@dainprotocol/tunnel 1.1.29 → 1.1.31

package/dist/client/index.js

@@ -270,8 +270,16 @@ class DainTunnel extends events_1.EventEmitter {
             this.safeSend({ type: 'websocket', id: message.id, event, data });
         };
         try {
+            // Preserve original host for JWT audience validation
+            const headers = { ...message.headers };
+            const originalHost = message.headers.host;
+            if (originalHost && !headers['x-forwarded-host']) {
+                headers['x-forwarded-host'] = originalHost;
+                headers['x-forwarded-proto'] = 'https';
+            }
+            delete headers.host; // Remove so WebSocket library doesn't send tunnel host to localhost
             const client = new ws_1.default(`ws://localhost:${this.port}${message.path}`, {
-                headers: message.headers
+                headers
             });
             this.webSocketClients.set(message.id, client);
             client.on('message', (data) => {
@@ -315,6 +323,12 @@ class DainTunnel extends events_1.EventEmitter {
         };
         try {
             const headers = { ...message.headers };
+            // Preserve original host for JWT audience validation
+            const originalHost = message.headers.host;
+            if (originalHost && !headers['x-forwarded-host']) {
+                headers['x-forwarded-host'] = originalHost;
+                headers['x-forwarded-proto'] = 'https';
+            }
             delete headers.host;
             headers['accept-encoding'] = 'identity';
             const req = http_1.default.request({
@@ -339,28 +353,31 @@ class DainTunnel extends events_1.EventEmitter {
                 sendSseEvent('connected');
                 let buffer = '';
                 const processBuffer = () => {
-                    buffer = buffer.replace(/\r\n/g, '\n');
-                    while (buffer.includes('\n\n')) {
-                        const idx = buffer.indexOf('\n\n');
-                        const msgData = buffer.substring(0, idx);
-                        buffer = buffer.substring(idx + 2);
-                        if (!msgData.trim() || msgData.startsWith(':'))
+                    // Normalize line endings once
+                    if (buffer.indexOf('\r') >= 0) {
+                        buffer = buffer.replace(/\r\n/g, '\n').replace(/\r/g, '\n');
+                    }
+                    let idx;
+                    while ((idx = buffer.indexOf('\n\n')) >= 0) {
+                        const msgData = buffer.slice(0, idx);
+                        buffer = buffer.slice(idx + 2);
+                        // Skip empty messages and comments
+                        if (!msgData || msgData[0] === ':')
                             continue;
                         let event = 'message';
                         let data = '';
-                        for (const line of msgData.split('\n')) {
-                            if (line.startsWith('event:')) {
-                                event = line.substring(6).trim();
+                        const lines = msgData.split('\n');
+                        for (let i = 0; i < lines.length; i++) {
+                            const line = lines[i];
+                            if (line.length > 6 && line[0] === 'e' && line.startsWith('event:')) {
+                                event = line.slice(6).trim();
                             }
-                            else if (line.startsWith('data:')) {
-                                data += line.substring(5).trim() + '\n';
+                            else if (line.length > 5 && line[0] === 'd' && line.startsWith('data:')) {
+                                data += (data ? '\n' : '') + line.slice(5).trim();
                             }
                         }
-                        if (data.endsWith('\n'))
-                            data = data.slice(0, -1);
-                        if (data) {
+                        if (data)
                             sendSseEvent(event, data);
-                        }
                     }
                 };
                 res.on('data', (chunk) => {
@@ -419,12 +436,20 @@ class DainTunnel extends events_1.EventEmitter {
                     resolve(response);
                 }
             };
+            // Preserve original host for JWT audience validation
+            const headers = { ...request.headers };
+            const originalHost = request.headers.host;
+            if (originalHost && !headers['x-forwarded-host']) {
