npm - @queue-it/fastly - Versions diffs - 2.0.0 → 2.0.2 - Mend

@queue-it/fastly 2.0.0 → 2.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/LICENSE +21 -0
package/README.md +134 -134
package/package.json +5 -2
package/src/contextProvider.ts +126 -126
package/src/helper.ts +1 -1
package/src/index.ts +3 -3
package/src/integrationConfigProvider.ts +0 -1
package/src/requestResponseHandler.ts +131 -131
package/src/sdk/HttpContextProvider.ts +23 -23
package/src/sdk/IntegrationConfig/CustomerIntegrationDecodingHandler.ts +57 -57
package/src/sdk/IntegrationConfig/IntegrationConfigHelpers.ts +230 -230
package/src/sdk/IntegrationConfig/IntegrationConfigModel.ts +93 -93
package/src/sdk/KnownUser.ts +393 -393
package/src/sdk/Models.ts +105 -105
package/src/sdk/QueueITHelpers.ts +267 -267
package/src/sdk/UserInQueueService.ts +245 -245
package/src/sdk/UserInQueueStateCookieRepository.ts +188 -188
package/src/sdk/helpers/Uri.ts +4 -4
package/src/sdk/helpers/crypto.ts +338 -338

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2021 Queue-it
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md CHANGED Viewed

