restapi

package
v0.15.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2022 License: AGPL-3.0 Imports: 77 Imported by: 0

Documentation

Overview

Package restapi MinIO Console Server

Schemes:
  http
  ws
Host: localhost
BasePath: /api/v1
Version: 0.1.0

Consumes:
  - application/json
  - multipart/form-data

Produces:
  - application/zip
  - application/octet-stream
  - application/json

swagger:meta

Index

Constants

View Source
const (
	Unknown = 0
	Allow   = 1
	Deny    = -1
)

Policy evaluated constants

View Source
const (
	// Constants for common configuration
	ConsoleMinIOServer   = "CONSOLE_MINIO_SERVER"
	ConsoleSubnetProxy   = "CONSOLE_SUBNET_PROXY"
	ConsoleMinIORegion   = "CONSOLE_MINIO_REGION"
	ConsoleHostname      = "CONSOLE_HOSTNAME"
	ConsolePort          = "CONSOLE_PORT"
	ConsoleTLSPort       = "CONSOLE_TLS_PORT"
	ConsoleSubnetLicense = "CONSOLE_SUBNET_LICENSE"

	// Constants for Secure middleware
	ConsoleSecureAllowedHosts                    = "CONSOLE_SECURE_ALLOWED_HOSTS"
	ConsoleSecureAllowedHostsAreRegex            = "CONSOLE_SECURE_ALLOWED_HOSTS_ARE_REGEX"
	ConsoleSecureFrameDeny                       = "CONSOLE_SECURE_FRAME_DENY"
	ConsoleSecureContentTypeNoSniff              = "CONSOLE_SECURE_CONTENT_TYPE_NO_SNIFF"
	ConsoleSecureBrowserXSSFilter                = "CONSOLE_SECURE_BROWSER_XSS_FILTER"
	ConsoleSecureContentSecurityPolicy           = "CONSOLE_SECURE_CONTENT_SECURITY_POLICY"
	ConsoleSecureContentSecurityPolicyReportOnly = "CONSOLE_SECURE_CONTENT_SECURITY_POLICY_REPORT_ONLY"
	ConsoleSecureHostsProxyHeaders               = "CONSOLE_SECURE_HOSTS_PROXY_HEADERS"
	ConsoleSecureSTSSeconds                      = "CONSOLE_SECURE_STS_SECONDS"
	ConsoleSecureSTSIncludeSubdomains            = "CONSOLE_SECURE_STS_INCLUDE_SUB_DOMAINS"
	ConsoleSecureSTSPreload                      = "CONSOLE_SECURE_STS_PRELOAD"
	ConsoleSecureTLSRedirect                     = "CONSOLE_SECURE_TLS_REDIRECT"
	ConsoleSecureTLSHost                         = "CONSOLE_SECURE_TLS_HOST"
	ConsoleSecureTLSTemporaryRedirect            = "CONSOLE_SECURE_TLS_TEMPORARY_REDIRECT"
	ConsoleSecureForceSTSHeader                  = "CONSOLE_SECURE_FORCE_STS_HEADER"
	ConsoleSecurePublicKey                       = "CONSOLE_SECURE_PUBLIC_KEY"
	ConsoleSecureReferrerPolicy                  = "CONSOLE_SECURE_REFERRER_POLICY"
	ConsoleSecureFeaturePolicy                   = "CONSOLE_SECURE_FEATURE_POLICY"
	ConsoleSecureExpectCTHeader                  = "CONSOLE_SECURE_EXPECT_CT_HEADER"
	PrometheusURL                                = "CONSOLE_PROMETHEUS_URL"
	PrometheusJobID                              = "CONSOLE_PROMETHEUS_JOB_ID"
	ConsoleLogQueryURL                           = "CONSOLE_LOG_QUERY_URL"
	ConsoleLogQueryAuthToken                     = "CONSOLE_LOG_QUERY_AUTH_TOKEN"
	LogSearchQueryAuthToken                      = "LOGSEARCH_QUERY_AUTH_TOKEN"
	SlashSeparator                               = "/"
)

list of all console environment constants

Variables

View Source
var (
	// Port console default port
	Port = "9090"

