npm - @openziti/ziti-sdk-nodejs - Versions diffs - 0.13.0 → 0.13.2 - Mend

@openziti/ziti-sdk-nodejs 0.13.0 → 0.13.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -1,5 +1,7 @@
 <p align="center" width="100%">
 OpenZiti is a free and open source project focused on bringing zero trust to any application.
+     <br>
+The project provides all the pieces required to implement or integrate zero trust into your solutions.
 <br/>
 <br/>
 Please star us.
@@ -7,8 +9,6 @@ Please star us.
 <a href="https://github.com/openziti/ziti/stargazers"><img src="https://img.shields.io/github/stars/openziti/ziti?style=flat" ></a>
 <br/>
      <br>
-The project provides all the pieces required to implement or integrate zero trust into your solutions.
-     <br>
 </p>
 <p align="center" width="100%">
@@ -21,7 +21,7 @@ The project provides all the pieces required to implement or integrate zero trus
     <br>
     <br>
     <b>
-    A NodeJS-based SDK for delivering secure applications over a <a href="https://openziti.io">Ziti Network</a>
+    This repo hosts the OpenZiti SDK for NodeJS, and is designed to help you deliver secure applications over a <a href="https://openziti.io">OpenZiti Network</a>
     <br>
     <br>
     <b>Part of the <a href="https://openziti.io/about">OpenZiti</a> ecosystem</b>
@@ -46,6 +46,9 @@ The project provides all the pieces required to implement or integrate zero trus
 ---
+# Associated Article(s)
+For more context on this SDK, you may be interested in this
+[article concerning how to secure NodeJS applications](https://openziti.io/securing-nodejs-applications)
@@ -64,9 +67,14 @@ Binaries for most Node versions and platforms are provided by default via [@mapb
 # Installing
+NPM
 ``` js
 npm i @openziti/ziti-sdk-nodejs
 ```
+or Yarn
+``` js
+yarn add @openziti/ziti-sdk-nodejs
+```
 Special note on previous package:
@@ -81,6 +89,59 @@ npm install @openziti/ziti-sdk-nodejs --save
 **Note:** the module must be [installed](#installing) before use.
+ESM example (client-side)
+``` js
+import ziti from '@openziti/ziti-sdk-nodejs';
+// Somehow provide path to identity file, e.g. via env var
+const zitiIdentityFile  = process.env.ZITI_IDENTITY_FILE;
+// Authenticate ourselves onto the Ziti network
+await ziti.init( zitiIdentityFile ).catch(( err ) => { /* probably exit */ });
+const on_resp_data = ( obj ) => {
+    console.log(`response is: ${obj.body.toString('utf8')}`);
+};
+// Perform an HTTP GET request to a dark OpenZiti web service
+ziti.httpRequest(
+  'myDarkWebService',            // OpenZiti Service name or HTTP origin part of the URL
+  'GET',
+  '/',                           // path part of the URL including query params
+  ['Accept: application/json' ], // headers
+  undefined,                     // optional on_req cb
+  undefined,                     // optional on_req_data cb
+  on_resp_data                   // optional on_resp_data cb
+);
+```
+ESM example (server-side ExpressJS)
+``` js
+import ziti from '@openziti/ziti-sdk-nodejs';
+import express from 'express';
+let app = ziti.express( express, zitiServiceName );
+app.listen(ignored, function() { ... }
+/**
+That's right.
+With only a single-line code change (the ziti.express call), your web server is now capable
+of being invisible to malicious attackers on the internet, and only accessible to your
+trusted remote users.
+Nothing else in your existing ExpressJS web server code needs to change!
+Existing routing, middleware, etc., all operates the same as it always did...
+but now you enjoy the comfort of knowing that if a connection comes in, it is from
+a trusted identity on the client side.
+No malicious actors can see your dark web server, and thus, no malicious actors can attack it.
+*/
+```
+CJS example (client-side)
 ``` js
 var ziti = require('@openziti/ziti-sdk-nodejs');
@@ -147,6 +208,9 @@ const ziti_write = (conn, data) => {
 # Ziti NodeJS SDK - Setup for Development
+NOTE: You don't need to compile this SDK in order to use it (we publish pre-built binaries for your OS, NodeJS version, and CPU architecture).
+The following information applies only if you are doing development on the SDK itself.
 The following steps should get your NodeJS SDK for Ziti building. The Ziti NodeJS SDK is a native addon for Node JS,
 and is written in C. C development is specific to your operating system and tool chain used. These steps should work
 properly for you but if your OS has variations you may need to adapt these steps accordingly.