@@ -1,134 +1,134 @@
-# KnownUser.V3.Fastly
-The Queue-it Security Framework ensures that end-users are not able to access your online application without first
-going through the queue for any and all �protected� areas and paths on your sites. The queue system is implemented by
-adding a server-side (request-level) integration that protects your online application by redirecting users to a waiting
-room according to web traffic settings in the Queue-it GO Platform. After the integration is complete, queue system
-behavior and operations are managed in Queue-it�s Go Platform and/or via the Queue-it Admin API.
-This Fastly Queue-it Connector SDK (aka, Queue-it�s server-side KnownUser connector) uses a Compute@Edge service to
-integrate Queue-it's functionality into Fastly's network.
-A Wasm service is required to utilize this connector.
-> You can find the latest released version [here](https://github.com/queueit/KnownUser.V3.Fastly/releases/latest).
-## Introduction
-When a user makes a request to your Fastly service our connector validates the request and if it is needed, it will
-redirect the user to the waiting room. After waiting in the waiting room, the queue engine will redirect the user back
-to your end attaching a query string parameter ( `queueittoken` ) containing some information about the user to the URL.
-The most important fields of the `queueittoken` are:
-- q - The user's unique queue identifier
-- ts - A timestamp of how long this redirect is valid
-- h - A hash of the token
-After the user returns from the queue, the connector will let the user continue his request to your backend ( without
-redirecting to the queue since the request has a valid queueittoken as query string) .
-## Installation
-There are two methods of installation:
-### As a standalone service
-- Go to the Fastly services page and create a new **Wasm** service.
-- Go to Domains and fill in the domain that you want your service to be reachable at. You may need to register a CNAME
-  record if you have your own domain.
-- Then click on *Origins* and add a new host that has the hostname of your origin server.
-  You need to edit the Host and name it **origin**.
-- Create a second host that has the hostname of `{yourCustomerId}.queue-it.net` and name it **queue-it**.
-  Edit the host, go to advanced options and fill in the same hostname in **Override host**
-- Go to **Resources -> Config stores** and create a new config store named `IntegrationConfiguration`.
-  - Add the following items in the config store (you can find these values in the Go Queue-It self-service platform):
-    - customerId: Your customer ID
-    - apiKey: The API key for your account
-    - secret: Your KnownUserV3 secret
-    - queueItOrigin: The name of the queue-it host, in this case it's `queue-it`
-  - Go to **Linked Services** and click on `Link Service`
-    - Select your service and click `Next`
-    - Click `Link and activate` to link the `Config store` to your service. It should generate a new version
-  - You can verify that the `Config store` has been linked by going to your service and see it in the section `Config stores`
-- Download the latest package from the releases page and unarchive it.
-- Edit the `fastly.toml` file and copy the ID of your service (you can see this by opening up the service in Fastly) and
-  replace __{YourServiceId}__ with it.
-- Archive the directory in the same format (tar.gz).
-- Go to `Package` in the Fastly service page and upload the package.
-- To finish up and deploy your service click on the **Activate** button.
-### Customizable service with the connector
-- Go to the Fastly services page and create a new **Wasm** service and copy it's ID.
-- Clone this repository and edit the fastly.toml file, make sure to set the `service_id` field to the ID you copied.
-- Then click on *Origins* and add a new host that has the hostname of your origin server.
-  You can name the host **origin** or whatever you choose.
-- Create a host that has the hostname of `{yourCustomerId}.queue-it.net` and name it **queue-it**.
-  Edit the host, go to advanced options and fill in the same hostname in **Override host**
-- Go to **Resources -> Config stores** and create a new config store named `IntegrationConfiguration`.
-  - Add the following items in the config store (you can find these values in the Go Queue-It self-service platform):
-    - customerId: Your customer ID
-    - apiKey: The API key for your account
-    - secret: Your KnownUserV3 secret
-    - queueItOrigin: The name of the queue-it host, in this case it's `queue-it`
-  - Go to **Linked Services** and click on `Link Service`
-    - Select your service and click `Next`
-    - Click `Link and activate` to link the `Config store` to your service. It should generate a new version
