// Copyright 2015 The go-ethereum Authors
// This file is part of the go-ethereum library.
//
// The go-ethereum library is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// The go-ethereum library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
package jrpc
import (
"bytes"
"context"
"encoding/base64"
"encoding/json"
"errors"
"fmt"
"io"
"mime"
"net/http"
"net/url"
"strings"
"sync"
"time"
"gfx.cafe/util/go/bufpool"
)
const (
maxRequestContentLength = 1024 * 1024 * 5
contentType = "application/json"
)
// https://www.jsonrpc.org/historical/json-rpc-over-http.html#id13
var acceptedContentTypes = []string{
// https://www.jsonrpc.org/historical/json-rpc-over-http.html#id13
contentType, "application/json-rpc", "application/jsonrequest",
// these are added because they make sense
"application/jsonrpc2", "application/json-rpc2", "application/jrpc",
}
type httpConn struct {
client *http.Client
url string
closeOnce sync.Once
closeCh chan any
mu sync.Mutex // protects headers
headers http.Header
}
// httpConn implements ServerCodec, but it is treated specially by Client
// and some methods don't work. The panic() stubs here exist to ensure
// this special treatment is correct.
func (hc *httpConn) writeJSON(context.Context, any) error {
panic("writeJSON called on httpConn")
}
func (hc *httpConn) peerInfo() PeerInfo {
panic("peerInfo called on httpConn")
}
func (hc *httpConn) remoteAddr() string {
return hc.url
}
func (hc *httpConn) readBatch() ([]*jsonrpcMessage, bool, error) {
<-hc.closeCh
return nil, false, io.EOF
}
func (hc *httpConn) close() {
hc.closeOnce.Do(func() { close(hc.closeCh) })
}
func (hc *httpConn) closed() <-chan any {
return hc.closeCh
}
// HTTPTimeouts represents the configuration params for the HTTP RPC server.
type HTTPTimeouts struct {
// ReadTimeout is the maximum duration for reading the entire
// request, including the body.
//
// Because ReadTimeout does not let Handlers make per-request
// decisions on each request body's acceptable deadline or
// upload rate, most users will prefer to use
// ReadHeaderTimeout. It is valid to use them both.
ReadTimeout time.Duration
// WriteTimeout is the maximum duration before timing out
// writes of the response. It is reset whenever a new
// request's header is read. Like ReadTimeout, it does not
// let Handlers make decisions on a per-request basis.
WriteTimeout time.Duration
// IdleTimeout is the maximum amount of time to wait for the
// next request when keep-alives are enabled. If IdleTimeout
// is zero, the value of ReadTimeout is used. If both are
// zero, ReadHeaderTimeout is used.
IdleTimeout time.Duration
}
// DefaultHTTPTimeouts represents the default timeout values used if further
// configuration is not provided.
var DefaultHTTPTimeouts = HTTPTimeouts{
ReadTimeout: 30 * time.Second,
WriteTimeout: 30 * time.Second,
IdleTimeout: 120 * time.Second,
}
// DialHTTPWithClient creates a new RPC client that connects to an RPC server over HTTP
// using the provided HTTP Client.
func DialHTTPWithClient(endpoint string, client *http.Client) (*Client, error) {
// Sanity check URL so we don't end up with a client that will fail every request.
_, err := url.Parse(endpoint)
if err != nil {
return nil, err
}
initctx := context.Background()
headers := make(http.Header, 2)
headers.Set("accept", contentType)
headers.Set("content-type", contentType)
return newClient(initctx, func(context.Context) (ServerCodec, error) {
hc := &httpConn{
client: client,
headers: headers,
url: endpoint,
closeCh: make(chan any),
}
return hc, nil
})
}
// DialHTTP creates a new RPC client that connects to an RPC server over HTTP.
