mirror of
https://github.com/grafana/grafana.git
synced 2025-01-16 03:32:37 -06:00
6768c6c059
Removes the public variable setting.SecretKey plus some other ones. Introduces some new functions for creating setting.Cfg.
328 lines
8.0 KiB
Go
328 lines
8.0 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Code from https://github.com/gogits/gogs/blob/v0.7.0/modules/avatar/avatar.go
|
|
|
|
package avatar
|
|
|
|
import (
|
|
"bufio"
|
|
"bytes"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
"os"
|
|
"path/filepath"
|
|
"regexp"
|
|
"strconv"
|
|
"sync"
|
|
"time"
|
|
|
|
gocache "github.com/patrickmn/go-cache"
|
|
|
|
"github.com/grafana/grafana/pkg/infra/log"
|
|
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
"github.com/grafana/grafana/pkg/web"
|
|
)
|
|
|
|
const (
|
|
gravatarSource = "https://secure.gravatar.com/avatar/"
|
|
)
|
|
|
|
// Avatar represents the avatar object.
|
|
type Avatar struct {
|
|
hash string
|
|
data *bytes.Buffer
|
|
notFound bool
|
|
isCustom bool
|
|
timestamp time.Time
|
|
}
|
|
|
|
var (
|
|
alog = log.New("avatar")
|
|
// Represents a singleton AvatarCacheServer instance
|
|
csi *AvatarCacheServer
|
|
// Paremeters needed to fetch Gravatar with a retro fallback
|
|
gravatarReqParams = url.Values{
|
|
"d": {"retro"},
|
|
"size": {"200"},
|
|
"r": {"pg"},
|
|
}.Encode()
|
|
// Parameters needed to see if a Gravatar is custom
|
|
hasCustomReqParams = url.Values{
|
|
"d": {"404"},
|
|
}.Encode()
|
|
cacheInitOnce sync.Once
|
|
)
|
|
|
|
func New(hash string) *Avatar {
|
|
return &Avatar{hash: hash}
|
|
}
|
|
|
|
func (a *Avatar) Expired() bool {
|
|
return time.Since(a.timestamp) > (time.Minute * 10)
|
|
}
|
|
|
|
func (a *Avatar) Encode(wr io.Writer) error {
|
|
_, err := wr.Write(a.data.Bytes())
|
|
return err
|
|
}
|
|
|
|
func (a *Avatar) update(baseUrl string) (err error) {
|
|
customUrl := baseUrl + a.hash + "?"
|
|
select {
|
|
case <-time.After(time.Second * 3):
|
|
err = fmt.Errorf("get gravatar image %s timeout", a.hash)
|
|
case err = <-thunder.GoFetch(customUrl, a):
|
|
}
|
|
return err
|
|
}
|
|
|
|
func (a *Avatar) GetIsCustom() bool {
|
|
return a.isCustom
|
|
}
|
|
|
|
// Quick error handler to avoid multiple copy pastes
|
|
func (a *Avatar) setAvatarNotFound() {
|
|
a.notFound = true
|
|
a.isCustom = false
|
|
}
|
|
|
|
type AvatarCacheServer struct {
|
|
cfg *setting.Cfg
|
|
notFound *Avatar
|
|
cache *gocache.Cache
|
|
}
|
|
|
|
var validMD5 = regexp.MustCompile("^[a-fA-F0-9]{32}$")
|
|
|
|
func (a *AvatarCacheServer) Handler(ctx *contextmodel.ReqContext) {
|
|
hash := web.Params(ctx.Req)[":hash"]
