passenger 5.0.9 → 5.0.10

data/ext/common/agents/HelperAgent/{AdminServer.h → ApiServer.h}

@@ -22,16 +22,18 @@
  *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  *  THE SOFTWARE.
  */
-#ifndef _PASSENGER_SERVER_AGENT_ADMIN_SERVER_H_
-#define _PASSENGER_SERVER_AGENT_ADMIN_SERVER_H_
+#ifndef _PASSENGER_SERVER_AGENT_API_SERVER_H_
+#define _PASSENGER_SERVER_AGENT_API_SERVER_H_
 
 #include <boost/regex.hpp>
 #include <oxt/thread.hpp>
 #include <sstream>
 #include <string>
 #include <cstring>
+#include <sys/types.h>
 
 #include <agents/HelperAgent/RequestHandler.h>
+#include <agents/ApiServerUtils.h>
 #include <ApplicationPool2/Pool.h>
 #include <ServerKit/HttpServer.h>
 #include <DataStructures/LString.h>
@@ -42,6 +44,8 @@
 #include <Utils/StrIntUtils.h>
 #include <Utils/modp_b64.h>
 #include <Utils/json.h>
+#include <Utils/BufferedIO.h>
+#include <Utils/MessageIO.h>
 
 namespace Passenger {
 namespace ServerAgent {
@@ -53,26 +57,14 @@ class Request: public ServerKit::BaseHttpRequest {
 public:
 	string body;
 	Json::Value jsonBody;
+	Authorization authorization;
 
 	DEFINE_SERVER_KIT_BASE_HTTP_REQUEST_FOOTER(Request);
 };
 
-class AdminServer: public ServerKit::HttpServer<AdminServer, ServerKit::HttpClient<Request> > {
-public:
-	enum PrivilegeLevel {
-		NONE,
-		READONLY,
-		FULL
-	};
-
-	struct Authorization {
-		PrivilegeLevel level;
-		string username;
-		string password;
-	};
-
+class ApiServer: public ServerKit::HttpServer<ApiServer, ServerKit::HttpClient<Request> > {
 private:
-	typedef ServerKit::HttpServer<AdminServer, ServerKit::HttpClient<Request> > ParentClass;
+	typedef ServerKit::HttpServer<ApiServer, ServerKit::HttpClient<Request> > ParentClass;
 	typedef ServerKit::HttpClient<Request> Client;
 	typedef ServerKit::HeaderTable HeaderTable;
 
@@ -82,57 +74,6 @@ private:
 		return boost::regex_match(str.data(), str.data() + str.size(), e);
 	}
 
-	bool parseAuthorizationHeader(Request *req, string &username,
-		string &password) const
-	{
-		const LString *auth = req->headers.lookup("authorization");
-
-		if (auth == NULL || auth->size <= 6 || !psg_lstr_cmp(auth, "Basic ", 6)) {
-			return false;
-		}
-
-		auth = psg_lstr_make_contiguous(auth, req->pool);
-		string authData = modp::b64_decode(
-			auth->start->data + sizeof("Basic ") - 1,
-			auth->size - (sizeof("Basic ") - 1));
-		string::size_type pos = authData.find(':');
-		if (pos == string::npos) {
-			return false;
-		}
-
-		username = authData.substr(0, pos);
-		password = authData.substr(pos + 1);
-		return true;
-	}
-
-	const Authorization *lookupAuthorizationRecord(const StaticString &username) const {
-		vector<Authorization>::const_iterator it, end = authorizations.end();
-
-		for (it = authorizations.begin(); it != end; it++) {
-			if (it->username == username) {
-				return &(*it);
-			}
-		}
-
-		return NULL;
-	}
-
-	bool authorize(Client *client, Request *req, PrivilegeLevel level) const {
-		if (authorizations.empty()) {
-			return true;
-		}
-
-		string username, password;
-		if (!parseAuthorizationHeader(req, username, password)) {
-			return false;
-		}
-
-		const Authorization *auth = lookupAuthorizationRecord(username);
-		return auth != NULL
-			&& auth->level >= level
-			&& constantTimeCompare(password, auth->password);
-	}
-
 	int extractThreadNumberFromClientName(const string &clientName) const {
 		boost::smatch results;
 		boost::regex re("^([0-9]+)-.*");
@@ -146,42 +87,48 @@ private:
 		return stringToUint(results.str(1));
 	}
 
