@mojaloop/sdk-scheme-adapter 11.18.8

package/OutboundServer/index.js

@@ -0,0 +1,137 @@
+/**************************************************************************
+ *  (C) Copyright ModusBox Inc. 2019 - All rights reserved.               *
+ *                                                                        *
+ *  This file is made available under the terms of the license agreement  *
+ *  specified in the corresponding source code repository.                *
+ *                                                                        *
+ *  ORIGINAL AUTHOR:                                                      *
+ *       James Bush - james.bush@modusbox.com                             *
+ **************************************************************************/
+
+const http = require('http');
+
+const Koa = require('koa');
+const koaBody = require('koa-body');
+const yaml = require('js-yaml');
+const fs = require('fs');
+const path = require('path');
+const EventEmitter = require('events');
+const cors = require('@koa/cors');
+
+const { WSO2Auth } = require('@mojaloop/sdk-standard-components');
+
+const Validate = require('../lib/validate');
+const router = require('../lib/router');
+const handlers = require('./handlers');
+const middlewares = require('./middlewares');
+
+const endpointRegex = /\/.*/g;
+
+class OutboundApi extends EventEmitter {
+    constructor(conf, logger, cache, validator) {
+        super({ captureExceptions: true });
+        this._logger = logger;
+        this._api = new Koa();
+        this._conf = conf;
+        this._cache = cache;
+
+        this._wso2 = {
+            auth: new WSO2Auth({
+                ...this._conf.wso2.auth,
+                logger: this._logger,
+                tlsCreds: this._conf.mutualTLS.outboundRequests.enabled && this._conf.mutualTLS.outboundRequests.creds,
+            }),
+            retryWso2AuthFailureTimes: conf.wso2.requestAuthFailureRetryTimes,
+        };
+        this._wso2.auth.on('error', (msg) => {
+            this.emit('error', 'WSO2 auth error in OutboundApi', msg);
+        });
+
+        // use CORS
+        // https://github.com/koajs/cors
+        this._api.use(cors());
+
+        this._api.use(middlewares.createErrorHandler(this._logger));
+        this._api.use(middlewares.createRequestIdGenerator());
+        this._api.use(koaBody()); // outbound always expects application/json
+        this._api.use(middlewares.applyState({ cache, wso2: this._wso2, conf }));
+        this._api.use(middlewares.createLogger(this._logger));
+
+        //Note that we strip off any path on peerEndpoint config after the origin.
+        //this is to allow proxy routed requests to hit any path on the peer origin
+        //irrespective of any base path on the PEER_ENDPOINT setting
+        if (conf.proxyConfig) {
+            this._api.use(middlewares.createProxy({
+                ...conf,
+                peerEndpoint: conf.peerEndpoint.replace(endpointRegex, ''),
+                proxyConfig: conf.proxyConfig,
+                logger: this._logger,
+                wso2Auth: this._wso2.auth,
+                tls: conf.mutualTLS.outboundRequests,
+            }));
+        }
+
+        this._api.use(middlewares.createRequestValidator(validator));
+        this._api.use(router(handlers));
+    }
+
+    async start() {
+        if (!this._conf.testingDisableWSO2AuthStart) {
+            await this._wso2.auth.start();
+        }
+    }
+
+    async stop() {
+        this._wso2.auth.stop();
+    }
+
+    callback() {
+        return this._api.callback();
+    }
+}
+
+class OutboundServer extends EventEmitter {
+    constructor(conf, logger, cache) {
+        super({ captureExceptions: true });
+        this._validator = new Validate();
+        this._conf = conf;
+        this._logger = logger;
+        this._server = null;
+        this._api = new OutboundApi(
+            conf,
+            this._logger.push({ component: 'api' }),
+            cache,
+            this._validator
+        );
+        this._api.on('error', (...args) => {
+            this.emit('error', ...args);
+        });
+        this._server = http.createServer(this._api.callback());
+    }
+
+    async start() {
+        await this._api.start();
+
+        const specPath = path.join(__dirname, 'api.yaml');
+        const apiSpecs = yaml.load(fs.readFileSync(specPath));
+        await this._validator.initialise(apiSpecs);
+
+        await new Promise((resolve) => this._server.listen(this._conf.outboundServerPort, resolve));
+
+        this._logger.log(`Serving outbound API on port ${this._conf.outboundServerPort}`);
+    }
+
+    async stop() {
+        if (this._server) {
+            await new Promise(resolve => this._server.close(resolve));
+            this._server = null;
+        }
+        if (this._api) {
+            await this._api.stop();
+            this._api = null;
+        }
+        this._logger.log('Shut down complete');
+    }
+}
+
+module.exports = OutboundServer;

