TC
/
arozos


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293
							package agi

import (
	"bytes"
	"encoding/base64"
	"encoding/json"
	"errors"
	"io"
	"log"
	"net/http"
	"net/url"
	"path/filepath"

	"github.com/robertkrimen/otto"
	"imuslab.com/arozos/mod/agi/static"
)

/*
	AJGI HTTP Request Library

	This is a library for allowing AGI script to make HTTP Request from the VM
	Returning either the head or the body of the request

	Author: tobychui
*/

func (g *Gateway) HTTPLibRegister() {
	err := g.RegisterLib("http", g.injectHTTPFunctions)
	if err != nil {
		log.Fatal(err)
	}
}

func (g *Gateway) injectHTTPFunctions(payload *static.AgiLibInjectionPayload) {
	vm := payload.VM
	u := payload.User
	//scriptFsh := payload.ScriptFsh
	//scriptPath := payload.ScriptPath
	w := payload.Writer
	//r := payload.Request
	vm.Set("_http_get", func(call otto.FunctionCall) otto.Value {
		//Get URL from function variable
		url, err := call.Argument(0).ToString()
		if err != nil {
			return otto.NullValue()
		}

		//Get respond of the url
		res, err := http.Get(url)
		if err != nil {
			return otto.NullValue()
		}

		bodyContent, err := io.ReadAll(res.Body)
		if err != nil {
			return otto.NullValue()
		}

		returnValue, err := vm.ToValue(string(bodyContent))
		if err != nil {
			return otto.NullValue()
		}

		return returnValue
	})

	vm.Set("_http_post", func(call otto.FunctionCall) otto.Value {
		//Get URL from function paramter
		url, err := call.Argument(0).ToString()
		if err != nil {
			return otto.NullValue()
		}

		//Get JSON content from 2nd paramter
		sendWithPayload := true
		jsonContent, err := call.Argument(1).ToString()
		if err != nil {
			//Disable the payload send
			sendWithPayload = false
		}

		//Create the request
		var req *http.Request
		if sendWithPayload {
			req, _ = http.NewRequest("POST", url, bytes.NewBuffer([]byte(jsonContent)))
		} else {
			req, _ = http.NewRequest("POST", url, bytes.NewBuffer([]byte("")))
		}

		req.Header.Set("Content-Type", "application/json")
		req.Header.Set("User-Agent", "arozos-http-client/1.1")

		//Send the request
		client := &http.Client{}
		resp, err := client.Do(req)
		if err != nil {
			log.Println(err)
			return otto.NullValue()
		}
		defer resp.Body.Close()

		bodyContent, err := io.ReadAll(resp.Body)
		if err != nil {
			return otto.NullValue()
		}

		returnValue, _ := vm.ToValue(string(bodyContent))

		return returnValue
	})

	vm.Set("_http_head", func(call otto.FunctionCall) otto.Value {
		//Get URL from function paramter
		url, err := call.Argument(0).ToString()
		if err != nil {
			return otto.NullValue()
		}

		//Request the url
		resp, err := http.Get(url)
		if err != nil {
			return otto.NullValue()
		}

		headerKey, err := call.Argument(1).ToString()
		if err != nil || headerKey == "undefined" {
			//No headkey set. Return the whole header as JSON
			js, _ := json.Marshal(resp.Header)
			returnValue, _ := vm.ToValue(string(js))
			return returnValue
		} else {
			//headerkey is set. Return if exists
			possibleValue := resp.Header.Get(headerKey)
			js, _ := json.Marshal(possibleValue)
			returnValue, _ := vm.ToValue(string(js))
			return returnValue
		}

	})

