X-Git-Url: http://git.cielonegro.org/gitweb.cgi?a=blobdiff_plain;f=Network%2FHTTP%2FLucu%2FResource.hs;h=01b61813971e9e1ce4ba80e18ed374e400a5ce5a;hb=ea2b7838f1b3d9d4923a220a601be2e04cc559d7;hp=d87e509b89d479ffcd39b97d58e0c01724bcb337;hpb=86ea98d8307ddc687696896a91bed9a05cbeb783;p=Lucu.git diff --git a/Network/HTTP/Lucu/Resource.hs b/Network/HTTP/Lucu/Resource.hs index d87e509..01b6181 100644 --- a/Network/HTTP/Lucu/Resource.hs +++ b/Network/HTTP/Lucu/Resource.hs @@ -1,6 +1,15 @@ +{-# LANGUAGE + GeneralizedNewtypeDeriving + , DoAndIfThenElse + , OverloadedStrings + , RecordWildCards + , UnicodeSyntax + #-} + -- |This is the Resource Monad; monadic actions to define the behavior --- of each resources. The 'Resource' Monad is a kind of IO Monad thus --- it implements MonadIO class. It is also a state machine. +-- of each resources. The 'Resource' Monad is a kind of 'Prelude.IO' +-- Monad thus it implements 'Control.Monad.Trans.MonadIO' class. It is +-- also a state machine. -- -- Request Processing Flow: -- @@ -57,8 +66,10 @@ module Network.HTTP.Lucu.Resource ( - -- * Monad - Resource + -- * Types + Resource + , FormData(..) + , runRes -- * Actions @@ -67,14 +78,23 @@ module Network.HTTP.Lucu.Resource -- |These actions can be computed regardless of the current state, -- and they don't change the state. , getConfig + , getRemoteAddr + , getRemoteAddr' + , getRemoteHost + , getRemoteCertificate , getRequest , getMethod , getRequestURI + , getRequestVersion , getResourcePath , getPathInfo + , getQueryForm , getHeader , getAccept + , getAcceptEncoding + , isEncodingAcceptable , getContentType + , getAuthorization -- ** Finding an entity @@ -92,8 +112,6 @@ module Network.HTTP.Lucu.Resource -- Body/. , input , inputChunk - , inputBS - , inputChunkBS , inputForm , defaultLimit @@ -105,6 +123,9 @@ module Network.HTTP.Lucu.Resource , setHeader , redirect , setContentType + , setLocation + , setContentEncoding + , setWWWAuthenticate -- ** Writing a response body @@ -112,63 +133,121 @@ module Network.HTTP.Lucu.Resource -- Body/. , output , outputChunk - , outputBS - , outputChunkBS - , driftTo + , driftTo -- private ) where - -import Control.Concurrent.STM -import Control.Monad.Reader -import qualified Data.ByteString.Lazy.Char8 as B -import Data.ByteString.Lazy.Char8 (ByteString) -import Data.List -import Data.Maybe -import GHC.Conc (unsafeIOToSTM) -import Network.HTTP.Lucu.Abortion -import Network.HTTP.Lucu.Config -import Network.HTTP.Lucu.DefaultPage -import Network.HTTP.Lucu.ETag +import Blaze.ByteString.Builder (Builder) +import qualified Blaze.ByteString.Builder.ByteString as BB +import Control.Applicative +import Control.Concurrent.STM +import Control.Monad.Reader +import Control.Monad.Unicode +import Data.Ascii (Ascii, CIAscii) +import qualified Data.Ascii as A +import qualified Data.Attoparsec.Char8 as P +import qualified Data.Attoparsec.Lazy as LP +import Data.ByteString (ByteString) +import qualified Data.ByteString as Strict +import qualified Data.ByteString.Lazy as Lazy +import Data.Foldable (toList) +import Data.List +import qualified Data.Map as M +import Data.Maybe +import Data.Monoid +import Data.Monoid.Unicode +import Data.Sequence (Seq) +import Data.Text (Text) +import qualified Data.Text as T +import qualified Data.Text.Encoding as T +import Data.Time +import qualified Data.Time.HTTP as HTTP +import Network.HTTP.Lucu.Abortion +import Network.HTTP.Lucu.Authorization +import Network.HTTP.Lucu.Config +import Network.HTTP.Lucu.ContentCoding +import Network.HTTP.Lucu.DefaultPage +import Network.HTTP.Lucu.ETag import qualified Network.HTTP.Lucu.Headers as H -import Network.HTTP.Lucu.HttpVersion -import Network.HTTP.Lucu.Interaction -import Network.HTTP.Lucu.Parser -import Network.HTTP.Lucu.Postprocess -import Network.HTTP.Lucu.RFC1123DateTime -import Network.HTTP.Lucu.Request -import Network.HTTP.Lucu.Response -import Network.HTTP.Lucu.MIMEType -import Network.HTTP.Lucu.Utils -import Network.URI -import System.Time - --- |The 'Resource' monad. /Interaction/ is an internal state thus it --- is not exposed to users. This monad implements 'MonadIO' so it can --- do any IO actions. -type Resource a = ReaderT Interaction IO a - --- |Get the 'Network.HTTP.Lucu.Config.Config' value which is used for --- the httpd. -getConfig :: Resource Config -getConfig = do itr <- ask - return $ itrConfig itr - --- |Get the 'Network.HTTP.Lucu.Request.Request' value which represents --- the request header. In general you don't have to use this action. -getRequest :: Resource Request -getRequest = do itr <- ask - return $ fromJust $ itrRequest itr - --- |Get the 'Network.HTTP.Lucu.Request.Method' value of the request. -getMethod :: Resource Method -getMethod = do req <- getRequest - return $ reqMethod req +import Network.HTTP.Lucu.HttpVersion +import Network.HTTP.Lucu.Interaction +import Network.HTTP.Lucu.MultipartForm +import Network.HTTP.Lucu.Postprocess +import Network.HTTP.Lucu.Request +import Network.HTTP.Lucu.Response +import Network.HTTP.Lucu.MIMEType +import Network.HTTP.Lucu.Utils +import Network.Socket