kataras
diff --git a/‎.travis.yml
Lines changed: 6 additions & 6 deletions b/‎.travis.yml
Lines changed: 6 additions & 6 deletions
diff --git a/‎HISTORY.md
Lines changed: 36 additions & 2 deletions b/‎HISTORY.md
Lines changed: 36 additions & 2 deletions
diff --git a/‎_examples/http-server/listen-letsencrypt/main.go
Lines changed: 14 additions & 4 deletions b/‎_examples/http-server/listen-letsencrypt/main.go
Lines changed: 14 additions & 4 deletions
diff --git a/‎_examples/http-server/listen-tls/main.go
Lines changed: 1 addition & 1 deletion b/‎_examples/http-server/listen-tls/main.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎context/context.go
Lines changed: 5 additions & 2 deletions b/‎context/context.go
Lines changed: 5 additions & 2 deletions
diff --git a/‎context/handler.go
Lines changed: 45 additions & 0 deletions b/‎context/handler.go
Lines changed: 45 additions & 0 deletions
diff --git a/‎core/host/supervisor.go
Lines changed: 75 additions & 29 deletions b/‎core/host/supervisor.go
Lines changed: 75 additions & 29 deletions
@@ -1,24 +1,24 @@
+sudo: false
 language: go
+
 os:
   - linux
   - osx
 go:
   - 1.14.x
+  - 1.15.x
+  - master
 go_import_path: github.com/kataras/iris/v12
 env:
  global:
    - GO111MODULE=on
 install:
   - go get ./...
 script:
-  - go test -count=1 -v -cover ./...
+  - go test -count=1 -v -cover -race ./...
 after_script:
   # examples
   - cd ./_examples
   - go get ./...
-  - go test -count=1 -v -cover ./...
+  - go test -count=1 -v -cover -race ./...
   - cd ../
-  # make sure that the _benchmarks code is working
-  - cd ./_benchmarks
-  - go get ./...
-  - go test -count=1 -v -cover ./...
@@ -359,7 +359,41 @@ Response:
 
 Other Improvements:
 
-- `Application.UseRouter(...Handler)` - to register handlers before the main router, useful on handlers that should control whether the router itself should ran or not. Independently of the incoming request's method and path values. These handlers will be executed ALWAYS against ALL incoming requests. Example of use-case: CORS.
+- Fix `AutoTLS` when used with `iris.TLSNoRedirect` [*](https://github.com/kataras/iris/issues/1577). The `AutoTLS` runner can be customized through the new `iris.AutoTLSNoRedirect` instead, read its go documentation. Example of having both TLS and non-TLS versions of the same application without conflicts with letsencrypt `./well-known` path:
+
+```go
+package main
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/kataras/iris/v12"
+)
+
+func main() {
+	app := iris.New()
+	app.Logger().SetLevel("debug")
+
+	app.Get("/", func(ctx iris.Context) {
+		ctx.JSON(iris.Map{
+			"time": time.Now().Unix(),
+			"tls":  ctx.Request().TLS != nil,
+		})
+	})
+
+	var fallbackServer = func(acme func(http.Handler) http.Handler) *http.Server {
+		srv := &http.Server{Handler: acme(app)}
+		go srv.ListenAndServe()
+		return srv
+	}
+
+	app.Run(iris.AutoTLS(":443", "example.com", "[email protected]",
+		iris.AutoTLSNoRedirect(fallbackServer)))
+}
+```
+
+- `Application.UseRouter(...Handler)` - per party to register handlers before the main router, useful on handlers that should control whether the router itself should ran or not. Independently of the incoming request's method and path values. These handlers will be executed ALWAYS against ALL incoming matched requests. Example of use-case: CORS.
 
 - `*versioning.Group` type is a full `Party` now.
 
@@ -464,7 +498,7 @@ var dirOpts = iris.DirOptions{
 - `Context.RemoveCookie` removes also the Request's specific cookie of the same request lifecycle when `iris.CookieAllowReclaim` is set to cookie options, [example](https://github.com/kataras/iris/tree/master/_examples/cookies/options).
 
 - `iris.TLS` can now accept certificates in form of raw `[]byte` contents too.
-- `iris.TLS` registers a secondary http server which redirects "http://" to their "https://" equivalent requests, unless the new `iris.TLSNoRedirect` host Configurator is provided on `iris.TLS` (or `iris.AutoTLS`), e.g. `app.Run(iris.TLS("127.0.0.1:443", "mycert.cert", "mykey.key", iris.TLSNoRedirect))`.
+- `iris.TLS` registers a secondary http server which redirects "http://" to their "https://" equivalent requests, unless the new `iris.TLSNoRedirect` host Configurator is provided on `iris.TLS`, e.g. `app.Run(iris.TLS("127.0.0.1:443", "mycert.cert", "mykey.key", iris.TLSNoRedirect))`. There is `iris.AutoTLSNoRedirect` option for `AutoTLS` too.
 
