Fabio/tileserver-gl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

when serving styles, look in a whitelisted set of urls to also see when we can add the key parameter to the url. also allow configuration of the parameter name.

Browse source
This commit is contained in:
Joseph Canero 2017-10-03 15:30:37 -04:00
parent 82f179b07c
commit 9b673638e3
2 changed files with 146 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
src/serve_style.js
View file

@ -1,19 +1,21 @@
'use strict'; 'use strict';
var path = require('path'), var path = require('path'),
fs = require('fs'); fs = require('fs'),
nodeUrl = require('url'),
querystring = require('querystring');
var clone = require('clone'), var clone = require('clone'),
express = require('express'); express = require('express');
module.exports = function(options, repo, params, id, reportTiles, reportFont) { module.exports = function (options, repo, params, id, reportTiles, reportFont) {
var app = express().disable('x-powered-by'); var app = express().disable('x-powered-by');
var styleFile = path.resolve(options.paths.styles, params.style); var styleFile = path.resolve(options.paths.styles, params.style);
var styleJSON = clone(require(styleFile)); var styleJSON = clone(require(styleFile));
Object.keys(styleJSON.sources).forEach(function(name) { Object.keys(styleJSON.sources).forEach(function (name) {
var source = styleJSON.sources[name]; var source = styleJSON.sources[name];
var url = source.url; var url = source.url;
if (url && url.lastIndexOf('mbtiles:', 0) === 0) { if (url && url.lastIndexOf('mbtiles:', 0) === 0) {
@ -33,7 +35,7 @@ module.exports = function(options, repo, params, id, reportTiles, reportFont) {
} }
}); });
styleJSON.layers.forEach(function(obj) { styleJSON.layers.forEach(function (obj) {
if (obj['type'] == 'symbol') { if (obj['type'] == 'symbol') {
var fonts = (obj['layout'] || {})['text-font']; var fonts = (obj['layout'] || {})['text-font'];
if (fonts && fonts.length) { if (fonts && fonts.length) {
@ -62,28 +64,57 @@ module.exports = function(options, repo, params, id, reportTiles, reportFont) {
repo[id] = styleJSON; repo[id] = styleJSON;
app.get('/' + id + '/style.json', function(req, res, next) { var isWhitelistedUrl = function (url) {
var fixUrl = function(url, opt_nokey, opt_nostyle) { if (!options.auth || !Array.isArray(options.auth.keyDomains) || options.auth.keyDomains.length === 0) {
if (!url || (typeof url !== 'string') || url.indexOf('local://') !== 0) { return false;
}
for (var i = 0; i < options.auth.keyDomains.length; i++) {
var keyDomain = options.auth.keyDomains[i];
if (!keyDomain || (typeof keyDomain !== 'string') || keyDomain.length === 0) {
continue;
}
if (url.indexOf(keyDomain) === 0) {
return true;
}
}
return false;
}
app.get('/' + id + '/style.json', function (req, res, next) {
var fixUrl = function (url, opt_nokey, opt_nostyle) {
if (!url || (typeof url !== 'string') || (url.indexOf('local://') !== 0 && !isWhitelistedUrl(url))) {
return url; return url;
} }
var queryParams = [];
var queryParams = {};
if (!opt_nostyle && global.addStyleParam) { if (!opt_nostyle && global.addStyleParam) {
queryParams.push('style=' + id); queryParams.style = id;
} }
if (!opt_nokey && req.query.key) { if (!opt_nokey && req.query[options.auth.keyName]) {
queryParams.unshift('key=' + req.query.key); queryParams[options.auth.keyName] = req.query[options.auth.keyName];
} }
var query = '';
if (queryParams.length) { if (url.indexOf('local://') === 0) {
query = '?' + queryParams.join('&'); var query = querystring.stringify(queryParams);
if (query.length) {
query = '?' + query;
} }
return url.replace( return url.replace(
'local://', req.protocol + '://' + req.headers.host + '/') + query; 'local://', req.protocol + '://' + req.headers.host + '/') + query;
} else { // whitelisted url. might have existing parameters
var parsedUrl = nodeUrl.parse(url);
var parsedQS = querystring.parse(url.query);
var newParams = Object.assign(parsedQS, queryParams);
parsedUrl.search = querystring.stringify(parsedQS);