-  - You can verify that the `Config store` has been linked by going to your service and see it in the section `Config stores`
-- You need to add some code that uses this connector. Here is an example:
-```ts
-import {Fastly} from "@fastly/as-compute";
-import {onQueueITRequest, IntegrationDetails, onQueueITResponse} from "@queue-it/fastly";
-const req = Fastly.getClientRequest();
-// This is optional and can be null if it's specified in your Config Store
-const integrationDetails = new IntegrationDetails(
-        "QueueItOriginName",
-        "CustomerId",
-        "SecretKey",
-        "ApiKey");
-let res = onQueueITRequest(req, integrationDetails);
-if (res != null) {
-    Fastly.respondWith(res!);
-} else {
-    const myOrigin = 'Ticketania';
-    const cacheOverride = new Fastly.CacheOverride();
-    const res = Fastly.fetch(req, {
-        backend: myOrigin,
-        cacheOverride,
-    }).wait();
-    onQueueITResponse(res);
-    Fastly.respondWith(res);
-}
-```
-- Build and deploy the package running `fastly compute build` and `fastly compute deploy` in the same directory.
-- Create desired waiting room(s), triggers, and actions in the Go Queue-It self-service platform.
-  Then, save/publish the configuration.
-## Providing the queue configuration
-The recommended way is to use the Go Queue-it self-service portal to setup the configuration. The configuration
-specifies a set of Triggers and Actions. A Trigger is an expression matching one, more or all URLs on your website. When
-a user enter your website and the URL matches a Trigger-expression the corresponding Action will be triggered. The
-Action specifies which waiting room the users should be send to. In this way you can specify which waiting room(s)
-should protect which page(s) on the fly without changing the server-side integration.
-## Protecting AJAX calls
-If you need to protect AJAX calls beside page loads you need to add the below JavaScript tags to your pages:
-```html
-<script type="text/javascript" src="//static.queue-it.net/script/queueclient.min.js"></script>
-<script
-        data-queueit-intercept-domain="{YOUR_CURRENT_DOMAIN}"
-        data-queueit-intercept="true"
-        data-queueit-c="{YOUR_CUSTOMER_ID}"
-        type="text/javascript"
-        src="//static.queue-it.net/script/queueconfigloader.min.js">
-</script>
-```
+# KnownUser.V3.Fastly
+The Queue-it Security Framework ensures that end-users are not able to access your online application without first
+going through the queue for any and all `protected` areas and paths on your sites. The queue system is implemented by
+adding a server-side (request-level) integration that protects your online application by redirecting users to a waiting
+room according to web traffic settings in the Queue-it GO Platform. After the integration is complete, queue system
+behavior and operations are managed in Queue-it's Go Platform and/or via the Queue-it Admin API.
+This Fastly Queue-it Connector SDK (aka, Queue-it's server-side KnownUser connector) uses a Compute@Edge service to
+integrate Queue-it's functionality into Fastly's network.
+A Wasm service is required to utilize this connector.
+> You can find the latest released version [here](https://github.com/queueit/KnownUser.V3.Fastly/releases/latest).
+## Introduction
+When a user makes a request to your Fastly service our connector validates the request and if it is needed, it will
+redirect the user to the waiting room. After waiting in the waiting room, the queue engine will redirect the user back
+to your end attaching a query string parameter ( `queueittoken` ) containing some information about the user to the URL.
+The most important fields of the `queueittoken` are:
+- q - The user's unique queue identifier
+- ts - A timestamp of how long this redirect is valid
+- h - A hash of the token
+After the user returns from the queue, the connector will let the user continue his request to your backend ( without
+redirecting to the queue since the request has a valid queueittoken as query string) .
+## Installation
+There are two methods of installation:
+### As a standalone service
+- Go to the Fastly services page and create a new **Wasm** service.
+- Go to Domains and fill in the domain that you want your service to be reachable at. You may need to register a CNAME
+  record if you have your own domain.
+- Then click on *Origins* and add a new host that has the hostname of your origin server.
+  You need to edit the Host and name it **origin**.
+- Create a second host that has the hostname of `{yourCustomerId}.queue-it.net` and name it **queue-it**.
+  Edit the host, go to advanced options and fill in the same hostname in **Override host**
+- Go to **Resources -> Config stores** and create a new config store named `IntegrationConfiguration`.
+  - Add the following items in the config store (you can find these values in the Go Queue-It self-service platform):
+    - customerId: Your customer ID
+    - apiKey: The API key for your account
+    - secret: Your KnownUserV3 secret
+    - queueItOrigin: The name of the queue-it host, in this case it's `queue-it`
+  - Go to **Linked Services** and click on `Link Service`
+    - Select your service and click `Next`
+    - Click `Link and activate` to link the `Config store` to your service. It should generate a new version
+  - You can verify that the `Config store` has been linked by going to your service and see it in the section `Config stores`
+- Download the latest package from the releases page and unarchive it.
+- Edit the `fastly.toml` file and copy the ID of your service (you can see this by opening up the service in Fastly) and
+  replace **{YourServiceId}** with it.
+- Archive the directory in the same format (tar.gz).
+- Go to `Package` in the Fastly service page and upload the package.
+- To finish up and deploy your service click on the **Activate** button.
+### Customizable service with the connector
+- Go to the Fastly services page and create a new **Wasm** service and copy it's ID.
+- Clone this repository and edit the fastly.toml file, make sure to set the `service_id` field to the ID you copied.
+- Then click on *Origins* and add a new host that has the hostname of your origin server.
+  You can name the host **origin** or whatever you choose.
+- Create a host that has the hostname of `{yourCustomerId}.queue-it.net` and name it **queue-it**.
+  Edit the host, go to advanced options and fill in the same hostname in **Override host**
+- Go to **Resources -> Config stores** and create a new config store named `IntegrationConfiguration`.
+  - Add the following items in the config store (you can find these values in the Go Queue-It self-service platform):
+    - customerId: Your customer ID
+    - apiKey: The API key for your account
+    - secret: Your KnownUserV3 secret
+    - queueItOrigin: The name of the queue-it host, in this case it's `queue-it`
+  - Go to **Linked Services** and click on `Link Service`
+    - Select your service and click `Next`
+    - Click `Link and activate` to link the `Config store` to your service. It should generate a new version
+  - You can verify that the `Config store` has been linked by going to your service and see it in the section `Config stores`
+- You need to add some code that uses this connector. Here is an example:
+```ts
+import {Fastly} from "@fastly/as-compute";
+import {onQueueITRequest, IntegrationDetails, onQueueITResponse} from "@queue-it/fastly";
+const req = Fastly.getClientRequest();
+// This is optional and can be null if it's specified in your Config Store
+const integrationDetails = new IntegrationDetails(
+        "QueueItOriginName",
+        "CustomerId",
+        "SecretKey",
+        "ApiKey");
+let res = onQueueITRequest(req, integrationDetails);
+if (res != null) {
+    Fastly.respondWith(res!);
+} else {
+    const myOrigin = 'Ticketania';
+    const cacheOverride = new Fastly.CacheOverride();
+    const res = Fastly.fetch(req, {
+        backend: myOrigin,
+        cacheOverride,
+    }).wait();
+    onQueueITResponse(res);
+    Fastly.respondWith(res);
+}
+```
+- Build and deploy the package running `fastly compute build` and `fastly compute deploy` in the same directory.
+- Create desired waiting room(s), triggers, and actions in the Go Queue-It self-service platform.
+  Then, save/publish the configuration.
+## Providing the queue configuration
+The recommended way is to use the Go Queue-it self-service portal to setup the configuration. The configuration
+specifies a set of Triggers and Actions. A Trigger is an expression matching one, more or all URLs on your website. When
+a user enter your website and the URL matches a Trigger-expression the corresponding Action will be triggered. The
+Action specifies which waiting room the users should be send to. In this way you can specify which waiting room(s)
+should protect which page(s) on the fly without changing the server-side integration.
+## Protecting AJAX calls
+If you need to protect AJAX calls beside page loads you need to add the below JavaScript tags to your pages:
+```html
+<script type="text/javascript" src="//static.queue-it.net/script/queueclient.min.js"></script>
+<script
+        data-queueit-intercept-domain="{YOUR_CURRENT_DOMAIN}"
+        data-queueit-intercept="true"
+        data-queueit-c="{YOUR_CUSTOMER_ID}"
+        type="text/javascript"
+        src="//static.queue-it.net/script/queueconfigloader.min.js">
+</script>
+```