func DialHTTP(endpoint string) (*Client, error) {
return DialHTTPWithClient(endpoint, new(http.Client))
}
func (c *Client) sendHTTP(ctx context.Context, op *requestOp, msg any) error {
hc := c.writeConn.(*httpConn)
respBody, err := hc.doRequest(ctx, msg)
if err != nil {
return err
}
defer respBody.Close()
var respmsg jsonrpcMessage
if err := json.NewDecoder(respBody).Decode(&respmsg); err != nil {
return err
}
op.resp <- &respmsg
return nil
}
func (c *Client) sendBatchHTTP(ctx context.Context, op *requestOp, msgs []*jsonrpcMessage) error {
hc := c.writeConn.(*httpConn)
respBody, err := hc.doRequest(ctx, msgs)
if err != nil {
return err
}
defer respBody.Close()
var respmsgs []jsonrpcMessage
if err := json.NewDecoder(respBody).Decode(&respmsgs); err != nil {
return err
}
for i := 0; i < len(respmsgs); i++ {
op.resp <- &respmsgs[i]
}
return nil
}
func (hc *httpConn) doRequest(ctx context.Context, msg any) (io.ReadCloser, error) {
body, err := jzon.Marshal(msg)
if err != nil {
return nil, err
}
req, err := http.NewRequestWithContext(ctx, "POST", hc.url, io.NopCloser(bytes.NewReader(body)))
if err != nil {
return nil, err
}
req.ContentLength = int64(len(body))
req.GetBody = func() (io.ReadCloser, error) { return io.NopCloser(bytes.NewReader(body)), nil }
// set headers
hc.mu.Lock()
req.Header = hc.headers.Clone()
hc.mu.Unlock()
// do request
resp, err := hc.client.Do(req)
if err != nil {
return nil, err
}
if resp.StatusCode < 200 || resp.StatusCode >= 300 {
var buf bytes.Buffer
var body []byte
if _, err := buf.ReadFrom(resp.Body); err == nil {
body = buf.Bytes()
}
return nil, HTTPError{
Status: resp.Status,
StatusCode: resp.StatusCode,
Body: body,
}
}
return resp.Body, nil
}
// httpServerConn turns a HTTP connection into a Conn.
type httpServerConn struct {
io.Reader
io.Writer
jc ServerCodec
r *http.Request
w http.ResponseWriter
pi PeerInfo
}
func newHTTPServerConn(r *http.Request, w http.ResponseWriter) ServerCodec {
c := &httpServerConn{Writer: w, r: r}
// if the request is a GET request, and the body is empty, we turn the request into fake json rpc request, see below
// https://www.jsonrpc.org/historical/json-rpc-over-http.html#encoded-parameters
// we however allow for non base64 encoded parameters to be passed
if r.Method == http.MethodGet {
// default id 1
id := `1`
id_up := r.URL.Query().Get("id")
if id_up != "" {
id = id_up
}
method_up := r.URL.Query().Get("method")
params, _ := url.QueryUnescape(r.URL.Query().Get("params"))
param := []byte(params)
if pb, err := base64.URLEncoding.DecodeString(params); err == nil {
param = pb
}
buf := bufpool.GetStd()
jzon.NewEncoder(buf).Encode(jsonrpcMessage{
ID: NewStringIDPtr(id),
Method: method_up,
Params: param,
})
c.Reader = buf
} else {
// it's a post request or whatever, so just process it like normal
c.Reader = io.LimitReader(r.Body, maxRequestContentLength)
}
connInfo := PeerInfo{
Transport: "http",
HTTP: HttpInfo{
Version: c.r.Proto,
UserAgent: c.r.UserAgent(),
Origin: c.r.Header.Get("Origin"),
Host: c.r.Host,
Headers: c.r.Header,
},
}
if c.w != nil {
connInfo.HTTP.WriteHeaders = c.w.Header()
}
connInfo.HTTP.Origin = c.r.Header.Get("X-Real-Ip")
if connInfo.HTTP.Origin == "" {
connInfo.HTTP.Origin = c.r.Header.Get("X-Forwarded-For")
}
if connInfo.HTTP.Origin == "" {
connInfo.HTTP.Origin = c.r.Header.Get("Origin")
}
connInfo.RemoteAddr = connInfo.HTTP.Origin
c.pi = connInfo
c.jc = NewCodec(c)
return c
}
func (c *httpServerConn) peerInfo() PeerInfo {
return c.pi
}
func (c *httpServerConn) readBatch() (messages []*jsonrpcMessage, batch bool, err error) {
return c.jc.readBatch()
}
func (c *httpServerConn) writeJSON(ctx context.Context, v any) error {
return c.jc.writeJSON(ctx, v)
}
func (c *httpServerConn) close() {
c.jc.close()
}
// Closed returns a channel which will be closed when Close is called
func (c *httpServerConn) closed() <-chan any {
return c.jc.closed()
}
// Close does nothing and always returns nil.