-	static VariantMap parseQueryString(const StaticString &query) {
-		VariantMap params;
-		const char *pos = query.data();
-		const char *end = query.data() + query.size();
-
-		while (pos < end) {
-			const char *assignmentPos = (const char *) memchr(pos, '=', end - pos);
-			if (assignmentPos != NULL) {
-				string name = urldecode(StaticString(pos, assignmentPos - pos));
-				const char *sepPos = (const char *) memchr(assignmentPos + 1, '&',
-					end - assignmentPos - 1);
-				if (sepPos != NULL) {
-					string value = urldecode(StaticString(assignmentPos + 1,
-						sepPos - assignmentPos - 1));
-					params.set(name, value);
-					pos = sepPos + 1;
-				} else {
-					StaticString value(assignmentPos + 1, end - assignmentPos - 1);
-					params.set(name, value);
-					pos = end;
-				}
-			} else {
-				throw SyntaxError("Invalid query string format");
-			}
-		}
-
-		return params;
-	}
-
 	static void disconnectClient(RequestHandler *rh, string clientName) {
 		rh->disconnect(clientName);
 	}
 
+	void route(Client *client, Request *req, const StaticString &path) {
+		if (path == P_STATIC_STRING("/server.json")) {
+			processServerStatus(client, req);
+		} else if (regex_match(path, serverConnectionPath)) {
+			processServerConnectionOperation(client, req);
+		} else if (path == P_STATIC_STRING("/pool.xml")) {
+			processPoolStatusXml(client, req);
+		} else if (path == P_STATIC_STRING("/pool.txt")) {
+			processPoolStatusTxt(client, req);
+		} else if (path == P_STATIC_STRING("/pool/restart_app_group.json")) {
+			processPoolRestartAppGroup(client, req);
+		} else if (path == P_STATIC_STRING("/pool/detach_process.json")) {
+			processPoolDetachProcess(client, req);
+		} else if (path == P_STATIC_STRING("/backtraces.txt")) {
+			apiServerProcessBacktraces(this, client, req);
+		} else if (path == P_STATIC_STRING("/ping.json")) {
+			apiServerProcessPing(this, client, req);
+		} else if (path == P_STATIC_STRING("/version.json")) {
+			apiServerProcessVersion(this, client, req);
+		} else if (path == P_STATIC_STRING("/shutdown.json")) {
+			apiServerProcessShutdown(this, client, req);
+		} else if (path == P_STATIC_STRING("/gc.json")) {
+			processGc(client, req);
+		} else if (path == P_STATIC_STRING("/config.json")) {
+			processConfig(client, req);
+		} else if (path == P_STATIC_STRING("/reinherit_logs.json")) {
+			apiServerProcessReinheritLogs(this, client, req,
+				instanceDir, fdPassingPassword);
+		} else if (path == P_STATIC_STRING("/reopen_logs.json")) {
+			apiServerProcessReopenLogs(this, client, req);
+		} else {
+			apiServerRespondWith404(this, client, req);
+		}
+	}
+
 	void processServerConnectionOperation(Client *client, Request *req) {
-		if (!authorize(client, req, FULL)) {
-			respondWith401(client, req);
+		if (!authorizeAdminOperation(this, client, req)) {
+			apiServerRespondWith401(this, client, req);
 		} else if (req->method == HTTP_DELETE) {
 			StaticString path = req->getPathWithoutQueryString();
 			boost::smatch results;
@@ -193,8 +140,6 @@ private:
 			}
 
 			int threadNumber = extractThreadNumberFromClientName(results.str(1));
-			P_WARN(results.str(1));
-			P_WARN(threadNumber);
 			if (threadNumber < 1 || (unsigned int) threadNumber > requestHandlers.size()) {
 				HeaderTable headers;
 				headers.insert(req->pool, "Content-Type", "application/json");
@@ -217,7 +162,7 @@ private:
 				endRequest(&client, &req);
 			}
 		} else {
-			respondWith405(client, req);
+			apiServerRespondWith405(this, client, req);
 		}
 	}
 