	// Hostname console hostname
	// avoid listening on 0.0.0.0 by default
	// instead listen on all IPv4 and IPv6
	// - Hostname should be empty.
	Hostname = ""

	// TLSPort console tls port
	TLSPort = "9443"

	// TLSRedirect console tls redirect rule
	TLSRedirect = "on"

	ConsoleResourceName = "console-ui"
)
View Source
var (
	// GlobalRootCAs is CA root certificates, a nil value means system certs pool will be used
	GlobalRootCAs *x509.CertPool
	// GlobalPublicCerts has certificates Console will use to serve clients
	GlobalPublicCerts []*x509.Certificate
	// GlobalTLSCertsManager custom TLS Manager for SNI support
	GlobalTLSCertsManager *xcerts.Manager
)
View Source
var (
	// SwaggerJSON embedded version of the swagger document used at generation time
	SwaggerJSON json.RawMessage
	// FlatSwaggerJSON embedded flattened version of the swagger document used at generation time
	FlatSwaggerJSON json.RawMessage
)
View Source
var (
	// ErrorGeneric is a generic error message
	ErrorGeneric = errors.New("an error occurred, please try again")

	// ErrorGenericNotFound Generic error for not found
	ErrorGenericNotFound = errors.New("not found")
)
View Source
var (
	LogInfo  = logInfo
	LogError = logError
)

globally changeable logger styles

Functions

func AuthenticationMiddleware added in v0.4.6

func AuthenticationMiddleware(next http.Handler) http.Handler

func DifferenceArrays

func DifferenceArrays(a, b []string) []string

DifferenceArrays returns the elements in `a` that aren't in `b`.

func ExpireSessionCookie added in v0.4.6

func ExpireSessionCookie() http.Cookie

func FileServerMiddleware

func FileServerMiddleware(next http.Handler) http.Handler

FileServerMiddleware serves files from the static folder

func GetConsoleHTTPClient added in v0.9.1

func GetConsoleHTTPClient() *http.Client

GetConsoleHTTPClient will initialize the console HTTP Client with fully populated custom TLS Transport that with loads certs at - ${HOME}/.console/certs/CAs - ${HOME}/.minio/certs/CAs

func GetHostname

func GetHostname() string

GetHostname gets console hostname set on env variable, default one or defined on run command

func GetMinIORegion added in v0.8.0

func GetMinIORegion() string

func GetPort

func GetPort() int

GetPort gets console por set on env variable or default one

func GetSecureAllowedHosts added in v0.8.0

func GetSecureAllowedHosts() []string

Get secure middleware env variable configurations

func GetSecureAllowedHostsAreRegex added in v0.8.0

func GetSecureAllowedHostsAreRegex() bool

AllowedHostsAreRegex determines, if the provided AllowedHosts slice contains valid regular expressions. Default is false.

func GetSecureBrowserXSSFilter added in v0.8.0

func GetSecureBrowserXSSFilter() bool

If BrowserXssFilter is true, adds the X-XSS-Protection header with the value `1; mode=block`. Default is true.

func GetSecureContentSecurityPolicy added in v0.8.0

func GetSecureContentSecurityPolicy() string

ContentSecurityPolicy allows the Content-Security-Policy header value to be set with a custom value. Default is "". Passing a template string will replace `$NONCE` with a dynamic nonce value of 16 bytes for each request which can be later retrieved using the Nonce function.

func GetSecureContentSecurityPolicyReportOnly added in v0.8.0

func GetSecureContentSecurityPolicyReportOnly() string

ContentSecurityPolicyReportOnly allows the Content-Security-Policy-Report-Only header value to be set with a custom value. Default is "".

func GetSecureContentTypeNonSniff added in v0.8.0

func GetSecureContentTypeNonSniff() bool

If ContentTypeNosniff is true, adds the X-Content-Type-Options header with the value `nosniff`. Default is true.

func GetSecureExpectCTHeader added in v0.8.0

func GetSecureExpectCTHeader() string

func GetSecureFeaturePolicy added in v0.8.0

func GetSecureFeaturePolicy() string

FeaturePolicy allows the Feature-Policy header with the value to be set with a custom value. Default is "".