@@ -172,11 +236,10 @@ $ npm run build
 Getting Help
 ------------
-Please use these community resources for getting help. We use GitHub [issues](https://github.com/NetFoundry/ziti-sdk-nodejs/issues)
+Please use these community resources for getting help. We use GitHub [issues](https://github.com/openziti/ziti-sdk-nodejs/issues)
 for tracking bugs and feature requests and have limited bandwidth to address them.
-- Read the [docs](https://netfoundry.github.io/ziti-doc/ziti/overview.html)
-- Join our [Developer Community](https://developer.netfoundry.io)
+- Read the [docs](https://openziti.github.io/ziti/overview.html)
 - Participate in discussion on [Discourse](https://openziti.discourse.group/)

package/lib/httpRequest.js CHANGED Viewed

@@ -48,7 +48,7 @@ const on_resp_data = ( obj ) => {
 const httpRequest = ( url, method, path, headers, on_req_cb, on_resp_cb, on_resp_data_cb ) => {
-    console.log('httpRequest entered: ', url, method, headers);
+    console.log(`httpRequest entered: httpOrigin|serviceName: "${url}", method: "${method}", path: "${path}", headers: "${headers}"`);
     let _on_req_cb;
     let _on_resp_cb;

package/lib/init.js CHANGED Viewed

@@ -27,11 +27,8 @@ const init = ( identityPath ) => {
       let rc = ziti.ziti_init( identityPath, ( result ) => {
-        setTimeout( () => {
           return resolve( result );
-        }, 1000);
       });
       if (rc < 0) {

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@openziti/ziti-sdk-nodejs",
   "description": "A NodeJS-based SDK for delivering secure applications over a Ziti Network",
-  "version": "0.13.0",
+  "version": "0.13.2",
   "main": "./lib/ziti",
   "scripts": {
     "build": "npm run build:init; npm run build:c-sdk; npm install --build-from-source --clang=1",

package/src/Ziti_https_request.c CHANGED Viewed

@@ -726,9 +726,9 @@ void on_client(uv_work_t* req, int status) {
 /**
  * Initiate an HTTPS request
  *
- * @param {string}   [0] serviceName | URL
+ * @param {string}   [0] serviceName | url         Ziti service name or HTTP origin
  * @param {string}   [1] method
- * @param {string}   [2] path
+ * @param {string}   [2] path                      path part of the URL including query params
  * @param {string[]} [3] headers;                  Array of strings of the form "name:value"
  * @param {func}     [4] JS on_req  callback;      This is invoked from 'on_client' function above
  * @param {func}     [5] JS on_resp callback;      This is invoked from 'on_resp' function above

package/src/ziti_init.c CHANGED Viewed

@@ -21,6 +21,8 @@ ziti_context ztx = NULL;
 typedef struct {
   napi_async_work work;
   napi_threadsafe_function tsfn;
+  int zitiContextEventStatus;
+  bool on_init_cb_invoked;
 } AddonData;
@@ -129,16 +131,8 @@ static void on_ziti_event(ziti_context _ztx, const ziti_event_t *event) {
           ZITI_NODEJS_LOG(ERROR, "Failed to connect to controller: %s", event->event.ctx.err);
       }
-      // Initiate the call into the JavaScript callback.
-      // The call into JavaScript will not have happened
-      // when this function returns, but it will be queued.
-      nstatus = napi_call_threadsafe_function(
-          addon_data->tsfn,
-          (void*) (long) event->event.ctx.ctrl_status,
-          napi_tsfn_blocking);
-      if (nstatus != napi_ok) {
-        ZITI_NODEJS_LOG(ERROR, "Unable to napi_call_threadsafe_function");
-      }
+      addon_data->zitiContextEventStatus = event->event.ctx.ctrl_status;
       break;
     case ZitiServiceEvent:
@@ -223,6 +217,15 @@ static void on_ziti_event(ziti_context _ztx, const ziti_event_t *event) {
         free(intercept);
       }
+      // Initiate the call into the JavaScript 'on_init' callback, now that we know about all the services
+      ZITI_NODEJS_LOG(DEBUG, "addon_data->on_init_cb_invoked %o", addon_data->on_init_cb_invoked);
+      if (!addon_data->on_init_cb_invoked) {
+        nstatus = napi_call_threadsafe_function(
+            addon_data->tsfn,
+            (void*) (long) addon_data->zitiContextEventStatus,
+            napi_tsfn_blocking);
+        addon_data->on_init_cb_invoked = true;
+      }
       break;
@@ -293,7 +296,7 @@ napi_value _ziti_init(napi_env env, const napi_callback_info info) {
   // Obtain ptr to JS callback function
   napi_value js_cb = args[1];
   napi_value work_name;
-  AddonData* addon_data = malloc(sizeof(AddonData));
+  AddonData* addon_data = calloc(1, sizeof(AddonData));
   // Create a string to describe this asynchronous operation.
   status = napi_create_string_utf8(