return url.format(parsedUrl);
}
}; };
var styleJSON_ = clone(styleJSON); var styleJSON_ = clone(styleJSON);
Object.keys(styleJSON_.sources).forEach(function(name) { Object.keys(styleJSON_.sources).forEach(function (name) {
var source = styleJSON_.sources[name]; var source = styleJSON_.sources[name];
source.url = fixUrl(source.url); source.url = fixUrl(source.url);
}); });
@ -98,14 +129,14 @@ module.exports = function(options, repo, params, id, reportTiles, reportFont) {
}); });
app.get('/' + id + '/sprite:scale(@[23]x)?\.:format([\\w]+)', app.get('/' + id + '/sprite:scale(@[23]x)?\.:format([\\w]+)',
function(req, res, next) { function (req, res, next) {
if (!spritePath) { if (!spritePath) {
return res.status(404).send('File not found'); return res.status(404).send('File not found');
} }
var scale = req.params.scale, var scale = req.params.scale,
format = req.params.format; format = req.params.format;
var filename = spritePath + (scale || '') + '.' + format; var filename = spritePath + (scale || '') + '.' + format;
return fs.readFile(filename, function(err, data) { return fs.readFile(filename, function (err, data) {
if (err) { if (err) {
console.log('Sprite load error:', filename); console.log('Sprite load error:', filename);
return res.status(404).send('File not found'); return res.status(404).send('File not found');

77
src/server.js
View file

@ -66,6 +66,11 @@ function start(opts) {
} }
var options = config.options || {}; var options = config.options || {};
options.auth = options.auth || {};
options.auth.keyName = options.auth.keyName || 'key';
options.auth.keyDomains = options.auth.keyDomains || [];
var paths = options.paths || {}; var paths = options.paths || {};
options.paths = paths; options.paths = paths;
paths.root = path.resolve( paths.root = path.resolve(
@ -78,7 +83,7 @@ function start(opts) {
var startupPromises = []; var startupPromises = [];
var checkPath = function(type) { var checkPath = function (type) {
if (!fs.existsSync(paths[type])) { if (!fs.existsSync(paths[type])) {
console.error('The specified path for "' + type + '" does not exist (' + paths[type] + ').'); console.error('The specified path for "' + type + '" does not exist (' + paths[type] + ').');
process.exit(1); process.exit(1);
@ -92,7 +97,7 @@ function start(opts) {
if (options.dataDecorator) { if (options.dataDecorator) {
try { try {
options.dataDecoratorFunc = require(path.resolve(paths.root, options.dataDecorator)); options.dataDecoratorFunc = require(path.resolve(paths.root, options.dataDecorator));
} catch (e) {} } catch (e) { }
} }
var data = clone(config.data || {}); var data = clone(config.data || {});
@ -101,7 +106,7 @@ function start(opts) {
app.use(cors()); app.use(cors());
} }
Object.keys(config.styles || {}).forEach(function(id) { Object.keys(config.styles || {}).forEach(function (id) {
var item = config.styles[id]; var item = config.styles[id];
if (!item.style || item.style.length == 0) { if (!item.style || item.style.length == 0) {
console.log('Missing "style" property for ' + id); console.log('Missing "style" property for ' + id);
@ -110,9 +115,9 @@ function start(opts) {
if (item.serve_data !== false) { if (item.serve_data !== false) {
startupPromises.push(serve_style(options, serving.styles, item, id, startupPromises.push(serve_style(options, serving.styles, item, id,
function(mbtiles, fromData) { function (mbtiles, fromData) {
var dataItemId; var dataItemId;
Object.keys(data).forEach(function(id) { Object.keys(data).forEach(function (id) {
if (fromData) { if (fromData) {
if (id == mbtiles) { if (id == mbtiles) {
dataItemId = id; dataItemId = id;
@ -136,9 +141,9 @@ function start(opts) {
}; };
return id; return id;
} }
}, function(font) { }, function (font) {
serving.fonts[font] = true; serving.fonts[font] = true;
}).then(function(sub) { }).then(function (sub) {
app.use('/styles/', sub); app.use('/styles/', sub);
})); }));
} }
@ -146,16 +151,16 @@ function start(opts) {
if (serve_rendered) { if (serve_rendered) {