 - Fix an [issue](https://github.com/kataras/i18n/issues/1) about i18n loading from path which contains potential language code.
 
 
@@ -25,8 +25,18 @@ func main() {
 	// and a non-public e-mail instead or edit your hosts file.
 	app.Run(iris.AutoTLS(":443", "example.com", "[email protected]"))
 
-	// Note: to disable automatic "http://" to "https://" redirections pass the `iris.TLSNoRedirect`
-	// host configurator to TLS or AutoTLS functions, e.g:
-	//
-	// app.Run(iris.AutoTLS(":443", "example.com", "[email protected]", iris.TLSNoRedirect))
+	// Note: to disable automatic "http://" to "https://" redirections pass
+	// the `iris.AutoTLSNoRedirect` host configurator to AutoTLS function, example:
+	/*
+		var fallbackServer = func(acme func(http.Handler) http.Handler) *http.Server {
+			// Use any http.Server and Handler, as long as it's wrapped by `acme` one.
+			// In that case we share the application through non-tls users too:
+			srv := &http.Server{Handler: acme(app)}
+			go srv.ListenAndServe()
+			return srv
+		}
+
+		app.Run(iris.AutoTLS(":443", "example.com", "[email protected]",
+			iris.AutoTLSNoRedirect(fallbackServer)))
+	*/
 }
@@ -21,7 +21,7 @@ func main() {
 	app.Run(iris.TLS("127.0.0.1:443", "mycert.crt", "mykey.key"))
 
 	// Note: to disable automatic "http://" to "https://" redirections pass the `iris.TLSNoRedirect`
-	// host configurator to TLS or AutoTLS functions, e.g:
+	// host configurator to TLS function, example:
 	//
 	// app.Run(iris.TLS("127.0.0.1:443", "mycert.crt", "mykey.key", iris.TLSNoRedirect))
 }
@@ -740,7 +740,9 @@ func (ctx *Context) RequestPath(escape bool) string {
 // 	return false
 // } no, it will not work because map is a random peek data structure.
 
-// Host returns the host part of the current URI.
+// Host returns the host:port part of the request URI, calls the `Request().Host`.
+// To get the subdomain part as well use the `Request().URL.Host` method instead.
+// To get the subdomain only use the `Subdomain` method instead.
 // This method makes use of the `Configuration.HostProxyHeaders` field too.
 func (ctx *Context) Host() string {
 	for header, ok := range ctx.app.ConfigurationReadOnly().GetHostProxyHeaders() {
@@ -762,13 +764,14 @@ func GetHost(r *http.Request) string {
 		return host
 	}
 
+	// contains subdomain.
 	return r.URL.Host
 }
 
 // Subdomain returns the subdomain of this request, if any.
 // Note that this is a fast method which does not cover all cases.
 func (ctx *Context) Subdomain() (subdomain string) {
-	host := ctx.Host()
+	host := ctx.request.URL.Host // ctx.Host()
 	if index := strings.IndexByte(host, '.'); index > 0 {
 		subdomain = host[0:index]
 	}
 
@@ -116,6 +116,31 @@ func HandlerName(h interface{}) string {
 	return trimHandlerName(name)
 }
 