@@ -226,7 +171,7 @@ private:
 	}
 
 	void processServerStatus(Client *client, Request *req) {
-		if (authorize(client, req, READONLY)) {
+		if (authorizeStateInspectionOperation(this, client, req)) {
 			HeaderTable headers;
 			headers.insert(req->pool, "Content-Type", "application/json");
 
@@ -247,93 +192,105 @@ private:
 				endRequest(&client, &req);
 			}
 		} else {
-			respondWith401(client, req);
+			apiServerRespondWith401(this, client, req);
 		}
 	}
 
 	void processPoolStatusXml(Client *client, Request *req) {
-		if (authorize(client, req, READONLY)) {
-			try {
-				VariantMap params = parseQueryString(req->getQueryString());
-				HeaderTable headers;
-				headers.insert(req->pool, "Content-Type", "text/xml");
-				writeSimpleResponse(client, 200, &headers,
-					psg_pstrdup(req->pool, appPool->toXml(
-						params.getBool("secrets", false, false))));
-			} catch (const SyntaxError &e) {
-				SKC_ERROR(client, e.what());
-			}
+		Authorization auth(authorize(this, client, req));
+		if (auth.canReadPool) {
+			ApplicationPool2::Pool::ToXmlOptions options(
+				parseQueryString(req->getQueryString()));
+			options.uid = auth.uid;
+			options.apiKey = auth.apiKey;
+
+			HeaderTable headers;
+			headers.insert(req->pool, "Content-Type", "text/xml");
+			writeSimpleResponse(client, 200, &headers,
+				psg_pstrdup(req->pool, appPool->toXml(options)));
 			if (!req->ended()) {
 				endRequest(&client, &req);
 			}
 		} else {
-			respondWith401(client, req);
+			apiServerRespondWith401(this, client, req);
 		}
 	}
 
 	void processPoolStatusTxt(Client *client, Request *req) {
-		if (authorize(client, req, READONLY)) {
-			try {
-				ApplicationPool2::Pool::InspectOptions options(
-					parseQueryString(req->getQueryString()));
-				HeaderTable headers;
-				headers.insert(req->pool, "Content-Type", "text/plain");
-				writeSimpleResponse(client, 200, &headers,
-					psg_pstrdup(req->pool, appPool->inspect(options)));
-			} catch (const SyntaxError &e) {
-				SKC_ERROR(client, e.what());
-			}
+		Authorization auth(authorize(this, client, req));
+		if (auth.canReadPool) {
+			ApplicationPool2::Pool::InspectOptions options(
+				parseQueryString(req->getQueryString()));
+			options.uid = auth.uid;
+			options.apiKey = auth.apiKey;
+
+			HeaderTable headers;
+			headers.insert(req->pool, "Content-Type", "text/plain");
+			writeSimpleResponse(client, 200, &headers,
+				psg_pstrdup(req->pool, appPool->inspect(options)));
 			if (!req->ended()) {
 				endRequest(&client, &req);
 			}
 		} else {
-			respondWith401(client, req);
+			apiServerRespondWith401(this, client, req);
 		}
 	}
 
 	void processPoolRestartAppGroup(Client *client, Request *req) {
-		if (req->method != HTTP_POST) {
-			respondWith405(client, req);
-		} else if (!authorize(client, req, FULL)) {
-			respondWith401(client, req);
+		Authorization auth(authorize(this, client, req));
+		if (!auth.canModifyPool) {
+			apiServerRespondWith401(this, client, req);
+		} else if (req->method != HTTP_POST) {
+			apiServerRespondWith405(this, client, req);
 		} else if (!req->hasBody()) {
 			endAsBadRequest(&client, &req, "Body required");
 		} else if (requestBodyExceedsLimit(client, req)) {
-			respondWith413(client, req);
+			apiServerRespondWith413(this, client, req);
+		} else {
+			req->authorization = auth;
+			// Continues in processPoolRestartAppGroupBody().
 		}
-		// Continues in processPoolRestartAppGroupBody().
 	}
 
 	void processPoolRestartAppGroupBody(Client *client, Request *req) {
-		HeaderTable headers;
-		RestartMethod method = ApplicationPool2::RM_DEFAULT;
-
-		headers.insert(req->pool, "Content-Type", "application/json");
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-
 		if (!req->jsonBody.isMember("name")) {
 			endAsBadRequest(&client, &req, "Name required");
 			return;
 		}
 