func GetSecureForceSTSHeader added in v0.8.0

func GetSecureForceSTSHeader() bool

STS header is only included when the connection is HTTPS.

func GetSecureFrameDeny added in v0.8.0

func GetSecureFrameDeny() bool

If FrameDeny is set to true, adds the X-Frame-Options header with the value of `DENY`. Default is true.

func GetSecureHostsProxyHeaders added in v0.8.0

func GetSecureHostsProxyHeaders() []string

HostsProxyHeaders is a set of header keys that may hold a proxied hostname value for the request.

func GetSecurePublicKey added in v0.8.0

func GetSecurePublicKey() string

PublicKey implements HPKP to prevent MITM attacks with forged certificates. Default is "".

func GetSecureReferrerPolicy added in v0.8.0

func GetSecureReferrerPolicy() string

ReferrerPolicy allows the Referrer-Policy header with the value to be set with a custom value. Default is "".

func GetSecureSTSIncludeSubdomains added in v0.8.0

func GetSecureSTSIncludeSubdomains() bool

If STSIncludeSubdomains is set to true, the `includeSubdomains` will be appended to the Strict-Transport-Security header. Default is false.

func GetSecureSTSPreload added in v0.8.0

func GetSecureSTSPreload() bool

If STSPreload is set to true, the `preload` flag will be appended to the Strict-Transport-Security header. Default is false.

func GetSecureSTSSeconds added in v0.8.0

func GetSecureSTSSeconds() int64

STSSeconds is the max-age of the Strict-Transport-Security header. Default is 0, which would NOT include the header.

func GetSecureTLSHost added in v0.8.0

func GetSecureTLSHost() string

TLSHost is the host name that is used to redirect HTTP requests to HTTPS. Default is "", which indicates to use the same host.

func GetSecureTLSTemporaryRedirect added in v0.8.0

func GetSecureTLSTemporaryRedirect() bool

If TLSTemporaryRedirect is true, the a 302 will be used while redirecting. Default is false (301).

func GetSubnetHTTPClient added in v0.14.0

func GetSubnetHTTPClient(ctx context.Context, minioClient MinioAdmin) (*utils.HTTPClient, error)

GetSubnetHTTPClient will return a client with proxy if configured, otherwise will return the default console http client

func GetSubnetInfoResponse added in v0.14.0

func GetSubnetInfoResponse(session *models.Principal) (*models.License, *models.Error)

func GetSubnetKeyFromMinIOConfig added in v0.14.0

func GetSubnetKeyFromMinIOConfig(ctx context.Context, minioClient MinioAdmin) (*subnet.LicenseTokenConfig, error)

func GetSubnetLoginResponse added in v0.14.0

func GetSubnetLoginResponse(session *models.Principal, params admin_api.SubnetLoginParams) (*models.SubnetLoginResponse, *models.Error)

func GetSubnetLoginWithMFAResponse added in v0.14.0

func GetSubnetLoginWithMFAResponse(session *models.Principal, params admin_api.SubnetLoginMFAParams) (*models.SubnetLoginResponse, *models.Error)

func GetSubnetRegToken added in v0.14.0

func GetSubnetRegToken(ctx context.Context, minioClient MinioAdmin) (string, error)

func GetSubnetRegTokenResponse added in v0.14.0

func GetSubnetRegTokenResponse(session *models.Principal) (*models.SubnetRegTokenResponse, *models.Error)

func GetSubnetRegister added in v0.14.0

func GetSubnetRegister(ctx context.Context, minioClient MinioAdmin, httpClient utils.HTTPClientI, params admin_api.SubnetRegisterParams) error

func GetSubnetRegisterResponse added in v0.14.0

func GetSubnetRegisterResponse(session *models.Principal, params admin_api.SubnetRegisterParams) *models.Error

func GetTLSPort added in v0.3.11

func GetTLSPort() int

GetTLSPort gets console tls port set on env variable or default one

func GetTLSRedirect added in v0.6.0

func GetTLSRedirect() string

If GetTLSRedirect is set to true, then only allow HTTPS requests. Default is true.