package/OutboundServer/middlewares.js

@@ -0,0 +1,67 @@
+/**************************************************************************
+ *  (C) Copyright ModusBox Inc. 2019 - All rights reserved.               *
+ *                                                                        *
+ *  This file is made available under the terms of the license agreement  *
+ *  specified in the corresponding source code repository.                *
+ *                                                                        *
+ *  ORIGINAL AUTHOR:                                                      *
+ *       James Bush - james.bush@modusbox.com                             *
+ **************************************************************************/
+
+
+const { ProxyModel } = require('../lib/model');
+const { applyState, createErrorHandler, createLogger, createRequestIdGenerator } =
+    require('../InboundServer/middlewares');
+
+
+/**
+ * Add validation for each inbound request
+ * @param validator
+ * @return {Function}
+ */
+const createRequestValidator = (validator) => async (ctx, next) => {
+    ctx.state.logger.log('Validating request');
+    try {
+        ctx.state.path = validator.validateRequest(ctx, ctx.state.logger);
+        ctx.state.logger.log('Request passed validation');
+        await next();
+    } catch (err) {
+        ctx.state.logger.push({ err }).log('Request failed validation.');
+        ctx.response.status = 400;
+        ctx.response.body = {
+            message: `${err.dataPath ? err.dataPath + ' ' : ''}${err.message}`,
+            statusCode: 400
+        };
+    }
+};
+
+/**
+ * Create proxy middleware for forwarding matching DFSP requests
+ * (from provided routing rules) to corresponding switch endpoint
+ * @param opts
+ * @return {Function}
+ */
+const createProxy = (opts) => {
+    const proxy = new ProxyModel(opts);
+    return async (ctx, next) => {
+        const response = await proxy.proxyRequest(ctx.request);
+        if (response === undefined) {
+            // Skip proxying request
+            await next();
+        } else {
+            // return the result
+            ctx.response.status = response.statusCode;
+            ctx.response.body = response.data;
+            ctx.set(response.headers);
+        }
+    };
+};
+
+module.exports = {
+    applyState,
+    createRequestIdGenerator,
+    createErrorHandler,
+    createLogger,
+    createRequestValidator,
+    createProxy,
+};

package/TestServer/api.yaml

@@ -0,0 +1,62 @@
+openapi: 3.0.0
+info:
+  version: '1.1'
+  title: Open API for FSP Interoperability (FSPIOP)
+  description: >-
+    Based on API Definition.docx updated on 2018-03-13 Version 1.0. Note - The
+    API supports a maximum size of 65536 bytes (64 Kilobytes) in the HTTP
+    header.
+  license:
+    name: Open API for FSP Interoperability (FSPIOP)
+paths:
+  '/':
+    get:
+      description: Health check
+      summary: healthCheck
+      tags:
+        - test
+      operationId: healthCheck
+      responses:
+        '204':
+          description: Response
+          content: null
+  '/requests/{ID}':
+    get:
+      description: Test support method. Allows the caller to see the body of a previous request
+      summary: getRequestsById
+      tags:
+        - test
+      operationId: getRequestsById
+      parameters:
+        - $ref: '#/components/parameters/ID'
+      responses:
+        '200':
+          description: Response
+          content:
+            application/json:
+              schema:
+                type: object
+  '/callbacks/{ID}':
+    get:
+      description: Test support method. Allows the caller to see the body of a previous callback
+      summary: getRequestsById
+      tags:
+        - test
+      operationId: getCallbackById
+      parameters:
+        - $ref: '#/components/parameters/ID'
+      responses:
+        '200':
+          description: Response
+          content:
+            application/json:
+              schema:
+                type: object
+components:
+  parameters:
+    ID:
+      name: ID
+      in: path
+      required: true
+      schema:
+        type: string

