Add support for UsePathBase in actuators

bart-vmware · bart-vmware · commit a009e6c0131b · 2025-11-17T17:20:38.000+01:00
diff --git a/src/Management/src/Endpoint/Actuators/CloudFoundry/CloudFoundryEndpointHandler.cs b/src/Management/src/Endpoint/Actuators/CloudFoundry/CloudFoundryEndpointHandler.cs
@@ -2,6 +2,7 @@
 // The .NET Foundation licenses this file to you under the Apache 2.0 License.
 // See the LICENSE file in the project root for more information.
 
+using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Steeltoe.Common;
@@ -19,25 +20,28 @@ internal sealed class CloudFoundryEndpointHandler : ICloudFoundryEndpointHandler
 {
     private readonly IOptionsMonitor<ManagementOptions> _managementOptionsMonitor;
     private readonly IOptionsMonitor<CloudFoundryEndpointOptions> _endpointOptionsMonitor;
+    private readonly IHttpContextAccessor _httpContextAccessor;
     private readonly IEndpointOptionsMonitorProvider[] _optionsMonitorProviderArray;
     private readonly ILogger<HypermediaService> _hypermediaServiceLogger;
 
     public EndpointOptions Options => _endpointOptionsMonitor.CurrentValue;
 
     public CloudFoundryEndpointHandler(IOptionsMonitor<ManagementOptions> managementOptionsMonitor,
         IOptionsMonitor<CloudFoundryEndpointOptions> endpointOptionsMonitor, IEnumerable<IEndpointOptionsMonitorProvider> endpointOptionsMonitorProviders,
-        ILoggerFactory loggerFactory)
+        IHttpContextAccessor httpContextAccessor, ILoggerFactory loggerFactory)
     {
         ArgumentNullException.ThrowIfNull(managementOptionsMonitor);
         ArgumentNullException.ThrowIfNull(endpointOptionsMonitor);
         ArgumentNullException.ThrowIfNull(endpointOptionsMonitorProviders);
+        ArgumentNullException.ThrowIfNull(httpContextAccessor);
         ArgumentNullException.ThrowIfNull(loggerFactory);
 
         IEndpointOptionsMonitorProvider[] optionsMonitorProviderArray = endpointOptionsMonitorProviders.ToArray();
         ArgumentGuard.ElementsNotNull(optionsMonitorProviderArray);
 
         _managementOptionsMonitor = managementOptionsMonitor;
         _endpointOptionsMonitor = endpointOptionsMonitor;
+        _httpContextAccessor = httpContextAccessor;
         _optionsMonitorProviderArray = optionsMonitorProviderArray;
         _hypermediaServiceLogger = loggerFactory.CreateLogger<HypermediaService>();
     }
@@ -46,8 +50,8 @@ public async Task<Links> InvokeAsync(string baseUrl, CancellationToken cancellat
     {
         ArgumentException.ThrowIfNullOrWhiteSpace(baseUrl);
 
-        var hypermediaService =
-            new HypermediaService(_managementOptionsMonitor, _endpointOptionsMonitor, _optionsMonitorProviderArray, _hypermediaServiceLogger);
+        var hypermediaService = new HypermediaService(_managementOptionsMonitor, _endpointOptionsMonitor, _optionsMonitorProviderArray, _httpContextAccessor,
+            _hypermediaServiceLogger);
 
         Links result = hypermediaService.Invoke(new Uri(baseUrl));
         return await Task.FromResult(result);
diff --git a/src/Management/src/Endpoint/Actuators/CloudFoundry/CloudFoundryEndpointMiddleware.cs b/src/Management/src/Endpoint/Actuators/CloudFoundry/CloudFoundryEndpointMiddleware.cs
@@ -28,8 +28,8 @@ internal sealed class CloudFoundryEndpointMiddleware(
             ? headerScheme.ToString()
             : httpContext.Request.Scheme;
 
-        string uri = $"{scheme}://{httpContext.Request.Host}{httpContext.Request.PathBase}{httpContext.Request.Path}";
-        return Task.FromResult<string?>(uri);
+        string requestUri = $"{scheme}://{httpContext.Request.Host}{httpContext.Request.Path}";
+        return Task.FromResult<string?>(requestUri);
     }
 
     protected override async Task<Links> InvokeEndpointHandlerAsync(string? uri, CancellationToken cancellationToken)
diff --git a/src/Management/src/Endpoint/Actuators/CloudFoundry/EndpointServiceCollectionExtensions.cs b/src/Management/src/Endpoint/Actuators/CloudFoundry/EndpointServiceCollectionExtensions.cs
@@ -43,6 +43,8 @@ public static IServiceCollection AddCloudFoundryActuator(this IServiceCollection
     {
         ArgumentNullException.ThrowIfNull(services);
 
+        services.AddHttpContextAccessor();
+
         services.AddCoreActuatorServices<CloudFoundryEndpointOptions, ConfigureCloudFoundryEndpointOptions, CloudFoundryEndpointMiddleware,
             ICloudFoundryEndpointHandler, CloudFoundryEndpointHandler, string, Links>(configureMiddleware);
 
diff --git a/src/Management/src/Endpoint/Actuators/Hypermedia/EndpointServiceCollectionExtensions.cs b/src/Management/src/Endpoint/Actuators/Hypermedia/EndpointServiceCollectionExtensions.cs
@@ -39,6 +39,8 @@ public static IServiceCollection AddHypermediaActuator(this IServiceCollection s
     {
         ArgumentNullException.ThrowIfNull(services);
 
+        services.AddHttpContextAccessor();
+
         services.AddCoreActuatorServices<HypermediaEndpointOptions, ConfigureHypermediaEndpointOptions, HypermediaEndpointMiddleware,
             IHypermediaEndpointHandler, HypermediaEndpointHandler, string, Links>(configureMiddleware);
 
diff --git a/src/Management/src/Endpoint/Actuators/Hypermedia/HypermediaEndpointHandler.cs b/src/Management/src/Endpoint/Actuators/Hypermedia/HypermediaEndpointHandler.cs
@@ -2,6 +2,7 @@
 // The .NET Foundation licenses this file to you under the Apache 2.0 License.
 // See the LICENSE file in the project root for more information.
 
+using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Steeltoe.Common;
@@ -17,25 +18,28 @@ internal sealed class HypermediaEndpointHandler : IHypermediaEndpointHandler
 {
     private readonly IOptionsMonitor<ManagementOptions> _managementOptionsMonitor;
     private readonly IOptionsMonitor<HypermediaEndpointOptions> _endpointOptionsMonitor;
+    private readonly IHttpContextAccessor _httpContextAccessor;
     private readonly IEndpointOptionsMonitorProvider[] _endpointOptionsMonitorProviderArray;
     private readonly ILogger<HypermediaService> _hypermediaServiceLogger;
 
     public EndpointOptions Options => _endpointOptionsMonitor.CurrentValue;
 
     public HypermediaEndpointHandler(IOptionsMonitor<ManagementOptions> managementOptionsMonitor,
         IOptionsMonitor<HypermediaEndpointOptions> endpointOptionsMonitor, IEnumerable<IEndpointOptionsMonitorProvider> endpointOptionsMonitorProviders,
-        ILoggerFactory loggerFactory)
+        IHttpContextAccessor httpContextAccessor, ILoggerFactory loggerFactory)
     {
         ArgumentNullException.ThrowIfNull(managementOptionsMonitor);
         ArgumentNullException.ThrowIfNull(endpointOptionsMonitor);
         ArgumentNullException.ThrowIfNull(endpointOptionsMonitorProviders);
+        ArgumentNullException.ThrowIfNull(httpContextAccessor);
         ArgumentNullException.ThrowIfNull(loggerFactory);
 
         IEndpointOptionsMonitorProvider[] endpointOptionsMonitorProviderArray = endpointOptionsMonitorProviders.ToArray();
         ArgumentGuard.ElementsNotNull(endpointOptionsMonitorProviderArray);
 
         _managementOptionsMonitor = managementOptionsMonitor;
         _endpointOptionsMonitor = endpointOptionsMonitor;
+        _httpContextAccessor = httpContextAccessor;
         _endpointOptionsMonitorProviderArray = endpointOptionsMonitorProviderArray;
         _hypermediaServiceLogger = loggerFactory.CreateLogger<HypermediaService>();
     }
@@ -44,7 +48,9 @@ public Task<Links> InvokeAsync(string baseUrl, CancellationToken cancellationTok
     {
         ArgumentException.ThrowIfNullOrWhiteSpace(baseUrl);
 
-        var service = new HypermediaService(_managementOptionsMonitor, _endpointOptionsMonitor, _endpointOptionsMonitorProviderArray, _hypermediaServiceLogger);
+        var service = new HypermediaService(_managementOptionsMonitor, _endpointOptionsMonitor, _endpointOptionsMonitorProviderArray, _httpContextAccessor,
+            _hypermediaServiceLogger);
+
         Links result = service.Invoke(new Uri(baseUrl));
         return Task.FromResult(result);
     }
diff --git a/src/Management/src/Endpoint/Actuators/Hypermedia/HypermediaEndpointMiddleware.cs b/src/Management/src/Endpoint/Actuators/Hypermedia/HypermediaEndpointMiddleware.cs
@@ -23,12 +23,7 @@ internal sealed class HypermediaEndpointMiddleware(
             ? headerScheme.ToString()
             : httpContext.Request.Scheme;
 
-        // request.Host automatically includes or excludes the port based on whether it is standard for the scheme
-        // ... except when we manually change the scheme to match the X-Forwarded-Proto
-        string requestUri = scheme == "https" && httpContext.Request.Host.Port == 443
-            ? $"{scheme}://{httpContext.Request.Host.Host}{httpContext.Request.PathBase}{httpContext.Request.Path}"
-            : $"{scheme}://{httpContext.Request.Host}{httpContext.Request.PathBase}{httpContext.Request.Path}";
-
+        string requestUri = $"{scheme}://{httpContext.Request.Host}{httpContext.Request.Path}";
         return Task.FromResult<string?>(requestUri);
     }
 
diff --git a/src/Management/src/Endpoint/Actuators/Hypermedia/HypermediaService.cs b/src/Management/src/Endpoint/Actuators/Hypermedia/HypermediaService.cs
@@ -2,6 +2,7 @@
 // The .NET Foundation licenses this file to you under the Apache 2.0 License.
 // See the LICENSE file in the project root for more information.
 
+using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Steeltoe.Common;
@@ -16,37 +17,44 @@ internal sealed class HypermediaService
     private readonly IOptionsMonitor<ManagementOptions> _managementOptionsMonitor;
     private readonly EndpointOptions _endpointOptions;
     private readonly ICollection<IEndpointOptionsMonitorProvider> _endpointOptionsMonitorProviders;
+    private readonly IHttpContextAccessor _httpContextAccessor;
     private readonly ILogger<HypermediaService> _logger;
 
     public HypermediaService(IOptionsMonitor<ManagementOptions> managementOptionsMonitor,
         IOptionsMonitor<HypermediaEndpointOptions> hypermediaEndpointOptionsMonitor,
-        ICollection<IEndpointOptionsMonitorProvider> endpointOptionsMonitorProviders, ILogger<HypermediaService> logger)
+        ICollection<IEndpointOptionsMonitorProvider> endpointOptionsMonitorProviders, IHttpContextAccessor httpContextAccessor,
+        ILogger<HypermediaService> logger)
     {
         ArgumentNullException.ThrowIfNull(managementOptionsMonitor);
         ArgumentNullException.ThrowIfNull(hypermediaEndpointOptionsMonitor);
         ArgumentNullException.ThrowIfNull(endpointOptionsMonitorProviders);
+        ArgumentNullException.ThrowIfNull(httpContextAccessor);
         ArgumentGuard.ElementsNotNull(endpointOptionsMonitorProviders);
         ArgumentNullException.ThrowIfNull(logger);
 
         _managementOptionsMonitor = managementOptionsMonitor;
         _endpointOptions = hypermediaEndpointOptionsMonitor.CurrentValue;
         _endpointOptionsMonitorProviders = endpointOptionsMonitorProviders;
+        _httpContextAccessor = httpContextAccessor;
         _logger = logger;
     }
 
     public HypermediaService(IOptionsMonitor<ManagementOptions> managementOptionsMonitor,
         IOptionsMonitor<CloudFoundryEndpointOptions> cloudFoundryEndpointOptionsMonitor,
-        ICollection<IEndpointOptionsMonitorProvider> endpointOptionsMonitorProviders, ILogger<HypermediaService> logger)
+        ICollection<IEndpointOptionsMonitorProvider> endpointOptionsMonitorProviders, IHttpContextAccessor httpContextAccessor,
+        ILogger<HypermediaService> logger)
     {
         ArgumentNullException.ThrowIfNull(managementOptionsMonitor);
         ArgumentNullException.ThrowIfNull(cloudFoundryEndpointOptionsMonitor);
         ArgumentNullException.ThrowIfNull(endpointOptionsMonitorProviders);
+        ArgumentNullException.ThrowIfNull(httpContextAccessor);
         ArgumentGuard.ElementsNotNull(endpointOptionsMonitorProviders);
         ArgumentNullException.ThrowIfNull(logger);
 
         _managementOptionsMonitor = managementOptionsMonitor;
         _endpointOptions = cloudFoundryEndpointOptionsMonitor.CurrentValue;
         _endpointOptionsMonitorProviders = endpointOptionsMonitorProviders;
+        _httpContextAccessor = httpContextAccessor;
         _logger = logger;
     }
 
@@ -68,6 +76,11 @@ public Links Invoke(Uri baseUrl)
         bool skipExposureCheck = PermissionsProvider.IsCloudFoundryRequest(baseUrl.PathAndQuery);
         string? basePath = managementOptions.GetBasePath(baseUrl.AbsolutePath);
 
+        if (_httpContextAccessor.HttpContext?.Request != null)
+        {
+            basePath = $"{_httpContextAccessor.HttpContext.Request.PathBase}{basePath}";
+        }
+
         foreach (EndpointOptions endpointOptions in _endpointOptionsMonitorProviders.Select(provider => provider.Get()).OrderBy(options => options.Id))
         {
             if (endpointOptions.Id == null || !endpointOptions.IsEnabled(managementOptions))
diff --git a/src/Management/test/Endpoint.Test/Actuators/CloudFoundry/CloudFoundryActuatorTest.cs b/src/Management/test/Endpoint.Test/Actuators/CloudFoundry/CloudFoundryActuatorTest.cs
@@ -421,6 +421,57 @@ public async Task Hides_disabled_actuators_and_ignores_exposure()
             """);
     }
 
+    [Fact]
+    public async Task Ignores_exposure_with_UsePathBase()
+    {
+        using var scope = new EnvironmentVariableScope("VCAP_APPLICATION", VcapApplicationForMock);
+
+        var appSettings = new Dictionary<string, string?>
+        {
+            ["Management:Endpoints:Actuator:Exposure:Include:0"] = "*",
+            ["Management:Endpoints:Actuator:Exposure:Exclude:1"] = "loggers"
+        };
+
+        WebApplicationBuilder builder = TestWebApplicationBuilderFactory.Create();
+        builder.Configuration.AddCloudFoundry();
+        builder.Configuration.AddInMemoryCollection(appSettings);
+        builder.Services.AddCloudFoundryActuator(false);
+        builder.Services.AddLoggersActuator(false);
+
+        await using WebApplication host = builder.Build();
+
+        host.UsePathBase("/some/prefix");
+        host.UseRouting();
+        host.UseCloudFoundrySecurity();
+        host.UseActuatorEndpoints();
+
+        host.Services.GetRequiredService<HttpClientHandlerFactory>().Using(CloudControllerPermissionsMock.GetHttpMessageHandler());
+        await host.StartAsync(TestContext.Current.CancellationToken);
+        using HttpClient httpClient = host.GetTestClient();
+
+        HttpResponseMessage response = await AuthenticatedGetAsync(httpClient, new Uri("http://localhost/some/prefix/cloudfoundryapplication"));
+
+        response.StatusCode.Should().Be(HttpStatusCode.OK);
+
+        string responseBody = await response.Content.ReadAsStringAsync(TestContext.Current.CancellationToken);
+
+        responseBody.Should().BeJson("""
+            {
+              "type": "steeltoe",
+              "_links": {
+                "loggers": {
+                  "href": "http://localhost/some/prefix/cloudfoundryapplication/loggers",
+                  "templated": false
+                },
+                "self": {
+                  "href": "http://localhost/some/prefix/cloudfoundryapplication",
+                  "templated": false
+                }
+              }
+            }
+            """);
+    }
+
     [Theory]
     [InlineData("http://somehost:1234", "https://somehost:1234", "https")]
     [InlineData("http://somehost:443", "https://somehost", "https")]
diff --git a/src/Management/test/Endpoint.Test/Actuators/Hypermedia/HypermediaActuatorTest.cs b/src/Management/test/Endpoint.Test/Actuators/Hypermedia/HypermediaActuatorTest.cs
@@ -370,6 +370,44 @@ public async Task Can_use_slash_as_management_path()
             """);
     }
 
