@reldens/server-utils 0.42.0 → 0.44.0

package/lib/app-server-factory/security-configurer.js

@@ -6,6 +6,7 @@
 
 const helmet = require('helmet');
 const sanitizeHtml = require('sanitize-html');
+const { EventDispatcher } = require('../event-dispatcher');
 
 class SecurityConfigurer
 {
@@ -18,15 +19,24 @@ class SecurityConfigurer
         this.helmetConfig = false;
         this.helmetOptions = {};
         this.sanitizeOptions = {allowedTags: [], allowedAttributes: {}};
+        this.onEvent = null;
     }
 
     setupHelmet(app, config)
     {
         this.useHelmet = config.useHelmet !== false;
+        this.onEvent = config.onEvent || null;
         if(!this.useHelmet){
             return;
         }
         app.use(helmet(this.mapHelmetOptions(config)));
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'helmet-configured',
+            'securityConfigurer',
+            this,
+            {useHelmet: this.useHelmet, isDevelopmentMode: this.isDevelopmentMode}
+        );
     }
 
     mapHelmetOptions(config)
@@ -131,6 +141,7 @@ class SecurityConfigurer
     {
         this.useXssProtection = config.useXssProtection !== false;
         this.sanitizeOptions = config.sanitizeOptions || this.sanitizeOptions;
+        this.onEvent = config.onEvent || null;
         if(!this.useXssProtection){
             return;
         }
@@ -143,6 +154,13 @@ class SecurityConfigurer
             }
             next();
         });
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'xss-protection-enabled',
+            'securityConfigurer',
+            this,
+            {useXssProtection: this.useXssProtection}
+        );
     }
 
     sanitizeRequestBody(body)

package/lib/app-server-factory.js

@@ -9,6 +9,9 @@ const { Http2CdnServer } = require('./http2-cdn-server');
 const { ServerDefaultConfigurations } = require('./server-default-configurations');
 const { ServerFactoryUtils } = require('./server-factory-utils');
 const { ServerHeaders } = require('./server-headers');
+const { ServerErrorHandler } = require('./server-error-handler');
+const { RequestLogger } = require('./request-logger');
+const { EventDispatcher } = require('./event-dispatcher');
 const { DevelopmentModeDetector } = require('./app-server-factory/development-mode-detector');
 const { ProtocolEnforcer } = require('./app-server-factory/protocol-enforcer');
 const { SecurityConfigurer } = require('./app-server-factory/security-configurer');
@@ -115,6 +118,10 @@ class AppServerFactory
         this.http2CdnServer = false;
         this.reverseProxyEnabled = false;
         this.reverseProxyRules = [];
+        this.onError = null;
+        this.onRequestSuccess = null;
+        this.onRequestError = null;
+        this.onEvent = null;
     }
 
     buildStaticHeaders(res, path)
@@ -146,6 +153,7 @@ class AppServerFactory
         this.setupCors();
         this.setupRateLimiting();
         this.setupRequestParsing();
+        this.setupRequestLogging();
         this.setupTrustedProxy();
         try {
             this.appServer = this.createServer();
@@ -159,6 +167,13 @@ class AppServerFactory
             }
             return false;
         }
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'app-server-created',
+            'appServerFactory',
+            this,
+            {port: this.port, useHttps: this.useHttps, isDevelopmentMode: this.isDevelopmentMode}
+        );
         if(this.http2CdnEnabled){
             if(!this.createHttp2CdnServer()){
                 this.error = {message: 'The createHttp2CdnServer() returned false.'};
@@ -188,6 +203,10 @@ class AppServerFactory
         }
         this.http2CdnServer.corsOrigins = this.http2CdnCorsOrigins;
         this.http2CdnServer.corsAllowAll = this.http2CdnCorsAllowAll;
+        this.http2CdnServer.onError = this.onError;
+        this.http2CdnServer.onRequestSuccess = this.onRequestSuccess;
+        this.http2CdnServer.onRequestError = this.onRequestError;
+        this.http2CdnServer.onEvent = this.onEvent;
         if(!this.http2CdnServer.create()){
             this.error = this.http2CdnServer.error;
             return false;
@@ -196,6 +215,13 @@ class AppServerFactory
             this.error = this.http2CdnServer.error;
             return false;
         }
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'http2-cdn-created',
+            'appServerFactory',
+            this,
+            {port: this.http2CdnPort}
+        );
         return true;
     }
 