startupPromises.push( startupPromises.push(
serve_rendered(options, serving.rendered, item, id, serve_rendered(options, serving.rendered, item, id,
function(mbtiles) { function (mbtiles) {
var mbtilesFile; var mbtilesFile;
Object.keys(data).forEach(function(id) { Object.keys(data).forEach(function (id) {
if (id == mbtiles) { if (id == mbtiles) {
mbtilesFile = data[id].mbtiles; mbtilesFile = data[id].mbtiles;
} }
}); });
return mbtilesFile; return mbtilesFile;
} }
).then(function(sub) { ).then(function (sub) {
app.use('/styles/', sub); app.use('/styles/', sub);
}) })
); );
@ -166,12 +171,12 @@ function start(opts) {
}); });
startupPromises.push( startupPromises.push(
serve_font(options, serving.fonts).then(function(sub) { serve_font(options, serving.fonts).then(function (sub) {
app.use('/', sub); app.use('/', sub);
}) })
); );
Object.keys(data).forEach(function(id) { Object.keys(data).forEach(function (id) {
var item = data[id]; var item = data[id];
if (!item.mbtiles || item.mbtiles.length == 0) { if (!item.mbtiles || item.mbtiles.length == 0) {
console.log('Missing "mbtiles" property for ' + id); console.log('Missing "mbtiles" property for ' + id);
@ -179,16 +184,16 @@ function start(opts) {
} }
startupPromises.push( startupPromises.push(
serve_data(options, serving.data, item, id, serving.styles).then(function(sub) { serve_data(options, serving.data, item, id, serving.styles).then(function (sub) {
app.use('/data/', sub); app.use('/data/', sub);
}) })
); );
}); });
app.get('/styles.json', function(req, res, next) { app.get('/styles.json', function (req, res, next) {
var result = []; var result = [];
var query = req.query.key ? ('?key=' + req.query.key) : ''; var query = req.query.key ? ('?key=' + req.query.key) : '';
Object.keys(serving.styles).forEach(function(id) { Object.keys(serving.styles).forEach(function (id) {
var styleJSON = serving.styles[id]; var styleJSON = serving.styles[id];
result.push({ result.push({
version: styleJSON.version, version: styleJSON.version,
@ -201,8 +206,8 @@ function start(opts) {
res.send(result); res.send(result);
}); });
var addTileJSONs = function(arr, req, type) { var addTileJSONs = function (arr, req, type) {
Object.keys(serving[type]).forEach(function(id) { Object.keys(serving[type]).forEach(function (id) {
var info = clone(serving[type][id]); var info = clone(serving[type][id]);
var path = ''; var path = '';
if (type == 'rendered') { if (type == 'rendered') {
@ -218,13 +223,13 @@ function start(opts) {
return arr; return arr;
}; };
app.get('/rendered.json', function(req, res, next) { app.get('/rendered.json', function (req, res, next) {
res.send(addTileJSONs([], req, 'rendered')); res.send(addTileJSONs([], req, 'rendered'));
}); });
app.get('/data.json', function(req, res, next) { app.get('/data.json', function (req, res, next) {
res.send(addTileJSONs([], req, 'data')); res.send(addTileJSONs([], req, 'data'));
}); });
app.get('/index.json', function(req, res, next) { app.get('/index.json', function (req, res, next) {
res.send(addTileJSONs(addTileJSONs([], req, 'rendered'), req, 'data')); res.send(addTileJSONs(addTileJSONs([], req, 'rendered'), req, 'data'));
}); });
@ -233,7 +238,7 @@ function start(opts) {
app.use('/', express.static(path.join(__dirname, '../public/resources'))); app.use('/', express.static(path.join(__dirname, '../public/resources')));
var templates = path.join(__dirname, '../public/templates'); var templates = path.join(__dirname, '../public/templates');
var serveTemplate = function(urlPath, template, dataGetter) { var serveTemplate = function (urlPath, template, dataGetter) {
var templateFile = templates + '/' + template + '.tmpl'; var templateFile = templates + '/' + template + '.tmpl';
if (template == 'index') { if (template == 'index') {
if (options.frontPage === false) { if (options.frontPage === false) {
@ -243,15 +248,15 @@ function start(opts) {
templateFile = path.resolve(paths.root, options.frontPage); templateFile = path.resolve(paths.root, options.frontPage);
} }
} }
