@aikidosec/broker-client 1.0.5 → 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/app/client.js +6 -49
- package/app/config.js +65 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -60,6 +60,7 @@ Resource IDs are displayed in the Aikido UI when you register them.
|
|
|
60
60
|
- `HTTP_PROXY` - Proxy server for HTTP requests (e.g., `http://proxy.company.local:8080`)
|
|
61
61
|
- `HTTPS_PROXY` - Proxy server for HTTPS requests (e.g., `http://proxy.company.local:8080`)
|
|
62
62
|
- `ALL_PROXY` - Universal proxy fallback for all protocols if protocol-specific proxy is not set
|
|
63
|
+
- `BROKER_TARGET_URL` - Override the broker server URL (defaults to `https://broker.aikidobroker.com`)
|
|
63
64
|
|
|
64
65
|
## How It Works
|
|
65
66
|
|
package/app/client.js
CHANGED
|
@@ -10,9 +10,9 @@ import axios from 'axios';
|
|
|
10
10
|
import { URL } from 'url';
|
|
11
11
|
import { Address4, Address6 } from 'ip-address';
|
|
12
12
|
import dns from 'native-dns';
|
|
13
|
-
import fs from 'fs';
|
|
14
13
|
import { ResourceManager } from './resourceManager.js';
|
|
15
14
|
import { HttpsProxyAgent } from 'https-proxy-agent';
|
|
15
|
+
import { getClientId, setClientIdCache, getServerUrl, getClientSecret } from './config.js';
|
|
16
16
|
|
|
17
17
|
// Configure logging
|
|
18
18
|
const log = {
|
|
@@ -23,10 +23,9 @@ const log = {
|
|
|
23
23
|
};
|
|
24
24
|
|
|
25
25
|
// Broker Server Configuration
|
|
26
|
-
const
|
|
26
|
+
const CLIENT_SECRET = getClientSecret();
|
|
27
|
+
const SERVER_URL = getServerUrl();
|
|
27
28
|
|
|
28
|
-
// Client Configuration (from environment)
|
|
29
|
-
const CLIENT_SECRET = process.env.CLIENT_SECRET;
|
|
30
29
|
const ALLOWED_SUBNETS = process.env.ALLOWED_INTERNAL_SUBNETS
|
|
31
30
|
? process.env.ALLOWED_INTERNAL_SUBNETS.split(',').map(s => s.trim()).filter(s => s)
|
|
32
31
|
: [];
|
|
@@ -39,7 +38,7 @@ const DNS_SERVERS = process.env.DNS_SERVERS
|
|
|
39
38
|
// Configure axios defaults
|
|
40
39
|
const MAX_RESPONSE_SIZE = 100 * 1024 * 1024; // 100 MB
|
|
41
40
|
const axiosConfig = {
|
|
42
|
-
timeout:
|
|
41
|
+
timeout: 300000,
|
|
43
42
|
maxRedirects: 5,
|
|
44
43
|
maxContentLength: MAX_RESPONSE_SIZE,
|
|
45
44
|
maxBodyLength: MAX_RESPONSE_SIZE
|
|
@@ -51,31 +50,6 @@ const internalHttpClient = axios.create(axiosConfig);
|
|
|
51
50
|
// Initialize ResourceManager
|
|
52
51
|
const resourceManager = new ResourceManager();
|
|
53
52
|
|
|
54
|
-
// Cache for client_id
|
|
55
|
-
let _clientIdCache = null;
|
|
56
|
-
|
|
57
|
-
/**
|
|
58
|
-
* Get the client ID from cache or read from file.
|
|
59
|
-
* Returns null if not registered yet.
|
|
60
|
-
*/
|
|
61
|
-
function getClientId() {
|
|
62
|
-
if (_clientIdCache !== null) {
|
|
63
|
-
return _clientIdCache;
|
|
64
|
-
}
|
|
65
|
-
|
|
66
|
-
const clientIdPath = '/config/client_id';
|
|
67
|
-
if (fs.existsSync(clientIdPath)) {
|
|
68
|
-
try {
|
|
69
|
-
_clientIdCache = fs.readFileSync(clientIdPath, 'utf8').trim();
|
|
70
|
-
return _clientIdCache;
|
|
71
|
-
} catch (e) {
|
|
72
|
-
log.error(`Failed to read client_id: ${e.message}`);
|
|
73
|
-
}
|
|
74
|
-
}
|
|
75
|
-
|
|
76
|
-
return null;
|
|
77
|
-
}
|
|
78
|
-
|
|
79
53
|
/**
|
|
80
54
|
* Resolve hostname using custom DNS servers if configured.
|
|
81
55
|
* Falls back to system DNS if DNS_SERVERS not set.