@@ -223,7 +249,8 @@ class AppServerFactory
     {
         let detectConfig = {
             developmentDomains: this.developmentDomains,
-            domains: this.domains
+            domains: this.domains,
+            onEvent: this.onEvent
         };
         if(0 < this.developmentPatterns.length){
             detectConfig['developmentPatterns'] = this.developmentPatterns;
@@ -257,7 +284,8 @@ class AppServerFactory
         this.protocolEnforcer.setup(this.app, {
             isDevelopmentMode: this.isDevelopmentMode,
             useHttps: this.useHttps,
-            enforceProtocol: this.enforceProtocol
+            enforceProtocol: this.enforceProtocol,
+            onEvent: this.onEvent
         });
     }
 
@@ -267,11 +295,13 @@ class AppServerFactory
             isDevelopmentMode: this.isDevelopmentMode,
             useHelmet: this.useHelmet,
             helmetConfig: this.helmetConfig,
-            developmentExternalDomains: this.developmentExternalDomains
+            developmentExternalDomains: this.developmentExternalDomains,
+            onEvent: this.onEvent
         });
         this.securityConfigurer.setupXssProtection(this.app, {
             useXssProtection: this.useXssProtection,
-            sanitizeOptions: this.sanitizeOptions
+            sanitizeOptions: this.sanitizeOptions,
+            onEvent: this.onEvent
         });
     }
 
@@ -288,7 +318,8 @@ class AppServerFactory
         let corsConfig = {
             isDevelopmentMode: this.isDevelopmentMode,
             useCors: this.useCors,
-            corsOrigin: this.corsOrigin
+            corsOrigin: this.corsOrigin,
+            onEvent: this.onEvent
         };
         if(0 < this.corsMethods.length){
             corsConfig['corsMethods'] = this.corsMethods;
@@ -318,7 +349,8 @@ class AppServerFactory
             maxRequests: this.maxRequests,
             developmentMultiplier: this.developmentMultiplier,
             applyKeyGenerator: this.applyKeyGenerator,
-            tooManyRequestsMessage: this.tooManyRequestsMessage
+            tooManyRequestsMessage: this.tooManyRequestsMessage,
+            onEvent: this.onEvent
         });
     }
 
@@ -342,6 +374,14 @@ class AppServerFactory
         }
     }
 
+    setupRequestLogging()
+    {
+        if(!this.onRequestSuccess && !this.onRequestError){
+            return;
+        }
+        this.app.use(RequestLogger.createMiddleware(this.onRequestSuccess, this.onRequestError));
+    }
+
     setupReverseProxy()
     {
         if(!this.reverseProxyEnabled || 0 === this.reverseProxyRules.length){
@@ -350,7 +390,9 @@ class AppServerFactory
         this.reverseProxyConfigurer.setup(this.app, {
             reverseProxyRules: this.reverseProxyRules,
             isDevelopmentMode: this.isDevelopmentMode,
-            useVirtualHosts: this.useVirtualHosts
+            useVirtualHosts: this.useVirtualHosts,
+            onError: this.onError,
+            onEvent: this.onEvent
         });
     }
 
@@ -388,6 +430,14 @@ class AppServerFactory
                     return next();
                 }
                 this.error = {message: 'No hostname provided and no default domain configured'};
+                ServerErrorHandler.handleError(
+                    this.onError,
+                    'appServerFactory',
+                    this,
+                    'virtual-host-no-hostname',
+                    this.error,
+                    {request: req, response: res}
+                );
                 return res.status(400).send('Bad Request');
             }
             let domain = this.findDomainConfig(hostname);
@@ -397,6 +447,14 @@ class AppServerFactory
                     return next();
                 }
                 this.error = {message: 'Unknown domain: '+hostname};
+                ServerErrorHandler.handleError(
+                    this.onError,
+                    'appServerFactory',
+                    this,
+                    'virtual-host-unknown-domain',
+                    this.error,
+                    {hostname: hostname, request: req, response: res}
+                );
                 return res.status(404).send('Domain not found');
             }
             req.domain = domain;
@@ -426,7 +484,15 @@ class AppServerFactory
     createServer()
     {
         if(!this.useHttps){
-            return http.createServer(this.app);
+            let httpServer = http.createServer(this.app);
+            EventDispatcher.dispatch(
+                this.onEvent,
+                'http-server-created',
+                'appServerFactory',
+                this,
+                {port: this.port}
+            );
+            return httpServer;
         }
         if(this.useVirtualHosts && 0 < this.domains.length){
             return this.createHttpsServerWithSNI();
@@ -453,7 +519,15 @@ class AppServerFactory
                 credentials.ca = ca;
             }
         }
-        return https.createServer(credentials, this.app);
+        let httpsServer = https.createServer(credentials, this.app);
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'https-server-created',
+            'appServerFactory',
+            this,
+            {port: this.port}
+        );
+        return httpsServer;
     }
 