startupPromises.push(new Promise(function(resolve, reject) { startupPromises.push(new Promise(function (resolve, reject) {
fs.readFile(templateFile, function(err, content) { fs.readFile(templateFile, function (err, content) {
if (err) { if (err) {
console.error('Template not found:', err); console.error('Template not found:', err);
reject(err); reject(err);
} }
var compiled = handlebars.compile(content.toString()); var compiled = handlebars.compile(content.toString());
app.use(urlPath, function(req, res, next) { app.use(urlPath, function (req, res, next) {
var data = {}; var data = {};
if (dataGetter) { if (dataGetter) {
data = dataGetter(req); data = dataGetter(req);
@ -271,9 +276,9 @@ function start(opts) {
})); }));
}; };
serveTemplate('/$', 'index', function(req) { serveTemplate('/$', 'index', function (req) {
var styles = clone(config.styles || {}); var styles = clone(config.styles || {});
Object.keys(styles).forEach(function(id) { Object.keys(styles).forEach(function (id) {
var style = styles[id]; var style = styles[id];
style.name = (serving.styles[id] || serving.rendered[id] || {}).name; style.name = (serving.styles[id] || serving.rendered[id] || {}).name;
style.serving_data = serving.styles[id]; style.serving_data = serving.styles[id];
@ -303,7 +308,7 @@ function start(opts) {
} }
}); });
var data = clone(serving.data || {}); var data = clone(serving.data || {});
Object.keys(data).forEach(function(id) { Object.keys(data).forEach(function (id) {
var data_ = data[id]; var data_ = data[id];
var center = data_.center; var center = data_.center;
if (center) { if (center) {
@ -351,7 +356,7 @@ function start(opts) {
}; };
}); });
serveTemplate('/styles/:id/$', 'viewer', function(req) { serveTemplate('/styles/:id/$', 'viewer', function (req) {
var id = req.params.id; var id = req.params.id;
var style = clone((config.styles || {})[id]); var style = clone((config.styles || {})[id]);
if (!style) { if (!style) {
@ -370,7 +375,7 @@ function start(opts) {
}); });
*/ */
serveTemplate('/data/:id/$', 'data', function(req) { serveTemplate('/data/:id/$', 'data', function (req) {
var id = req.params.id; var id = req.params.id;
var data = clone(serving.data[id]); var data = clone(serving.data[id]);
if (!data) { if (!data) {
@ -382,11 +387,11 @@ function start(opts) {
}); });
var startupComplete = false; var startupComplete = false;
var startupPromise = Promise.all(startupPromises).then(function() { var startupPromise = Promise.all(startupPromises).then(function () {
console.log('Startup complete'); console.log('Startup complete');
startupComplete = true; startupComplete = true;
}); });
app.get('/health', function(req, res, next) { app.get('/health', function (req, res, next) {
if (startupComplete) { if (startupComplete) {
return res.status(200).send('OK'); return res.status(200).send('OK');
} else { } else {
@ -394,7 +399,7 @@ function start(opts) {
} }
}); });
var server = app.listen(process.env.PORT || opts.port, process.env.BIND || opts.bind, function() { var server = app.listen(process.env.PORT || opts.port, process.env.BIND || opts.bind, function () {
var address = this.address().address; var address = this.address().address;
if (address.indexOf('::') === 0) { if (address.indexOf('::') === 0) {
address = '[' + address + ']'; // literal IPv6 address address = '[' + address + ']'; // literal IPv6 address
@ -412,17 +417,17 @@ function start(opts) {
}; };
} }
module.exports = function(opts) { module.exports = function (opts) {
var running = start(opts); var running = start(opts);
process.on('SIGINT', function() { process.on('SIGINT', function () {
process.exit(); process.exit();
}); });
process.on('SIGHUP', function() { process.on('SIGHUP', function () {
console.log('Stopping server and reloading config'); console.log('Stopping server and reloading config');
running.server.shutdown(function() { running.server.shutdown(function () {
for (var key in require.cache) { for (var key in require.cache) {
delete require.cache[key]; delete require.cache[key];
} }