package/TestServer/handlers.js

@@ -0,0 +1,63 @@
+/**************************************************************************
+ *  (C) Copyright ModusBox Inc. 2019 - All rights reserved.               *
+ *                                                                        *
+ *  This file is made available under the terms of the license agreement  *
+ *  specified in the corresponding source code repository.                *
+ *                                                                        *
+ *  ORIGINAL AUTHOR:                                                      *
+ *       James Bush - james.bush@modusbox.com                             *
+ **************************************************************************/
+
+'use strict';
+
+const healthCheck = async(ctx) => {
+    ctx.response.status = 204;
+    ctx.response.body = '';
+};
+
+
+/**
+ * Handles a GET /requests/{ID} request. This is a test support method that allows the caller
+ * to see the body of a previous incoming request.
+ */
+const getRequestById = async(ctx) => {
+    try {
+        const req = await ctx.state.cache.get(`request_${ctx.state.path.params.ID}`);
+        ctx.response.status = 200;
+        ctx.response.body = req;
+    }
+    catch(err) {
+        ctx.status = 500;
+        ctx.response.body = err;
+    }
+};
+
+
+/**
+ * Handles a GET /callbacks/{ID} request. This is a test support method that allows the caller
+ * to see the body of a previous incoming callback.
+ */
+const getCallbackById = async(ctx) => {
+    try {
+        const req = await ctx.state.cache.get(`callback_${ctx.state.path.params.ID}`);
+        ctx.response.status = 200;
+        ctx.response.body = req;
+    }
+    catch(err) {
+        ctx.status = 500;
+        ctx.response.body = err;
+    }
+};
+
+
+module.exports = {
+    '/': {
+        get: healthCheck
+    },
+    '/requests/{ID}': {
+        get: getRequestById
+    },
+    '/callbacks/{ID}': {
+        get: getCallbackById
+    },
+};