     createHttpsServerWithSNI()
@@ -471,17 +545,41 @@ class AppServerFactory
             let key = FileHandler.readFile(domain.keyPath, 'Domain Key');
             if(!key){
                 this.error = {message: 'Could not read domain SSL key: '+domain.keyPath};
+                ServerErrorHandler.handleError(
+                    this.onError,
+                    'appServerFactory',
+                    this,
+                    'sni-key-read-failure',
+                    this.error,
+                    {hostname: hostname, domain: domain, keyPath: domain.keyPath}
+                );
                 return callback(null, null);
             }
             let cert = FileHandler.readFile(domain.certPath, 'Domain Cert');
             if(!cert){
                 this.error = {message: 'Could not read domain SSL certificate: '+domain.certPath};
+                ServerErrorHandler.handleError(
+                    this.onError,
+                    'appServerFactory',
+                    this,
+                    'sni-cert-read-failure',
+                    this.error,
+                    {hostname: hostname, domain: domain, certPath: domain.certPath}
+                );
                 return callback(null, null);
             }
             let ctx = tls.createSecureContext({key, cert});
             callback(null, ctx);
         };
-        return https.createServer(httpsOptions, this.app);
+        let sniServer = https.createServer(httpsOptions, this.app);
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'sni-server-created',
+            'appServerFactory',
+            this,
+            {port: this.port, domainsCount: this.domains.length}
+        );
+        return sniServer;
     }
 
     loadDefaultCredentials()
@@ -507,6 +605,13 @@ class AppServerFactory
             return false;
         }
         this.appServer.listen(listenPort);
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'app-server-listening',
+            'appServerFactory',
+            this,
+            {port: listenPort}
+        );
         return true;
     }
 
@@ -568,6 +673,13 @@ class AppServerFactory
             return false;
         }
         this.domains.push(domainConfig);
+        EventDispatcher.dispatch(
+            this.onEvent,
+            'domain-added',
+            'appServerFactory',
+            this,
+            {hostname: domainConfig.hostname}
+        );
         return true;
     }
 

