@interopio/gateway-server 0.4.0-beta → 0.5.0-beta

package/src/server/cors.ts

@@ -1,311 +0,0 @@
-import {
-    WebExchange,
-    HttpRequest,
-    ReadonlyHttpHeaders,
-    ServerHttpResponse, ServerHttpRequest
-} from './types.ts';
-import getLogger from '../logger.js';
-import {IOGateway} from '@interopio/gateway';
-import {HttpServerResponse} from './exchange.ts';
-
-function isSameOrigin(request: HttpRequest<ReadonlyHttpHeaders>) {
-    const origin = request.headers.one('origin');
-    if (origin === undefined) {
-        return true;
-    }
-    const url = request.URL;
-    const actualProtocol = url.protocol;
-    const actualHost = url.host;
-
-    const originUrl = new URL(origin);
-
-    const originHost = originUrl.host;
-    const originProtocol = originUrl.protocol;
-    return actualProtocol === originProtocol
-        && actualHost === originHost;
-}
-
-/**
- * Returns `true` if the request is a valid CORS one by checking `Origin` header presence and ensuring origins differ.
- */
-export function isCorsRequest(request: HttpRequest<ReadonlyHttpHeaders>): boolean {
-    return request.headers.has('origin') && !isSameOrigin(request);
-
-}
-
-export function isPreFlightRequest(request: HttpRequest): boolean {
-    return request.method === 'OPTIONS'
-        && request.headers.has('origin')
-        && request.headers.has('access-control-request-method');
-}
-
-const VARY_HEADERS: readonly string[] = ['Origin', 'Access-Control-Request-Method', 'Access-Control-Request-Headers'];
-
-/**
- * Processes a request given a {@link CorsConfig}.
- *
- * @param exchange the current exchange
- * @param config the CORS configuration to use, possibly `undefined` in which case pre-flight requests are rejected, but all others allowed
- * @returns `false` if the request is rejected, `true` otherwise
- */
-export function processRequest(exchange: WebExchange, config?: CorsConfig): boolean {
-    const {request, response} = exchange;
-    const responseHeaders = response.headers;
-
-    if (!responseHeaders.has('Vary')) {
-        responseHeaders.set('Vary', VARY_HEADERS.join(', '));
-    }
-    else {
-        const varyHeaders = responseHeaders.list('Vary');
-        for (const header of VARY_HEADERS) {
-            if (!varyHeaders.find(h => h === header)) {
-                varyHeaders.push(header);
-            }
-        }
-        responseHeaders.set('Vary', varyHeaders.join(', '));
-    }
-
-    try {
-        if (!isCorsRequest(request)) {
-            return true;
-        }
-    } catch (e) {
-        if(logger.enabledFor('debug')) {
-            logger.debug(`reject: origin is malformed`);
-        }
-        rejectRequest(response);
-        return false;
-    }
-
-    if (responseHeaders.has('access-control-allow-origin')) {
-        logger.trace(`skip: already contains "Access-Control-Allow-Origin"`);
-        return true;
-    }
-
-    const preFlightRequest = isPreFlightRequest(request);
-
-    if (config) {
-        return handleInternal(exchange, config, preFlightRequest);
-    }
-    if (preFlightRequest) {
-        rejectRequest(response);
-        return false;
-    }
-    return true;
-}
-
-export type CorsConfig = {
-    origins?: {
-        allow?: '*' | IOGateway.Filtering.Matcher[]
-    }
-    methods?: {
-        allow?: '*' | string[]
-    }
-    headers?: {
-        allow?: '*' | string[]
-        expose?: string[]
-    }
-    credentials?: {
-        allow?: boolean
-    },
-    privateNetwork?: {
-        allow?: boolean
-    }
-}
-
-export /*testing*/ function validateConfig(config?: CorsConfig): CorsConfig | undefined {
-    if (config) {
-
-        const headers = config.headers;
-        if (headers?.allow && headers.allow !== ALL) {
-            headers.allow = headers.allow.map(header => header.toLowerCase());
-        }
-        const origins = config.origins;
-        if (origins?.allow && origins.allow !== ALL) {
-            origins.allow = origins.allow.map(origin => {
-                if (typeof origin === 'string') {
-                    // exact match
-                    return origin.toLowerCase();
-                }
-                return origin;
-            });
-        }
-        return config;
-    }
-}
-
-const handler = (config?: CorsConfig) => {
-    validateConfig(config);
-    return async (ctx: WebExchange<ServerHttpRequest, HttpServerResponse>, next: () => Promise<void>) => {
-        const isValid = processRequest(ctx, config);
-        if (!isValid || isPreFlightRequest(ctx.request)) {
-            // do we need to call end?
-            ctx.response._res.end();
-        } else {
-            await next();
-        }
-    };
-};
-
-export default (config?: CorsConfig) => [handler(config)];
-
-
-const logger = getLogger('cors');
-
-function rejectRequest(response: ServerHttpResponse) {
-    response.statusCode = 403;
-}
-
-function handleInternal(exchange: WebExchange,
-                        config: CorsConfig, preFlightRequest: boolean): boolean {
-    const {request, response} = exchange;
-    const responseHeaders = response.headers;
-
-    const requestOrigin = request.headers.one('origin');
-    const allowOrigin = checkOrigin(config, requestOrigin);
-
-    if (allowOrigin === undefined) {
-        if (logger.enabledFor('debug')) {
-            logger.debug(`reject: '${requestOrigin}' origin is not allowed`);
-        }
-        rejectRequest(response);
-        return false;
-    }
-
-    const requestMethod = getMethodToUse(request, preFlightRequest);
-    const allowMethods = checkMethods(config, requestMethod);
-    if (allowMethods === undefined) {
-        if (logger.enabledFor('debug')) {
-            logger.debug(`reject: HTTP '${requestMethod}' is not allowed`);
-        }
-        rejectRequest(response);
-        return false;
-    }
-
-    const requestHeaders = getHeadersToUse(request, preFlightRequest);
-    const allowHeaders = checkHeaders(config, requestHeaders);
-    if (preFlightRequest && allowHeaders === undefined) {
-        if (logger.enabledFor('debug')) {
-            logger.debug(`reject: headers '${requestHeaders}' are not allowed`);
-        }
-        rejectRequest(response);
-        return false;
-    }
-
-    responseHeaders.set('access-control-allow-origin', allowOrigin);
-
-    if (preFlightRequest) {
-        responseHeaders.set('access-control-allow-methods', allowMethods.join(','));
-
-    }
-    if (preFlightRequest && allowHeaders !== undefined && allowHeaders.length  > 0) {
-        responseHeaders.set('access-control-allow-headers', allowHeaders.join(', '));
-    }
-    const exposeHeaders = config.headers?.expose;
-    if (exposeHeaders && exposeHeaders.length > 0) {
-        responseHeaders.set('access-control-expose-headers', exposeHeaders.join(', '));
-    }
-    if (config.credentials?.allow) {
-        responseHeaders.set('access-control-allow-credentials', 'true');
-    }
-    if (config.privateNetwork?.allow && request.headers.one('access-control-request-private-network') === 'true') {
-        responseHeaders.set('access-control-allow-private-network', 'true');
-    }
-
-    // no max-age support :)
-    return true;
-}
-
-const ALL = '*';
-const DEFAULT_METHODS = ['GET', 'HEAD'];
-
-function validateAllowCredentials(config: CorsConfig) {
-    if (config.credentials?.allow === true && config.origins?.allow === ALL) {
-        throw new Error(`when credentials.allow is true origins.allow cannot be "*"`);
-    }
-}
-
-function validateAllowPrivateNetwork(config: CorsConfig) {
-    if (config.privateNetwork?.allow === true && config.origins?.allow === ALL) {
-        throw new Error(`when privateNetwork.allow is true origins.allow cannot be "*"`);
-    }
-}
-
-function checkOrigin(config: CorsConfig, origin? :string): string | undefined {
-    if (origin) {
-        const allowedOrigins = config.origins?.allow;
-        if (allowedOrigins) {
-            if (allowedOrigins === ALL) {
-                validateAllowCredentials(config);
-                validateAllowPrivateNetwork(config);
-                return ALL;
-            }
-            const originToCheck = trimTrailingSlash(origin.toLowerCase());
-
-            for (const allowedOrigin of allowedOrigins) {
-                if ((allowedOrigin ===  ALL) || IOGateway.Filtering.valueMatches(allowedOrigin, originToCheck)) {
-                    return origin;
-                }
-            }
-        }
-    }
-}
-
-function checkMethods(config: CorsConfig, requestMethod?: string): string[] | undefined {
-    if (requestMethod) {
-        const allowedMethods = config.methods?.allow ?? DEFAULT_METHODS;
-        if (allowedMethods === ALL) {
-            return [requestMethod];
-        }
-        if (IOGateway.Filtering.valuesMatch(allowedMethods, requestMethod)) {
-            return allowedMethods;
-        }
-    }
-}
-
-function checkHeaders(config: CorsConfig, requestHeaders?: string[]): string[] | undefined {
-    if (requestHeaders === undefined) {
-        return;
-    }
-    if (requestHeaders.length == 0) {
-        return [];
-    }
-    const allowedHeaders = config.headers?.allow;
-    if (allowedHeaders === undefined) {
-        return;
-    }
-    const allowAnyHeader = allowedHeaders === ALL;
-    const result: string[] = [];
-    for (const requestHeader of requestHeaders) {
-        const value = requestHeader?.trim();
-        if (value) {
-            if (allowAnyHeader) {
-                result.push(value);
-            }
-            else {
-                for (const allowedHeader of allowedHeaders) {
-                    if (value.toLowerCase() == allowedHeader) {
-                        result.push(value);
-                        break;
-                    }
-                }
-            }
-        }
-    }
-    if (result.length > 0) {
-        return result;
-    }
-}
-
-function trimTrailingSlash(origin: string): string {
-    return origin.endsWith('/') ? origin.slice(0, -1) : origin;
-}
-
-function getMethodToUse(request: HttpRequest<ReadonlyHttpHeaders>, isPreFlight: boolean): string | undefined {
-    return (isPreFlight ? request.headers.one('access-control-request-method') : request.method);
-}
-
-function getHeadersToUse(request: HttpRequest, isPreFlight: boolean): string[] {
-    const headers = request.headers;
-    return (isPreFlight ? headers.list('access-control-request-headers') : Array.from(headers.keys()));
-}

package/src/server/exchange.ts

@@ -1,379 +0,0 @@
-import {
-    HeaderValue,
-    HeaderValues,
-    HttpRequest, HttpResponse,
-    MutableHttpHeaders,
-    ReadonlyHttpHeaders,
-    ServerHttpRequest,
-    ServerHttpResponse,
-    WebExchange
-} from './types.js';
-import http from 'node:http';
-import http2 from 'node:http2';
-
-function requestToProtocol(request: ServerHttpRequest, defaultProtocol: string): string {
-    let proto = request.headers.get('x-forwarded-proto');
-
-    if (Array.isArray(proto)) {
-        proto = proto[0];
-    }
-    if (proto !== undefined) {
-        return (proto as string).split(',', 1)[0].trim();
-    }
-    return defaultProtocol;
-}
-
-function requestToHost(request: ServerHttpRequest, defaultHost?: string): string | undefined {
-    let host = request.headers.get('x-forwarded-for');
-    if (host === undefined) {
-        host = request.headers.get('x-forwarded-host');
-        if (Array.isArray(host)) {
-            host = host[0];
-        }
-        if (host) {
-            const port = request.headers.one('x-forwarded-port');
-            if (port) {
-                host = `${host}:${port}`;
-            }
-        }
-        if (host === undefined) {
-            host = request.headers.one('host');
-        }
-    }
-    if (Array.isArray(host)) {
-        host = host[0];
-    }
-    if (host) {
-        return (host as string).split(',', 1)[0].trim();
-    }
-
-
-
-    return defaultHost;
-}
-
-export class HttpServerRequest implements ServerHttpRequest {
-    private _body: Promise<Blob> | undefined;
-    private _url: URL | undefined;
-    private readonly _headers: ReadonlyHttpHeaders;
-    constructor(readonly _req: http.IncomingMessage) {
-        this._headers = new IncomingMessageHeaders(_req);
-    }
-
-    get http2(): boolean {
-        return this._req.httpVersionMajor >= 2;
-    }
-
-    get headers() {
-        return this._headers;
-    }
-
-    get path() {
-        return this.URL?.pathname;
-    }
-
-    get URL() {
-        this._url ??= new URL(this._req.url!, `${this.protocol}://${this.host}`);
-        return this._url;
-    }
-    get query() {
-        return this.URL?.search;
-    }
-
-    get method() {
-        return this._req.method;
-    }
-
-    get host() {
-        let dh: string | undefined = undefined;
-        if (this._req.httpVersionMajor >= 2) {
-            dh = (this._req?.headers as http2.IncomingHttpHeaders)[':authority'];
-        }
-        if (dh === undefined) {
-            dh = this._req?.socket.remoteAddress;
-        }
-        return requestToHost(this, dh);
-    }
-
-    get protocol() {
-        let dp: string | undefined = undefined;
-        if (this._req.httpVersionMajor > 2) {
-            dp = (this._req.headers as http2.IncomingHttpHeaders)[':scheme'];
-        }
-        if (dp === undefined) {
-            dp = this._req?.socket['encrypted'] ? 'https' : 'http'
-        }
-        return requestToProtocol(this, dp);
-    }
-
-    get socket() {
-        return this._req.socket;
-    }
-
-    get body() {
-        this._body ??= new Promise((resolve, reject) => {
-            const chunks: Uint8Array[] = [];
-            this._req
-                .on('error', (err: Error) => reject(err))
-                .on('data', (chunk) => chunks.push(chunk))
-                .on('end', () => {
-                    resolve(new Blob(chunks));
-                });
-        });
-        return this._body;
-    }
-
-    get text() {
-        return this.body.then(async (blob) => await blob.text());
-    }
-
-    get json() {
-        return this.body.then(async (blob) => {
-            const json = JSON.parse(await blob.text());
-            return json;
-            // try {
-            // } catch (e) {
-            //     reject(e instanceof Error ? e : new Error(`parse failed :${e}`));
-            // }
-        });
-    }
-}
-
-class IncomingMessageHeaders implements ReadonlyHttpHeaders {
-    constructor(private readonly _msg: http.IncomingMessage) {
-    }
-
-    has(name: string): boolean {
-        return this._msg.headers[name] !== undefined;
-    }
-
-    get(name: string): string | (readonly string[]) | undefined {
-        return this._msg.headers[name];
-    }
-
-    list(name: string): string[] {
-        return toList(this._msg.headers[name]);
-    }
-
-    one(name: string): string | undefined {
-        const value = this._msg.headers[name];
-        if (Array.isArray(value)) {
-            return value[0];
-        }
-        return value;
-    }
-    keys() {
-        return Object.keys(this._msg.headers).values();
-    }
-}
-
-class OutgoingMessageHeaders implements MutableHttpHeaders {
-    constructor(private readonly _msg: http.OutgoingMessage) {
-    }
-
-    has(name: string): boolean {
-        return this._msg.hasHeader(name);
-    }
-
-    keys() {
-        return this._msg.getHeaderNames().values();
-    }
-
-    get(name: string): HeaderValues {
-        return this._msg.getHeader(name);
-    }
-
-    one(name: string): HeaderValue {
-        const value = this._msg.getHeader(name);
-        if (Array.isArray(value)) {
-            return value[0];
-        }
-        return value;
-    }
-
-    set(name: string, value: HeaderValues): this {
-        if (!this._msg.headersSent) {
-            if (Array.isArray(value)) {
-                value = value.map(v => typeof v === 'number' ? String(v) : v);
-            } else if (typeof value === 'number') {
-                value = String(value);
-            }
-
-            if (value) {
-                this._msg.setHeader(name, value);
-            }
-            else {
-                this._msg.removeHeader(name);
-            }
-        }
-        return this;
-    }
-
-    add(name: string, value: string | (readonly string[])): this {
-        if (!this._msg.headersSent) {
-            this._msg.appendHeader(name, value);
-        }
-        return this;
-    }
-
-    list(name: string): string[] {
-        const values = this.get(name);
-        return toList(values);
-    }
-}
-
-export class HttpServerResponse implements ServerHttpResponse {
-    private readonly _headers: MutableHttpHeaders;
-    constructor(readonly _res: http.ServerResponse) {
-        this._headers = new OutgoingMessageHeaders(_res);
-    }
-
-    get statusCode(): number {
-        return this._res.statusCode;
-    }
-
-    set statusCode(value: number) {
-        if (this._res.headersSent) {
-            return;
-        }
-        this._res.statusCode = value;
-    }
-
-    get headers() {
-        return this._headers;
-    }
-}
-
-export class DefaultWebExchange<Request extends ServerHttpRequest, Response extends ServerHttpResponse> extends WebExchange<Request, Response> {
-    constructor(readonly request: Request, readonly response: Response) {
-        super();
-    }
-}
-
-function toList(values: number | string | (readonly string[]) | undefined): string[] {
-    if (typeof values === 'string') {
-        values = [values];
-    }
-    if (typeof values === 'number') {
-        values = [String(values)];
-    }
-    const list: string[] = [];
-    if (values) {
-        for (const value of values) {
-            if (value) {
-                list.push(...parseHeader(value));
-            }
-        }
-    }
-    return list;
-}
-
-function parseHeader(value: string): string[] {
-    const list: string[] = [];
-    {
-        let start = 0;
-        let end = 0;
-
-        for (let i = 0; i < value.length; i++) {
-            switch (value.charCodeAt(i)) {
-                case 0x20: // space
-                    if (start === end) {
-                        start = end = i + 1;
-                    }
-                    break;
-                case 0x2c: // comma
-                    list.push(value.slice(start, end));
-                    start = end = i + 1;
-                    break;
-                default:
-                    end = end + 1;
-                    break;
-            }
-        }
-        list.push(value.slice(start, end));
-    }
-
-    return list;
-}
-
-export class MapHttpHeaders extends Map<string, (readonly string[])> implements MutableHttpHeaders {
-
-    get(name: string) {
-        return super.get(name.toLowerCase());
-    }
-
-    one(name: string): string | undefined {
-        return this.get(name)?.[0];
-    }
-
-    list(name: string) {
-        const values = super.get(name.toLowerCase());
-        return toList(values);
-    }
-
-    set(name: string, value: number | string | (readonly string[]) | undefined): this {
-        if (typeof value === 'number') {
-            value = String(value);
-        }
-        if (typeof value === 'string') {
-            value = [value];
-        }
-        if (value) {
-            return super.set(name.toLowerCase(), value);
-        }
-        else {
-            super.delete(name.toLowerCase());
-            return this;
-        }
-    }
-
-    add(name: string, value: string | (readonly string[])) {
-        const prev = super.get(name.toLowerCase());
-        if (typeof value === 'string') {
-            value = [value];
-        }
-        if (prev) {
-            value = prev.concat(value);
-        }
-        this.set(name, value);
-        return this;
-    }
-}
-
-export class MockHttpRequest implements HttpRequest<MutableHttpHeaders> {
-    private _body?: Blob;
-    readonly headers = new MapHttpHeaders();
-
-    constructor(private readonly url: URL, method?: string) {
-        this.method = method ?? 'GET';
-        this.headers.set('Host', url.hostname);
-        this.path = url?.pathname ?? '/';
-    }
-    method: string;
-    path: string;
-
-    get host() {
-        return requestToHost(this, this.url.host);
-    }
-    get protocol() {
-        return requestToProtocol(this, this.url.protocol.slice(0, -1));
-    }
-
-    get body(): Promise<Blob> {
-        const body = this._body;
-        return body ? Promise.resolve(body): Promise.reject(new Error(`no body set`));
-    }
-    set body(value: Blob) {
-        this._body = value;
-    }
-
-    get URL() {
-        return new URL(this.path, `${this.protocol}://${this.host}`);
-    }
-}
-
-export class MockHttpResponse implements HttpResponse<MutableHttpHeaders> {
-    statusCode!: number;
-    headers = new MapHttpHeaders();
-
-}