@datanimbus/postman-request 3.0.1

package/index.js

@@ -0,0 +1,166 @@
+// Copyright 2010-2012 Mikeal Rogers
+//
+//    Licensed under the Apache License, Version 2.0 (the "License");
+//    you may not use this file except in compliance with the License.
+//    You may obtain a copy of the License at
+//
+//        http://www.apache.org/licenses/LICENSE-2.0
+//
+//    Unless required by applicable law or agreed to in writing, software
+//    distributed under the License is distributed on an "AS IS" BASIS,
+//    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//    See the License for the specific language governing permissions and
+//    limitations under the License.
+
+'use strict'
+
+var extend = require('extend')
+var cookies = require('./lib/cookies')
+
+// organize params for patch, post, put, head, del
+function initParams (uri, options, callback) {
+  if (typeof options === 'function') {
+    callback = options
+  }
+
+  var params = {protocolVersion: 'http1'}
+
+  if (options !== null && typeof options === 'object') {
+    extend(params, options, {uri: uri})
+  } else if (typeof uri === 'string') {
+    extend(params, {uri: uri})
+  } else {
+    extend(params, uri)
+  }
+
+  params.callback = callback || params.callback
+
+  // Disable http/2 when using custom agents that don't handle different versions separately
+  if (params.agents && !(params.agents.http1 || params.agents.auto || params.agents.http2)) {
+    params.protocolVersion = 'http1'
+  }
+
+  // Disable http/2 when using proxy or tunnels
+  // TODO: Remove this when http2 supports proxy and tunneling
+  if (params.tunnel || params.proxy) {
+    params.protocolVersion = 'http1'
+  }
+
+  // Disable flow when running in browser
+  if (typeof window !== 'undefined' && window.XMLHttpRequest) {
+    params.protocolVersion = 'http1'
+  }
+
+  return params
+}
+
+function request (uri, options, callback) {
+  if (typeof uri === 'undefined') {
+    throw new Error('undefined is not a valid uri or options object.')
+  }
+
+  var params = initParams(uri, options, callback)
+
+  return new request.Request(params)
+}
+
+function verbFunc (verb) {
+  var method = verb.toUpperCase()
+  return function (uri, options, callback) {
+    var params = initParams(uri, options, callback)
+    params.method = method
+    return request(params, params.callback)
+  }
+}
+
+// define like this to please codeintel/intellisense IDEs
+request.get = verbFunc('get')
+request.head = verbFunc('head')
+request.options = verbFunc('options')
+request.post = verbFunc('post')
+request.put = verbFunc('put')
+request.patch = verbFunc('patch')
+request.del = verbFunc('delete')
+request['delete'] = verbFunc('delete')
+
+request.jar = function (store) {
+  return cookies.jar(store)
+}
+
+request.cookie = function (str) {
+  return cookies.parse(str)
+}
+
+function wrapRequestMethod (method, options, requester, verb) {
+  return function (uri, opts, callback) {
+    var params = initParams(uri, opts, callback)
+
+    var target = {}
+    extend(true, target, options, params)
+
+    target.pool = params.pool || options.pool
+
+    if (verb) {
+      target.method = verb.toUpperCase()
+    }
+
+    if (typeof requester === 'function') {
+      method = requester
+    }
+
+    return method(target, target.callback)
+  }
+}
+
+request.defaults = function (options, requester) {
+  var self = this
+
+  options = options || {}
+
+  if (typeof options === 'function') {
+    requester = options
+    options = {}
+  }
+
+  var defaults = wrapRequestMethod(self, options, requester)
+
+  var verbs = ['get', 'head', 'post', 'put', 'patch', 'del', 'delete']
+  verbs.forEach(function (verb) {
+    defaults[verb] = wrapRequestMethod(self[verb], options, requester, verb)
+  })
+
+  defaults.cookie = wrapRequestMethod(self.cookie, options, requester)
+  defaults.jar = self.jar
+  defaults.defaults = self.defaults
+  return defaults
+}
+
+request.forever = function (agentOptions, optionsArg) {
+  var options = {}
+  if (optionsArg) {
+    extend(options, optionsArg)
+  }
+  if (agentOptions) {
+    options.agentOptions = agentOptions
+  }
+
+  options.forever = true
+  return request.defaults(options)
+}
+
+// Exports
+
+module.exports = request
+request.Request = require('./request')
+request.initParams = initParams
+
+// Backwards compatibility for request.debug
+Object.defineProperty(request, 'debug', {
+  enumerable: true,
+  get: function () {
+    return request.Request.debug
+  },
+  set: function (debug) {
+    request.Request.debug = debug
+  }
+})