package/package.json CHANGED Viewed

@@ -1,10 +1,13 @@
 {
   "name": "@queue-it/fastly",
-  "version": "2.0.0",
+  "version": "2.0.2",
   "description": "Queue-it connector for Fastly",
   "main": "src/index.ts",
   "author": "devs@queue-it.com",
-  "repository": "https://github.com/queueit/KnownUser.V3.Fastly",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/queueit/KnownUser.V3.Fastly.git"
+  },
   "license": "MIT",
   "files": [
     "package.json",

package/src/contextProvider.ts CHANGED Viewed

@@ -1,126 +1,126 @@
-import {IHttpContextProvider, IHttpRequest, IHttpResponse} from "./sdk/HttpContextProvider";
-import {decodeURIComponent, encodeURIComponent} from "./sdk/helpers/Uri";
-export function getHttpHandler(req: Request): FastlyHttpContextProvider {
-    return new FastlyHttpContextProvider(req);
-}
-export class FastlyHttpContextProvider implements IHttpContextProvider {
-    isError: boolean = false;
-    private readonly req: FastlyHttpRequest;
-    private readonly res: FastlyHttpResponse;
-    constructor(fReq: Request) {
-        this.req = new FastlyHttpRequest(fReq);
-        this.res = new FastlyHttpResponse();
-    }
-    getHttpRequest(): IHttpRequest {
-        return this.req;
-    }
-    getHttpResponse(): IHttpResponse {
-        return this.res;
-    }
-}
-export class FastlyHttpRequest implements IHttpRequest {
-    private parsedCookieDic: Map<string, string>
-    private bodyFetched: boolean = false;
-    private body: string = '';
-    constructor(private baseReq: Request) {
-        this.parsedCookieDic = new Map();
-        this.bodyFetched = false;
-    }
-    private parseCookies(cookieValue: string): void {
-        const cookies = cookieValue.split(';');
-        for (let i = 0; i < cookies.length; i++) {
-            let cookieKV = cookies[i].split('=', 2);
-            if (cookieKV.length >= 2) {
-                this.parsedCookieDic.set(cookieKV[0].trim(), cookieKV[1].trim())
-            }
-        }
-    }
-    private handleBody(): void {
-        if (this.baseReq.bodyUsed || this.bodyFetched) {
-            return;
-        }
-        this.bodyFetched = true;
-        const rawBody: ArrayBuffer | null = null; // this.context.req.arrayBuffer();
-        if (rawBody == null) {
-            return;
-        }
-        if (rawBody!.byteLength == 0) {
-            return;
-        }
-        this.body = ''; // this.context.req.text()
-    }
-    getAbsoluteUri(): string {
-        return this.baseReq.url;
-    }
-    getCookieValue(cookieKey: string): string {
-        if (this.parsedCookieDic.size == 0) {
-            this.parseCookies(this.getHeader('cookie'))
-        }
-        if (!this.parsedCookieDic.has(cookieKey)) return '';
-        const cookieVal = this.parsedCookieDic.get(cookieKey)!;
-        try {
-            return decodeURIComponent(cookieVal);
-        } catch {
-            return cookieVal;
-        }
-    }
-    getHeader(name: string): string {
-        if (name.length == 0) return "";
-        if (!this.baseReq.headers.has(name)) {
-            return '';
-        }
-        const value = this.baseReq.headers.get(name);
-        if (value == null) return '';
-        return value!;
-    }
-    getRequestBodyAsString(): string {
-        if (!this.bodyFetched) {
-            this.handleBody();
-        }
-        return this.body;
-    }
-    getUserAgent(): string {
-        return this.baseReq.headers.has('user-agent') ? this.baseReq.headers.get('user-agent')! : '';
-    }
-    getUserHostAddress(): string {
-        return this.baseReq.headers.get('Fastly-Client-IP') ?? '';
-    }
-}
-export class FastlyHttpResponse implements IHttpResponse {
-    private readonly headers: Headers;
-    constructor() {
-        this.headers = new Headers();
-    }
-    setCookie(cookieName: string, cookieValue: string, domain: string, expiration: number): void {
-        const expirationDate = new Date(expiration * 1000);
-        let setCookieString = cookieName + "=" + encodeURIComponent(cookieValue) + "; expires=" + expirationDate.toUTCString() + ";";
-        if (domain != "") {
-            setCookieString += " domain=" + domain + ";";
-        }
-        setCookieString += " path=/;";
-        this.headers.set('set-cookie', setCookieString);
-    }
-    getHeaders(): Headers {
-        return this.headers;
-    }
-}
+import {IHttpContextProvider, IHttpRequest, IHttpResponse} from "./sdk/HttpContextProvider";
+import {decodeURIComponent, encodeURIComponent} from "./sdk/helpers/Uri";
+export function getHttpHandler(req: Request): FastlyHttpContextProvider {
+    return new FastlyHttpContextProvider(req);
+}
+export class FastlyHttpContextProvider implements IHttpContextProvider {
+    isError: boolean = false;
+    private readonly req: FastlyHttpRequest;
+    private readonly res: FastlyHttpResponse;
+    constructor(fReq: Request) {
+        this.req = new FastlyHttpRequest(fReq);
+        this.res = new FastlyHttpResponse();
+    }
+    getHttpRequest(): IHttpRequest {
+        return this.req;
+    }
+    getHttpResponse(): IHttpResponse {
+        return this.res;
+    }
+}
+export class FastlyHttpRequest implements IHttpRequest {
+    private parsedCookieDic: Map<string, string>
+    private bodyFetched: boolean = false;
+    private body: string = '';
+    constructor(private baseReq: Request) {
+        this.parsedCookieDic = new Map();
+        this.bodyFetched = false;
+    }
+    private parseCookies(cookieValue: string): void {
+        const cookies = cookieValue.split(';');
+        for (let i = 0; i < cookies.length; i++) {
+            let cookieKV = cookies[i].split('=', 2);
+            if (cookieKV.length >= 2) {
+                this.parsedCookieDic.set(cookieKV[0].trim(), cookieKV[1].trim())
+            }
+        }
+    }
+    private handleBody(): void {
+        if (this.baseReq.bodyUsed || this.bodyFetched) {
+            return;
+        }
+        this.bodyFetched = true;
+        const rawBody: ArrayBuffer | null = null; // this.context.req.arrayBuffer();
+        if (rawBody == null) {
+            return;
+        }
+        if (rawBody!.byteLength == 0) {
+            return;
+        }
+        this.body = ''; // this.context.req.text()
+    }
+    getAbsoluteUri(): string {
+        return this.baseReq.url;
+    }
+    getCookieValue(cookieKey: string): string {
+        if (this.parsedCookieDic.size == 0) {
+            this.parseCookies(this.getHeader('cookie'))
+        }
+        if (!this.parsedCookieDic.has(cookieKey)) return '';
+        const cookieVal = this.parsedCookieDic.get(cookieKey)!;
+        try {
+            return decodeURIComponent(cookieVal);
+        } catch {
+            return cookieVal;
+        }
+    }
+    getHeader(name: string): string {
+        if (name.length == 0) return "";
+        if (!this.baseReq.headers.has(name)) {
+            return '';
+        }
+        const value = this.baseReq.headers.get(name);
+        if (value == null) return '';
+        return value!;
+    }
+    getRequestBodyAsString(): string {
+        if (!this.bodyFetched) {
+            this.handleBody();
+        }
+        return this.body;
+    }
+    getUserAgent(): string {
+        return this.baseReq.headers.has('user-agent') ? this.baseReq.headers.get('user-agent')! : '';
+    }
+    getUserHostAddress(): string {
+        return this.baseReq.headers.get('Fastly-Client-IP') ?? '';
+    }
+}
+export class FastlyHttpResponse implements IHttpResponse {
+    private readonly headers: Headers;
+    constructor() {
+        this.headers = new Headers();
+    }
+    setCookie(cookieName: string, cookieValue: string, domain: string, expiration: number): void {
+        const expirationDate = new Date(expiration * 1000);
+        let setCookieString = cookieName + "=" + encodeURIComponent(cookieValue) + "; expires=" + expirationDate.toUTCString() + ";";
+        if (domain != "") {
+            setCookieString += " domain=" + domain + ";";
+        }
+        setCookieString += " path=/;";
+        this.headers.set('set-cookie', setCookieString);
+    }
+    getHeaders(): Headers {
+        return this.headers;
+    }
+}

