@abtnode/router-provider 1.8.61 → 1.8.63-beta-c51e554d
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/nginx/index.js +59 -23
- package/lib/util.js +1 -0
- package/package.json +6 -6
package/lib/nginx/index.js
CHANGED
|
@@ -131,6 +131,10 @@ class NginxProvider extends BaseProvider {
|
|
|
131
131
|
this.initialize();
|
|
132
132
|
}
|
|
133
133
|
|
|
134
|
+
static isDidAuthPrefix(prefix) {
|
|
135
|
+
return prefix === ADMIN_DID_AUTH_PATH_PREFIX;
|
|
136
|
+
}
|
|
137
|
+
|
|
134
138
|
getRelativeConfigDir(dir) {
|
|
135
139
|
return path.relative(this.configDir, dir);
|
|
136
140
|
}
|
|
@@ -202,7 +206,7 @@ class NginxProvider extends BaseProvider {
|
|
|
202
206
|
|
|
203
207
|
// eslint-disable-next-line no-restricted-syntax
|
|
204
208
|
for (const site of sites) {
|
|
205
|
-
const { domain, port, rules, corsAllowedOrigins } = site;
|
|
209
|
+
const { domain, port, rules, corsAllowedOrigins, blockletDid } = site;
|
|
206
210
|
const certificate = findCertificate(certificates, domain);
|
|
207
211
|
|
|
208
212
|
const parsedServerName = parseServerName(domain);
|
|
@@ -225,6 +229,7 @@ class NginxProvider extends BaseProvider {
|
|
|
225
229
|
corsAllowedOrigins,
|
|
226
230
|
daemonPort: nodeInfo.port,
|
|
227
231
|
commonHeaders,
|
|
232
|
+
blockletDid,
|
|
228
233
|
});
|
|
229
234
|
} else {
|
|
230
235
|
this._addHttpServer({
|
|
@@ -235,6 +240,7 @@ class NginxProvider extends BaseProvider {
|
|
|
235
240
|
port,
|
|
236
241
|
daemonPort: nodeInfo.port,
|
|
237
242
|
commonHeaders,
|
|
243
|
+
blockletDid,
|
|
238
244
|
});
|
|
239
245
|
}
|
|
240
246
|
}
|
|
@@ -449,23 +455,10 @@ class NginxProvider extends BaseProvider {
|
|
|
449
455
|
server._add('location', concatPath(prefix, suffix));
|
|
450
456
|
|
|
451
457
|
const location = this._getLastLocation(server);
|
|
452
|
-
const isDidAuthPath = prefix
|
|
458
|
+
const isDidAuthPath = NginxProvider.isDidAuthPrefix(prefix);
|
|
453
459
|
|
|
454
460
|
// Note: 下面这段代码比较 tricky,不要在这段代码之前添加任何 add_header, proxy_set_header, proxy_hide_header 的语句,否则 nginx 配置可能无法按预期工作
|
|
455
|
-
|
|
456
|
-
if (corsAllowedOrigins.includes(DOMAIN_FOR_DEFAULT_SITE) || isDidAuthPath) {
|
|
457
|
-
location._add('include', 'includes/cors-loose');
|
|
458
|
-
location._add('include', 'includes/security');
|
|
459
|
-
} else {
|
|
460
|
-
location._add('add_header', `Access-Control-Allow-Origin $allow_origin_${md5(serverName)} always`);
|
|
461
|
-
location._add('include', 'includes/cors-strict');
|
|
462
|
-
location._add('include', 'includes/security');
|
|
463
|
-
}
|
|
464
|
-
|
|
465
|
-
location._addVerbatimBlock('if ($request_method = "OPTIONS")', 'return 204;');
|
|
466
|
-
} else {
|
|
467
|
-
location._add('include', 'includes/security');
|
|
468
|
-
}
|
|
461
|
+
this._addCors({ location, corsAllowedOrigins, serverName, isDidAuthPath });
|
|
469
462
|
|
|
470
463
|
this._addCommonResHeaders(location, commonHeaders);
|
|
471
464
|
this._addTailSlashRedirection(location, prefix); // Note: 末尾 "/" 的重定向要放在 CORS(OPTIONS) 响应之后, 这样不会影响 OPTIONS 的响应
|
|
@@ -522,11 +515,15 @@ class NginxProvider extends BaseProvider {
|
|
|
522
515
|
location._add('proxy_pass', `http://${getUpstreamName(port)}`);
|
|
523
516
|
}
|
|
524
517
|
|
|
525
|
-
_addRedirectTypeLocation({ server, url, redirectCode, prefix, suffix }) {
|
|
518
|
+
_addRedirectTypeLocation({ server, url, redirectCode, prefix, suffix, corsAllowedOrigins, serverName }) {
|
|
526
519
|
const cleanUrl = trimEndSlash(url);
|
|
527
|
-
|
|
528
520
|
server._add('location', `${concatPath(prefix, suffix)}`);
|
|
529
521
|
const location = this._getLastLocation(server);
|
|
522
|
+
|
|
523
|
+
const isDidAuthPath = NginxProvider.isDidAuthPrefix(prefix);
|
|
524
|
+
|
|
525
|
+
this._addCors({ location, corsAllowedOrigins, serverName, isDidAuthPath });
|
|
526
|
+
|
|
530
527
|
location._add('set $abt_query_string', '""');
|
|
531
528
|
location._addVerbatimBlock('if ($query_string)', 'set $abt_query_string "?$query_string";');
|
|
532
529
|
|
|
@@ -551,10 +548,14 @@ class NginxProvider extends BaseProvider {
|
|
|
551
548
|
location._add('try_files', '$uri /404.html break');
|
|
552
549
|
}
|
|
553
550
|
|
|
554
|
-
_addGeneralProxyLocation({ server, port, prefix, suffix }) {
|
|
551
|
+
_addGeneralProxyLocation({ server, port, prefix, suffix, blockletDid }) {
|
|
555
552
|
server._add('location', concatPath(prefix, suffix));
|
|
556
553
|
const location = this._getLastLocation(server);
|
|
557
554
|
this._addCommonHeader(location);
|
|
555
|
+
location._add('include', 'includes/proxy');
|
|
556
|
+
if (blockletDid) {
|
|
557
|
+
location._add('proxy_set_header', `X-Blocklet-Did ${blockletDid}`);
|
|
558
|
+
}
|
|
558
559
|
|
|
559
560
|
location._add('proxy_pass', `http://${getUpstreamName(port)}`);
|
|
560
561
|
}
|
|
@@ -724,14 +725,32 @@ class NginxProvider extends BaseProvider {
|
|
|
724
725
|
: conf.nginx.stream.server;
|
|
725
726
|
}
|
|
726
727
|
|
|
727
|
-
_addHttpServer({
|
|
728
|
+
_addHttpServer({
|
|
729
|
+
locations = [],
|
|
730
|
+
serverName,
|
|
731
|
+
conf,
|
|
732
|
+
corsAllowedOrigins,
|
|
733
|
+
port,
|
|
734
|
+
daemonPort,
|
|
735
|
+
commonHeaders,
|
|
736
|
+
blockletDid,
|
|
737
|
+
}) {
|
|
728
738
|
const httpServerUnit = this._addHttpServerUnit({ conf, serverName, port });
|
|
729
739
|
this._addDefaultLocations(httpServerUnit, daemonPort);
|
|
730
740
|
// eslint-disable-next-line max-len
|
|
731
|
-
locations.forEach((x) => this._addReverseProxy({ server: httpServerUnit, ...x, serverName, corsAllowedOrigins, commonHeaders })); // prettier-ignore
|
|
741
|
+
locations.forEach((x) => this._addReverseProxy({ server: httpServerUnit, ...x, serverName, corsAllowedOrigins, commonHeaders, blockletDid })); // prettier-ignore
|
|
732
742
|
}
|
|
733
743
|
|
|
734
|
-
_addHttpsServer({
|
|
744
|
+
_addHttpsServer({
|
|
745
|
+
conf,
|
|
746
|
+
locations,
|
|
747
|
+
certificateFileName,
|
|
748
|
+
serverName,
|
|
749
|
+
corsAllowedOrigins,
|
|
750
|
+
daemonPort,
|
|
751
|
+
commonHeaders,
|
|
752
|
+
blockletDid,
|
|
753
|
+
}) {
|
|
735
754
|
const httpsServerUnit = this._addHttpsServerUnit({ conf, serverName, certificateFileName });
|
|
736
755
|
|
|
737
756
|
const httpServerUnit = this._addHttpServerUnit({ conf, serverName });
|
|
@@ -739,7 +758,7 @@ class NginxProvider extends BaseProvider {
|
|
|
739
758
|
|
|
740
759
|
this._addDefaultLocations(httpsServerUnit, daemonPort);
|
|
741
760
|
// eslint-disable-next-line max-len
|
|
742
|
-
locations.forEach((x) => this._addReverseProxy({ server: httpsServerUnit, ...x, serverName, corsAllowedOrigins,commonHeaders })); // prettier-ignore
|
|
761
|
+
locations.forEach((x) => this._addReverseProxy({ server: httpsServerUnit, ...x, serverName, corsAllowedOrigins, commonHeaders, blockletDid })); // prettier-ignore
|
|
743
762
|
}
|
|
744
763
|
|
|
745
764
|
_addHttpServerUnit({ conf, serverName, port }) {
|
|
@@ -832,6 +851,23 @@ class NginxProvider extends BaseProvider {
|
|
|
832
851
|
});
|
|
833
852
|
}
|
|
834
853
|
|
|
854
|
+
_addCors({ location, corsAllowedOrigins, serverName, isDidAuthPath }) {
|
|
855
|
+
if (!isEmpty(corsAllowedOrigins)) {
|
|
856
|
+
if (corsAllowedOrigins.includes(DOMAIN_FOR_DEFAULT_SITE) || isDidAuthPath) {
|
|
857
|
+
location._add('include', 'includes/cors-loose');
|
|
858
|
+
location._add('include', 'includes/security');
|
|
859
|
+
} else {
|
|
860
|
+
location._add('add_header', `Access-Control-Allow-Origin $allow_origin_${md5(serverName)} always`);
|
|
861
|
+
location._add('include', 'includes/cors-strict');
|
|
862
|
+
location._add('include', 'includes/security');
|
|
863
|
+
}
|
|
864
|
+
|
|
865
|
+
location._addVerbatimBlock('if ($request_method = "OPTIONS")', 'return 204;');
|
|
866
|
+
} else {
|
|
867
|
+
location._add('include', 'includes/security');
|
|
868
|
+
}
|
|
869
|
+
}
|
|
870
|
+
|
|
835
871
|
addGlobalReqLimit(block, limit) {
|
|
836
872
|
const key = limit.ipHeader ? `$http_${limit.ipHeader}` : '$binary_remote_addr';
|
|
837
873
|
block._add('limit_req_zone', `${key} zone=ip_limit:20m rate=${limit.rate || 5}r/s`);
|
package/lib/util.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@abtnode/router-provider",
|
|
3
|
-
"version": "1.8.
|
|
3
|
+
"version": "1.8.63-beta-c51e554d",
|
|
4
4
|
"description": "Routing engine implementations for abt node",
|
|
5
5
|
"author": "polunzh <polunzh@gmail.com>",
|
|
6
6
|
"homepage": "https://github.com/ArcBlock/blocklet-server#readme",
|
|
@@ -32,10 +32,10 @@
|
|
|
32
32
|
"url": "https://github.com/ArcBlock/blocklet-server/issues"
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@abtnode/constant": "1.8.
|
|
36
|
-
"@abtnode/logger": "1.8.
|
|
37
|
-
"@abtnode/router-templates": "1.8.
|
|
38
|
-
"@abtnode/util": "1.8.
|
|
35
|
+
"@abtnode/constant": "1.8.63-beta-c51e554d",
|
|
36
|
+
"@abtnode/logger": "1.8.63-beta-c51e554d",
|
|
37
|
+
"@abtnode/router-templates": "1.8.63-beta-c51e554d",
|
|
38
|
+
"@abtnode/util": "1.8.63-beta-c51e554d",
|
|
39
39
|
"axios": "^0.27.2",
|
|
40
40
|
"debug": "^4.3.4",
|
|
41
41
|
"find-process": "^1.4.7",
|
|
@@ -62,5 +62,5 @@
|
|
|
62
62
|
"fs-extra": "^10.1.0",
|
|
63
63
|
"needle": "^3.1.0"
|
|
64
64
|
},
|
|
65
|
-
"gitHead": "
|
|
65
|
+
"gitHead": "9913ed7968dfab63d6549201a5a98f9819fcfac6"
|
|
66
66
|
}
|