+		ApplicationPool2::Pool::RestartOptions options;
+		options.uid = req->authorization.uid;
+		options.apiKey = req->authorization.apiKey;
 		if (req->jsonBody.isMember("restart_method")) {
 			string restartMethodString = req->jsonBody["restart_method"].asString();
 			if (restartMethodString == "blocking") {
-				method = RM_BLOCKING;
+				options.method = RM_BLOCKING;
 			} else if (restartMethodString == "rolling") {
-				method = RM_ROLLING;
+				options.method = RM_ROLLING;
 			} else {
 				endAsBadRequest(&client, &req, "Unsupported restart method");
 				return;
 			}
 		}
 
+		bool result;
 		const char *response;
-		if (appPool->restartGroupByName(req->jsonBody["name"].asString(), method)) {
+		try {
+			result = appPool->restartGroupByName(req->jsonBody["name"].asString(),
+				options);
+		} catch (const SecurityException &) {
+			apiServerRespondWith401(this, client, req);
+			return;
+		}
+		if (result) {
 			response = "{ \"restarted\": true }";
 		} else {
 			response = "{ \"restarted\": false }";
 		}
+
+		HeaderTable headers;
+		headers.insert(req->pool, "Content-Type", "application/json");
+		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
 		writeSimpleResponse(client, 200, &headers, response);
 
 		if (!req->ended()) {
@@ -342,82 +299,52 @@ private:
 	}
 
 	void processPoolDetachProcess(Client *client, Request *req) {
-		if (req->method != HTTP_POST) {
-			respondWith405(client, req);
-		} else if (!authorize(client, req, FULL)) {
-			respondWith401(client, req);
+		Authorization auth(authorize(this, client, req));
+		if (!auth.canModifyPool) {
+			apiServerRespondWith401(this, client, req);
+		} else if (req->method != HTTP_POST) {
+			apiServerRespondWith405(this, client, req);
 		} else if (!req->hasBody()) {
 			endAsBadRequest(&client, &req, "Body required");
 		} else if (requestBodyExceedsLimit(client, req)) {
-			respondWith413(client, req);
+			apiServerRespondWith413(this, client, req);
+		} else {
+			req->authorization = auth;
+			// Continues in processPoolDetachProcessBody().
 		}
-		// Continues in processPoolDetachProcessBody().
 	}
 
 	void processPoolDetachProcessBody(Client *client, Request *req) {
-		HeaderTable headers;
-		const char *response;
-
-		headers.insert(req->pool, "Content-Type", "application/json");
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-
 		if (req->jsonBody.isMember("pid")) {
 			pid_t pid = (pid_t) req->jsonBody["pid"].asUInt();
-			if (appPool->detachProcess(pid)) {
+			ApplicationPool2::Pool::AuthenticationOptions options;
+			options.uid = req->authorization.uid;
+			options.apiKey = req->authorization.apiKey;
+
+			bool result;
+			try {
+				result = appPool->detachProcess(pid, options);
+			} catch (const SecurityException &) {
+				apiServerRespondWith401(this, client, req);
+				return;
+			}
+
+			const char *response;
+			if (result) {
 				response = "{ \"detached\": true }";
 			} else {
 				response = "{ \"detached\": false }";
 			}
-			writeSimpleResponse(client, 200, &headers, response);
-			if (!req->ended()) {
-				endRequest(&client, &req);
-			}
-		} else {
-			endAsBadRequest(&client, &req, "PID required");
-		}
-	}
 
