Revert "Fixed proxyToken error on OPTIONS calls in Agent endpoint"

quan-to · Oct 23, 2019 · 36bf865 · 36bf865
1 parent 08bafbc
commit 36bf865
Showing 1 changed file with 54 additions and 69 deletions.
diff --git a/server/agentProxy.go b/server/agentProxy.go
@@ -43,10 +43,6 @@ func MakeAgentProxy(log slog.Instance, gpg etc.PGPInterface, tm etc.TokenManager
 }
 
 func (proxy *AgentProxy) defaultHandler(w http.ResponseWriter, r *http.Request) {
-	var res *http.Response
-	var req *http.Request
-	var err error
-
 	ctx := wrapContextWithRequestID(r)
 	log := wrapLogWithRequestID(proxy.log, r)
 	InitHTTPTimer(log, r)
@@ -69,93 +65,82 @@ func (proxy *AgentProxy) defaultHandler(w http.ResponseWriter, r *http.Request)
 		"targetUrl": targetUrl,
 	})
 
-	client := &http.Client{
-		Transport: proxy.transport,
-	}
-
-	if r.Method == http.MethodOptions {
-		req, err = http.NewRequest(r.Method, targetUrl, nil)
+	token := ""
 
-		if err != nil {
-			InternalServerError("There was an error processing your request", err.Error(), w, r, log)
+	if !remote_signer.AgentBypassLogin {
+		if h.Get("proxyToken") == "" {
+			PermissionDenied("proxyToken", "Please check if your proxyToken is valid", w, r, log)
 			return
 		}
 
-		req.Header.Add("X-Powered-By", "RemoteSigner Agent")
-	} else {
-		token := ""
-
-		if !remote_signer.AgentBypassLogin {
-			if h.Get("proxyToken") == "" {
-				PermissionDenied("proxyToken", "Please check if your proxyToken is valid", w, r, log)
-				return
-			}
+		token = h.Get("proxyToken")
+		h.Del("proxyToken")
 
-			token = h.Get("proxyToken")
-			h.Del("proxyToken")
+		log.Await("Verifying user token")
+		err := proxy.tm.Verify(token)
+		log.Done("Token verified")
 
-			log.Await("Verifying user token")
-			err = proxy.tm.Verify(token)
-			log.Done("Token verified")
-
-			if err != nil {
-				PermissionDenied("proxyToken", "Please check if your proxyToken is valid", w, r, log)
-				return
-			}
+		if err != nil {
+			PermissionDenied("proxyToken", "Please check if your proxyToken is valid", w, r, log)
+			return
 		}
+	}
 
-		fingerPrint := remote_signer.AgentKeyFingerPrint
-
-		if !remote_signer.AgentBypassLogin {
-			user := proxy.tm.GetUserData(token)
-			fingerPrint = user.GetFingerPrint()
-		}
+	client := &http.Client{
+		Transport: proxy.transport,
+	}
 
-		log.DebugAwait("Reading body")
-		bodyData, err := ioutil.ReadAll(r.Body)
-		log.DebugDone("Body read")
+	fingerPrint := remote_signer.AgentKeyFingerPrint
 
-		if err != nil {
-			InternalServerError("There was an error processing your request", err.Error(), w, r, log)
-			return
-		}
+	if !remote_signer.AgentBypassLogin {
+		user := proxy.tm.GetUserData(token)
+		fingerPrint = user.GetFingerPrint()
+	}
 
-		var jsondata map[string]interface{}
+	log.DebugAwait("Reading body")
+	bodyData, err := ioutil.ReadAll(r.Body)
+	log.DebugDone("Body read")
 
-		err = json.Unmarshal(bodyData, &jsondata)
+	if err != nil {
+		InternalServerError("There was an error processing your request", err.Error(), w, r, log)
+		return
+	}
 
-		if err != nil {
-			InternalServerError("There was an error processing your request", err.Error(), w, r, log)
-			return
-		}
+	var jsondata map[string]interface{}
 
-		jsondata["_timestamp"] = time.Now().Unix() * 1000
-		jsondata["_timeUniqueId"] = uuid.New().String()
+	err = json.Unmarshal(bodyData, &jsondata)
 
-		bodyData, _ = json.Marshal(jsondata)
+	if err != nil {
+		InternalServerError("There was an error processing your request", err.Error(), w, r, log)
+		return
+	}
 
-		req, err = http.NewRequest(r.Method, targetUrl, bytes.NewBuffer(bodyData))
+	jsondata["_timestamp"] = time.Now().Unix() * 1000
+	jsondata["_timeUniqueId"] = uuid.New().String()
 
-		if err != nil {
-			InternalServerError("There was an error processing your request", err.Error(), w, r, log)
-			return
-		}
+	bodyData, _ = json.Marshal(jsondata)
 
-		log.Await("Signing data with %s", fingerPrint)
-		signature, err := proxy.gpg.SignData(ctx, fingerPrint, bodyData, crypto.SHA512)
-		log.Done("Data signed")
+	req, err := http.NewRequest(r.Method, targetUrl, bytes.NewBuffer(bodyData))
 
-		if err != nil {
-			InternalServerError("There was an error signing your request", err.Error(), w, r, log)
-			return
-		}
+	if err != nil {
+		InternalServerError("There was an error processing your request", err.Error(), w, r, log)
+		return
+	}
 
-		quantoSig := remote_signer.GPG2Quanto(signature, fingerPrint, "SHA512")
+	log.Await("Signing data with %s", fingerPrint)
+	signature, err := proxy.gpg.SignData(ctx, fingerPrint, bodyData, crypto.SHA512)
+	log.Done("Data signed")
 
-		req.Header.Add("signature", quantoSig)
-		req.Header.Add("X-Powered-By", "RemoteSigner Agent")
+	if err != nil {
+		InternalServerError("There was an error signing your request", err.Error(), w, r, log)
+		return
 	}
 
+	quantoSig := remote_signer.GPG2Quanto(signature, fingerPrint, "SHA512")
+
+	req.Header.Add("signature", quantoSig)
+	req.Header.Add("X-Powered-By", "RemoteSigner Agent")
+
 	for k, v := range r.Header {
 		if len(v) > 1 {
 			for _, t := range v {
@@ -167,7 +152,7 @@ func (proxy *AgentProxy) defaultHandler(w http.ResponseWriter, r *http.Request)
 	}
 
 	log.Await("Sending request to %s", targetUrl)
-	res, err = client.Do(req)
+	res, err := client.Do(req)
 	log.Done("Received response")
 
 	if err != nil {