hiding (accept) +import Network.URI hiding (path) +import OpenSSL.X509 +import Prelude.Unicode + +-- |The 'Resource' monad. This monad implements 'MonadIO' so it can do +-- any 'IO' actions. +newtype Resource a + = Resource { + unRes ∷ ReaderT Interaction IO a + } + deriving (Applicative, Functor, Monad, MonadIO) + +runRes ∷ Resource a → Interaction → IO a +runRes r itr + = runReaderT (unRes r) itr + +getInteraction ∷ Resource Interaction +getInteraction = Resource ask + +-- |Get the 'Config' value which is used for the httpd. +getConfig ∷ Resource Config +getConfig = itrConfig <$> getInteraction + +-- |Get the 'SockAddr' of the remote host. If you want a string +-- representation instead of 'SockAddr', use 'getRemoteAddr''. +getRemoteAddr ∷ Resource SockAddr +getRemoteAddr = itrRemoteAddr <$> getInteraction + +-- |Get the string representation of the address of remote host. If +-- you want a 'SockAddr' instead of 'String', use 'getRemoteAddr'. +getRemoteAddr' ∷ Resource HostName +getRemoteAddr' + = do sa ← getRemoteAddr + (Just a, _) ← liftIO $ getNameInfo [NI_NUMERICHOST] False False sa + return a + +-- |Resolve an address to the remote host. +getRemoteHost ∷ Resource (Maybe HostName) +getRemoteHost + = do sa ← getRemoteAddr + fst <$> (liftIO $ getNameInfo [] True False sa) + +-- | Return the X.509 certificate of the client, or 'Nothing' if: +-- +-- * This request didn't came through an SSL stream. +-- +-- * The client didn't send us its certificate. +-- +-- * The 'OpenSSL.Session.VerificationMode' of +-- 'OpenSSL.Session.SSLContext' in 'SSLConfig' has not been set to +-- 'OpenSSL.Session.VerifyPeer'. +getRemoteCertificate ∷ Resource (Maybe X509) +getRemoteCertificate = itrRemoteCert <$> getInteraction + +-- |Get the 'Request' value which represents the request header. In +-- general you don't have to use this action. +getRequest ∷ Resource Request +getRequest = (fromJust ∘ itrRequest) <$> getInteraction + +-- |Get the 'Method' value of the request. +getMethod ∷ Resource Method +getMethod = reqMethod <$> getRequest -- |Get the URI of the request. -getRequestURI :: Resource URI -getRequestURI = do req <- getRequest - return $ reqURI req +getRequestURI ∷ Resource URI +getRequestURI = reqURI <$> getRequest + +-- |Get the HTTP version of the request. +getRequestVersion ∷ Resource HttpVersion +getRequestVersion = reqVersion <$> getRequest -- |Get the path of this 'Resource' (to be exact, -- 'Network.HTTP.Lucu.Resource.Tree.ResourceDef') in the @@ -183,28 +262,27 @@ getRequestURI = do req <- getRequest -- > -- > resFoo = ResourceDef { -- > resIsGreedy = True --- > , resGet = Just $ do requestURI <- getRequestURI --- > resourcePath <- getResourcePath --- > pathInfo <- getPathInfo +-- > , resGet = Just $ do requestURI ← getRequestURI +-- > resourcePath ← getResourcePath +-- > pathInfo ← getPathInfo -- > -- uriPath requestURI == "/foo/bar/baz" -- > -- resourcePath == ["foo"] -- > -- pathInfo == ["bar", "baz"] -- > ... -- > , ... -- > } -getResourcePath :: Resource [String] -getResourcePath = do itr <- ask - return $ fromJust $ itrResourcePath itr - - --- |This is an analogy of CGI PATH_INFO. Its result is always @[]@ if --- the 'Network.HTTP.Lucu.Resource.Tree.ResourceDef' is not --- greedy. See 'getResourcePath'. -getPathInfo :: Resource [String] -getPathInfo = do rsrcPath <- getResourcePath - reqURI <- getRequestURI - let reqPathStr = uriPath reqURI - reqPath = [x | x <- splitBy (== '/') reqPathStr, x /= ""] +getResourcePath ∷ Resource [Text] +getResourcePath = (fromJust ∘ itrResourcePath) <$> getInteraction + +-- |This is an analogy of CGI PATH_INFO. The result is +-- URI-unescaped. It is always @[]@ if the +-- 'Network.HTTP.Lucu.Resource.Tree.ResourceDef' is not greedy. See +-- 'getResourcePath'. +-- +-- Note that the returned path is URI-decoded and then UTF-8 decoded. +getPathInfo ∷ Resource [Text] +getPathInfo = do rsrcPath ← getResourcePath + reqPath ← splitPathInfo <$> getRequestURI -- rsrcPath と reqPath の共通する先頭部分を reqPath か -- ら全部取り除くと、それは PATH_INFO のやうなものにな -- る。rsrcPath は全部一致してゐるに決まってゐる(でな @@ -212,36 +290,127 @@ getPathInfo = do rsrcPath <- getResourcePath -- rsrcPath の長さの分だけ削除すれば良い。 return $ drop (length rsrcPath) reqPath +-- |Assume the query part of request URI as +-- application\/x-www-form-urlencoded, and parse it to pairs of +-- @(name, formData)@. This action doesn't parse the request body. See +-- 'inputForm'. Field names are decoded in UTF-8. +getQueryForm ∷ Resource [(Text, FormData)] +getQueryForm = parse' <$> getRequestURI + where + parse' = map toPairWithFormData ∘ + parseWWWFormURLEncoded ∘ + fromJust ∘ + A.fromChars ∘ + drop 1 ∘ + uriQuery + +toPairWithFormData ∷ (ByteString, ByteString) → (Text, FormData) +toPairWithFormData (name, value) + = let fd = FormData { + fdFileName = Nothing + , fdContent = Lazy.fromChunks [value] + } + in (T.decodeUtf8 name, fd) + -- |Get a value of given request header. Comparison of header name is -- case-insensitive. Note that this action is not intended to be used --- so frequently: there should be an action like 'getContentType' for +-- so frequently: there should be actions like 'getContentType' for -- every common headers. -getHeader :: String -> Resource (Maybe String) -getHeader name = do itr <- ask - return $ H.getHeader name $ fromJust $ itrRequest itr - --- |Get a list of 'Network.HTTP.Lucu.MIMEType.MIMEType' enumerated on --- header \"Accept\". -getAccept :: Resource [MIMEType] -getAccept = do accept <- getHeader "Accept" - if accept == Nothing then - return [] - else - case parseStr mimeTypeListP $ fromJust accept of - (Success xs, _) -> return xs - _ -> return [] - --- |Get the header \"Content-Type\" as --- 'Network.HTTP.Lucu.MIMEType.MIMEType'. -getContentType :: Resource (Maybe MIMEType) -getContentType = do cType <- getHeader "Content-Type" - if cType == Nothing then - return Nothing - else - case parseStr mimeTypeP $ fromJust cType of - (Success t, _) -> return $ Just t - _ -> return Nothing +getHeader ∷ CIAscii → Resource (Maybe Ascii) +getHeader name + = H.getHeader name <$> getRequest + +-- |Get a list of 'MIMEType' enumerated on header \"Accept\". +getAccept ∷ Resource [MIMEType] +getAccept + = do acceptM ← getHeader "Accept" + case acceptM of + Nothing + → return [] + Just accept + → case P.parseOnly p (A.toByteString accept) of + Right xs → return xs + Left _ → abort BadRequest [] + (Just $ "Unparsable Accept: " ⊕ A.toText accept) + where + p = do xs ← mimeTypeListP + P.endOfInput + return xs + +-- |Get a list of @(contentCoding, qvalue)@ enumerated on header +-- \"Accept-Encoding\". The list is sorted in descending order by +-- qvalue. +getAcceptEncoding ∷ Resource [(CIAscii, Maybe Double)] +getAcceptEncoding + = do accEncM ← getHeader "Accept-Encoding" + case accEncM of + Nothing + -- HTTP/1.0 には Accept-Encoding が無い場合の規定が無い + -- ので安全の爲 identity が指定された事にする。HTTP/1.1 + -- の場合は何でも受け入れて良い事になってゐるので "*" が + -- 指定された事にする。 + → do ver ← getRequestVersion + case ver of + HttpVersion 1 0 → return [("identity", Nothing)] + HttpVersion 1 1 → return [("*" , Nothing)] + _ → abort InternalServerError [] + (Just "getAcceptEncoding: unknown HTTP version") + Just ae + → if ae ≡ "" then + -- identity のみが許される。 + return [("identity", Nothing)] + else + case P.parseOnly p (A.toByteString ae) of + Right xs → return $ map toTuple $ reverse $ sort xs + Left _ → abort BadRequest [] + (Just $ "Unparsable Accept-Encoding: " ⊕ A.toText ae) + where + p = do xs ← acceptEncodingListP + P.endOfInput + return xs + + toTuple (AcceptEncoding {..}) + = (aeEncoding, aeQValue) +-- |Check whether a given content-coding is acceptable. +isEncodingAcceptable ∷ CIAscii → Resource Bool +isEncodingAcceptable encoding = any f <$> getAcceptEncoding + where + f (e, q) + = (e ≡ "*" ∨ e ≡ encoding) ∧ q ≢ Just 0 + +-- |Get the header \"Content-Type\" as 'MIMEType'. +getContentType ∷ Resource (Maybe MIMEType) +getContentType + = do cTypeM ← getHeader "Content-Type" + case cTypeM of + Nothing + → return Nothing + Just cType + → case P.parseOnly p (A.toByteString cType) of + Right t → return $ Just t + Left _ → abort BadRequest [] + (Just $ "Unparsable Content-Type: " ⊕ A.toText cType) + where + p = do t ← mimeTypeP + P.endOfInput + return t + +-- |Get the header \"Authorization\" as 'AuthCredential'. +getAuthorization ∷ Resource (Maybe AuthCredential) +getAuthorization + = do authM ← getHeader "Authorization" + case authM of + Nothing + → return Nothing + Just auth + → case P.parseOnly p (A.toByteString auth) of + Right ac → return $ Just ac + Left _ → return Nothing + where + p = do ac ← authCredentialP + P.endOfInput + return ac {- ExaminingRequest 時に使用するアクション群 -} @@ -249,7 +418,7 @@ getContentType = do cType <- getHeader "Content-Type" -- |Tell the system that the 'Resource' found an entity for the -- request URI. If this is a GET or HEAD request, a found entity means -- a datum to be replied. If this is a PUT or DELETE request, it means --- a datum which was stored for the URI up to now. It is an error to +-- a datum which was stored for the URI until now. It is an error to -- compute 'foundEntity' if this is a POST request. -- -- Computation of 'foundEntity' performs \"If-Match\" test or @@ -260,16 +429,16 @@ getContentType = do cType <- getHeader "Content-Type" -- -- If this is a GET or HEAD request, 'foundEntity' automatically puts -- \"ETag\" and \"Last-Modified\" headers into the response. -foundEntity :: ETag -> ClockTime -> Resource () +foundEntity ∷ ETag → UTCTime → Resource () foundEntity tag timeStamp = do driftTo ExaminingRequest - method <- getMethod - when (method == GET || method == HEAD) - $ setHeader' "Last-Modified" $ formatHTTPDateTime timeStamp - when (method == POST) - $ abort InternalServerError [] - (Just "Illegal computation of foundEntity for POST request.") + method ← getMethod + when (method ≡ GET ∨ method ≡ HEAD) + $ setHeader' "Last-Modified" (HTTP.toAscii timeStamp) + when (method ≡ POST) + $ abort InternalServerError [] + (Just "Illegal computation of foundEntity for a POST request.") foundETag tag driftTo GettingBody @@ -279,50 +448,63 @@ foundEntity tag timeStamp -- 'foundETag' doesn't (and can't) put \"Last-Modified\" header into -- the response. -- --- This action is not preferred. You should use 'foundEntity' when +-- This action is not preferred. You should use 'foundEntity' whenever -- possible. -foundETag :: ETag -> Resource () +foundETag ∷ ETag → Resource () foundETag tag = do driftTo ExaminingRequest - method <- getMethod - when (method == GET || method == HEAD) - $ setHeader' "ETag" $ show tag - when (method == POST) - $ abort InternalServerError [] - (Just "Illegal computation of foundETag for POST request.") + method ← getMethod + when (method ≡ GET ∨ method ≡ HEAD) + $ setHeader' "ETag" (printETag tag) + when (method ≡ POST) + $ abort InternalServerError [] + (Just "Illegal computation of foundETag for POST request.") -- If-Match があればそれを見る。 - ifMatch <- getHeader "If-Match" + ifMatch ← getHeader "If-Match" case ifMatch of - Nothing -> return () - Just "*" -> return () - Just list -> case parseStr eTagListP list of - (Success tags, _) - -- tags の中に一致するものが無ければ - -- PreconditionFailed で終了。 - -> when (not $ any (== tag) tags) - $ abort PreconditionFailed [] - $ Just ("The entity tag doesn't match: " ++ list) - _ -> abort BadRequest [] $ Just ("Unparsable If-Match: " ++ fromJust ifMatch) - - let statusForNoneMatch = if method == GET || method == HEAD then - NotModified - else - PreconditionFailed + Nothing → return () + Just value → if value ≡ "*" then + return () + else + case P.parseOnly p (A.toByteString value) of + Right tags + -- tags の中に一致するものが無ければ + -- PreconditionFailed で終了。 + → when ((¬) (any (≡ tag) tags)) + $ abort PreconditionFailed [] + (Just $ "The entity tag doesn't match: " ⊕ A.toText value) + Left _ + → abort BadRequest [] (Just $ "Unparsable If-Match: " ⊕ A.toText value) + + let statusForNoneMatch + = if method ≡ GET ∨ method ≡ HEAD then + NotModified + else + PreconditionFailed -- If-None-Match があればそれを見る。 - ifNoneMatch <- getHeader "If-None-Match" + ifNoneMatch ← getHeader "If-None-Match" case ifNoneMatch of - Nothing -> return () - Just "*" -> abort statusForNoneMatch [] $ Just ("The entity tag matches: *") - Just list -> case parseStr eTagListP list of - (Success tags, _) - -> when (any (== tag) tags) - $ abort statusForNoneMatch [] $ Just ("The entity tag matches: " ++ list) - _ -> abort BadRequest [] $ Just ("Unparsable If-None-Match: " ++ list) + Nothing → return () + Just value → if value ≡ "*" then + abort statusForNoneMatch [] (Just "The entity tag matches: *") + else + case P.parseOnly p (A.toByteString value) of + Right tags + → when (any (≡ tag) tags) + $ abort statusForNoneMatch [] + (Just $ "The entity tag matches: " ⊕ A.toText value) + Left _ + → abort BadRequest [] + (Just $ "Unparsable If-None-Match: " ⊕ A.toText value) driftTo GettingBody + where + p = do xs ← eTagListP + P.endOfInput + return xs -- |Tell the system that the 'Resource' found an entity for the -- request URI. The only difference from 'foundEntity' is that @@ -332,334 +514,400 @@ foundETag tag -- modification time are unsafe because it is possible to mess up such -- tests by modifying the entity twice in a second. -- --- This action is not preferred. You should use 'foundEntity' when +-- This action is not preferred. You should use 'foundEntity' whenever -- possible. -foundTimeStamp :: ClockTime -> Resource () +foundTimeStamp ∷ UTCTime → Resource () foundTimeStamp timeStamp = do driftTo ExaminingRequest - method <- getMethod - when (method == GET || method == HEAD) - $ setHeader' "Last-Modified" $ formatHTTPDateTime timeStamp - when (method == POST) - $ abort InternalServerError [] - (Just "Illegal computation of foundTimeStamp for POST request.") + method ← getMethod + when (method ≡ GET ∨ method ≡ HEAD) + $ setHeader' "Last-Modified" (HTTP.toAscii timeStamp) + when (method ≡ POST) + $ abort InternalServerError [] + (Just "Illegal computation of foundTimeStamp for POST request.") - let statusForIfModSince = if method == GET || method == HEAD then - NotModified - else - PreconditionFailed + let statusForIfModSince + = if method ≡ GET ∨ method ≡ HEAD then + NotModified + else + PreconditionFailed -- If-Modified-Since があればそれを見る。 - ifModSince <- getHeader "If-Modified-Since" + ifModSince ← getHeader "If-Modified-Since" case ifModSince of - Just str -> case parseHTTPDateTime str of - Just lastTime - -> when (timeStamp <= lastTime) - $ abort statusForIfModSince [] - $ Just ("The entity has not been modified since " ++ str) - Nothing - -> return () -- 不正な時刻は無視 - Nothing -> return () + Just str → case HTTP.fromAscii str of + Right lastTime + → when (timeStamp ≤ lastTime) + $ abort statusForIfModSince [] + (Just $ "The entity has not been modified since " ⊕ A.toText str) + Left _ + → return () -- 不正な時刻は無視 + Nothing → return () -- If-Unmodified-Since があればそれを見る。 - ifUnmodSince <- getHeader "If-Unmodified-Since" + ifUnmodSince ← getHeader "If-Unmodified-Since" case ifUnmodSince of - Just str -> case parseHTTPDateTime str of - Just lastTime - -> when (timeStamp > lastTime) - $ abort PreconditionFailed [] - $ Just ("The entity has not been modified since " ++ str) - Nothing - -> return () -- 不正な時刻は無視 - Nothing -> return () + Just str → case HTTP.fromAscii str of + Right lastTime + → when (timeStamp > lastTime) + $ abort PreconditionFailed [] + (Just $ "The entity has not been modified since " ⊕ A.toText str) + Left _ + → return () -- 不正な時刻は無視 + Nothing → return () driftTo GettingBody --- |Computation of @'foundNoEntity' mStr@ tell the system that the +-- | Computation of @'foundNoEntity' mStr@ tells the system that the -- 'Resource' found no entity for the request URI. @mStr@ is an -- optional error message to be replied to the client. -- -- If this is a PUT request, 'foundNoEntity' performs \"If-Match\" -- test and aborts with status \"412 Precondition Failed\" when it --- failed. If this is a GET, HEAD or DELETE request, 'foundNoEntity' --- always aborts with status \"404 Not Found\". It is an error to --- compute 'foundNoEntity' if this is a POST request. -foundNoEntity :: Maybe String -> Resource () +-- failed. If this is a GET, HEAD, POST or DELETE request, +-- 'foundNoEntity' always aborts with status \"404 Not Found\". +foundNoEntity ∷ Maybe Text → Resource () foundNoEntity msgM = do driftTo ExaminingRequest - method <- getMethod - when (method == POST) - $ abort InternalServerError [] - (Just "Illegal computation of foundNoEntity for POST request.") - when (method /= PUT) - $ abort NotFound [] msgM + method ← getMethod + when (method ≢ PUT) + $ abort NotFound [] msgM -- エンティティが存在しないと云ふ事は、"*" も含めたどのやうな -- If-Match: 條件も滿たさない。 - ifMatch <- getHeader "If-Match" - when (ifMatch /= Nothing) - $ abort PreconditionFailed [] msgM + ifMatch ← getHeader "If-Match" + when (ifMatch ≢ Nothing) + $ abort PreconditionFailed [] msgM driftTo GettingBody {- GettingBody 時に使用するアクション群 -} -input :: Int -> Resource String -input limit = inputBS limit >>= return . B.unpack - - --- 多くとも limit バイトまでのリクエストボディ全體を受信する。limit が --- 零以下なら Config で設定されたデフォルトのボディ長により制限される。 -inputBS :: Int -> Resource ByteString -inputBS limit +-- | Computation of @'input' limit@ attempts to read the request body +-- up to @limit@ bytes, and then make the 'Resource' transit to +-- /Deciding Header/ state. When the actual size of body is larger +-- than @limit@ bytes, computation of 'Resource' immediately aborts +-- with status \"413 Request Entity Too Large\". When the request has +-- no body, 'input' returns an empty string. +-- +-- @limit@ may be less than or equal to zero. In this case, the +-- default limitation value ('cnfMaxEntityLength') is used. See +-- 'defaultLimit'. +-- +-- 'input' returns a 'Lazy.ByteString' but it's not really lazy: +-- reading from the socket just happens at the computation of 'input', +-- not at the evaluation of the 'Lazy.ByteString'. The same goes for +-- 'inputChunk'. +input ∷ Int → Resource Lazy.ByteString +input limit = do driftTo GettingBody - itr <- ask - hasBody <- liftIO $ atomically $ readItr itr itrRequestHasBody id - chunk <- if hasBody then - askForInput itr - else - do driftTo DecidingHeader - return B.empty + itr ← getInteraction + chunk ← if reqHasBody $ fromJust $ itrRequest itr then + askForInput itr + else + do driftTo DecidingHeader + return (∅) return chunk where - askForInput :: Interaction -> Resource ByteString - askForInput itr - = do let defaultLimit = cnfMaxEntityLength $ itrConfig itr - actualLimit = if limit <= 0 then - defaultLimit - else - limit - when (actualLimit <= 0) - $ fail ("inputBS: limit must be positive: " ++ show actualLimit) + askForInput ∷ Interaction → Resource Lazy.ByteString + askForInput (Interaction {..}) + = do let confLimit = cnfMaxEntityLength itrConfig + actualLimit = if limit ≤ 0 then + confLimit + else + limit + when (actualLimit ≤ 0) + $ fail ("inputLBS: limit must be positive: " ⧺ show actualLimit) -- Reader にリクエスト liftIO $ atomically - $ do chunkLen <- readItr itr itrReqChunkLength id - writeItr itr itrWillReceiveBody True - if fmap (> actualLimit) chunkLen == Just True then - -- 受信前から多過ぎる事が分かってゐる - tooLarge actualLimit - else - writeItr itr itrReqBodyWanted $ Just actualLimit - -- 應答を待つ。トランザクションを分けなければ當然デッドロック。 - chunk <- liftIO $ atomically - $ do chunk <- readItr itr itrReceivedBody id - chunkIsOver <- readItr itr itrReqChunkIsOver id - if B.length chunk < fromIntegral actualLimit then - -- 要求された量に滿たなくて、まだ殘り - -- があるなら再試行。 - unless chunkIsOver - $ retry - else - -- 制限値一杯まで讀むやうに指示したの - -- にまだ殘ってゐるなら、それは多過ぎ - -- る。 - unless chunkIsOver - $ tooLarge actualLimit - -- 成功。itr 内にチャンクを置いたままにす - -- るとメモリの無駄になるので除去。 - writeItr itr itrReceivedBody B.empty - return chunk + $ writeTVar itrReqBodyWanted actualLimit + -- 應答を待つ。トランザクションを分けなければ當然デッドロックする。 + chunk ← liftIO $ atomically + $ do chunkLen ← readTVar itrReceivedBodyLen + chunkIsOver ← readTVar itrReqChunkIsOver + if chunkLen < actualLimit then + -- 要求された量に滿たなくて、まだ殘りが + -- あるなら再試行。 + unless chunkIsOver + $ retry + else + -- 制限値一杯まで讀むやうに指示したのに + -- まだ殘ってゐるなら、それは多過ぎる。 + unless chunkIsOver + $ tooLarge actualLimit + -- 成功。itr 内にチャンクを置いたままにする + -- とメモリの無駄になるので除去。 + chunk ← seqToLBS <$> readTVar itrReceivedBody + writeTVar itrReceivedBody (∅) + writeTVar itrReceivedBodyLen 0 + return chunk + driftTo DecidingHeader return chunk - tooLarge :: Int -> STM () + tooLarge ∷ Int → STM () tooLarge lim = abortSTM RequestEntityTooLarge [] - $ Just ("Request body must be smaller than " - ++ show lim ++ " bytes.") - - -inputChunk :: Int -> Resource String -inputChunk limit = inputChunkBS limit >>= return . B.unpack - + (Just $ "Request body must be smaller than " + ⊕ T.pack (show lim) ⊕ " bytes.") --- 多くとも limit バイトまでのリクエストボディの一部を受信する。limit --- が 0 以下なら Config で設定されたデフォルトのボディ長により制限され --- る。これ以上ボディが殘ってゐなければ空文字列を返す。 -inputChunkBS :: Int -> Resource ByteString -inputChunkBS limit +seqToLBS ∷ Seq ByteString → Lazy.ByteString +{-# INLINE seqToLBS #-} +seqToLBS = Lazy.fromChunks ∘ toList + +-- | Computation of @'inputChunk' limit@ attempts to read a part of +-- request body up to @limit@ bytes. You can read any large request by +-- repeating computation of this action. When you've read all the +-- request body, 'inputChunk' returns an empty string and then make +-- the 'Resource' transit to /Deciding Header/ state. +-- +-- @limit@ may be less than or equal to zero. In this case, the +-- default limitation value ('cnfMaxEntityLength') is used. See +-- 'defaultLimit'. +-- +-- Note that 'inputChunkLBS' is more efficient than 'inputChunk' so you +-- should use it whenever possible. +inputChunk ∷ Int → Resource Lazy.ByteString +inputChunk limit = do driftTo GettingBody - itr <- ask - hasBody <- liftIO $ atomically $ readItr itr itrRequestHasBody id - chunk <- if hasBody then - askForInput itr - else - do driftTo DecidingHeader - return B.empty + itr ← getInteraction + chunk ← if reqHasBody $ fromJust $ itrRequest itr then + askForInput itr + else + do driftTo DecidingHeader + return (∅) return chunk where - askForInput :: Interaction -> Resource ByteString - askForInput itr - = do let defaultLimit = cnfMaxEntityLength $ itrConfig itr - actualLimit = if limit < 0 then - defaultLimit - else - limit - when (actualLimit <= 0) - $ fail ("inputChunkBS: limit must be positive: " ++ show actualLimit) + askForInput ∷ Interaction → Resource Lazy.ByteString + askForInput (Interaction {..}) + = do let confLimit = cnfMaxEntityLength itrConfig + actualLimit = if limit < 0 then + confLimit + else + limit + when (actualLimit ≤ 0) + $ fail ("inputChunkLBS: limit must be positive: " ++ show actualLimit) -- Reader にリクエスト liftIO $ atomically - $ do writeItr itr itrReqBodyWanted $ Just actualLimit - writeItr itr itrWillReceiveBody True + $ writeTVar itrReqBodyWanted actualLimit -- 應答を待つ。トランザクションを分けなければ當然デッドロック。 - chunk <- liftIO $ atomically - $ do chunk <- readItr itr itrReceivedBody id - -- 要求された量に滿たなくて、まだ殘りがあ - -- るなら再試行。 - when (B.length chunk < fromIntegral actualLimit) - $ do chunkIsOver <- readItr itr itrReqChunkIsOver id - unless chunkIsOver - $ retry - -- 成功 - writeItr itr itrReceivedBody B.empty - return chunk - when (B.null chunk) - $ driftTo DecidingHeader + chunk ← liftIO $ atomically + $ do chunkLen ← readTVar itrReceivedBodyLen + -- 要求された量に滿たなくて、まだ殘りがある + -- なら再試行。 + when (chunkLen < actualLimit) + $ do chunkIsOver ← readTVar itrReqChunkIsOver + unless chunkIsOver + $ retry + -- 成功 + chunk ← seqToLBS <$> readTVar itrReceivedBody + writeTVar itrReceivedBody (∅) + writeTVar itrReceivedBodyLen 0 + return chunk + when (Lazy.null chunk) + $ driftTo DecidingHeader return chunk - --- application/x-www-form-urlencoded または multipart/form-data をパー --- スする。もし Content-Type が無かったら BadRequest で終了し、未對應の --- タイプであったら UnsupportedMediaType で終了する。 -inputForm :: Int -> Resource [(String, String)] +-- | Computation of @'inputForm' limit@ attempts to read the request +-- body with 'input' and parse it as +-- @application\/x-www-form-urlencoded@ or @multipart\/form-data@. If +-- the request header \"Content-Type\" is neither of them, 'inputForm' +-- makes 'Resource' abort with status \"415 Unsupported Media +-- Type\". If the request has no \"Content-Type\", it aborts with +-- \"400 Bad Request\". +-- +-- Field names in @multipart\/form-data@ will be precisely decoded in +-- accordance with RFC 2231. On the other hand, +-- @application\/x-www-form-urlencoded@ says nothing about the +-- encoding of field names, so they'll always be decoded in UTF-8. +inputForm ∷ Int → Resource [(Text, FormData)] inputForm limit - = do cTypeM <- getContentType + = do cTypeM ← getContentType case cTypeM of Nothing - -> abort BadRequest [] (Just "Missing Content-Type") + → abort BadRequest [] (Just "Missing Content-Type") Just (MIMEType "application" "x-www-form-urlencoded" _) - -> readWWWFormURLEncoded - Just (MIMEType "multipart" "form-data" _) - -> readMultipartFormData + → readWWWFormURLEncoded + Just (MIMEType "multipart" "form-data" params) + → readMultipartFormData params Just cType - -> abort UnsupportedMediaType [] (Just $ "Unsupported media type: " - ++ show cType) + → abort UnsupportedMediaType [] + $ Just + $ A.toText + $ A.fromAsciiBuilder + $ A.toAsciiBuilder "Unsupported media type: " + ⊕ printMIMEType cType where readWWWFormURLEncoded - = do src <- input limit - return $ do pairStr <- splitBy (\ c -> c == ';' || c == '&') src - let pair = break (== '=') pairStr - return ( unEscapeString $ fst pair - , unEscapeString $ snd pair - ) - readMultipartFormData -- FIXME: 未對應 - = abort UnsupportedMediaType [] - (Just $ "Sorry, inputForm does not currently support multipart/form-data.") - - -defaultLimit :: Int + = (map toPairWithFormData ∘ parseWWWFormURLEncoded) + <$> + (bsToAscii =≪ input limit) + + bsToAscii bs + = case A.fromByteString (Strict.concat (Lazy.toChunks bs)) of + Just a → return a + Nothing → abort BadRequest [] (Just "Malformed x-www-form-urlencoded") + + readMultipartFormData params + = do case M.lookup "boundary" params of + Nothing + → abort BadRequest [] (Just "Missing boundary of multipart/form-data") + Just boundary + → do src ← input limit + b ← case A.fromText boundary of + Just b → return b + Nothing → abort BadRequest [] + (Just $ "Malformed boundary: " ⊕ boundary) + case LP.parse (p b) src of + LP.Done _ formList + → return formList + _ → abort BadRequest [] (Just "Unparsable multipart/form-data") + where + p b = do xs ← multipartFormP b + P.endOfInput + return xs + +-- | This is just a constant @-1@. It's better to say @'input' +-- 'defaultLimit'@ than to say @'input' (-1)@ but these are exactly +-- the same. +defaultLimit ∷ Int defaultLimit = (-1) - {- DecidingHeader 時に使用するアクション群 -} -setStatus :: StatusCode -> Resource () -setStatus code +-- | Set the response status code. If you omit to compute this action, +-- the status code will be defaulted to \"200 OK\". +setStatus ∷ StatusCode → Resource () +setStatus sc = do driftTo DecidingHeader - itr <- ask - liftIO $ atomically $ updateItr itr itrResponse - $ \ res -> res { - resStatus = code - } + itr ← getInteraction + liftIO + $ atomically + $ setResponseStatus itr sc -- | Set a value of given resource header. Comparison of header name -- is case-insensitive. Note that this action is not intended to be --- used so frequently: there should be an action like 'setContentType' +-- used so frequently: there should be actions like 'setContentType' -- for every common headers. -- -- Some important headers (especially \"Content-Length\" and --- \"Transfer-Encoding\") may be silently deleted or overwritten by +-- \"Transfer-Encoding\") may be silently dropped or overwritten by -- the system not to corrupt the interaction with client at the --- viewpoint of HTTP protocol. For instance, if we are keeping --- connection alive, for an obvious reason it causes a catastrophe to --- send header \"Content-Length: 10\" and actually sending body of 20 --- bytes long. -setHeader :: String -> String -> Resource () +-- viewpoint of HTTP protocol layer. For instance, if we are keeping +-- the connection alive, without this process it causes a catastrophe +-- to send a header \"Content-Length: 10\" and actually send a body of +-- 20 bytes long. In this case the client shall only accept the first +-- 10 bytes of response body and thinks that the residual 10 bytes is +-- a part of header of the next response. +setHeader ∷ CIAscii → Ascii → Resource () setHeader name value - = driftTo DecidingHeader >> setHeader' name value - + = driftTo DecidingHeader ≫ setHeader' name value -setHeader' :: String -> String -> Resource() +setHeader' ∷ CIAscii → Ascii → Resource () setHeader' name value - = do itr <- ask + = do itr ← getInteraction liftIO $ atomically - $ updateItr itr itrResponse - $ H.setHeader name value - - -redirect :: StatusCode -> URI -> Resource () + $ do res ← readTVar $ itrResponse itr + let res' = H.setHeader name value res + writeTVar (itrResponse itr) res' + +-- | Computation of @'redirect' code uri@ sets the response status to +-- @code@ and \"Location\" header to @uri@. The @code@ must satisfy +-- 'isRedirection' or it causes an error. +redirect ∷ StatusCode → URI → Resource () redirect code uri - = do when (code == NotModified || not (isRedirection code)) - $ abort InternalServerError [] - $ Just ("Attempted to redirect with status " ++ show code) + = do when (code ≡ NotModified ∨ not (isRedirection code)) + $ abort InternalServerError [] + $ Just + $ A.toText + $ A.fromAsciiBuilder + $ A.toAsciiBuilder "Attempted to redirect with status " + ⊕ printStatusCode code setStatus code - setHeader "Location" (uriToString id uri $ "") - + setLocation uri + +-- | Computation of @'setContentType' mType@ sets the response header +-- \"Content-Type\" to @mType@. +setContentType ∷ MIMEType → Resource () +setContentType + = setHeader "Content-Type" ∘ A.fromAsciiBuilder ∘ printMIMEType + +-- | Computation of @'setLocation' uri@ sets the response header +-- \"Location\" to @uri@. +setLocation ∷ URI → Resource () +setLocation uri + = case A.fromChars uriStr of + Just a → setHeader "Location" a + Nothing → abort InternalServerError [] + (Just $ "Malformed URI: " ⊕ T.pack uriStr) + where + uriStr = uriToString id uri "" + +-- |Computation of @'setContentEncoding' codings@ sets the response +-- header \"Content-Encoding\" to @codings@. +setContentEncoding ∷ [CIAscii] → Resource () +setContentEncoding codings + = do ver ← getRequestVersion + tr ← case ver of + HttpVersion 1 0 → return (toAB ∘ unnormalizeCoding) + HttpVersion 1 1 → return toAB + _ → abort InternalServerError [] + (Just "setContentEncoding: Unknown HTTP version") + setHeader "Content-Encoding" + (A.fromAsciiBuilder $ joinWith ", " $ map tr codings) + where + toAB = A.toAsciiBuilder ∘ A.fromCIAscii -setContentType :: MIMEType -> Resource () -setContentType mType - = setHeader "Content-Type" $ show mType +-- |Computation of @'setWWWAuthenticate' challenge@ sets the response +-- header \"WWW-Authenticate\" to @challenge@. +setWWWAuthenticate ∷ AuthChallenge → Resource () +setWWWAuthenticate challenge + = setHeader "WWW-Authenticate" (printAuthChallenge challenge) {- DecidingBody 時に使用するアクション群 -} -output :: String -> Resource () -output = outputBS . B.pack - - -outputBS :: ByteString -> Resource () -outputBS str = do outputChunkBS str - driftTo Done - - -outputChunk :: String -> Resource () -outputChunk = outputChunkBS . B.pack - - -{- チャンクの大きさは Config で制限されてゐる。もし例へば /dev/zero を - B.readFile して作った ByteString をそのまま ResponseWriter に渡した - りすると大變な事が起こる。何故なら ResponseWriter は - Transfer-Encoding: chunked の時、ヘッダを書く爲にチャンクの大きさを - 測るから、その時に起こるであらう事は言ふまでも無い。 -} - -outputChunkBS :: ByteString -> Resource () -outputChunkBS str +-- | Write a 'Lazy.ByteString' to the response body, and then transit +-- to the /Done/ state. It is safe to apply 'output' to an infinite +-- string, such as the lazy stream of \/dev\/random. +output ∷ Lazy.ByteString → Resource () +{-# INLINE output #-} +output str = outputChunk str *> driftTo Done + +-- | Write a 'Lazy.ByteString' to the response body. This action can +-- be repeated as many times as you want. It is safe to apply +-- 'outputChunk' to an infinite string. +outputChunk ∷ Lazy.ByteString → Resource () +outputChunk wholeChunk = do driftTo DecidingBody - itr <- ask + itr ← getInteraction let limit = cnfMaxOutputChunkLength $ itrConfig itr - when (limit <= 0) - $ fail ("cnfMaxOutputChunkLength must be positive: " - ++ show limit) - - discardBody <- liftIO $ atomically $ - readItr itr itrWillDiscardBody id + when (limit ≤ 0) + $ abort InternalServerError [] + (Just $ "cnfMaxOutputChunkLength must be positive: " ⊕ T.pack (show limit)) + discardBody ← liftIO $ atomically $ readTVar $ itrWillDiscardBody itr unless (discardBody) - $ sendChunks str limit + $ sendChunks itr wholeChunk limit - unless (B.null str) - $ liftIO $ atomically $ - writeItr itr itrBodyIsNull False + unless (Lazy.null wholeChunk) + $ liftIO $ atomically $ + writeTVar (itrSentNoBodySoFar itr) False where - sendChunks :: ByteString -> Int -> Resource () - sendChunks str limit - | B.null str = return () - | otherwise = do let (chunk, remaining) = B.splitAt (fromIntegral limit) str - itr <- ask - liftIO $ atomically $ - do buf <- readItr itr itrBodyToSend id - if B.null buf then - -- バッファが消化された - writeItr itr itrBodyToSend chunk - else - -- 消化されるのを待つ - retry - -- 殘りのチャンクについて繰り返す - sendChunks remaining limit + sendChunks ∷ Interaction → Lazy.ByteString → Int → Resource () + sendChunks itr@(Interaction {..}) str limit + | Lazy.null str = return () + | otherwise = do let (chunk, remaining) = Lazy.splitAt (fromIntegral limit) str + liftIO $ atomically + $ putTMVar itrBodyToSend (chunkToBuilder chunk) + sendChunks itr remaining limit + + chunkToBuilder ∷ Lazy.ByteString → Builder + chunkToBuilder = mconcat ∘ map BB.fromByteString ∘ Lazy.toChunks {- @@ -680,40 +928,34 @@ outputChunkBS str -} -driftTo :: InteractionState -> Resource () +driftTo ∷ InteractionState → Resource () driftTo newState - = do itr <- ask - liftIO $ atomically $ do oldState <- readItr itr itrState id - if newState < oldState then - throwStateError oldState newState - else - do let a = [oldState .. newState] - b = tail a - c = zip a b - mapM_ (uncurry $ drift itr) c - writeItr itr itrState newState + = do itr ← getInteraction + liftIO $ atomically + $ do oldState ← readTVar $ itrState itr + if newState < oldState then + throwStateError oldState newState + else + do let a = [oldState .. newState] + b = tail a + c = zip a b + mapM_ (uncurry $ drift itr) c + writeTVar (itrState itr) newState where - throwStateError :: Monad m => InteractionState -> InteractionState -> m a - + throwStateError ∷ Monad m ⇒ InteractionState → InteractionState → m a throwStateError Done DecidingBody = fail "It makes no sense to output something after finishing to output." - throwStateError old new - = fail ("state error: " ++ show old ++ " ==> " ++ show new) - - - drift :: Interaction -> InteractionState -> InteractionState -> STM () - - drift itr GettingBody _ - = writeItr itr itrReqBodyWasteAll True + = fail ("state error: " ⧺ show old ⧺ " ==> " ⧺ show new) + drift ∷ Interaction → InteractionState → InteractionState → STM () + drift (Interaction {..}) GettingBody _ + = writeTVar itrReqBodyWasteAll True drift itr DecidingHeader _ = postprocess itr - - drift itr _ Done - = do bodyIsNull <- readItr itr itrBodyIsNull id + drift itr@(Interaction {..}) _ Done + = do bodyIsNull ← readTVar itrSentNoBodySoFar when bodyIsNull - $ writeDefaultPage itr - + $ writeDefaultPage itr drift _ _ _ = return ()