package/src/helper.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { Utils } from "./sdk/QueueITHelpers";
 import { hmacString } from "./sdk/helpers/crypto";
 export class QueueITHelper {
-  static readonly KUP_VERSION: string = "fastly-2.0.0";
+  static readonly KUP_VERSION: string = "fastly-2.0.2";
   static configureKnownUserHashing(): void {
     Utils.generateSHA256Hash = hmacString;

package/src/index.ts CHANGED Viewed

@@ -1,3 +1,3 @@
-export {IntegrationDetails, IntegrationEndpointProvider, IntegrationEndpointCacheConfig, resolveIntegrationDetails} from "./integrationConfigProvider"
-export {onQueueITRequest, onQueueITResponse} from "./requestResponseHandler";
-export {RequestLogger} from "./helper";
+export {IntegrationDetails, IntegrationEndpointProvider, IntegrationEndpointCacheConfig, resolveIntegrationDetails} from "./integrationConfigProvider"
+export {onQueueITRequest, onQueueITResponse} from "./requestResponseHandler";
+export {RequestLogger} from "./helper";

package/src/integrationConfigProvider.ts CHANGED Viewed

@@ -1,4 +1,3 @@
-import { ConfigStore } from "fastly:config-store";
 import { RequestLogger } from "./helper";
 export async function getIntegrationConfig(