+                headers['x-forwarded-host'] = originalHost;
+                headers['x-forwarded-proto'] = 'https';
+            }
+            delete headers.host;
             const options = {
                 hostname: 'localhost',
                 port: this.port,
                 path: request.path,
                 method: request.method,
-                headers: request.headers,
+                headers,
                 agent: this.httpAgent,
                 timeout: TIMEOUTS.REQUEST,
             };

package/dist/server/index.js

@@ -9,13 +9,12 @@ const ws_1 = __importDefault(require("ws"));
 const body_parser_1 = __importDefault(require("body-parser"));
 const auth_1 = require("@dainprotocol/service-sdk/service/auth");
 const crypto_1 = require("crypto");
-const url_1 = require("url");
 const TIMEOUTS = {
     CHALLENGE_TTL: 30000,
     PING_INTERVAL: 30000,
     REQUEST_TIMEOUT: 30000,
     SSE_KEEPALIVE: 5000,
-    TUNNEL_RETRY_DELAY: 100,
+    TUNNEL_RETRY_DELAY: 20, // Reduced from 100ms
     SERVER_KEEPALIVE: 65000,
     SERVER_HEADERS: 66000,
 };
@@ -26,11 +25,21 @@ const LIMITS = {
     BACKPRESSURE_THRESHOLD: 1024 * 1024,
     SERVER_MAX_HEADERS: 100,
     WS_BACKLOG: 100,
-    TUNNEL_RETRY_COUNT: 3,
+    TUNNEL_RETRY_COUNT: 2, // Reduced from 3
 };
+// Fast ID generator - no crypto needed for internal IDs
 let idCounter = 0;
+const ID_PREFIX = Date.now().toString(36);
 function fastId() {
-    return `${Date.now().toString(36)}-${(idCounter++).toString(36)}-${(0, crypto_1.randomBytes)(4).toString('hex')}`;
+    return `${ID_PREFIX}-${(++idCounter).toString(36)}`;
+}
+// Fast path extraction - avoids URL parsing overhead
+function extractPathParts(url) {
+    if (!url)
+        return [];
+    const qIdx = url.indexOf('?');
+    const path = qIdx >= 0 ? url.slice(0, qIdx) : url;
+    return path.split('/');
 }
 class DainTunnelServer {
     safeSend(ws, data) {
@@ -121,11 +130,9 @@ class DainTunnelServer {
     }
     setupWebSocketServer() {
         this.wss.on("connection", (ws, req) => {
-            var _a;
             try {
-                const url = (0, url_1.parse)(req.url || '', true);
-                const pathParts = ((_a = url.pathname) === null || _a === void 0 ? void 0 : _a.split('/')) || [];
-                const isRootConnection = !url.pathname || url.pathname === '/' || pathParts.length <= 1 || !pathParts[1];
+                const pathParts = extractPathParts(req.url);
+                const isRootConnection = pathParts.length <= 1 || !pathParts[1];
                 if (isRootConnection) {
                     this.handleTunnelClientConnection(ws, req);
                 }
@@ -170,9 +177,7 @@ class DainTunnelServer {
         ws.on("error", (error) => console.error("[Tunnel] WS error:", error));
     }
     handleProxiedWebSocketConnection(ws, req) {
-        var _a;
-        const url = (0, url_1.parse)(req.url || '', true);
-        const pathParts = ((_a = url.pathname) === null || _a === void 0 ? void 0 : _a.split('/')) || [];
+        const pathParts = extractPathParts(req.url);
         if (pathParts.length < 2) {
             ws.close(1008, "Invalid tunnel ID");
             return;
@@ -299,21 +304,20 @@ class DainTunnelServer {
         }
     }
     handleResponseMessage(data) {
-        console.log(`[Response] Received for: ${data.requestId}, status: ${data.status}`);
         const pendingRequest = this.pendingRequests.get(data.requestId);
         if (!pendingRequest)
             return;
-        const { res, startTime, tunnelId, timeoutId } = pendingRequest;
-        console.log(`[Response] Completed in ${Date.now() - startTime}ms`);
+        const { res, tunnelId, timeoutId } = pendingRequest;
+        this.pendingRequests.delete(data.requestId);
         if (timeoutId)
             clearTimeout(timeoutId);
         this.decrementRequestCount(tunnelId);
-        const headers = { ...data.headers };
+        // Modify headers in place instead of spreading
+        const headers = data.headers;
         delete headers["transfer-encoding"];
         delete headers["content-length"];
         const bodyBuffer = Buffer.from(data.body, "base64");
         res.status(data.status).set(headers).set("Content-Length", bodyBuffer.length.toString()).send(bodyBuffer);
-        this.pendingRequests.delete(data.requestId);
     }
     handleSSEMessage(data) {
         const connection = this.sseConnections.get(data.id);
@@ -340,12 +344,11 @@ class DainTunnelServer {
             return;