|
|
|
|
if len(hash) != 32 || !validMD5.MatchString(hash) {
|
|
ctx.JsonApiErr(404, "Avatar not found", nil)
|
|
return
|
|
}
|
|
|
|
avatar := a.GetAvatarForHash(a.cfg, hash)
|
|
|
|
ctx.Resp.Header().Set("Content-Type", "image/jpeg")
|
|
|
|
if !a.cfg.EnableGzip {
|
|
ctx.Resp.Header().Set("Content-Length", strconv.Itoa(len(avatar.data.Bytes())))
|
|
}
|
|
|
|
ctx.Resp.Header().Set("Cache-Control", "private, max-age=3600")
|
|
|
|
if err := avatar.Encode(ctx.Resp); err != nil {
|
|
ctx.Logger.Warn("avatar encode error:", "err", err)
|
|
ctx.Resp.WriteHeader(http.StatusInternalServerError)
|
|
}
|
|
}
|
|
|
|
func (a *AvatarCacheServer) GetAvatarForHash(cfg *setting.Cfg, hash string) *Avatar {
|
|
if cfg.DisableGravatar {
|
|
alog.Warn("'GetGravatarForHash' called despite gravatars being disabled; returning default profile image")
|
|
return a.notFound
|
|
}
|
|
return a.getAvatarForHash(hash, gravatarSource)
|
|
}
|
|
|
|
func (a *AvatarCacheServer) getAvatarForHash(hash string, baseUrl string) *Avatar {
|
|
var avatar *Avatar
|
|
obj, exists := a.cache.Get(hash)
|
|
if exists {
|
|
avatar = obj.(*Avatar)
|
|
} else {
|
|
avatar = New(hash)
|
|
}
|
|
|
|
if avatar.Expired() {
|
|
// The cache item is either expired or newly created, update it from the server
|
|
if err := avatar.update(baseUrl); err != nil {
|
|
alog.Debug("avatar update", "err", err)
|
|
avatar = a.notFound
|
|
}
|
|
}
|
|
|
|
if avatar.notFound {
|
|
avatar = a.notFound
|
|
} else if !exists {
|
|
if err := a.cache.Add(hash, avatar, gocache.DefaultExpiration); err != nil {
|
|
alog.Debug("add avatar to cache", "err", err)
|
|
}
|
|
}
|
|
return avatar
|
|
}
|
|
|
|
// Access cache server singleton instance
|
|
func ProvideAvatarCacheServer(cfg *setting.Cfg) *AvatarCacheServer {
|
|
cacheInitOnce.Do(func() {
|
|
csi = newCacheServer(cfg)
|
|
})
|
|
|
|
return csi
|
|
}
|
|
|
|
func newCacheServer(cfg *setting.Cfg) *AvatarCacheServer {
|
|
return &AvatarCacheServer{
|
|
cfg: cfg,
|
|
notFound: newNotFound(cfg),
|
|
cache: gocache.New(time.Hour, time.Hour*2),
|
|
}
|
|
}
|
|
|
|
func newNotFound(cfg *setting.Cfg) *Avatar {
|
|
avatar := &Avatar{
|
|
notFound: true,
|
|
isCustom: false,
|
|
}
|
|
|
|
// load user_profile png into buffer
|
|
// It's safe to ignore gosec warning G304 since the variable part of the file path comes from a configuration
|
|
// variable.
|
|
// nolint:gosec
|
|
path := filepath.Join(cfg.StaticRootPath, "img", "user_profile.png")
|
|
// It's safe to ignore gosec warning G304 since the variable part of the file path comes from a configuration
|
|
// variable.