+// HandlersNames returns a slice of "handlers" names
+// separated by commas. Can be used for debugging
+// or to determinate if end-developer
+// called the same exactly Use/UseRouter/Done... API methods
+// so framework can give a warning.
+func HandlersNames(handlers ...interface{}) string {
+	if len(handlers) == 1 {
+		if hs, ok := handlers[0].(Handlers); ok {
+			asInterfaces := make([]interface{}, 0, len(hs))
+			for _, h := range hs {
+				asInterfaces = append(asInterfaces, h)
+			}
+
+			return HandlersNames(asInterfaces...)
+		}
+	}
+
+	names := make([]string, 0, len(handlers))
+	for _, h := range handlers {
+		names = append(names, HandlerName(h))
+	}
+
+	return strings.Join(names, ",")
+}
+
 // HandlerFileLine returns the handler's file and line information.
 // See `context.HandlerFileLine` to get the file, line of the current running handler in the chain.
 func HandlerFileLine(h interface{}) (file string, line int) {
@@ -304,3 +329,23 @@ func JoinHandlers(h1 Handlers, h2 Handlers) Handlers {
 	copy(newHandlers[nowLen:], h2)
 	return newHandlers
 }
+
+// UpsertHandlers like `JoinHandlers` but it does
+// NOT copies the handlers entries and it does remove duplicates.
+func UpsertHandlers(h1 Handlers, h2 Handlers) Handlers {
+reg:
+	for _, handler := range h2 {
+		name := HandlerName(handler)
+		for i, registeredHandler := range h1 {
+			registeredName := HandlerName(registeredHandler)
+			if name == registeredName {
+				h1[i] = handler // replace this handler with the new one.
+				continue reg    // break and continue to the next handler.
+			}
+		}
+
+		h1 = append(h1, handler) // or just insert it.
+	}
+
+	return h1
+}
@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/tls"
 	"errors"
+	"fmt"
 	"net"
 	"net/http"
 	"net/url"
@@ -30,7 +31,7 @@ type Configurator func(su *Supervisor)
 // Interfaces are separated to return relative functionality to them.
 type Supervisor struct {
 	Server                         *http.Server
-	disableHTTP1ToHTTP2Redirection bool   // if true then no secondary server on `ListenAndServeTLS/AutoTLS` will be registered, exposed through `NoRedirect`.
+	disableHTTP1ToHTTP2Redirection bool
 	closedManually                 uint32 // future use, accessed atomically (non-zero means we've called the Shutdown)
 	closedByInterruptHandler       uint32 // non-zero means that the end-developer interrupted it by-purpose.
 	manuallyTLS                    bool   // we need that in order to determinate what to output on the console before the server begin.
@@ -49,6 +50,21 @@ type Supervisor struct {
 	IgnoredErrors []string
 	onErr         []func(error)
 
+	// Fallback should return a http.Server, which may already running
+	// to handle the HTTP/1.1 clients when TLS/AutoTLS.
+	// On manual TLS the accepted "challengeHandler" just returns the passed handler,
+	// otherwise it binds to the acme challenge wrapper.
+	// Example:
+	//      Fallback = func(h func(fallback http.Handler) http.Handler) *http.Server {
+	//          s := &http.Server{
+	//             Handler: h(myServerHandler),
+	//             ...otherOptions
+	//          }
+	//          go s.ListenAndServe()
+	//          return s
+	//      }
+	Fallback func(challegeHandler func(fallback http.Handler) http.Handler) *http.Server
+
 	// See `iris.Configuration.SocketSharding`.
 	SocketSharding bool
 }
@@ -83,7 +99,7 @@ func (su *Supervisor) Configure(configurators ...Configurator) *Supervisor {
 	return su
 }
 
-// NoRedirect should be called before `ListenAndServeTLS/AutoTLS` when
+// NoRedirect should be called before `ListenAndServeTLS` when
 // secondary http1 to http2 server is not required. This method will disable
 // the automatic registration of secondary http.Server
 // which would redirect "http://" requests to their "https://" equivalent.
@@ -295,11 +311,8 @@ func (su *Supervisor) ListenAndServeTLS(certFileOrContents string, keyFileOrCont
 		}
 	}
 
-	target, _ := url.Parse("https://" + netutil.ResolveVHost(su.Server.Addr)) // e.g. https://localhost:443
-	http1Handler := RedirectHandler(target, http.StatusMovedPermanently)
-
 	su.manuallyTLS = true
-	return su.runTLS(getCertificate, http1Handler)
+	return su.runTLS(getCertificate, nil)
 }
 
 // ListenAndServeAutoTLS acts identically to ListenAndServe, except that it
@@ -346,44 +359,77 @@ func (su *Supervisor) ListenAndServeAutoTLS(domain string, email string, cacheDi
 		Cache:      cache,
 	}
 
-	return su.runTLS(autoTLSManager.GetCertificate, autoTLSManager.HTTPHandler(nil /* nil for redirect */))
+	return su.runTLS(autoTLSManager.GetCertificate, autoTLSManager.HTTPHandler)
 }
 