|
|
@@ -402,14 +376,7 @@ async function registerWithServer() {
|
|
|
402
376
|
log.info(`✓ Successfully registered with broker server as ${clientId}`);
|
|
403
377
|
|
|
404
378
|
// Save client_id to file and cache
|
|
405
|
-
|
|
406
|
-
try {
|
|
407
|
-
fs.mkdirSync('/config', { recursive: true });
|
|
408
|
-
fs.writeFileSync('/config/client_id', clientId);
|
|
409
|
-
log.info("💾 Saved client_id to /config/client_id");
|
|
410
|
-
} catch (e) {
|
|
411
|
-
log.warn(`Could not save client_id file: ${e.message}`);
|
|
412
|
-
}
|
|
379
|
+
setClientIdCache(clientId);
|
|
413
380
|
|
|
414
381
|
log.info("Waiting for server to propagate configuration...");
|
|
415
382
|
await new Promise(resolve => setTimeout(resolve, 5000));
|
|
@@ -417,17 +384,7 @@ async function registerWithServer() {
|
|
|
417
384
|
} else if (response.status === 409) {
|
|
418
385
|
log.info("✓ Client already registered with server (this is OK)");
|
|
419
386
|
// Try to extract client_id from response if available
|
|
420
|
-
|
|
421
|
-
const clientId = response.data.client_id;
|
|
422
|
-
if (clientId) {
|
|
423
|
-
_clientIdCache = clientId;
|
|
424
|
-
fs.mkdirSync('/config', { recursive: true });
|
|
425
|
-
fs.writeFileSync('/config/client_id', clientId);
|
|
426
|
-
log.info("💾 Saved client_id to /config/client_id");
|
|
427
|
-
}
|
|
428
|
-
} catch (e) {
|
|
429
|
-
log.warn(`Could not save client_id file: ${e.message}`);
|
|
430
|
-
}
|
|
387
|
+
setClientIdCache(response.data.client_id);
|
|
431
388
|
return;
|
|
432
389
|
} else {
|
|
433
390
|
log.warn(`Registration attempt ${attempt + 1} failed: ${response.status} - ${response.data}`);
|
package/app/config.js
ADDED
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
import fs from 'fs';
|
|
2
|
+
|
|
3
|
+
// Client ID file path
|
|
4
|
+
const CLIENT_ID_PATH = '/config/client_id';
|
|
5
|
+
|
|
6
|
+
// Cache for client_id
|
|
7
|
+
let _clientIdCache = null;
|
|
8
|
+
|
|
9
|
+
// Client secret from environment
|
|
10
|
+
const CLIENT_SECRET = process.env.CLIENT_SECRET;
|
|
11
|
+
|
|
12
|
+
/**
|
|
13
|
+
* Get the server URL.
|
|
14
|
+
* Uses BROKER_TARGET_URL env var, defaults to https://broker.aikidobroker.com
|
|
15
|
+
*/
|
|
16
|
+
export function getServerUrl() {
|
|
17
|
+
return process.env.BROKER_TARGET_URL || 'https://broker.aikidobroker.com';
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
/**
|
|
21
|
+
* Get the client secret from environment.
|
|
22
|
+
*/
|
|
23
|
+
export function getClientSecret() {
|
|
24
|
+
return CLIENT_SECRET;
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
/**
|
|
28
|
+
* Get the client ID from cache or read from file.
|
|
29
|
+
* Returns null if not registered yet.
|
|
30
|
+
*/
|
|
31
|
+
export function getClientId() {
|
|
32
|
+
if (_clientIdCache !== null) {
|
|
33
|
+
return _clientIdCache;
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
if (fs.existsSync(CLIENT_ID_PATH)) {
|
|
37
|
+
try {
|
|
38
|
+
_clientIdCache = fs.readFileSync(CLIENT_ID_PATH, 'utf8').trim();
|
|
39
|
+
return _clientIdCache;
|
|
40
|
+
} catch (e) {
|
|
41
|
+
console.error(`[ERROR] ${new Date().toISOString()} - Failed to read client_id: ${e.message}`);
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
return null;
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Set the client ID cache and persist to file.
|
|
50
|
+
* Does nothing if clientId is null/undefined.
|
|
51
|
+
*/
|
|
52
|
+
export function setClientIdCache(clientId) {
|
|
53
|
+
if (!clientId) {
|
|
54
|
+
return;
|
|
55
|
+
}
|
|
56
|
+
_clientIdCache = clientId;
|
|
57
|
+
try {
|
|
58
|
+
fs.mkdirSync('/config', { recursive: true });
|
|
59
|
+
fs.writeFileSync(CLIENT_ID_PATH, clientId);
|
|
60
|
+
console.log(`[INFO] ${new Date().toISOString()} - 💾 Saved client_id to ${CLIENT_ID_PATH}`);
|
|
61
|
+
} catch (e) {
|
|
62
|
+
console.error(`[ERROR] ${new Date().toISOString()} - Failed to write client_id: ${e.message}`);
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
|
package/package.json
CHANGED