         }
         try {
-            if (data.event)
-                res.write(`event: ${data.event}\n`);
-            for (const line of data.data.split('\n')) {
-                res.write(`data: ${line}\n`);
-            }
-            res.write('\n');
+            // Batch write SSE event in single call
+            const lines = data.data.split('\n');
+            const message = (data.event ? `event: ${data.event}\n` : '') +
+                lines.map(line => `data: ${line}`).join('\n') + '\n\n';
+            res.write(message);
         }
         catch (_c) {
             this.cleanupSSEConnection(data.id, tunnelId);
@@ -382,10 +385,9 @@ class DainTunnelServer {
         }
     }
     async handleRequest(req, res) {
-        var _a, _b, _c;
+        var _a, _b;
         const tunnelId = req.params.tunnelId;
-        console.log(`[Request] ${req.method} /${tunnelId}${req.url}, Accept: ${(_a = req.headers.accept) === null || _a === void 0 ? void 0 : _a.substring(0, 30)}`);
-        if (((_b = req.headers.upgrade) === null || _b === void 0 ? void 0 : _b.toLowerCase()) === 'websocket')
+        if (((_a = req.headers.upgrade) === null || _a === void 0 ? void 0 : _a.toLowerCase()) === 'websocket')
             return;
         let tunnel;
         let retries = LIMITS.TUNNEL_RETRY_COUNT;
@@ -397,17 +399,14 @@ class DainTunnelServer {
             }
         }
         if (!tunnel) {
-            const available = Array.from(this.tunnels.keys());
-            console.log(`[Request] Tunnel not found: ${tunnelId}, available tunnels: [${available.join(', ')}], count: ${available.length}`);
             this.decrementRequestCount(tunnelId);
             res.status(502).json({
                 error: "Bad Gateway",
                 message: `Tunnel "${tunnelId}" not connected. The service may be offline or reconnecting.`,
-                availableTunnels: available.length
+                availableTunnels: this.tunnels.size
             });
             return;
         }
-        console.log(`[Request] Tunnel found: ${tunnelId}, wsState: ${tunnel.ws.readyState}`);
         if (tunnel.ws.bufferedAmount > LIMITS.BACKPRESSURE_THRESHOLD) {
             res.status(503).json({ error: "Service Unavailable", message: "Tunnel high load" });
             return;
@@ -418,7 +417,7 @@ class DainTunnelServer {
             return;
         }
         this.tunnelRequestCount.set(tunnelId, currentCount + 1);
-        if ((_c = req.headers.accept) === null || _c === void 0 ? void 0 : _c.includes('text/event-stream')) {
+        if ((_b = req.headers.accept) === null || _b === void 0 ? void 0 : _b.includes('text/event-stream')) {
             this.handleSSERequest(req, res, tunnelId, tunnel);
             return;
         }
@@ -435,7 +434,6 @@ class DainTunnelServer {
             }
         }, TIMEOUTS.REQUEST_TIMEOUT);
         this.pendingRequests.set(requestId, { res, startTime, tunnelId, timeoutId });
-        console.log(`[Request] Sending to tunnel client: ${requestId}, wsState: ${tunnel.ws.readyState}, buffered: ${tunnel.ws.bufferedAmount}`);
         const hasBody = req.method !== "GET" && req.method !== "HEAD" &&
             req.body && Buffer.isBuffer(req.body) && req.body.length > 0;
         const sent = this.safeSend(tunnel.ws, {
@@ -446,7 +444,6 @@ class DainTunnelServer {
             headers: req.headers,
             body: hasBody ? req.body.toString("base64") : undefined,
         });
-        console.log(`[Request] Sent to tunnel client: ${sent}`);
         if (!sent) {
             clearTimeout(timeoutId);
             this.pendingRequests.delete(requestId);
@@ -459,8 +456,6 @@ class DainTunnelServer {
     handleSSERequest(req, res, tunnelId, tunnel) {
         var _a, _b;
         const sseId = fastId();
-        const startTime = Date.now();
-        console.log(`[SSE] ${sseId} started: ${req.url}`);
         if (req.socket) {
             req.socket.setNoDelay(true);
             req.socket.setTimeout(0);
@@ -525,7 +520,6 @@ class DainTunnelServer {
             if (cleanedUp)
                 return;
             cleanedUp = true;
-            console.log(`[SSE] ${sseId} completed in ${Date.now() - startTime}ms`);
             this.safeSend(tunnel.ws, { type: "sse_close", id: sseId });
             this.cleanupSSEConnection(sseId, tunnelId);
         };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dainprotocol/tunnel",
-  "version": "1.1.29",
+  "version": "1.1.31",
   "description": "",
   "main": "dist/index.js",
   "private": false,