From 4f1c56596233cb54441d021351a44d1e0c2bcde5 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Wed, 16 Aug 2023 13:49:25 +0200
Subject: [PATCH] Fix wrong url in filesystem response (when using proxies)

---
 CHANGELOG.md                                  |  1 +
 .../java/org/caosdb/server/CaosDBServer.java  |  4 ++++
 .../server/resource/FileSystemResource.java   |  9 ++++++---
 .../server/utils/WebinterfaceUtils.java       | 19 ++++++++++++++++++-
 4 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 04f6d43a..51927b19 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Fixed ###
 
+* Wrong url returned by FileSystem resource behind proxy.
 * `NullPointerException` in GRPC API converters when executing SELECT query on
   NULL values.
 
diff --git a/src/main/java/org/caosdb/server/CaosDBServer.java b/src/main/java/org/caosdb/server/CaosDBServer.java
index deca9aae..2a115c5c 100644
--- a/src/main/java/org/caosdb/server/CaosDBServer.java
+++ b/src/main/java/org/caosdb/server/CaosDBServer.java
@@ -108,6 +108,7 @@ import org.restlet.data.Reference;
 import org.restlet.data.ServerInfo;
 import org.restlet.data.Status;
 import org.restlet.engine.Engine;
+import org.restlet.routing.Redirector;
 import org.restlet.routing.Route;
 import org.restlet.routing.Router;
 import org.restlet.routing.Template;
@@ -708,6 +709,9 @@ public class CaosDBServer extends Application {
     protectedRouter.attach("/EntityPermissions/", EntityPermissionsResource.class);
     protectedRouter.attach("/EntityPermissions/{specifier}", EntityPermissionsResource.class);
     protectedRouter.attach("/Owner/{specifier}", EntityOwnerResource.class);
+    protectedRouter.attach(
+        "/FileSystem",
+        new Redirector(getContext(), "/FileSystem/", Redirector.MODE_CLIENT_PERMANENT));
     protectedRouter.attach("/FileSystem/", FileSystemResource.class);
     // FileSystem etc. needs to accept parameters which contain slashes and would otherwise be
     // split at the first separator
diff --git a/src/main/java/org/caosdb/server/resource/FileSystemResource.java b/src/main/java/org/caosdb/server/resource/FileSystemResource.java
index 7aacad72..9c0d6158 100644
--- a/src/main/java/org/caosdb/server/resource/FileSystemResource.java
+++ b/src/main/java/org/caosdb/server/resource/FileSystemResource.java
@@ -87,12 +87,15 @@ public class FileSystemResource extends AbstractCaosDBServerResource {
 
     if (file.isDirectory()) {
       String path = (specifier.endsWith("/") ? specifier : specifier + "/");
-      String referenceString = getUtils().getServerRootURI() + "/FileSystem/" + path;
+      String url =
+          getUtils().getServerRootURI()
+              + "/FileSystem"
+              + (path.startsWith("/") ? path : ("/" + path));
 
       final Element folder = new Element("dir");
       folder.setAttribute("path", path);
       folder.setAttribute("name", file.getName());
-      folder.setAttribute("url", referenceString);
+      folder.setAttribute("url", url);
 
       final boolean thumbnailsExist =
           new File(file.getAbsolutePath() + File.separator + ".thumbnails").exists();
@@ -109,7 +112,7 @@ public class FileSystemResource extends AbstractCaosDBServerResource {
         }
 
         if (thumbnailsExist) {
-          final Attribute thumbnailAttribute = getThumbnailAttribute(file, child, referenceString);
+          final Attribute thumbnailAttribute = getThumbnailAttribute(file, child, url);
           if (thumbnailAttribute != null) {
             celem.setAttribute(thumbnailAttribute);
           }
diff --git a/src/main/java/org/caosdb/server/utils/WebinterfaceUtils.java b/src/main/java/org/caosdb/server/utils/WebinterfaceUtils.java
index 375d6b5e..6c583fcc 100644
--- a/src/main/java/org/caosdb/server/utils/WebinterfaceUtils.java
+++ b/src/main/java/org/caosdb/server/utils/WebinterfaceUtils.java
@@ -61,6 +61,23 @@ public class WebinterfaceUtils {
   private long buildNumberDate;
   private static final Map<String, WebinterfaceUtils> instances = new HashMap<>();
 
+  public static String getForwardedProto(Request request) {
+    String scheme = null;
+    String forwarded = request.getHeaders().getFirstValue("Forwarded", true);
+    if (forwarded != null) {
+      for (String directive : forwarded.split(";")) {
+        String[] s = directive.split("=", 2);
+        if (s.length == 2 && "proto".equalsIgnoreCase(s[0])) {
+          scheme = s[1];
+        }
+      }
+    }
+    if (scheme == null) {
+      scheme = request.getHeaders().getFirstValue("X-Forwarded-Proto", true);
+    }
+    return scheme;
+  }
+
   /**
    * Retrieve an instance of {@link WebinterfaceUtils} for the request. The instance can be shared
    * with other callers.
@@ -70,7 +87,7 @@ public class WebinterfaceUtils {
    */
   public static WebinterfaceUtils getInstance(Request request) {
     String hostStr = request.getHostRef().getHostIdentifier();
-    String scheme = request.getHeaders().getFirstValue("X-Forwarded-Proto", true);
+    String scheme = getForwardedProto(request);
     if (scheme != null) {
       hostStr = hostStr.replaceFirst("^" + request.getHostRef().getScheme(), scheme);
     }
-- 
GitLab