package/TestServer/index.js

@@ -0,0 +1,215 @@
+/**************************************************************************
+ *  (C) Copyright ModusBox Inc. 2019 - All rights reserved.               *
+ *                                                                        *
+ *  This file is made available under the terms of the license agreement  *
+ *  specified in the corresponding source code repository.                *
+ *                                                                        *
+ *  ORIGINAL AUTHOR:                                                      *
+ *       James Bush - james.bush@modusbox.com                             *
+ **************************************************************************/
+
+const Koa = require('koa');
+const ws = require('ws');
+
+const http = require('http');
+const yaml = require('js-yaml');
+const fs = require('fs').promises;
+const path = require('path');
+
+const Validate = require('../lib/validate');
+const router = require('../lib/router');
+const handlers = require('./handlers');
+const middlewares = require('../InboundServer/middlewares');
+
+const getWsIp = (req) => [
+    req.socket.remoteAddress,
+    ...(
+        req.headers['x-forwarded-for']
+            ? req.headers['x-forwarded-for'].split(/\s*,\s*/)
+            : []
+    )
+];
+
+class TestApi {
+    constructor(logger, validator, cache) {
+        this._api = new Koa();
+
+        this._api.use(middlewares.createErrorHandler(logger));
+        this._api.use(middlewares.createRequestIdGenerator());
+        this._api.use(middlewares.applyState({ cache }));
+        this._api.use(middlewares.createLogger(logger));
+
+        this._api.use(middlewares.createRequestValidator(validator));
+        this._api.use(router(handlers));
+        this._api.use(middlewares.createResponseBodyHandler());
+    }
+
+    callback() {
+        return this._api.callback();
+    }
+}
+
+class WsServer extends ws.Server {
+    constructor(logger, cache) {
+        super({ noServer: true });
+        this._wsClients = new Map();
+        this._logger = logger;
+        this._cache = cache;
+
+        this.on('error', err => {
+            this._logger.push({ err })
+                .log('Unhandled websocket error occurred. Shutting down.');
+            process.exit(1);
+        });
+
+        this.on('connection', (socket, req) => {
+            const logger = this._logger.push({
+                url: req.url,
+                ip: getWsIp(req),
+                remoteAddress: req.socket.remoteAddress,
+            });
+            logger.log('Websocket connection received');
+            this._wsClients.set(socket, req);
+            socket.on('close', (code, reason) => {
+                logger.push({ code, reason }).log('Websocket connection closed');
+                this._wsClients.delete(socket);
+            });
+        });
+    }
+
+    async start() {
+        await this._cache.subscribe(this._cache.EVENT_SET, this._handleCacheKeySet.bind(this));
+    }
+
+    // Close the server then wait for all the client sockets to close
+    async stop() {
+        await new Promise(resolve => this.close(resolve));
+        // If we don't wait for all clients to close before shutting down, the socket close
+        // handlers will be called after we return from this function, resulting in behaviour
+        // occurring after the server tells the user it has shutdown.
+        await Promise.all([...this._wsClients.keys()].map(socket =>
+            new Promise(resolve => socket.on('close', resolve))
+        ));
+    }
+
+    // Send the received notification to subscribers where appropriate.
+    async _handleCacheKeySet(channel, key, id) {
+        const logger = this._logger.push({ key });
+        logger.push({ channel, id }).log('Received Redis keyevent notification');
+
+        // Only notify clients of callback and request keyevents, as we don't want to encourage
+        // dependency on unintended behaviour (i.e. create a proxy Redis client by sending all
+        // keyevent notifications to the client). Some of this is implicitly performed later in
+        // this method, but we use the root path `/` to enable clients to subscribe to all events,
+        // so we filter them here.
+        const allowedPrefixes = [this._cache.CALLBACK_PREFIX, this._cache.REQUEST_PREFIX];
+        if (!allowedPrefixes.some((prefix) => key.startsWith(prefix))) {
+            logger.push({ allowedPrefixes })
+                .log('Notification not of allowed message type. Ignored.');
+            return;
+        }
+
+        // Map urls to callback prefixes. For example, as a user of this service, if I want to
+        // subscribe to Redis keyevent notifications with the prefix this._cache.REQUEST_PREFIX (at
+        // the time of writing, that's 'request_') then I'll connect to `ws://this-server/requests`.
+        // The map here defines that mapping, and exists to decouple the interface (the url) from
+        // the implementation (the "callback prefix").
+        const endpoints = {
+            REQUEST: '/requests',
+            CALLBACK: '/callbacks',
+        };
+        const urlToMsgPrefixMap = new Map([
+            [endpoints.REQUEST, this._cache.REQUEST_PREFIX],
+            [endpoints.CALLBACK, this._cache.CALLBACK_PREFIX],
+        ]);
+        let keyData; // declare outside the loop here, then retrieve at most once
+        let keyDataStr;
+        for (let [socket, req] of this._wsClients) {
+            // If
+            // - the url is the catch-all root (i.e. `ws://this-server/`), or
+            // - the url corresponds (via urlToMsgPrefixMap) to the message prefix for this
+            //   message. E.g. if the url is /callbacks and the key is
+            //   `${this._cache.CALLBACK_PREFIX}whatever`, or
+            // - the url matches the key, e.g. we replace the url prefix with the key prefix and
+            //   obtain a match. E.g. the url is /callbacks/hello and the key is callback_hello.
+            // send the message to the client.
+            const prefix = urlToMsgPrefixMap.get(req.url);
+            const urlMatchesPrefix = urlToMsgPrefixMap.has(req.url) && key.startsWith(prefix);
+            const urlMatchesKey =
+                req.url.replace(new RegExp(`^${endpoints.REQUEST}/`), this._cache.REQUEST_PREFIX) === key ||
+                req.url.replace(new RegExp(`^${endpoints.CALLBACK}/`), this._cache.CALLBACK_PREFIX) === key;
+            if (req.url === '/' || urlMatchesPrefix || urlMatchesKey) {
+                if (!keyData || !keyDataStr) {
+                    // Strip off the prefix and send the user the id
+                    const requestId = [...urlToMsgPrefixMap.values()].reduce(
+                        (key, prefix) => key.replace(new RegExp(`^${prefix}`), ''),
+                        key
+                    );
+                    keyData = await this._cache.get(key);
+                    keyDataStr = JSON.stringify({
+                        ...keyData,
+                        id: requestId,
+                    });
+                }
+                this._logger
+                    .push({
+                        url: req.url,
+                        key,
+                        ip: getWsIp(req),
+                        value: keyData,
+                        prefix,
+                    })
+                    .log('Pushing notification to subscribed client');
+                socket.send(keyDataStr);
+            }
+        }
+    }
+}
+
+class TestServer {
+    constructor({ port, logger, cache }) {
+        this._port = port;
+        this._logger = logger;
+        this._validator = new Validate();
+        this._api = new TestApi(this._logger.push({ component: 'api' }), this._validator, cache);
+        this._server = http.createServer(this._api.callback());
+        // TODO: why does this appear to need to be called after creating this._server (try reorder
+        // it then run the tests)
+        this._wsapi = new WsServer(this._logger.push({ component: 'websocket-server' }), cache);
+    }
+
+    async start() {
+        if (this._server.listening) {
+            return;
+        }
+        const fileData = await fs.readFile(path.join(__dirname, 'api.yaml'));
+        await this._validator.initialise(yaml.load(fileData));
+
+        await this._wsapi.start();
+
+        this._server.on('upgrade', (req, socket, head) => {
+            this._wsapi.handleUpgrade(req, socket, head, (ws) =>
+                this._wsapi.emit('connection', ws, req));
+        });
+
+        await new Promise((resolve) => this._server.listen(this._port, resolve));
+
+        this._logger.log(`Serving test API on port ${this._port}`);
+    }
+
+    async stop() {
+        if (this._wsapi) {
+            this._logger.log('Shutting down websocket server');
+            this._wsapi.stop();
+            this._wsapi = null;
+        }
+        if (this._server) {
+            this._logger.log('Shutting down http server');
+            await new Promise(resolve => this._server.close(resolve));
+            this._server = null;
+        }
+        this._logger.log('Test server shutdown complete');
+    }
+}
+
+module.exports = TestServer;