func (t *httpServerConn) Close() error { return nil }
func (c *httpServerConn) remoteAddr() string {
return c.RemoteAddr()
}
// RemoteAddr returns the peer address of the underlying connection.
func (t *httpServerConn) RemoteAddr() string {
return t.peerInfo().RemoteAddr
}
// SetWriteDeadline does nothing and always returns nil.
func (t *httpServerConn) SetWriteDeadline(time.Time) error { return nil }
type WebsocketServer struct {
s *Server
}
func (s *WebsocketServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if isWebsocket(r) {
s.s.WebsocketHandler([]string{"*"}).ServeHTTP(w, r)
return
}
s.s.ServeHTTP(w, r)
}
func isWebsocket(r *http.Request) bool {
return strings.EqualFold(r.Header.Get("Upgrade"), "websocket") &&
strings.Contains(strings.ToLower(r.Header.Get("Connection")), "upgrade")
}
// ServeHTTP serves JSON-RPC requests over HTTP.
func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// Permit dumb empty requests for remote health-checks (AWS)
if r.Method == http.MethodGet && r.ContentLength == 0 && r.URL.RawQuery == "" {
w.WriteHeader(http.StatusOK)
return
}
if code, err := validateRequest(r); err != nil {
http.Error(w, err.Error(), code)
return
}
// Create request-scoped context.
connInfo := PeerInfo{Transport: "http", RemoteAddr: r.RemoteAddr}
connInfo.HTTP.Version = r.Proto
connInfo.HTTP.Host = r.Host
connInfo.HTTP.Origin = r.Header.Get("X-Real-Ip")
if connInfo.HTTP.Origin == "" {
connInfo.HTTP.Origin = r.Header.Get("X-Forwarded-For")
}
connInfo.HTTP.UserAgent = r.Header.Get("User-Agent")
// the headers used
connInfo.HTTP.Headers = r.Header
ctx := r.Context()
ctx = context.WithValue(ctx, peerInfoContextKey{}, connInfo)
// All checks passed, create a codec that reads directly from the request body
// until EOF, writes the response to w, and orders the server to process a
// single request.
w.Header().Set("content-type", contentType)
codec := newHTTPServerConn(r, w)
defer codec.close()
s.serveSingleRequest(ctx, codec)
}
// validateRequest returns a non-zero response code and error message if the
// request is invalid.
func validateRequest(r *http.Request) (int, error) {
if r.Method == http.MethodPut || r.Method == http.MethodDelete {
return http.StatusMethodNotAllowed, errors.New("method not allowed")
}
if r.ContentLength > maxRequestContentLength {
err := fmt.Errorf("content length too large (%d>%d)", r.ContentLength, maxRequestContentLength)
return http.StatusRequestEntityTooLarge, err
}
// Allow OPTIONS (regardless of content-type)
if r.Method == http.MethodOptions {
return 0, nil
}
// Check content-type
if mt, _, err := mime.ParseMediaType(r.Header.Get("content-type")); err == nil {
for _, accepted := range acceptedContentTypes {
if accepted == mt {
return 0, nil
}
}
}
// Invalid content-type ignored for now
return 0, nil
//err := fmt.Errorf("invalid content type, only %s is supported", contentType)
//return http.StatusUnsupportedMediaType, err
}