package/lib/auth.js

@@ -0,0 +1,167 @@
+'use strict'
+
+var caseless = require('caseless')
+var uuid = require('uuid').v4
+var helpers = require('./helpers')
+
+var md5 = helpers.md5
+var toBase64 = helpers.toBase64
+
+function Auth (request) {
+  // define all public properties here
+  this.request = request
+  this.hasAuth = false
+  this.sentAuth = false
+  this.bearerToken = null
+  this.user = null
+  this.pass = null
+}
+
+Auth.prototype.basic = function (user, pass, sendImmediately) {
+  var self = this
+  if (typeof user !== 'string' || (pass !== undefined && typeof pass !== 'string')) {
+    self.request.emit('error', new Error('auth() received invalid user or password'))
+  }
+  self.user = user
+  self.pass = pass
+  self.hasAuth = true
+  var header = user + ':' + (pass || '')
+  if (sendImmediately || typeof sendImmediately === 'undefined') {
+    var authHeader = 'Basic ' + toBase64(header)
+    self.sentAuth = true
+    return authHeader
+  }
+}
+
+Auth.prototype.bearer = function (bearer, sendImmediately) {
+  var self = this
+  self.bearerToken = bearer
+  self.hasAuth = true
+  if (sendImmediately || typeof sendImmediately === 'undefined') {
+    if (typeof bearer === 'function') {
+      bearer = bearer()
+    }
+    var authHeader = 'Bearer ' + (bearer || '')
+    self.sentAuth = true
+    return authHeader
+  }
+}
+
+Auth.prototype.digest = function (method, path, authHeader) {
+  // TODO: More complete implementation of RFC 2617.
+  //   - handle challenge.domain
+  //   - support qop="auth-int" only
+  //   - handle Authentication-Info (not necessarily?)
+  //   - check challenge.stale (not necessarily?)
+  //   - increase nc (not necessarily?)
+  // For reference:
+  // http://tools.ietf.org/html/rfc2617#section-3
+  // https://github.com/bagder/curl/blob/master/lib/http_digest.c
+
+  var self = this
+
+  var challenge = {}
+  var re = /([a-z0-9_-]+)=(?:"([^"]+)"|([a-z0-9_-]+))/gi
+  while (true) {
+    var match = re.exec(authHeader)
+    if (!match) {
+      break
+    }
+    challenge[match[1]] = match[2] || match[3]
+  }
+
+  /**
+   * RFC 2617: handle both MD5 and MD5-sess algorithms.
+   *
+   * If the algorithm directive's value is "MD5" or unspecified, then HA1 is
+   *   HA1=MD5(username:realm:password)
+   * If the algorithm directive's value is "MD5-sess", then HA1 is
+   *   HA1=MD5(MD5(username:realm:password):nonce:cnonce)
+   */
+  var ha1Compute = function (algorithm, user, realm, pass, nonce, cnonce) {
+    var ha1 = md5(user + ':' + realm + ':' + pass)
+    if (algorithm && algorithm.toLowerCase() === 'md5-sess') {
+      return md5(ha1 + ':' + nonce + ':' + cnonce)
+    } else {
+      return ha1
+    }
+  }
+
+  var qop = /(^|,)\s*auth\s*($|,)/.test(challenge.qop) && 'auth'
+  var nc = qop && '00000001'
+  var cnonce = qop && uuid().replace(/-/g, '')
+  var ha1 = ha1Compute(challenge.algorithm, self.user, challenge.realm, self.pass, challenge.nonce, cnonce)
+  var ha2 = md5(method + ':' + path)
+  var digestResponse = qop
+    ? md5(ha1 + ':' + challenge.nonce + ':' + nc + ':' + cnonce + ':' + qop + ':' + ha2)
+    : md5(ha1 + ':' + challenge.nonce + ':' + ha2)
+  var authValues = {
+    username: self.user,
+    realm: challenge.realm,
+    nonce: challenge.nonce,
+    uri: path,
+    qop: qop,
+    response: digestResponse,
+    nc: nc,
+    cnonce: cnonce,
+    algorithm: challenge.algorithm,
+    opaque: challenge.opaque
+  }
+
+  authHeader = []
+  for (var k in authValues) {
+    if (authValues[k]) {
+      if (k === 'qop' || k === 'nc' || k === 'algorithm') {
+        authHeader.push(k + '=' + authValues[k])
+      } else {
+        authHeader.push(k + '="' + authValues[k] + '"')
+      }
+    }
+  }
+  authHeader = 'Digest ' + authHeader.join(', ')
+  self.sentAuth = true
+  return authHeader
+}
+
+Auth.prototype.onRequest = function (user, pass, sendImmediately, bearer) {
+  var self = this
+  var request = self.request
+
+  var authHeader
+  if (bearer === undefined && user === undefined) {
+    self.request.emit('error', new Error('no auth mechanism defined'))
+  } else if (bearer !== undefined) {
+    authHeader = self.bearer(bearer, sendImmediately)
+  } else {
+    authHeader = self.basic(user, pass, sendImmediately)
+  }
+  if (authHeader) {
+    request.setHeader('Authorization', authHeader)
+  }
+}
+
+Auth.prototype.onResponse = function (response) {
+  var self = this
+  var request = self.request
+
+  if (!self.hasAuth || self.sentAuth) { return null }
+
+  var c = caseless(response.headers)
+
+  var authHeader = c.get('www-authenticate')
+  var authVerb = authHeader && authHeader.split(' ')[0].toLowerCase()
+  request.debug('reauth', authVerb)
+
+  switch (authVerb) {
+    case 'basic':
+      return self.basic(self.user, self.pass, true)
+
+    case 'bearer':
+      return self.bearer(self.bearerToken, true)
+
+    case 'digest':
+      return self.digest(request.method, request.path, authHeader)
+  }
+}
+
+exports.Auth = Auth

package/lib/autohttp/agent.js

@@ -0,0 +1,206 @@
+const { Agent: Http2Agent } = require('../http2')
+const https = require('https')
+const tls = require('tls')
+const { EventEmitter } = require('events')
+const net = require('net')
+const { getName: getSocketName } = require('../autohttp/requestName')
+
+// All valid options defined at https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
+const supportedProtocols = ['h2', 'http/1.1', 'http/1.0', 'http/0.9']
+
+// Referenced from https://github.com/nodejs/node/blob/0bf200b49a9a6eacdea6d5e5939cc2466506d532/lib/_http_agent.js#L350
+function calculateServerName (options) {
+  let servername = options.host || ''
+  const hostHeader = options.headers && options.headers.host
+
+  if (hostHeader) {
+    if (typeof hostHeader !== 'string') {
+      throw new TypeError(
+        'host header content must be a string, received' + hostHeader
+      )
+    }
+
+    // abc => abc
+    // abc:123 => abc
+    // [::1] => ::1
+    // [::1]:123 => ::1
+    if (hostHeader.startsWith('[')) {
+      const index = hostHeader.indexOf(']')
+      if (index === -1) {
+        // Leading '[', but no ']'. Need to do something...
+        servername = hostHeader
+      } else {
+        servername = hostHeader.substring(1, index)
+      }
+    } else {
+      servername = hostHeader.split(':', 1)[0]
+    }
+  }
+  // Don't implicitly set invalid (IP) servernames.
+  if (net.isIP(servername)) servername = ''
+  return servername
+}
+
+class AutoHttp2Agent extends EventEmitter {
+  constructor (options) {
+    super()
+    this.http2Agent = new Http2Agent(options)
+    this.httpsAgent = new https.Agent(options)
+    this.ALPNCache = new Map()
+    this.options = options
+    this.defaultPort = 443
+  }
+
+  createConnection (
+    req,
+    reqOptions,
+    cb,
+    socketCb
+  ) {
+    const options = {
+      ...reqOptions,
+      ...this.options,
+      port: Number(reqOptions.port || this.options.port || this.defaultPort),
+      host: reqOptions.hostname || reqOptions.host || 'localhost'
+    }
+
+    // check if ALPN is cached
+    const name = getSocketName(options)
+    const [protocol, cachedSocket] = this.ALPNCache.get(name) || []
+
+    if (!protocol || !cachedSocket || cachedSocket.closed || cachedSocket.destroyed) {
+      // No cache exists or the initial socket used to establish the connection has been closed. Perform ALPN again.
+      this.ALPNCache.delete(name)
+      this.createNewSocketConnection(req, options, cb, socketCb)
+      return
+    }
+
+    // No need to pass the cachedSocket since the respective protocol's agents will reuse the socket that was initially
+    // passed during ALPN Negotiation
+    if (protocol === 'h2') {
+      const http2Options = {
+        ...options,
+        path: options.socketPath
+      }
+
+      let connection
+      try {
+        const uri = options.uri
+        connection = this.http2Agent.createConnection(req, uri, http2Options)
+      } catch (e) {
+        cb(e)
+        connection && connection.socket && socketCb(connection.socket)
+        return
+      }
+
+      cb(null, 'http2', connection)
+      socketCb(connection.socket)
+
+      return
+    }
+
+    const http1RequestOptions = {
+      ...options,
+      agent: this.httpsAgent
+    }
+
+    let request
+    try {
+      request = https.request(http1RequestOptions)
+    } catch (e) {
+      cb(e)
+      return
+    }
+
+    request.on('socket', (socket) => socketCb(socket))
+    cb(null, 'http1', request)
+  }
+
+  createNewSocketConnection (req, options, cb, socketCb) {
+    const uri = options.uri
+    const name = getSocketName(options)
+
+    const socket = tls.connect({
+      ...options,
+      path: options.socketPath,
+      ALPNProtocols: supportedProtocols,
+      servername: options.servername || calculateServerName(options)
+    })
+    socketCb(socket)
+
+    const socketConnectionErrorHandler = (e) => {
+      cb(e)
+    }
+    socket.on('error', socketConnectionErrorHandler)
+
+    socket.once('secureConnect', () => {
+      socket.removeListener('error', socketConnectionErrorHandler)
+
+      const protocol = socket.alpnProtocol || 'http/1.1'
+
+      if (!supportedProtocols.includes(protocol)) {
+        cb(new Error('Unknown protocol' + protocol))
+        return
+      }
+
+      // Update the cache
+      this.ALPNCache.set(name, [protocol, socket])
+
+      socket.once('close', () => {
+        // Clean the cache when the socket closes
+        this.ALPNCache.delete(name)
+      })
+
+      if (protocol === 'h2') {
+        const http2Options = {
+          ...options,
+          path: options.socketPath
+        }
+        try {
+          const connection = this.http2Agent.createConnection(
+            req,
+            uri,
+            http2Options,
+            socket
+          )
+          cb(null, 'http2', connection)
+        } catch (e) {
+          cb(e)
+        }
+        return
+      }
+
+      // Protocol is http1, using the built in agent
+      // We need to release all free sockets so that new connection is created using the overridden createconnection
+      // forcing the agent to reuse the socket used for alpn
+
+      // This reassignment works, since all code so far is sync, and happens in the same tick, hence there will be no
+      // race conditions
+      const oldCreateConnection = this.httpsAgent.createConnection
+
+      this.httpsAgent.createConnection = () => {
+        return socket
+      }
+
+      const http1RequestOptions = {
+        ...options,
+        agent: this.httpsAgent
+      }
+      let request
+      try {
+        request = https.request(http1RequestOptions)
+      } catch (e) {
+        cb(e)
+        return
+      } finally {
+        this.httpsAgent.createConnection = oldCreateConnection
+      }
+      cb(null, 'http1', request)
+    })
+  }
+}
+
+module.exports = {
+  AutoHttp2Agent,
+  globalAgent: new AutoHttp2Agent({})
+}

package/lib/autohttp/headerValidations.js

@@ -0,0 +1,40 @@
+const {constants = {}} = require('http2')
+
+// Referenced from https://github.com/nodejs/node/blob/0bf200b49a9a6eacdea6d5e5939cc2466506d532/lib/internal/http2/util.js#L107
+const kValidPseudoHeaders = new Set([
+  constants.HTTP2_HEADER_STATUS,
+  constants.HTTP2_HEADER_METHOD,
+  constants.HTTP2_HEADER_AUTHORITY,
+  constants.HTTP2_HEADER_SCHEME,
+  constants.HTTP2_HEADER_PATH
+])
+
+// Referenced from https://github.com/nodejs/node/blob/0bf200b49a9a6eacdea6d5e5939cc2466506d532/lib/internal/http2/util.js#L573
+function assertValidPseudoHeader (header) {
+  if (!kValidPseudoHeaders.has(header)) {
+    throw new Error('Invalid PseudoHeader ' + header)
+  }
+}
+
+// Referenced from https://github.com/nodejs/node/blob/0bf200b49a9a6eacdea6d5e5939cc2466506d532/lib/_http_common.js#L206
+const tokenRegExp = /^[\^_`a-zA-Z\-0-9!#$%&'*+.|~]+$/
+function checkIsHttpToken (token) {
+  return RegExp(tokenRegExp).exec(token) !== null
+}
+
+// Referenced from https://github.com/nodejs/node/blob/0bf200b49a9a6eacdea6d5e5939cc2466506d532/lib/internal/http2/core.js#L1763
+function validateRequestHeaders (headers) {
+  if (headers !== null && headers !== undefined) {
+    const keys = Object.keys(headers)
+    for (let i = 0; i < keys.length; i++) {
+      const header = keys[i]
+      if (header[0] === ':') {
+        assertValidPseudoHeader(header)
+      } else if (header && !checkIsHttpToken(header)) { throw new Error('Invalid HTTP Token: Header name' + header) }
+    }
+  }
+}
+
+module.exports = {
+  validateRequestHeaders
+}

package/lib/autohttp/index.js

@@ -0,0 +1,8 @@
+const { AutoHttp2Agent, globalAgent } = require('./agent')
+const { request } = require('./request')
+
+module.exports = {
+  Agent: AutoHttp2Agent,
+  request,
+  globalAgent
+}