func IsElementInArray

func IsElementInArray(a []string, b string) bool

IsElementInArray returns true if the string belongs to the slice

func NewAdminClientWithInsecure added in v0.3.5

func NewAdminClientWithInsecure(url, accessKey, secretKey, sessionToken string, insecure bool) (*madmin.AdminClient, *probe.Error)

NewAdminClientWithInsecure gives a new madmin client interface either secure or insecure based on parameter

func NewConsoleCredentials added in v0.8.0

func NewConsoleCredentials(accessKey, secretKey, location string) (*credentials.Credentials, error)

func NewMinioAdminClient added in v0.8.0

func NewMinioAdminClient(sessionClaims *models.Principal) (*madmin.AdminClient, error)

func NewSessionCookieForConsole added in v0.4.6

func NewSessionCookieForConsole(token string) http.Cookie

func PrepareConsoleHTTPClient added in v0.9.1

func PrepareConsoleHTTPClient(insecure bool) *http.Client

PrepareConsoleHTTPClient returns an http.Client with custom configurations need it by *credentials.STSAssumeRole custom configurations include the use of CA certificates

func RandomCharString

func RandomCharString(n int) string

func RandomCharStringWithAlphabet

func RandomCharStringWithAlphabet(n int, alphabet string) string

func RejectS3Middleware added in v0.11.0

func RejectS3Middleware(next http.Handler) http.Handler

RejectS3Middleware will reject requests that have AWS S3 specific headers.

func SanitizeEncodedPrefix added in v0.11.0

func SanitizeEncodedPrefix(rawPrefix string) string

SanitizeEncodedPrefix replaces spaces for + since those are lost when you do GET parameters

func SubnetLogin added in v0.14.0

func SubnetLogin(client utils.HTTPClientI, username, password string) (string, string, error)

func SubnetLoginWithMFA added in v0.14.0

func SubnetLoginWithMFA(client utils.HTTPClientI, username, mfaToken, otp string) (*models.SubnetLoginResponse, error)

func SubnetRegisterWithAPIKey added in v0.14.0

func SubnetRegisterWithAPIKey(ctx context.Context, minioClient MinioAdmin, apiKey string) (bool, error)

func UniqueKeys

func UniqueKeys(a []string) []string

UniqueKeys returns an array without duplicated keys

Types

type AdminClient added in v0.8.0

type AdminClient struct {
	Client *madmin.AdminClient
}

Interface implementation

Define the structure of a minIO Client and define the functions that are actually used from minIO api.

func (AdminClient) AccountInfo added in v0.8.0

func (ac AdminClient) AccountInfo(ctx context.Context) (madmin.AccountInfo, error)

AccountInfo implements madmin.AccountInfo()

type ConsoleCredentials

type ConsoleCredentials struct {
	ConsoleCredentials *credentials.Credentials
	AccountAccessKey   string
}

Interface implementation

func (ConsoleCredentials) Expire

func (c ConsoleCredentials) Expire()

Expire implements *Login.Expire()

func (ConsoleCredentials) Get

Get implements *Login.Get()

func (ConsoleCredentials) GetAccountAccessKey added in v0.8.0

func (c ConsoleCredentials) GetAccountAccessKey() string

type ConsoleCredentialsI added in v0.5.0

type ConsoleCredentialsI interface {
	Get() (credentials.Value, error)
	Expire()
	GetAccountAccessKey() string
}

ConsoleCredentialsI interface with all functions to be implemented by mock when testing, it should include all needed consoleCredentials.Login api calls that are used within this project.

type ConsoleWebsocket

type ConsoleWebsocket interface {
	// contains filtered or unexported methods
}

ConsoleWebsocket interface of a Websocket Client

type ConsoleWebsocketAdmin

type ConsoleWebsocketAdmin interface {
	// contains filtered or unexported methods
}

ConsoleWebsocketAdmin interface of a Websocket Client

type Context added in v0.7.5

type Context struct {
	Host                string
	HTTPPort, HTTPSPort int
	TLSRedirect         string
	// Legacy options, TODO: remove in future
	TLSCertificate, TLSKey, TLSca string
}

Context captures all command line flags values

func (*Context) Load added in v0.7.5

func (c *Context) Load(ctx *cli.Context) error

Load loads restapi Context from command line context.

