Skip to content

Commit

Permalink
Update TLS examples to use better HTTP->HTTPS redirect
Browse files Browse the repository at this point in the history
  • Loading branch information
@jamesqh
jamesqh committed Jun 19, 2024
1 parent fcb45b8 commit dbdda72
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 11 deletions.
22 changes: 16 additions & 6 deletions examples/tls-graceful-shutdown/src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
use axum::{
extract::Host,
handler::HandlerWithoutStateExt,
http::{StatusCode, Uri},
http::{uri::Authority, StatusCode, Uri},
response::Redirect,
routing::get,
BoxError, Router,
Expand Down Expand Up @@ -106,7 +106,7 @@ async fn redirect_http_to_https<F>(ports: Ports, signal: F)
where
F: Future<Output = ()> + Send + 'static,
{
fn make_https(host: String, uri: Uri, ports: Ports) -> Result<Uri, BoxError> {
fn make_https(host: &str, uri: Uri, https_port: u16) -> Result<Uri, BoxError> {
let mut parts = uri.into_parts();

parts.scheme = Some(axum::http::uri::Scheme::HTTPS);
Expand All @@ -115,14 +115,24 @@ where
parts.path_and_query = Some("/".parse().unwrap());
}

let https_host = host.replace(&ports.http.to_string(), &ports.https.to_string());
parts.authority = Some(https_host.parse()?);
let authority: Authority = host.parse()?;
let bare_host = match authority.port() {
Some(port_struct) => authority
.as_str()
.strip_suffix(port_struct.as_str())
.unwrap()
.strip_suffix(':')
.unwrap(), // if authority.port() is Some(port) then we can be sure authority ends with :{port}
None => authority.as_str(),
};

parts.authority = Some(format!("{bare_host}:{https_port}").parse()?);

Ok(Uri::from_parts(parts)?)
}

let redirect = move |Host(host): Host, uri: Uri| async move {
match make_https(host, uri, ports) {
match make_https(&host, uri, ports.https) {
Ok(uri) => Ok(Redirect::permanent(&uri.to_string())),
Err(error) => {
tracing::warn!(%error, "failed to convert URI to HTTPS");
Expand All @@ -138,4 +148,4 @@ where
.with_graceful_shutdown(signal)
.await
.unwrap();
}
}
20 changes: 15 additions & 5 deletions examples/tls-rustls/src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
use axum::{
extract::Host,
handler::HandlerWithoutStateExt,
http::{StatusCode, Uri},
http::{uri::Authority, StatusCode, Uri},
response::Redirect,
routing::get,
BoxError, Router,
Expand Down Expand Up @@ -72,7 +72,7 @@ async fn handler() -> &'static str {

#[allow(dead_code)]
async fn redirect_http_to_https(ports: Ports) {
fn make_https(host: String, uri: Uri, ports: Ports) -> Result<Uri, BoxError> {
fn make_https(host: &str, uri: Uri, https_port: u16) -> Result<Uri, BoxError> {
let mut parts = uri.into_parts();

parts.scheme = Some(axum::http::uri::Scheme::HTTPS);
Expand All @@ -81,14 +81,24 @@ async fn redirect_http_to_https(ports: Ports) {
parts.path_and_query = Some("/".parse().unwrap());
}

let https_host = host.replace(&ports.http.to_string(), &ports.https.to_string());
parts.authority = Some(https_host.parse()?);
let authority: Authority = host.parse()?;
let bare_host = match authority.port() {
Some(port_struct) => authority
.as_str()
.strip_suffix(port_struct.as_str())
.unwrap()
.strip_suffix(':')
.unwrap(), // if authority.port() is Some(port) then we can be sure authority ends with :{port}
None => authority.as_str(),
};

parts.authority = Some(format!("{bare_host}:{https_port}").parse()?);

Ok(Uri::from_parts(parts)?)
}

let redirect = move |Host(host): Host, uri: Uri| async move {
match make_https(host, uri, ports) {
match make_https(&host, uri, ports.https) {
Ok(uri) => Ok(Redirect::permanent(&uri.to_string())),
Err(error) => {
tracing::warn!(%error, "failed to convert URI to HTTPS");
Expand Down

0 comments on commit dbdda72

Please sign in to comment.