From 1ee4dfb57a9861a9bdf8dc4ba7250b9223cea2f5 Mon Sep 17 00:00:00 2001 From: Minoru Osuka Date: Tue, 7 Apr 2020 18:09:18 +0900 Subject: [PATCH] Implement CORS --- cmd/start.go | 12 +++++++++- cmd/variables.go | 39 ++++++++++++++++-------------- etc/blast.yaml | 27 +++++++++++++++++++++ go.mod | 3 ++- go.sum | 2 ++ server/grpc_gateway.go | 54 +++++++++++++++++++++++++++++++++--------- 6 files changed, 106 insertions(+), 31 deletions(-) diff --git a/cmd/start.go b/cmd/start.go index 8f4e6ca..1f796a7 100644 --- a/cmd/start.go +++ b/cmd/start.go @@ -37,6 +37,10 @@ var ( keyFile = viper.GetString("key_file") commonName = viper.GetString("common_name") + corsAllowedMethods = viper.GetStringSlice("cors_allowed_methods") + corsAllowedOrigins = viper.GetStringSlice("cors_allowed_origins") + corsAllowedHeaders = viper.GetStringSlice("cors_allowed_headers") + logLevel = viper.GetString("log_level") logFile = viper.GetString("log_file") logMaxSize = viper.GetInt("log_max_size") @@ -73,7 +77,7 @@ var ( return err } - grpcGateway, err := server.NewGRPCGateway(httpAddress, grpcAddress, certificateFile, keyFile, commonName, logger) + grpcGateway, err := server.NewGRPCGateway(httpAddress, grpcAddress, certificateFile, keyFile, commonName, corsAllowedMethods, corsAllowedOrigins, corsAllowedHeaders, logger) if err != nil { return err } @@ -186,6 +190,9 @@ func init() { startCmd.PersistentFlags().StringVar(&certificateFile, "certificate-file", "", "path to the client server TLS certificate file") startCmd.PersistentFlags().StringVar(&keyFile, "key-file", "", "path to the client server TLS key file") startCmd.PersistentFlags().StringVar(&commonName, "common-name", "", "certificate common name") + startCmd.PersistentFlags().StringSliceVar(&corsAllowedMethods, "cors-allowed-methods", []string{}, "CORS allowed methods (ex: GET,PUT,DELETE,POST)") + startCmd.PersistentFlags().StringSliceVar(&corsAllowedOrigins, "cors-allowed-origins", []string{}, "CORS allowed origins (ex: http://localhost:8080,http://localhost:80)") + startCmd.PersistentFlags().StringSliceVar(&corsAllowedHeaders, "cors-allowed-headers", []string{}, "CORS allowed headers (ex: content-type,x-some-key)") startCmd.PersistentFlags().StringVar(&logLevel, "log-level", "INFO", "log level") startCmd.PersistentFlags().StringVar(&logFile, "log-file", os.Stderr.Name(), "log file") startCmd.PersistentFlags().IntVar(&logMaxSize, "log-max-size", 500, "max size of a log file in megabytes") @@ -203,6 +210,9 @@ func init() { _ = viper.BindPFlag("certificate_file", startCmd.PersistentFlags().Lookup("certificate-file")) _ = viper.BindPFlag("key_file", startCmd.PersistentFlags().Lookup("key-file")) _ = viper.BindPFlag("common_name", startCmd.PersistentFlags().Lookup("common-name")) + _ = viper.BindPFlag("cors_allowed_methods", startCmd.PersistentFlags().Lookup("cors-allowed-methods")) + _ = viper.BindPFlag("cors_allowed_origins", startCmd.PersistentFlags().Lookup("cors-allowed-origins")) + _ = viper.BindPFlag("cors_allowed_headers", startCmd.PersistentFlags().Lookup("cors-allowed-headers")) _ = viper.BindPFlag("log_level", startCmd.PersistentFlags().Lookup("log-level")) _ = viper.BindPFlag("log_max_size", startCmd.PersistentFlags().Lookup("log-max-size")) _ = viper.BindPFlag("log_max_backups", startCmd.PersistentFlags().Lookup("log-max-backups")) diff --git a/cmd/variables.go b/cmd/variables.go index 8022742..0e0ef9b 100644 --- a/cmd/variables.go +++ b/cmd/variables.go @@ -1,22 +1,25 @@ package cmd var ( - configFile string - id string - raftAddress string - grpcAddress string - httpAddress string - dataDirectory string - peerGrpcAddress string - mappingFile string - certificateFile string - keyFile string - commonName string - file string - logLevel string - logFile string - logMaxSize int - logMaxBackups int - logMaxAge int - logCompress bool + configFile string + id string + raftAddress string + grpcAddress string + httpAddress string + dataDirectory string + peerGrpcAddress string + mappingFile string + certificateFile string + keyFile string + commonName string + corsAllowedMethods []string + corsAllowedOrigins []string + corsAllowedHeaders []string + file string + logLevel string + logFile string + logMaxSize int + logMaxBackups int + logMaxAge int + logCompress bool ) diff --git a/etc/blast.yaml b/etc/blast.yaml index ab362c1..a03e89a 100644 --- a/etc/blast.yaml +++ b/etc/blast.yaml @@ -1,3 +1,6 @@ +# +# General +# id: "node1" raft_address: ":7000" grpc_address: ":9000" @@ -5,9 +8,33 @@ http_address: ":8000" data_directory: "/tmp/blast/node1/data" #mapping_file: "./etc/blast_mapping.json" peer_grpc_address: "" + +# +# TLS +# #certificate_file: "./etc/blast-cert.pem" #key_file: "./etc/blast-key.pem" #common_name: "localhost" + +# +# CORS +# +#cors_allowed_methods: [ +# "GET", +# "PUT", +# "DELETE", +# "POST" +#] +#cors_allowed_origins: [ +# "http://localhost:8080" +#] +#cors_allowed_headers: [ +# "content-type" +#] + +# +# Logging +# log_level: "INFO" log_file: "" #log_max_size: 500 diff --git a/go.mod b/go.mod index a218f2c..0a3a8dd 100644 --- a/go.mod +++ b/go.mod @@ -23,8 +23,9 @@ require ( github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51 // indirect github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 // indirect github.com/facebookgo/subset v0.0.0-20150612182917-8dac2c3c4870 // indirect - github.com/gogo/protobuf v1.3.0 + github.com/gogo/protobuf v1.3.0 // indirect github.com/golang/protobuf v1.3.5 + github.com/gorilla/handlers v1.4.2 github.com/grpc-ecosystem/go-grpc-middleware v1.2.0 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 github.com/grpc-ecosystem/grpc-gateway v1.14.3 diff --git a/go.sum b/go.sum index 974344e..c714a35 100644 --- a/go.sum +++ b/go.sum @@ -138,6 +138,8 @@ github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/ github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/handlers v1.4.2 h1:0QniY0USkHQ1RGCLfKxeNHK9bkDHGRYGNDFBCS+YARg= +github.com/gorilla/handlers v1.4.2/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.2.0 h1:0IKlLyQ3Hs9nDaiK5cSHAGmcQEIC8l2Ts1u6x5Dfrqg= diff --git a/server/grpc_gateway.go b/server/grpc_gateway.go index c319fc0..c63572c 100644 --- a/server/grpc_gateway.go +++ b/server/grpc_gateway.go @@ -8,6 +8,7 @@ import ( "time" "github.com/golang/protobuf/proto" + "github.com/gorilla/handlers" "github.com/grpc-ecosystem/grpc-gateway/runtime" "github.com/mosuka/blast/marshaler" "github.com/mosuka/blast/protobuf" @@ -41,10 +42,14 @@ type GRPCGateway struct { certificateFile string keyFile string + corsAllowedMethods []string + corsAllowedOrigins []string + corsAllowedHeaders []string + logger *zap.Logger } -func NewGRPCGateway(httpAddress string, grpcAddress string, certificateFile string, keyFile string, commonName string, logger *zap.Logger) (*GRPCGateway, error) { +func NewGRPCGateway(httpAddress string, grpcAddress string, certificateFile string, keyFile string, commonName string, corsAllowedMethods []string, corsAllowedOrigins []string, corsAllowedHeaders []string, logger *zap.Logger) (*GRPCGateway, error) { dialOpts := []grpc.DialOption{ grpc.WithDefaultCallOptions( grpc.MaxCallSendMsgSize(math.MaxInt64), @@ -90,25 +95,52 @@ func NewGRPCGateway(httpAddress string, grpcAddress string, certificateFile stri } return &GRPCGateway{ - httpAddress: httpAddress, - grpcAddress: grpcAddress, - listener: listener, - mux: mux, - cancel: cancel, - certificateFile: certificateFile, - keyFile: keyFile, - logger: logger, + httpAddress: httpAddress, + grpcAddress: grpcAddress, + listener: listener, + mux: mux, + cancel: cancel, + certificateFile: certificateFile, + keyFile: keyFile, + corsAllowedMethods: corsAllowedMethods, + corsAllowedOrigins: corsAllowedOrigins, + corsAllowedHeaders: corsAllowedHeaders, + logger: logger, }, nil } func (s *GRPCGateway) Start() error { + corsOpts := make([]handlers.CORSOption, 0) + + if s.corsAllowedMethods != nil && len(s.corsAllowedMethods) > 0 { + corsOpts = append(corsOpts, handlers.AllowedMethods(s.corsAllowedMethods)) + } + if s.corsAllowedOrigins != nil && len(s.corsAllowedOrigins) > 0 { + corsOpts = append(corsOpts, handlers.AllowedMethods(s.corsAllowedOrigins)) + } + if s.corsAllowedHeaders != nil && len(s.corsAllowedHeaders) > 0 { + corsOpts = append(corsOpts, handlers.AllowedMethods(s.corsAllowedHeaders)) + } + + corsMux := handlers.CORS( + corsOpts..., + )(s.mux) + if s.certificateFile == "" && s.keyFile == "" { go func() { - _ = http.Serve(s.listener, s.mux) + if len(corsOpts) > 0 { + _ = http.Serve(s.listener, corsMux) + } else { + _ = http.Serve(s.listener, s.mux) + } }() } else { go func() { - _ = http.ServeTLS(s.listener, s.mux, s.certificateFile, s.keyFile) + if len(corsOpts) > 0 { + _ = http.ServeTLS(s.listener, corsMux, s.certificateFile, s.keyFile) + } else { + _ = http.ServeTLS(s.listener, s.mux, s.certificateFile, s.keyFile) + } }() }