From 4e59a27293394b6d5529efd13ad711daebbc0eb3 Mon Sep 17 00:00:00 2001 From: Harrison Healey Date: Wed, 26 Sep 2018 12:42:51 -0400 Subject: Move HTTPService and ConfigService into services package (#9422) * Move HTTPService and ConfigService into utils package * Re-add StaticConfigService * Move config and http services into their own packages --- services/httpservice/httpservice.go | 67 +++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 services/httpservice/httpservice.go (limited to 'services/httpservice/httpservice.go') diff --git a/services/httpservice/httpservice.go b/services/httpservice/httpservice.go new file mode 100644 index 000000000..5ed42a12d --- /dev/null +++ b/services/httpservice/httpservice.go @@ -0,0 +1,67 @@ +// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package httpservice + +import ( + "net" + "net/http" + "strings" + + "github.com/mattermost/mattermost-server/services/configservice" +) + +// Wraps the functionality for creating a new http.Client to encapsulate that and allow it to be mocked when testing +type HTTPService interface { + MakeClient(trustURLs bool) *http.Client + Close() +} + +type HTTPServiceImpl struct { + configService configservice.ConfigService +} + +func MakeHTTPService(configService configservice.ConfigService) HTTPService { + return &HTTPServiceImpl{configService} +} + +func (h *HTTPServiceImpl) MakeClient(trustURLs bool) *http.Client { + insecure := h.configService.Config().ServiceSettings.EnableInsecureOutgoingConnections != nil && *h.configService.Config().ServiceSettings.EnableInsecureOutgoingConnections + + if trustURLs { + return NewHTTPClient(insecure, nil, nil) + } + + allowHost := func(host string) bool { + if h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections == nil { + return false + } + for _, allowed := range strings.Fields(*h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections) { + if host == allowed { + return true + } + } + return false + } + + allowIP := func(ip net.IP) bool { + if !IsReservedIP(ip) { + return true + } + if h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections == nil { + return false + } + for _, allowed := range strings.Fields(*h.configService.Config().ServiceSettings.AllowedUntrustedInternalConnections) { + if _, ipRange, err := net.ParseCIDR(allowed); err == nil && ipRange.Contains(ip) { + return true + } + } + return false + } + + return NewHTTPClient(insecure, allowHost, allowIP) +} + +func (h *HTTPServiceImpl) Close() { + // Does nothing, but allows this to be overridden when mocking the service +} -- cgit v1.2.3-1-g7c22