-	void processBacktraces(Client *client, Request *req) {
-		if (authorize(client, req, READONLY)) {
 			HeaderTable headers;
-			headers.insert(req->pool, "Content-Type", "text/plain");
-			writeSimpleResponse(client, 200, &headers,
-				psg_pstrdup(req->pool, oxt::thread::all_backtraces()));
-			if (!req->ended()) {
-				endRequest(&client, &req);
-			}
-		} else {
-			respondWith401(client, req);
-		}
-	}
-
-	void processPing(Client *client, Request *req) {
-		if (authorize(client, req, READONLY)) {
-			HeaderTable headers;
-			headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
 			headers.insert(req->pool, "Content-Type", "application/json");
-			writeSimpleResponse(client, 200, &headers, "{ \"status\": \"ok\" }");
-			if (!req->ended()) {
-				endRequest(&client, &req);
-			}
-		} else {
-			respondWith401(client, req);
-		}
-	}
-
-	void processShutdown(Client *client, Request *req) {
-		if (req->method != HTTP_PUT) {
-			respondWith405(client, req);
-		} else if (authorize(client, req, FULL)) {
-			HeaderTable headers;
-			headers.insert(req->pool, "Content-Type", "application/json");
-			exitEvent->notify();
-			writeSimpleResponse(client, 200, &headers, "{ \"status\": \"ok\" }");
+			headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
+			writeSimpleResponse(client, 200, &headers, response);
 			if (!req->ended()) {
 				endRequest(&client, &req);
 			}
 		} else {
-			respondWith401(client, req);
+			endAsBadRequest(&client, &req, "PID required");
 		}
 	}
 
@@ -433,8 +360,8 @@ private:
 
 	void processGc(Client *client, Request *req) {
 		if (req->method != HTTP_PUT) {
-			respondWith405(client, req);
-		} else if (authorize(client, req, FULL)) {
+			apiServerRespondWith405(this, client, req);
+		} else if (authorizeAdminOperation(this, client, req)) {
 			HeaderTable headers;
 			headers.insert(req->pool, "Content-Type", "application/json");
 			for (unsigned int i = 0; i < requestHandlers.size(); i++) {
@@ -446,7 +373,7 @@ private:
 				endRequest(&client, &req);
 			}
 		} else {
-			respondWith401(client, req);
+			apiServerRespondWith401(this, client, req);
 		}
 	}
 
@@ -456,8 +383,8 @@ private:
 
 	void processConfig(Client *client, Request *req) {
 		if (req->method == HTTP_GET) {
-			if (!authorize(client, req, READONLY)) {
-				respondWith401(client, req);
+			if (!authorizeStateInspectionOperation(this, client, req)) {
+				apiServerRespondWith401(this, client, req);
 			}
 
 			HeaderTable headers;
@@ -482,14 +409,14 @@ private:
 				endRequest(&client, &req);
 			}
 		} else if (req->method == HTTP_PUT) {
-			if (!authorize(client, req, FULL)) {
-				respondWith401(client, req);
+			if (!authorizeAdminOperation(this, client, req)) {
+				apiServerRespondWith401(this, client, req);
 			} else if (!req->hasBody()) {
 				endAsBadRequest(&client, &req, "Body required");
 			}
 			// Continue in processConfigBody()
 		} else {
-			respondWith405(client, req);
+			apiServerRespondWith405(this, client, req);
 		}
 	}
 
@@ -550,67 +477,6 @@ private:
 		}
 	}
 
-	void processReopenLogs(Client *client, Request *req) {
-		if (req->method != HTTP_POST) {
-			respondWith405(client, req);
-		} else if (authorize(client, req, FULL)) {
-			int e;
-			HeaderTable headers;
-			headers.insert(req->pool, "Content-Type", "application/json");
-
-			string logFile = getLogFile();
-			if (logFile.empty()) {
-				writeSimpleResponse(client, 500, &headers, "{ \"status\": \"error\", "
-					"\"code\": \"NO_LOG_FILE\", "
-					"\"message\": \"" PROGRAM_NAME " was not configured with a log file.\" }\n");
-				if (!req->ended()) {
-					endRequest(&client, &req);
-				}
-				return;
-			}
-
-			if (!setLogFile(logFile, &e)) {
-				unsigned int bufsize = 1024;
-				char *message = (char *) psg_pnalloc(req->pool, bufsize);
-				snprintf(message, bufsize, "{ \"status\": \"error\", "
-					"\"code\": \"LOG_FILE_OPEN_ERROR\", "
-					"\"message\": \"Cannot reopen log file %s: %s (errno=%d)\" }",
-					logFile.c_str(), strerror(e), e);
-				writeSimpleResponse(client, 500, &headers, message);
-				if (!req->ended()) {
-					endRequest(&client, &req);
-				}
-				return;
-			}
-			P_NOTICE("Log file reopened.");
-
-			if (hasFileDescriptorLogFile()) {
-				if (!setFileDescriptorLogFile(getFileDescriptorLogFile(), &e)) {
-					unsigned int bufsize = 1024;
-					char *message = (char *) psg_pnalloc(req->pool, bufsize);
-					snprintf(message, bufsize, "{ \"status\": \"error\", "
-						"\"code\": \"FD_LOG_FILE_OPEN_ERROR\", "
-						"\"message\": \"Cannot reopen file descriptor log file %s: %s (errno=%d)\" }",
-						getFileDescriptorLogFile().c_str(), strerror(e), e);
-					writeSimpleResponse(client, 500, &headers, message);
-					if (!req->ended()) {
-						endRequest(&client, &req);
-					}
-					return;
-				}
-				P_NOTICE("File descriptor log file reopened.");
-			}
-
-			writeSimpleResponse(client, 200, &headers, "{ \"status\": \"ok\" }\n");
-
-			if (!req->ended()) {
-				endRequest(&client, &req);
-			}
-		} else {
-			respondWith401(client, req);
-		}
-	}
-
 	bool requestBodyExceedsLimit(Client *client, Request *req, unsigned int limit = 1024 * 128) {
 		return (req->bodyType == Request::RBT_CONTENT_LENGTH
 				&& req->aux.bodyInfo.contentLength > limit)
@@ -618,92 +484,20 @@ private:
 				&& req->body.size() > limit);
 	}
 
