-git/v5/utils/ioutil"
)
// it requires a bytes.Buffer, because we need to know the length
func applyHeadersToRequest(req *http.Request, content *bytes.Buffer, host string, requestType string) {
req.Header.Add("User-Agent", "git/1.0")
req.Header.Add("Host", host) // host:port
if content == nil {
req.Header.Add("Accept", "*/*")
return
}
req.Header.Add("Accept", fmt.Sprintf("application/x-%s-result", requestType))
req.Header.Add("Content-Type", fmt.Sprintf("application/x-%s-request", requestType))
req.Header.Add("Content-Length", strconv.Itoa(content.Len()))
}
const infoRefsPath = "/info/refs"
func advertisedReferences(ctx context.Context, s *session, serviceName string) (ref *packp.AdvRefs, err error) {
url := fmt.Sprintf(
"%s%s?service=%s",
s.endpoint.String(), infoRefsPath, serviceName,
)
req, err := http.NewRequest(http.MethodGet, url, nil)
if err != nil {
return nil, err
}
s.ApplyAuthToRequest(req)
applyHeadersToRequest(req, nil, s.endpoint.Host, serviceName)
res, err := s.client.Do(req.WithContext(ctx))
if err != nil {
return nil, err
}
s.ModifyEndpointIfRedirect(res)
defer ioutil.CheckClose(res.Body, &err)
if err = NewErr(res); err != nil {
return nil, err
}
ar := packp.NewAdvRefs()
if err = ar.Decode(res.Body); err != nil {
if err == packp.ErrEmptyAdvRefs {
err = transport.ErrEmptyRemoteRepository
}
return nil, err
}
transport.FilterUnsupportedCapabilities(ar.Capabilities)
s.advRefs = ar
return ar, nil
}
type client struct {
c *http.Client
}
// DefaultClient is the default HTTP client, which uses `http.DefaultClient`.
var DefaultClient = NewClient(nil)
// NewClient creates a new client with a custom net/http client.
// See `InstallProtocol` to install and override default http client.
// Unless a properly initialized client is given, it will fall back into
// `http.DefaultClient`.
//
// Note that for HTTP client cannot distinguish between private repositories and
// unexistent repositories on GitHub. So it returns `ErrAuthorizationRequired`
// for both.
func NewClient(c *http.Client) transport.Transport {
if c == nil {
return &client{http.DefaultClient}
}
return &client{
c: c,
}
}
func (c *client) NewUploadPackSession(ep *transport.Endpoint, auth transport.AuthMethod) (
transport.UploadPackSession, error) {
return newUploadPackSession(c.c, ep, auth)
}
func (c *client) NewReceivePackSession(ep *transport.Endpoint, auth transport.AuthMethod) (
transport.ReceivePackSession, error) {
return newReceivePackSession(c.c, ep, auth)
}
type session struct {
auth AuthMethod
client *http.Client
endpoint *transport.Endpoint
advRefs *packp.AdvRefs
}
func newSession(c *http.Client, ep *transport.Endpoint, auth transport.AuthMethod) (*session, error) {
s := &session{
auth: basicAuthFromEndpoint(ep),
client: c,
endpoint: ep,
}
if auth != nil {
a, ok := auth.(AuthMethod)
if !ok {
return nil, transport.ErrInvalidAuthMethod
}
s.auth = a
}
return s, nil
}
func (s *session) ApplyAuthToRequest(req *http.Request) {
if s.auth == nil {
return
}
s.auth.SetAuth(req)
}
func (s *session) ModifyEndpointIfRedirect(res *http.Response) {
if res.Request == nil {
return
}
r := res.Request
if !strings.HasSuffix(r.URL.Path, infoRefsPath) {
return
}
h, p, err := net.SplitHostPort(r.URL.Host)
if err != nil {
h = r.URL.Host
}
if p != "" {
port, err := strconv.Atoi(p)
if err == nil {
s.endpoint.Port = port
}
}
s.endpoint.Host = h
s.endpoint.Protocol = r.URL.Scheme
s.endpoint.Path = r.URL.Path[:len(r.URL.Path)-len(infoRefsPath)]
}
func (*session) Close() error {
return nil
}
// AuthMethod is concrete implementation of common.AuthMethod for HTTP services
type AuthMethod interface {
transport.AuthMethod
SetAuth(r *http.Request)
}
func basicAuthFromEndpoint(ep *transport.Endpoint) *BasicAuth {
u := ep.User
if u == "" {
return nil
}
return &BasicAuth{u, ep.Password}
}
// BasicAuth represent a HTTP basic auth
type BasicAuth struct {
Username, Password string
}
func (a *BasicAuth) SetAuth(r *http.Request) {
if a == nil {
return
}
r.SetBasicAuth(a.Username, a.Password)
}
// Name is name of the auth
func (a *BasicAuth) Name() string {
return "http-basic-auth"
}
func (a *BasicAuth) String() string {
masked := "*******"
if a.Password == "" {
masked = "<empty>"
}
return fmt.Sprintf("%s - %s:%s", a.Name(), a.Username, masked)
}
// TokenAuth implements an http.AuthMethod that can be used with http transport
// to authenticate with HTTP token authentication (also known as bearer
// authentication).
//
// IMPORTANT: If you are looking to use OAuth tokens with popular servers (e.g.
// GitHub, Bitbucket, GitLab) you should use BasicAuth instead. These servers
// use basic HTTP authentication, with the OAuth token as user or password.
// Check the documentation of your git server for details.
type TokenAuth struct {
Token string
}
func (a *TokenAuth) SetAuth(r *http.Request) {
if a == nil {
return
}
r.Header.Add("Authorization", fmt.Sprintf("Bearer %s", a.Token))
}
// Name is name of the auth
func (a *TokenAuth) Name() string {
return "http-token-auth"
}
func (a *TokenAuth) String() string {
masked := "*******"
if a.Token == "" {
masked = "<empty>"
}
return fmt.Sprintf("%s - %s", a.Name(), masked)
}
// Err is a dedicated error to return errors based on status code
type Err struct {
Response *http.Response
}
// NewErr returns a new Err based on a http response
func NewErr(r *http.Response) error {
if r.StatusCode >= http.StatusOK && r.StatusCode < http.StatusMultipleChoices {
return nil
}
switch r.StatusCode {
case http.StatusUnauthorized:
return transport.ErrAuthenticationRequired
case http.StatusForbidden:
return transport.ErrAuthorizationFailed
case http.StatusNotFound:
return transport.ErrRepositoryNotFound
}
return plumbing.NewUnexpectedError(&Err{r})
}
// StatusCode returns the status code of the response
func (e *Err) StatusCode() int {
return e.Response.StatusCode
}
func (e *Err) Error() string {
return fmt.Sprintf("unexpected requesting %q status code: %d",
e.Response.Request.URL, e.Response.StatusCode,
)
}