type DataResult added in v0.5.0

type DataResult struct {
	Metric map[string]string `json:"metric"`
	Values []interface{}     `json:"values"`
}

type GridPos added in v0.7.2

type GridPos struct {
	H int32
	W int32
	X int32
	Y int32
}

type LabelResponse added in v0.5.0

type LabelResponse struct {
	Status string   `json:"status"`
	Data   []string `json:"data"`
}

type LabelResults added in v0.5.0

type LabelResults struct {
	Label    string
	Response LabelResponse
}

type MCClient added in v0.3.1

type MCClient interface {
	// contains filtered or unexported methods
}

MCClient interface with all functions to be implemented by mock when testing, it should include all mc/S3Client respective api calls that are used within this project.

type Metric added in v0.5.0

type Metric struct {
	ID            int32
	Title         string
	Type          string
	Options       MetricOptions
	Targets       []Target
	GridPos       GridPos
	MaxDataPoints int32
}

type MetricOptions added in v0.5.0

type MetricOptions struct {
	ReduceOptions ReduceOptions
}

type MinioAdmin

type MinioAdmin interface {
	AccountInfo(ctx context.Context) (madmin.AccountInfo, error)
	// contains filtered or unexported methods
}

MinioAdmin interface with all functions to be implemented by mock when testing, it should include all MinioAdmin respective api calls that are used within this project.

type MinioClient

type MinioClient interface {
	GetBucketTagging(ctx context.Context, bucketName string) (*tags.Tags, error)
	SetBucketTagging(ctx context.Context, bucketName string, tags *tags.Tags) error
	RemoveBucketTagging(ctx context.Context, bucketName string) error
	// contains filtered or unexported methods
}

MinioClient interface with all functions to be implemented by mock when testing, it should include all MinioClient respective api calls that are used within this project.

type MultiLifecycleResult added in v0.14.6

type MultiLifecycleResult struct {
	BucketName string
	Error      string
}

type PromResp added in v0.5.0

type PromResp struct {
	Status string       `json:"status"`
	Data   PromRespData `json:"data"`
}

type PromRespData added in v0.5.0

type PromRespData struct {
	ResultType string       `json:"resultType"`
	Result     []DataResult `json:"result"`
}

type ReduceOptions added in v0.5.0

type ReduceOptions struct {
	Calcs []string
}

type RemoteBucketResult added in v0.6.7

type RemoteBucketResult struct {
	OriginBucket string
	TargetBucket string
	Error        string
}

type Server

type Server struct {
	EnabledListeners []string         `long:"scheme" description:"the listeners to enable, this can be repeated and defaults to the schemes in the swagger spec"`
	CleanupTimeout   time.Duration    `long:"cleanup-timeout" description:"grace period for which to wait before killing idle connections" default:"10s"`
	GracefulTimeout  time.Duration    `long:"graceful-timeout" description:"grace period for which to wait before shutting down the server" default:"15s"`
	MaxHeaderSize    flagext.ByteSize `` /* 231-byte string literal not displayed */

	SocketPath flags.Filename `long:"socket-path" description:"the unix socket to listen on" default:"/var/run/console.sock"`

	Host         string        `long:"host" description:"the IP to listen on" default:"localhost" env:"HOST"`
	Port         int           `long:"port" description:"the port to listen on for insecure connections, defaults to a random value" env:"PORT"`
	ListenLimit  int           `long:"listen-limit" description:"limit the number of outstanding requests"`
	KeepAlive    time.Duration `` /* 169-byte string literal not displayed */
	ReadTimeout  time.Duration `long:"read-timeout" description:"maximum duration before timing out read of the request" default:"30s"`
	WriteTimeout time.Duration `long:"write-timeout" description:"maximum duration before timing out write of the response" default:"60s"`