-	void respondWith401(Client *client, Request *req) {
-		HeaderTable headers;
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-		headers.insert(req->pool, "WWW-Authenticate", "Basic realm=\"admin\"");
-		writeSimpleResponse(client, 401, &headers, "Unauthorized");
-		if (!req->ended()) {
-			endRequest(&client, &req);
-		}
-	}
-
-	void respondWith404(Client *client, Request *req) {
-		HeaderTable headers;
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-		writeSimpleResponse(client, 404, &headers, "Not found");
-		if (!req->ended()) {
-			endRequest(&client, &req);
-		}
-	}
-
-	void respondWith405(Client *client, Request *req) {
-		HeaderTable headers;
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-		writeSimpleResponse(client, 405, &headers, "Method not allowed");
-		if (!req->ended()) {
-			endRequest(&client, &req);
-		}
-	}
-
-	void respondWith413(Client *client, Request *req) {
-		HeaderTable headers;
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-		writeSimpleResponse(client, 413, &headers, "Request body too large");
-		if (!req->ended()) {
-			endRequest(&client, &req);
-		}
-	}
-
-	void respondWith422(Client *client, Request *req, const StaticString &body) {
-		HeaderTable headers;
-		headers.insert(req->pool, "Cache-Control", "no-cache, no-store, must-revalidate");
-		headers.insert(req->pool, "Content-Type", "text/plain; charset=utf-8");
-		writeSimpleResponse(client, 422, &headers, body);
-		if (!req->ended()) {
-			endRequest(&client, &req);
-		}
-	}
-
 protected:
 	virtual void onRequestBegin(Client *client, Request *req) {
 		TRACE_POINT();
 		StaticString path = req->getPathWithoutQueryString();
 
-		P_INFO("Admin request: " << http_method_str(req->method) <<
+		P_INFO("API request: " << http_method_str(req->method) <<
 			" " << StaticString(req->path.start->data, req->path.size));
 
 		try {
-			if (path == P_STATIC_STRING("/server.json")) {
-				processServerStatus(client, req);
-			} else if (regex_match(path, serverConnectionPath)) {
-				processServerConnectionOperation(client, req);
-			} else if (path == P_STATIC_STRING("/pool.xml")) {
-				processPoolStatusXml(client, req);
-			} else if (path == P_STATIC_STRING("/pool.txt")) {
-				processPoolStatusTxt(client, req);
-			} else if (path == P_STATIC_STRING("/pool/restart_app_group.json")) {
-				processPoolRestartAppGroup(client, req);
-			} else if (path == P_STATIC_STRING("/pool/detach_process.json")) {
-				processPoolDetachProcess(client, req);
-			} else if (path == P_STATIC_STRING("/backtraces.txt")) {
-				processBacktraces(client, req);
-			} else if (path == P_STATIC_STRING("/ping.json")) {
-				processPing(client, req);
-			} else if (path == P_STATIC_STRING("/shutdown.json")) {
-				processShutdown(client, req);
-			} else if (path == P_STATIC_STRING("/gc.json")) {
-				processGc(client, req);
-			} else if (path == P_STATIC_STRING("/config.json")) {
-				processConfig(client, req);
-			} else if (path == P_STATIC_STRING("/reopen_logs.json")) {
-				processReopenLogs(client, req);
-			} else {
-				respondWith404(client, req);
-			}
+			route(client, req, path);
 		} catch (const oxt::tracable_exception &e) {
 			SKC_ERROR(client, "Exception: " << e.what() << "\n" << e.backtrace());
 			if (!req->ended()) {
+				req->wantKeepAlive = false;
 				endRequest(&client, &req);
 			}
 		}
@@ -717,7 +511,7 @@ protected:
 			// Data
 			req->body.append(buffer.start, buffer.size());
 			if (requestBodyExceedsLimit(client, req)) {
-				respondWith413(client, req);
+				apiServerRespondWith413(this, client, req);
 			}
 		} else if (errcode == 0) {
 			// EOF
@@ -737,11 +531,12 @@ protected:
 				} catch (const oxt::tracable_exception &e) {
 					SKC_ERROR(client, "Exception: " << e.what() << "\n" << e.backtrace());
 					if (!req->ended()) {
+						req->wantKeepAlive = false;
 						endRequest(&client, &req);
 					}
 				}
 			} else {
-				respondWith422(client, req, reader.getFormattedErrorMessages());
+				apiServerRespondWith422(this, client, req, reader.getFormattedErrorMessages());
 			}
 		} else {
 			// Error
@@ -755,42 +550,45 @@ protected:
 		if (!req->jsonBody.isNull()) {
 			req->jsonBody = Json::Value();
 		}
+		req->authorization = Authorization();
 		ParentClass::deinitializeRequest(client, req);
 	}
 
-	virtual unsigned int getClientName(const Client *client, char *buf, size_t size) const {
-		char *pos = buf;
-		const char *end = buf + size - 1;
-		pos = appendData(pos, end, "Adm.", 1);
-		pos += uintToString(client->number, pos, end - pos);
-		*pos = '\0';
-		return pos - buf;
-	}
-
 public:
 	vector<RequestHandler *> requestHandlers;
+	ApiAccountDatabase *apiAccountDatabase;
 	ApplicationPool2::PoolPtr appPool;
+	string instanceDir;
+	string fdPassingPassword;
 	EventFd *exitEvent;
 	vector<Authorization> authorizations;
 
-	AdminServer(ServerKit::Context *context)
+	ApiServer(ServerKit::Context *context)
 		: ParentClass(context),
 		  serverConnectionPath("^/server/(.+)\\.json$"),
+		  apiAccountDatabase(NULL),
 		  exitEvent(NULL)
 		{ }
 
 	virtual StaticString getServerName() const {
-		return P_STATIC_STRING("AdminServer");
+		return P_STATIC_STRING("ApiServer");
 	}
 
-	static PrivilegeLevel parseLevel(const StaticString &level) {
-		if (level == "readonly") {
-			return READONLY;
-		} else if (level == "full") {
-			return FULL;
-		} else {
-			throw RuntimeException("Invalid privilege level " + level);
-		}
+	virtual unsigned int getClientName(const Client *client, char *buf, size_t size) const {
+		char *pos = buf;
+		const char *end = buf + size - 1;
+		pos = appendData(pos, end, "Adm.", 1);
+		pos += uintToString(client->number, pos, end - pos);
+		*pos = '\0';
+		return pos - buf;
+	}
+
+	bool authorizeByUid(uid_t uid) const {
+		return appPool->authorizeByUid(uid);
+	}
+
+	bool authorizeByApiKey(const ApplicationPool2::ApiKey &apiKey) const {
+		return appPool->authorizeByApiKey(apiKey);
 	}
 };
 
@@ -798,4 +596,4 @@ public:
 } // namespace ServerAgent
 } // namespace Passenger
 
-#endif /* _PASSENGER_SERVER_AGENT_ADMIN_SERVER_H_ */
+#endif /* _PASSENGER_SERVER_AGENT_API_SERVER_H_ */