|
|
// nolint:gosec
|
|
if data, err := os.ReadFile(path); err != nil {
|
|
alog.Error("Failed to read user_profile.png", "path", path)
|
|
} else {
|
|
avatar.data = bytes.NewBuffer(data)
|
|
}
|
|
|
|
return avatar
|
|
}
|
|
|
|
// thunder downloader
|
|
var thunder = &Thunder{QueueSize: 10}
|
|
|
|
type Thunder struct {
|
|
QueueSize int // download queue size
|
|
q chan *thunderTask
|
|
once sync.Once
|
|
}
|
|
|
|
func (t *Thunder) init() {
|
|
if t.QueueSize < 1 {
|
|
t.QueueSize = 1
|
|
}
|
|
t.q = make(chan *thunderTask, t.QueueSize)
|
|
for i := 0; i < t.QueueSize; i++ {
|
|
go func() {
|
|
for {
|
|
task := <-t.q
|
|
task.Fetch()
|
|
}
|
|
}()
|
|
}
|
|
}
|
|
|
|
func (t *Thunder) Fetch(baseUrl string, avatar *Avatar) error {
|
|
t.once.Do(t.init)
|
|
task := &thunderTask{
|
|
BaseUrl: baseUrl,
|
|
Avatar: avatar,
|
|
}
|
|
task.Add(1)
|
|
t.q <- task
|
|
task.Wait()
|
|
return task.err
|
|
}
|
|
|
|
func (t *Thunder) GoFetch(baseUrl string, avatar *Avatar) chan error {
|
|
c := make(chan error)
|
|
go func() {
|
|
c <- t.Fetch(baseUrl, avatar)
|
|
}()
|
|
return c
|
|
}
|
|
|
|
// thunder download
|
|
type thunderTask struct {
|
|
BaseUrl string
|
|
Avatar *Avatar
|
|
sync.WaitGroup
|
|
err error
|
|
}
|
|
|
|
func (a *thunderTask) Fetch() {
|
|
a.err = a.fetch()
|
|
a.Done()
|
|
}
|
|
|
|
var client = &http.Client{
|
|
Timeout: time.Second * 2,
|
|
Transport: &http.Transport{Proxy: http.ProxyFromEnvironment},
|
|
}
|
|
|
|
// We fetch the same url with param tweaks twice in a row
|
|
// Break out the fetch function in a way that makes each
|
|
// Portion highly reusable
|
|
func (a *thunderTask) fetch() error {
|
|
a.Avatar.timestamp = time.Now()
|
|
|
|
alog.Debug("avatar.fetch(fetch new avatar)", "url", a.BaseUrl)
|
|
// First do the fetch to get the Gravatar with a retro icon fallback
|
|
err := performGet(a.BaseUrl+gravatarReqParams, a.Avatar, getGravatarHandler)
|
|
|
|
if err == nil {
|
|
// Next do a fetch with a 404 fallback to see if it's a custom gravatar
|
|
return performGet(a.BaseUrl+hasCustomReqParams, a.Avatar, checkIsCustomHandler)
|
|
}
|
|
return err
|
|
}
|
|
|
|
type ResponseHandler func(av *Avatar, resp *http.Response) error
|
|
|
|
// Verifies the Gravatar response code was 200, then stores the image byte slice
|
|
func getGravatarHandler(av *Avatar, resp *http.Response) error {
|
|
if resp.StatusCode != http.StatusOK {
|
|
av.setAvatarNotFound()
|
|
return fmt.Errorf("status code: %d", resp.StatusCode)
|
|
}
|
|
|
|
av.data = &bytes.Buffer{}
|
|
writer := bufio.NewWriter(av.data)
|
|
|
|
_, err := io.Copy(writer, resp.Body)
|
|
return err
|
|
}
|
|
|
|
// Uses the d=404 fallback to see if the gravatar we got back is custom
|
|
func checkIsCustomHandler(av *Avatar, resp *http.Response) error {
|
|
av.isCustom = resp.StatusCode != http.StatusNotFound
|
|
return nil
|
|
}
|
|
|
|
// Reusable Get helper that allows us to pass in custom handling depending on the endpoint
|
|
func performGet(url string, av *Avatar, handler ResponseHandler) error {
|
|
req, err := http.NewRequest("GET", url, nil)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
req.Header.Set("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/jpeg,image/png,*/*;q=0.8")
|
|
req.Header.Set("Accept-Encoding", "deflate,sdch")
|
|
req.Header.Set("Accept-Language", "zh-CN,zh;q=0.8")
|
|
req.Header.Set("Cache-Control", "no-cache")
|
|
req.Header.Set("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36")
|
|
alog.Debug("Fetching avatar url with parameters", "url", url)
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
av.setAvatarNotFound()
|
|
return fmt.Errorf("gravatar unreachable: %w", err)
|
|
}
|
|
defer func() {
|
|
if err := resp.Body.Close(); err != nil {
|
|
alog.Warn("Failed to close response body", "err", err)
|
|
}
|
|
}()
|
|
|
|
err = handler(av, resp)
|
|
return err
|
|
}
|