package/lib/cdn-request-handler.js

@@ -0,0 +1,130 @@
+/**
+ *
+ * Reldens - CdnRequestHandler
+ *
+ */
+
+const { FileHandler } = require('./file-handler');
+const { ServerFactoryUtils } = require('./server-factory-utils');
+const { ServerErrorHandler } = require('./server-error-handler');
+
+class CdnRequestHandler
+{
+
+    constructor(cdnServer)
+    {
+        this.cdnServer = cdnServer;
+    }
+
+    handleRequest(requestContext)
+    {
+        let startTime = Date.now();
+        let requestData = {
+            serverType: 'cdn',
+            method: requestContext.method,
+            path: requestContext.path,
+            hostname: requestContext.hostname,
+            statusCode: 200,
+            responseTime: 0,
+            ip: requestContext.ip,
+            userAgent: requestContext.userAgent,
+            timestamp: new Date().toISOString()
+        };
+        try {
+            if(!requestData.path){
+                requestContext.sendResponse(400);
+                return;
+            }
+            let requestOrigin = requestContext.origin || '';
+            let allowedOrigin = ServerFactoryUtils.validateOrigin(
+                requestOrigin,
+                this.cdnServer.corsOrigins,
+                this.cdnServer.corsAllowAll
+            );
+            if('OPTIONS' === requestData.method){
+                this.handleOptionsRequest(requestContext, allowedOrigin);
+                return;
+            }
+            let filePath = this.cdnServer.resolveFilePath(requestData.path);
+            if(!filePath){
+                requestData.statusCode = 404;
+                requestData.responseTime = Date.now()-startTime;
+                requestContext.sendResponse(404);
+                this.cdnServer.invokeRequestError(requestData);
+                return;
+            }
+            let responseHeaders = this.buildResponseHeaders(allowedOrigin, filePath, requestContext.isHttp2);
+            requestContext.onSuccess(() => {
+                requestData.responseTime = Date.now()-startTime;
+                this.cdnServer.invokeRequestSuccess(requestData);
+            });
+            requestContext.onError((err) => {
+                requestData.statusCode = 500;
+                requestData.responseTime = Date.now()-startTime;
+                requestData.error = err;
+                ServerErrorHandler.handleError(
+                    this.cdnServer.onError,
+                    'http2CdnServer',
+                    this.cdnServer,
+                    requestContext.isHttp2 ? 'stream-error' : 'http1-stream-error',
+                    err,
+                    {port: this.cdnServer.port, path: requestData.path}
+                );
+                this.cdnServer.invokeRequestError(requestData);
+            });
+            requestContext.sendFile(filePath, responseHeaders);
+        } catch (err) {
+            requestData.statusCode = 500;
+            requestData.responseTime = Date.now()-startTime;
+            requestData.error = err;
+            ServerErrorHandler.handleError(
+                this.cdnServer.onError,
+                'http2CdnServer',
+                this.cdnServer,
+                requestContext.isHttp2 ? 'handle-stream-error' : 'handle-http1-request-error',
+                err,
+                {port: this.cdnServer.port, path: requestData.path}
+            );
+            this.cdnServer.invokeRequestError(requestData);
+            requestContext.sendResponse(500);
+        }
+    }
+
+    handleOptionsRequest(requestContext, allowedOrigin)
+    {
+        let optionsHeaders = requestContext.isHttp2 ? {':status': 200} : {};
+        if(allowedOrigin){
+            optionsHeaders['access-control-allow-origin'] = allowedOrigin;
+        }
+        optionsHeaders['access-control-allow-methods'] = this.cdnServer.corsMethods;
+        optionsHeaders['access-control-allow-headers'] = this.cdnServer.corsHeaders;
+        requestContext.sendResponse(200, optionsHeaders);
+    }
+
+    buildResponseHeaders(allowedOrigin, filePath, isHttp2)
+    {
+        let ext = FileHandler.extension(filePath);
+        let cacheAge = ServerFactoryUtils.getCacheConfigForPath(filePath, this.cdnServer.cacheConfig);
+        let responseHeaders = isHttp2 ? {':status': 200} : {};
+        let securityKeys = Object.keys(this.cdnServer.securityHeaders);
+        for(let headerKey of securityKeys){
+            responseHeaders[headerKey] = this.cdnServer.securityHeaders[headerKey];
+        }
+        if(allowedOrigin){
+            responseHeaders['access-control-allow-origin'] = allowedOrigin;
+        }
+        if(this.cdnServer.varyHeader){
+            responseHeaders['vary'] = this.cdnServer.varyHeader;
+        }
+        if(cacheAge){
+            responseHeaders['cache-control'] = 'public, max-age='+cacheAge+', immutable';
+        }
+        if(this.cdnServer.mimeTypes[ext]){
+            responseHeaders['content-type'] = this.cdnServer.mimeTypes[ext];
+        }
+        return responseHeaders;
+    }
+
+}
+
+module.exports.CdnRequestHandler = CdnRequestHandler;

package/lib/event-dispatcher.js

@@ -0,0 +1,26 @@
+/**
+ *
+ * Reldens - EventDispatcher
+ *
+ */
+
+class EventDispatcher
+{
+
+    static dispatch(onEventCallback, eventType, instanceName, instance, data = {})
+    {
+        if('function' !== typeof onEventCallback){
+            return;
+        }
+        onEventCallback({
+            eventType: eventType,
+            instanceName: instanceName,
+            instance: instance,
+            data: data,
+            timestamp: new Date().toISOString()
+        });
+    }
+
+}
+
+module.exports.EventDispatcher = EventDispatcher;

package/lib/file-handler.js

@@ -765,6 +765,19 @@ class FileHandler
         return this.writeFile(filePath, content.replace(searchValue, replaceValue));
     }
 
+    createReadStream(filePath, options)
+    {
+        if(!this.isValidPath(filePath)){
+            this.error = {message: 'Invalid file path.', filePath};
+            return false;
+        }
+        if(!this.isFile(filePath)){
+            this.error = {message: 'File does not exist or is not a file.', filePath};
+            return false;
+        }
+        return fs.createReadStream(filePath, options);
+    }
+
 }
 
 module.exports.FileHandler = new FileHandler();