From bd8769f87f3661046f258215b0cad4c5a2ea9629 Mon Sep 17 00:00:00 2001 From: Dmitry Verkhoturov Date: Sat, 21 Sep 2024 03:35:39 +0100 Subject: [PATCH] Detect proper avatar type to return instead of returning image/* --- backend/go.mod | 2 +- backend/go.sum | 2 ++ .../github.com/go-pkgz/auth/avatar/avatar.go | 22 +++++++++++++++++-- backend/vendor/modules.txt | 2 +- 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/backend/go.mod b/backend/go.mod index f79ff95f6a..684b410499 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -11,7 +11,7 @@ require ( github.com/go-chi/chi/v5 v5.1.0 github.com/go-chi/cors v1.2.1 github.com/go-chi/render v1.0.3 - github.com/go-pkgz/auth v1.24.1 + github.com/go-pkgz/auth v1.24.2-0.20240921022538-30916c085e04 github.com/go-pkgz/jrpc v0.3.0 github.com/go-pkgz/lcw/v2 v2.0.0 github.com/go-pkgz/lgr v0.11.1 diff --git a/backend/go.sum b/backend/go.sum index 115cabe8f6..3f59455248 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -66,6 +66,8 @@ github.com/go-pkgz/auth v1.24.1-0.20240919232608-9e446b888187 h1:1oHLySWdk0HfDIF github.com/go-pkgz/auth v1.24.1-0.20240919232608-9e446b888187/go.mod h1:xmnzq6g8mhemW1nHnkuByXkBXsHrNf9/qkiVwJugWIs= github.com/go-pkgz/auth v1.24.1 h1:izSFGxwNEZ2MujKJWXddKc+lUW+kVP02JBXouQIW8b4= github.com/go-pkgz/auth v1.24.1/go.mod h1:xmnzq6g8mhemW1nHnkuByXkBXsHrNf9/qkiVwJugWIs= +github.com/go-pkgz/auth v1.24.2-0.20240921022538-30916c085e04 h1:DZzcdFb/EzXjQex8lDq/NqubVqwCXeyGxU5swYEVAYk= +github.com/go-pkgz/auth v1.24.2-0.20240921022538-30916c085e04/go.mod h1:xmnzq6g8mhemW1nHnkuByXkBXsHrNf9/qkiVwJugWIs= github.com/go-pkgz/email v0.5.0 h1:fdtMDGJ8NwyBACLR0LYHaCIK/OeUwZHMhH7Q0+oty9U= github.com/go-pkgz/email v0.5.0/go.mod h1:BdxglsQnymzhfdbnncEE72a6DrucZHy6I+42LK2jLEc= github.com/go-pkgz/expirable-cache v0.1.0/go.mod h1:GTrEl0X+q0mPNqN6dtcQXksACnzCBQ5k/k1SwXJsZKs= diff --git a/backend/vendor/github.com/go-pkgz/auth/avatar/avatar.go b/backend/vendor/github.com/go-pkgz/auth/avatar/avatar.go index ed691fa8e6..cab724ba5f 100644 --- a/backend/vendor/github.com/go-pkgz/auth/avatar/avatar.go +++ b/backend/vendor/github.com/go-pkgz/auth/avatar/avatar.go @@ -23,6 +23,9 @@ import ( "github.com/go-pkgz/auth/token" ) +// http.sniffLen is 512 bytes which is how much we need to read to detect content type +const sniffLen = 512 + // Proxy provides http handler for avatars from avatar.Store // On user login token will call Put and it will retrieve and save picture locally. type Proxy struct { @@ -100,7 +103,6 @@ func (p *Proxy) load(url string, client *http.Client) (rc io.ReadCloser, err err // Handler returns token routes for given provider func (p *Proxy) Handler(w http.ResponseWriter, r *http.Request) { - if r.Method != "GET" { w.WriteHeader(http.StatusMethodNotAllowed) } @@ -136,9 +138,25 @@ func (p *Proxy) Handler(w http.ResponseWriter, r *http.Request) { } }() - w.Header().Set("Content-Type", "image/*") + buf := make([]byte, sniffLen) + n, err := avReader.Read(buf) + if err != nil && err != io.EOF { + p.Logf("[WARN] can't read from avatar reader for %s, %s", avatarID, err) + rest.SendErrorJSON(w, r, p.L, http.StatusInternalServerError, err, "can't read avatar") + return + } w.Header().Set("Content-Length", strconv.Itoa(size)) + contentType := http.DetectContentType(buf) + if contentType == "application/octet-stream" { + contentType = "image/*" + } + w.Header().Set("Content-Type", contentType) w.WriteHeader(http.StatusOK) + if _, err = w.Write(buf[:n]); err != nil { + p.Logf("[WARN] can't write response to %s, %s", r.RemoteAddr, err) + return + } + // write the rest of response size if it's bigger than 512 bytes, or nothing as EOF would be sent right away then if _, err = io.Copy(w, avReader); err != nil { p.Logf("[WARN] can't send response to %s, %s", r.RemoteAddr, err) } diff --git a/backend/vendor/modules.txt b/backend/vendor/modules.txt index f0ce286831..9a9d0616a2 100644 --- a/backend/vendor/modules.txt +++ b/backend/vendor/modules.txt @@ -65,7 +65,7 @@ github.com/go-chi/render github.com/go-oauth2/oauth2/v4 github.com/go-oauth2/oauth2/v4/errors github.com/go-oauth2/oauth2/v4/server -# github.com/go-pkgz/auth v1.24.1 +# github.com/go-pkgz/auth v1.24.2-0.20240921022538-30916c085e04 ## explicit; go 1.21 github.com/go-pkgz/auth github.com/go-pkgz/auth/avatar