Make HTTP middleware easier to use

appengine/gaeauth/server/internal/authdb/handlers.go

 // Copyright 2015 The LUCI Authors. All rights reserved.
 // Use of this source code is governed under the Apache License, Version 2.0
 // that can be found in the LICENSE file.
 
 package authdb
 
 import (
         "fmt"
         "io/ioutil"
         "net/http"
         "net/url"
 
-        "github.com/julienschmidt/httprouter"
         "golang.org/x/net/context"
         "google.golang.org/appengine"
 
         "github.com/luci/gae/service/info"
 
         "github.com/luci/luci-go/appengine/gaeauth/client"
         "github.com/luci/luci-go/common/errors"
         "github.com/luci/luci-go/common/logging"
         "github.com/luci/luci-go/server/auth/service"
-        "github.com/luci/luci-go/server/middleware"
+        "github.com/luci/luci-go/server/router"
 )
 
 const (
         pubSubPullURLPath = "/auth/pubsub/authdb:pull" // dev server only
         pubSubPushURLPath = "/auth/pubsub/authdb:push"
 )
 
 // InstallHandlers installs PubSub related HTTP handlers.
-func InstallHandlers(r *httprouter.Router, base middleware.Base) {
+func InstallHandlers(r *router.Router, handlers []router.Handler) {
         if appengine.IsDevAppServer() {
-                r.GET(pubSubPullURLPath, base(pubSubPull))
+                r.GET(pubSubPullURLPath, append(handlers, pubSubPull)...)
         }
-        r.POST(pubSubPushURLPath, base(pubSubPush))
+        r.POST(pubSubPushURLPath, append(handlers, pubSubPush)...)
 }
 
 // authenticatePubSub injects into a context a transport that authenticates
 // calls with OAuth2 token with PubSub API scope needed for PubSub API calls.
 func authenticatePubSub(c context.Context) context.Context {
         scopes := []string{
                 "https://www.googleapis.com/auth/userinfo.email",
                 "https://www.googleapis.com/auth/pubsub",
         }
         return client.UseServiceAccountTransport(c, scopes, nil)
@@ skipping 28 matching lines @@
                 panic(err)
         }
         return fmt.Sprintf("projects/%s/subscriptions/%s+%s", gaeInfo.AppID(), subIDPrefix, serviceURL.Host)
 }
 
 // pubSubPull is HTTP handler that pulls PubSub messages from AuthDB change
 // notification topic.
 //
 // Used only on dev server for manual testing. Prod services use push-based
 // delivery.
-func pubSubPull(c context.Context, rw http.ResponseWriter, r *http.Request, p httprouter.Params) {
+func pubSubPull(ctx *router.Context) {
         if !appengine.IsDevAppServer() {
-                replyError(c, rw, errors.New("not a dev server"))
+                replyError(ctx.Context, ctx.Writer, errors.New("not a dev server"))
+                ctx.Abort()
                 return
         }
-        processPubSubRequest(c, rw, r, func(c context.Context, srv authService, serviceURL string) (*service.Notification, error) {
+        processPubSubRequest(ctx, func(c context.Context, srv authService, serviceURL string) (*service.Notification, error) {
                 return srv.PullPubSub(c, subscriptionName(c, serviceURL))
         })
 }
 
 // pubSubPush is HTTP handler that processes incoming PubSub push notifications.
 //
 // It uses the signature inside PubSub message body for authentication. Skips
 // messages not signed by currently configured auth service.
-func pubSubPush(c context.Context, rw http.ResponseWriter, r *http.Request, p httprouter.Params) {
-        processPubSubRequest(c, rw, r, func(c context.Context, srv authService, serviceURL string) (*service.Notification, error) {
-                body, err := ioutil.ReadAll(r.Body)
+func pubSubPush(ctx *router.Context) {
+        processPubSubRequest(ctx, func(c context.Context, srv authService, serviceURL string) (*service.Notification, error) {
+                body, err := ioutil.ReadAll(ctx.Request.Body)
                 if err != nil {
                         return nil, err
                 }
                 return srv.ProcessPubSubPush(c, body)
         })
 }
 
 type notifcationGetter func(context.Context, authService, string) (*service.Notification, error)
 
 // processPubSubRequest is common wrapper for pubSubPull and pubSubPush.
 //
 // It implements most logic of notification handling. Calls supplied callback
 // to actually get service.Notification, since this part is different from Pull
 // and Push subscriptions.
-func processPubSubRequest(c context.Context, rw http.ResponseWriter, r *http.Request, callback notifcationGetter) {
-        c = defaultNS(c)
-        c = authenticatePubSub(c)
-        info, err := GetLatestSnapshotInfo(c)
+func processPubSubRequest(c *router.Context, callback notifcationGetter) {
+        c.Context = defaultNS(c.Context)
+        c.Context = authenticatePubSub(c.Context)
+        info, err := GetLatestSnapshotInfo(c.Context)
         if err != nil {
-                replyError(c, rw, err)
+                replyError(c.Context, c.Writer, err)
+                c.Abort()
                 return
         }
         if info == nil {
                 // Return HTTP 200 to avoid a redelivery.
-                replyOK(c, rw, "Auth Service URL is not configured, skipping the message")
+                replyOK(c.Context, c.Writer, "Auth Service URL is not configured, skipping the message")
                 return
         }
-        srv := getAuthService(c, info.AuthServiceURL)
+        srv := getAuthService(c.Context, info.AuthServiceURL)
 
-        notify, err := callback(c, srv, info.AuthServiceURL)
+        notify, err := callback(c.Context, srv, info.AuthServiceURL)
         if err != nil {
-                replyError(c, rw, err)
+                replyError(c.Context, c.Writer, err)
+                c.Abort()
                 return
         }
 
         // notify may be nil if PubSub messages didn't pass authentication.
         if notify == nil {
-                replyOK(c, rw, "No new valid AuthDB change notifications")
+                replyOK(c.Context, c.Writer, "No new valid AuthDB change notifications")
                 return
         }
 
         // Don't bother processing late messages (ack them though).
         latest := info
         if notify.Revision > info.Rev {
                 var err error
-                if latest, err = syncAuthDB(c); err != nil {
-                        replyError(c, rw, err)
+                if latest, err = syncAuthDB(c.Context); err != nil {
+                        replyError(c.Context, c.Writer, err)
+                        c.Abort()
                         return
                 }
         }
 
-        if err := notify.Acknowledge(c); err != nil {
-                replyError(c, rw, err)
+        if err := notify.Acknowledge(c.Context); err != nil {
+                replyError(c.Context, c.Writer, err)
+                c.Abort()
                 return
         }
 
         replyOK(
-                c, rw, "Processed PubSub notification for rev %d: %d -> %d",
+                c.Context, c.Writer, "Processed PubSub notification for rev %d: %d -> %d",
                 notify.Revision, info.Rev, latest.Rev)
 }
 
 // replyError sends HTTP 500 on transient errors, HTTP 400 on fatal ones.
 func replyError(c context.Context, rw http.ResponseWriter, err error) {
         logging.Errorf(c, "Error while processing PubSub notification - %s", err)
         if errors.IsTransient(err) {
                 http.Error(rw, err.Error(), http.StatusInternalServerError)
         } else {
                 http.Error(rw, err.Error(), http.StatusBadRequest)
         }
 }
 
 // replyOK sends HTTP 200.
 func replyOK(c context.Context, rw http.ResponseWriter, msg string, args ...interface{}) {
         logging.Infof(c, msg, args...)
         rw.Write([]byte(fmt.Sprintf(msg, args...)))
 }