+    [Fact]
+    public async Task Includes_base_path_from_UsePathBase_in_hypermedia_links()
+    {
+        WebApplicationBuilder builder = TestWebApplicationBuilderFactory.Create();
+        builder.Services.AddHypermediaActuator(false);
+        builder.Services.AddInfoActuator(false);
+        await using WebApplication host = builder.Build();
+
+        host.UsePathBase("/some/prefix");
+        host.UseRouting();
+        host.UseActuatorEndpoints();
+
+        await host.StartAsync(TestContext.Current.CancellationToken);
+        using HttpClient httpClient = host.GetTestClient();
+
+        HttpResponseMessage response = await httpClient.GetAsync(new Uri("http://localhost/some/prefix/actuator"), TestContext.Current.CancellationToken);
+
+        response.StatusCode.Should().Be(HttpStatusCode.OK);
+
+        string responseBody = await response.Content.ReadAsStringAsync(TestContext.Current.CancellationToken);
+
+        responseBody.Should().BeJson("""
+            {
+              "type": "steeltoe",
+              "_links": {
+                "info": {
+                  "href": "http://localhost/some/prefix/actuator/info",
+                  "templated": false
+                },
+                "self": {
+                  "href": "http://localhost/some/prefix/actuator",
+                  "templated": false
+                }
+              }
+            }
+            """);
+    }
+
     [Theory]
     [InlineData("http://somehost:1234", "https://somehost:1234", "https")]
     [InlineData("http://somehost:443", "https://somehost", "https")]

Original file line number	Diff line number	Diff line change
`@@ -28,8 +28,8 @@ internal sealed class CloudFoundryEndpointMiddleware(`
`28`	`28`	`? headerScheme.ToString()`
`29`	`29`	`: httpContext.Request.Scheme;`
`30`	`30`
`31`		`- string uri = $"{scheme}://{httpContext.Request.Host}{httpContext.Request.PathBase}{httpContext.Request.Path}";`
`32`		`- return Task.FromResult<string?>(uri);`
	`31`	`+ string requestUri = $"{scheme}://{httpContext.Request.Host}{httpContext.Request.Path}";`
	`32`	`+ return Task.FromResult<string?>(requestUri);`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	`protected override async Task<Links> InvokeEndpointHandlerAsync(string? uri, CancellationToken cancellationToken)`
Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,8 @@ public static IServiceCollection AddCloudFoundryActuator(this IServiceCollection`
`43`	`43`	`{`
`44`	`44`	`ArgumentNullException.ThrowIfNull(services);`
`45`	`45`
	`46`	`+ services.AddHttpContextAccessor();`
	`47`	`+`
`46`	`48`	`services.AddCoreActuatorServices<CloudFoundryEndpointOptions, ConfigureCloudFoundryEndpointOptions, CloudFoundryEndpointMiddleware,`
`47`	`49`	`ICloudFoundryEndpointHandler, CloudFoundryEndpointHandler, string, Links>(configureMiddleware);`
`48`	`50`
Original file line number	Diff line number	Diff line change
`@@ -39,6 +39,8 @@ public static IServiceCollection AddHypermediaActuator(this IServiceCollection s`
`39`	`39`	`{`
`40`	`40`	`ArgumentNullException.ThrowIfNull(services);`
`41`	`41`
	`42`	`+ services.AddHttpContextAccessor();`
	`43`	`+`
`42`	`44`	`services.AddCoreActuatorServices<HypermediaEndpointOptions, ConfigureHypermediaEndpointOptions, HypermediaEndpointMiddleware,`
`43`	`45`	`IHypermediaEndpointHandler, HypermediaEndpointHandler, string, Links>(configureMiddleware);`
`44`	`46`