	TLSHost           string         `long:"tls-host" description:"the IP to listen on for tls, when not specified it's the same as --host" env:"TLS_HOST"`
	TLSPort           int            `long:"tls-port" description:"the port to listen on for secure connections, defaults to a random value" env:"TLS_PORT"`
	TLSCertificate    flags.Filename `long:"tls-certificate" description:"the certificate to use for secure connections" env:"TLS_CERTIFICATE"`
	TLSCertificateKey flags.Filename `long:"tls-key" description:"the private key to use for secure connections" env:"TLS_PRIVATE_KEY"`
	TLSCACertificate  flags.Filename `long:"tls-ca" description:"the certificate authority file to be used with mutual tls auth" env:"TLS_CA_CERTIFICATE"`
	TLSListenLimit    int            `long:"tls-listen-limit" description:"limit the number of outstanding requests"`
	TLSKeepAlive      time.Duration  `` /* 160-byte string literal not displayed */
	TLSReadTimeout    time.Duration  `long:"tls-read-timeout" description:"maximum duration before timing out read of the request"`
	TLSWriteTimeout   time.Duration  `long:"tls-write-timeout" description:"maximum duration before timing out write of the response"`
	// contains filtered or unexported fields
}

Server for the console API

func NewServer

func NewServer(api *operations.ConsoleAPI) *Server

NewServer creates a new api console server but does not configure it

func (*Server) ConfigureAPI

func (s *Server) ConfigureAPI()

ConfigureAPI configures the API and handlers.

func (*Server) ConfigureFlags

func (s *Server) ConfigureFlags()

ConfigureFlags configures the additional flags defined by the handlers. Needs to be called before the parser.Parse

func (*Server) Fatalf

func (s *Server) Fatalf(f string, args ...interface{})

Fatalf logs message either via defined user logger or via system one if no user logger is defined. Exits with non-zero status after printing

func (*Server) GetHandler

func (s *Server) GetHandler() http.Handler

GetHandler returns a handler useful for testing

func (*Server) HTTPListener

func (s *Server) HTTPListener() (net.Listener, error)

HTTPListener returns the http listener

func (*Server) Listen

func (s *Server) Listen() error

Listen creates the listeners for the server

func (*Server) Logf

func (s *Server) Logf(f string, args ...interface{})

Logf logs message either via defined user logger or via system one if no user logger is defined.

func (*Server) Serve

func (s *Server) Serve() (err error)

Serve the api

func (*Server) SetAPI

func (s *Server) SetAPI(api *operations.ConsoleAPI)

SetAPI configures the server with the specified API. Needs to be called before Serve

func (*Server) SetHandler

func (s *Server) SetHandler(handler http.Handler)

SetHandler allows for setting a http handler on this server

func (*Server) Shutdown

func (s *Server) Shutdown() error

Shutdown server and clean up resources

func (*Server) TLSListener

func (s *Server) TLSListener() (net.Listener, error)

TLSListener returns the https listener

func (*Server) UnixListener

func (s *Server) UnixListener() (net.Listener, error)

UnixListener returns the domain socket listener

type SubnetRegistration added in v0.14.0

type SubnetRegistration struct {
	AccessToken   string
	MFAToken      string
	Organizations []models.SubnetOrganization
}

type Target added in v0.5.0

type Target struct {
	Expr         string
	Interval     string
	LegendFormat string
	Step         int32
}

type TraceRequest added in v0.7.5

type TraceRequest struct {
	// contains filtered or unexported fields
}

Types for trace request. this adds support for calls, threshold, status and extra filters

type UsageInfo added in v0.8.0

type UsageInfo struct {
	Buckets          int64
	Objects          int64
	Usage            int64
	DisksUsage       int64
	Servers          []*models.ServerProperties
	EndpointNotReady bool
}

func GetAdminInfo added in v0.8.0

func GetAdminInfo(ctx context.Context, client MinioAdmin) (*UsageInfo, error)

GetAdminInfo invokes admin info and returns a parsed `UsageInfo` structure

type VersionState added in v0.6.4

type VersionState string
const (
	VersionEnable  VersionState = "enable"
	VersionSuspend              = "suspend"
)

type WSConn

type WSConn interface {
	// contains filtered or unexported methods
}

WSConn interface with all functions to be implemented by mock when testing, it should include all websocket.Conn respective api calls that are used within this project.

type Widget added in v0.5.0

type Widget struct {
	Title string
	Type  string
}

type WidgetLabel added in v0.5.0

type WidgetLabel struct {
	Name string
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL