From 9460f827385d7fc6cf05893c4b580b40631a70d8 Mon Sep 17 00:00:00 2001 From: Virgil Date: Sun, 5 Apr 2026 00:21:42 +0000 Subject: [PATCH] Align monitoring route handling --- http_auth_test.go | 49 ++++++++++++++++++++++++++++++++++++++++++++ state_impl.go | 52 ++++++++++++++++++++--------------------------- 2 files changed, 71 insertions(+), 30 deletions(-) diff --git a/http_auth_test.go b/http_auth_test.go index 3c502d7..b7480dc 100644 --- a/http_auth_test.go +++ b/http_auth_test.go @@ -3,6 +3,7 @@ package proxy import ( "net" "net/http" + "net/http/httptest" "strconv" "testing" ) @@ -157,3 +158,51 @@ func TestProxy_startHTTP_Bad(t *testing.T) { t.Fatal("expected HTTP server start to fail when the port is already in use") } } + +func TestProxy_registerMonitoringRoute_MethodNotAllowed_Bad(t *testing.T) { + p := &Proxy{ + config: &Config{ + HTTP: HTTPConfig{ + Restricted: true, + }, + }, + } + + mux := http.NewServeMux() + p.registerMonitoringRoute(mux, "/1/summary", func() any { return map[string]string{"status": "ok"} }) + + request := httptest.NewRequest(http.MethodPost, "/1/summary", nil) + recorder := httptest.NewRecorder() + mux.ServeHTTP(recorder, request) + + if recorder.Code != http.StatusMethodNotAllowed { + t.Fatalf("expected %d, got %d", http.StatusMethodNotAllowed, recorder.Code) + } + if got := recorder.Header().Get("Allow"); got != http.MethodGet { + t.Fatalf("expected Allow header %q, got %q", http.MethodGet, got) + } +} + +func TestProxy_registerMonitoringRoute_Unauthorized_Ugly(t *testing.T) { + p := &Proxy{ + config: &Config{ + HTTP: HTTPConfig{ + AccessToken: "secret", + }, + }, + } + + mux := http.NewServeMux() + p.registerMonitoringRoute(mux, "/1/summary", func() any { return map[string]string{"status": "ok"} }) + + request := httptest.NewRequest(http.MethodGet, "/1/summary", nil) + recorder := httptest.NewRecorder() + mux.ServeHTTP(recorder, request) + + if recorder.Code != http.StatusUnauthorized { + t.Fatalf("expected %d, got %d", http.StatusUnauthorized, recorder.Code) + } + if got := recorder.Header().Get("WWW-Authenticate"); got != "Bearer" { + t.Fatalf("expected WWW-Authenticate header %q, got %q", "Bearer", got) + } +} diff --git a/state_impl.go b/state_impl.go index ffe467e..2a33e4a 100644 --- a/state_impl.go +++ b/state_impl.go @@ -597,36 +597,9 @@ func (p *Proxy) startMonitoringServer() bool { return false } mux := http.NewServeMux() - mux.HandleFunc("/1/summary", func(w http.ResponseWriter, r *http.Request) { - if status, ok := p.allowMonitoringRequest(r); !ok { - if status == http.StatusUnauthorized { - w.Header().Set("WWW-Authenticate", "Bearer") - } - w.WriteHeader(status) - return - } - p.writeJSONResponse(w, p.SummaryDocument()) - }) - mux.HandleFunc("/1/workers", func(w http.ResponseWriter, r *http.Request) { - if status, ok := p.allowMonitoringRequest(r); !ok { - if status == http.StatusUnauthorized { - w.Header().Set("WWW-Authenticate", "Bearer") - } - w.WriteHeader(status) - return - } - p.writeJSONResponse(w, p.WorkersDocument()) - }) - mux.HandleFunc("/1/miners", func(w http.ResponseWriter, r *http.Request) { - if status, ok := p.allowMonitoringRequest(r); !ok { - if status == http.StatusUnauthorized { - w.Header().Set("WWW-Authenticate", "Bearer") - } - w.WriteHeader(status) - return - } - p.writeJSONResponse(w, p.MinersDocument()) - }) + p.registerMonitoringRoute(mux, "/1/summary", func() any { return p.SummaryDocument() }) + p.registerMonitoringRoute(mux, "/1/workers", func() any { return p.WorkersDocument() }) + p.registerMonitoringRoute(mux, "/1/miners", func() any { return p.MinersDocument() }) addr := net.JoinHostPort(p.config.HTTP.Host, strconv.Itoa(int(p.config.HTTP.Port))) listener, err := net.Listen("tcp", addr) if err != nil { @@ -642,6 +615,25 @@ func (p *Proxy) startMonitoringServer() bool { return true } +func (p *Proxy) registerMonitoringRoute(mux *http.ServeMux, pattern string, renderDocument func() any) { + if p == nil || mux == nil || renderDocument == nil { + return + } + mux.HandleFunc(pattern, func(w http.ResponseWriter, r *http.Request) { + if status, ok := p.allowMonitoringRequest(r); !ok { + switch status { + case http.StatusUnauthorized: + w.Header().Set("WWW-Authenticate", "Bearer") + case http.StatusMethodNotAllowed: + w.Header().Set("Allow", http.MethodGet) + } + w.WriteHeader(status) + return + } + p.writeJSONResponse(w, renderDocument()) + }) +} + func (p *Proxy) allowMonitoringRequest(r *http.Request) (int, bool) { if p == nil || p.config == nil { return http.StatusServiceUnavailable, false