-func (su *Supervisor) runTLS(getCertificate func(*tls.ClientHelloInfo) (*tls.Certificate, error), http1Handler http.Handler) error {
-	if !su.disableHTTP1ToHTTP2Redirection && http1Handler != nil {
-		// Note: no need to use a function like ping(":http") to see
-		// if there is another server running, if it is
-		// then this server will errored and not start at all.
-		http1RedirectServer := &http.Server{
-			ReadTimeout:  30 * time.Second,
-			WriteTimeout: 60 * time.Second,
-			Addr:         ":http",
-			Handler:      http1Handler,
+func (su *Supervisor) runTLS(getCertificate func(*tls.ClientHelloInfo) (*tls.Certificate, error), challengeHandler func(fallback http.Handler) http.Handler) error {
+	if su.manuallyTLS && !su.disableHTTP1ToHTTP2Redirection {
+		// If manual TLS and auto-redirection is enabled,
+		// then create an empty challenge handler so the :80 server starts.
+		challengeHandler = func(h http.Handler) http.Handler { // it is always nil on manual TLS.
+			target, _ := url.Parse("https://" + netutil.ResolveVHost(su.Server.Addr)) // e.g. https://localhost:443
+			http1Handler := RedirectHandler(target, http.StatusMovedPermanently)
+			return http1Handler
+		}
+	}
+
+	if challengeHandler != nil {
+		http1Server := &http.Server{
+			Addr:              ":http",
+			Handler:           challengeHandler(nil), // nil for redirection.
+			ReadTimeout:       su.Server.ReadTimeout,
+			ReadHeaderTimeout: su.Server.ReadHeaderTimeout,
+			WriteTimeout:      su.Server.WriteTimeout,
+			IdleTimeout:       su.Server.IdleTimeout,
+			MaxHeaderBytes:    su.Server.MaxHeaderBytes,
+		}
+
+		if su.Fallback == nil {
+			if !su.manuallyTLS && su.disableHTTP1ToHTTP2Redirection {
+				// automatic redirection was disabled but Fallback was not registered.
+				return fmt.Errorf("autotls: use iris.AutoTLSNoRedirect instead")
+			}
+			go http1Server.ListenAndServe()
+		} else {
+			// if it's manual TLS still can have its own Fallback server here,
+			// the handler will be the redirect one, the difference is that it can run on any port.
+			srv := su.Fallback(challengeHandler)
+			if srv == nil {
+				if !su.manuallyTLS {
+					return fmt.Errorf("autotls: relies on an HTTP/1.1 server")
+				}
+				// for any case the end-developer decided to return nil here,
+				// we proceed with the automatic redirection.
+				srv = http1Server
+				go srv.ListenAndServe()
+			} else {
+				if srv.Addr == "" {
+					srv.Addr = ":http"
+				} else if !su.manuallyTLS && srv.Addr != ":80" && srv.Addr != ":http" {
+					return fmt.Errorf("autotls: The HTTP-01 challenge relies on http://%s:80/.well-known/acme-challenge/", netutil.ResolveVHost(su.Server.Addr))
+				}
+
+				if srv.Handler == nil {
+					// handler was nil, caller wanted to change the server's options like read/write timeout.
+					srv.Handler = http1Server.Handler
+					go srv.ListenAndServe() // automatically start it, we assume the above ^
+				}
+				http1Server = srv // to register the shutdown event.
+			}
 		}
 
-		// register a shutdown callback to this
-		// supervisor in order to close the "secondary redirect server" as well.
 		su.RegisterOnShutdown(func() {
-			// give it some time to close itself...
 			timeout := 10 * time.Second
 			ctx, cancel := context.WithTimeout(context.Background(), timeout)
 			defer cancel()
-			http1RedirectServer.Shutdown(ctx)
+			http1Server.Shutdown(ctx)
 		})
-
-		ln, err := netutil.TCP(":http", su.SocketSharding)
-		if err != nil {
-			return err
-		}
-
-		go http1RedirectServer.Serve(ln)
 	}
 
 	if su.Server.TLSConfig == nil {
 		// If tls.Config is NOT configured manually through a host configurator,
 		// then create it.
 		su.Server.TLSConfig = &tls.Config{
-
 			MinVersion:               tls.VersionTLS12,
 			GetCertificate:           getCertificate,
 			PreferServerCipherSuites: true,
Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@ func main() {`
`21`	`21`	`app.Run(iris.TLS("127.0.0.1:443", "mycert.crt", "mykey.key"))`
`22`	`22`
`23`	`23`	// Note: to disable automatic "http://" to "https://" redirections pass the `iris.TLSNoRedirect`
`24`		`- // host configurator to TLS or AutoTLS functions, e.g:`
	`24`	`+ // host configurator to TLS function, example:`
`25`	`25`	`//`
`26`	`26`	`// app.Run(iris.TLS("127.0.0.1:443", "mycert.crt", "mykey.key", iris.TLSNoRedirect))`
`27`	`27`	`}`