	//Get target status code for response
	vm.Set("_http_code", func(call otto.FunctionCall) otto.Value {
		//Get URL from function paramter
		url, err := call.Argument(0).ToString()
		if err != nil {
			return otto.FalseValue()
		}

		req, err := http.NewRequest("GET", url, nil)
		if err != nil {
			g.RaiseError(err)
			return otto.FalseValue()
		}

		payload := ""
		client := new(http.Client)
		client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
			//Redirection. Return the target location as well
			dest, _ := req.Response.Location()
			payload = dest.String()
			return errors.New("Redirect")
		}

		response, err := client.Do(req)
		if err != nil {
			return otto.FalseValue()
		}
		defer client.CloseIdleConnections()
		vm.Run(`var _location = "` + payload + `";`)
		value, _ := otto.ToValue(response.StatusCode)
		return value

	})

	vm.Set("_http_download", func(call otto.FunctionCall) otto.Value {
		//Get URL from function paramter
		downloadURL, err := call.Argument(0).ToString()
		if err != nil {
			return otto.FalseValue()
		}
		decodedURL, _ := url.QueryUnescape(downloadURL)

		//Get download desintation from paramter
		vpath, err := call.Argument(1).ToString()
		if err != nil {
			return otto.FalseValue()
		}

		//Optional: filename paramter
		filename, err := call.Argument(2).ToString()
		if err != nil || filename == "undefined" {
			//Extract the filename from the url instead
			filename = filepath.Base(decodedURL)
		}

		//Check user acess permission
		if !u.CanWrite(vpath) {
			g.RaiseError(errors.New("Permission Denied"))
			return otto.FalseValue()
		}

		//Convert the vpath to realpath. Check if it exists
		fsh, rpath, err := static.VirtualPathToRealPath(vpath, u)
		if err != nil {
			return otto.FalseValue()
		}

		if !fsh.FileSystemAbstraction.FileExists(rpath) || !fsh.FileSystemAbstraction.IsDir(rpath) {
			g.RaiseError(errors.New(vpath + " is a file not a directory."))
			return otto.FalseValue()
		}

		downloadDest := filepath.Join(rpath, filename)

		//Ok. Download the file
		resp, err := http.Get(decodedURL)
		if err != nil {
			return otto.FalseValue()
		}
		defer resp.Body.Close()

		// Create the file
		err = fsh.FileSystemAbstraction.WriteStream(downloadDest, resp.Body, 0775)
		if err != nil {
			return otto.FalseValue()
		}
		return otto.TrueValue()
	})

	vm.Set("_http_getb64", func(call otto.FunctionCall) otto.Value {
		//Get URL from function variable and return bytes as base64
		url, err := call.Argument(0).ToString()
		if err != nil {
			return otto.NullValue()
		}

		//Get respond of the url
		res, err := http.Get(url)
		if err != nil {
			return otto.NullValue()
		}

		bodyContent, err := io.ReadAll(res.Body)
		if err != nil {
			return otto.NullValue()
		}

		sEnc := base64.StdEncoding.EncodeToString(bodyContent)

		r, err := otto.ToValue(string(sEnc))
		if err != nil {
			log.Println(err.Error())
			return otto.NullValue()
		}
		return r
	})

	vm.Set("_http_redirect", func(call otto.FunctionCall) otto.Value {
		//Redirect the current request to another url
		targetUrl, err := call.Argument(0).ToString()
		if err != nil {
			return otto.NullValue()
		}

		statusCode, err := call.Argument(1).ToInteger()
		if err != nil {
			//Default: Temporary redirect
			statusCode = 307
		}

		w.Header().Set("Location", targetUrl)
		w.WriteHeader(int(statusCode))
		return otto.TrueValue()
	})

	//Wrap all the native code function into an imagelib class
	vm.Run(`
		var http = {};
		http.get = _http_get;
		http.post = _http_post;
		http.head = _http_head;
		http.download = _http_download;
		http.getb64 = _http_getb64;
		http.getCode = _http_code;
		http.redirect = function(t, c){
			if (typeof(c) == "undefined"){
				c = 307;
			}
			_http_redirect(t,c);
		};
	`)

}