@sap/async-xsjs 1.0.2

package/lib/xsjs/web/utils/HttpRequestParser.js

@@ -0,0 +1,93 @@
+'use strict';
+
+var util = require('util');
+var qs = require('querystring');
+var cookieParser = require('cookie');
+var CRLF = require('../../constants').WEB.MESSAGES.LINE_BREAK;
+var HeadersParser = require('./HeadersParser');
+
+exports.parse = function(requestString) {
+  var parsedRequest = {};
+
+  parseRequestLine(requestString, parsedRequest);
+  parseHeaders(requestString, parsedRequest);
+  parseCookie(parsedRequest);
+  parseBody(requestString, parsedRequest);
+  parseParamsFromBody(parsedRequest);
+
+  return parsedRequest;
+};
+
+function parseRequestLine(requestString, parsedRequest) {
+  var endOfRequestLine = requestString.indexOf(CRLF);
+  var requestLine = requestString.substring(0, endOfRequestLine);
+  var components = requestLine.split(' ');
+  if (components.length !== 3) {
+    throw new Error(util.format('HTTP request parser: request line should contain 3 components: Method, URI and protocol version. Actual: "%s"', requestLine));
+  }
+  parsedRequest.method = components[0];
+  parsedRequest.originalUrl = components[1];
+  parsedRequest.url = parsedRequest.originalUrl;
+  parsedRequest.path = parsePathFromRequestLine(components[1]);
+  parsedRequest.query = parseQueryParametersFromRequestLine(components[1]);
+  var found = components[2].match(/\d.*/);
+  if (!found) {
+    throw new Error(util.format('HTTP request parser: HTTP version could not be parsed: "%s"', components[2]));
+  }
+  parsedRequest.httpVersion = found[0];
+}
+
+function parsePathFromRequestLine(uri) {
+  var beginOfQueryParameters = uri.indexOf('?');
+  if (beginOfQueryParameters > -1) {
+    return uri.substring(0, beginOfQueryParameters);
+  } else {
+    return uri;
+  }
+}
+
+function parseQueryParametersFromRequestLine(uri) {
+  var beginOfQueryParameters = uri.indexOf('?');
+  if (beginOfQueryParameters < 0) {
+    return {};
+  }
+
+  var queryParamsString = uri.substring(beginOfQueryParameters + 1);
+  return qs.parse(queryParamsString);
+}
+
+function parseHeaders(requestString, parsedRequest) {
+  var headersSection = extractHeadersSection(requestString);
+  parsedRequest.headers = HeadersParser.parse(headersSection);
+}
+
+function extractHeadersSection(requestString) {
+  var endOfRequestLine = requestString.indexOf(CRLF);
+  var startOfHeadersSection = endOfRequestLine + CRLF.length;
+  var endOfHeadersSection = requestString.indexOf(CRLF + CRLF);
+  if (endOfHeadersSection < 0) {
+    throw new Error('HTTP request parser: message is not valid - there should be a blank line after the headers');
+  }
+  return requestString.substring(startOfHeadersSection, endOfHeadersSection);
+}
+
+function parseCookie(parsedRequest) {
+  var requestCookies = parsedRequest.headers.cookie;
+  if (!requestCookies) {
+    parsedRequest.cookies = {};
+    return;
+  }
+  parsedRequest.cookies = cookieParser.parse(requestCookies);
+}
+
+function parseBody(requestString, parsedRequest) {
+  // a check for the mandatory blank line has already taken place
+  var startOfBody = requestString.indexOf(CRLF + CRLF) + CRLF.length + CRLF.length;
+  parsedRequest.body = requestString.substring(startOfBody);
+}
+
+function parseParamsFromBody(parsedRequest) {
+  if (parsedRequest.headers['content-type'] === 'application/x-www-form-urlencoded') {
+    parsedRequest['form-urlencoded'] = qs.parse(parsedRequest.body);
+  }
+}

package/lib/xsjs/web/utils/MultipartParser.js

@@ -0,0 +1,163 @@
+'use strict';
+
+var qs = require('querystring');
+var contentTypeParser = require('content-type');
+var HeadersParser = require('./HeadersParser');
+var WebEntityRequest = require('../WebEntityRequest');
+var WebEntityResponse = require('../WebEntityResponse');
+var CRLF = require('../../constants').WEB.MESSAGES.LINE_BREAK;
+var MESSAGE_TYPE = require('../../constants').WEB.MESSAGE_TYPE;
+
+
+exports.parseFromBuffer = function(inputBuffer, boundary, targetBasicWebEntity, messageType) {
+  var inputString = inputBuffer ? inputBuffer.toString('utf8') : '';
+  exports.parse(inputString, boundary, targetBasicWebEntity, messageType);
+};
+
+exports.parse = function(inputString, boundary, targetBasicWebEntity, messageType, coordinates) {
+  if (!coordinates) {
+    coordinates = [{level: 1}];
+  }
+
+  var state = {
+    currentState : inputString,
+    boundary : '--' + boundary,
+    closingBoundary : '--' + boundary + '--',
+    targetBasicWebEntity : targetBasicWebEntity,
+    messageType : messageType,
+    coordinates : coordinates
+  };
+
+  separateParts(state);
+  handleParts(state);
+};
+
+function separateParts(state) {
+  removeFirstBoundaryAndBefore(state);
+  removeLastBoundaryAndAfter(state);
+  state.currentState = state.currentState.split(CRLF + state.boundary + CRLF);
+}
+
+function removeFirstBoundaryAndBefore(state) {
+  var searchFor = state.boundary + CRLF;
+  var foundAt = state.currentState.indexOf(searchFor);
+  if (foundAt < 0) {
+    throw new Error(buildErrorMessage(state) + ' Could not find encapsulation boundary (' + state.boundary + ') followed by a CRLF in the multipart body');
+  }
+  state.currentState = state.currentState.substring(foundAt + searchFor.length);
+}
+
+function removeLastBoundaryAndAfter(state) {
+  var searchFor = CRLF + state.closingBoundary;
+  var foundAt = state.currentState.indexOf(searchFor);
+  if (foundAt < 0) {
+    throw new Error(buildErrorMessage(state) + ' Could not find closing boundary (' + state.closingBoundary + ') preceded by a CRLF');
+  }
+  state.currentState = state.currentState.substring(0, foundAt);
+}
+
+function handleParts(state) {
+  for (var i = 0; i < state.currentState.length; i++) {
+    handleSinglePart(state, state.currentState[i], i + 1);
+  }
+}
+
+function handleSinglePart(state, strSinglePart, partNumber) {
+  var coordinatesLastElement = state.coordinates[state.coordinates.length - 1];
+  coordinatesLastElement.part = partNumber;
+
+  var parsedHeaders = parseHeaders(state, strSinglePart);
+  var parsedBody = parseBody(strSinglePart);
+  var parsedParameters = parseParameters(state, parsedHeaders, parsedBody);
+
+  if (thereAreNestedEntities(parsedHeaders)) {
+    var containerEntity;
+
+    if (state.messageType === MESSAGE_TYPE.REQUEST) {
+      containerEntity = new WebEntityRequest();
+      containerEntity.parameters._addData(parsedParameters);
+    } else {
+      containerEntity = new WebEntityResponse();
+    }
+
+    containerEntity.headers._addData(parsedHeaders);
+    containerEntity.body = undefined;
+    state.targetBasicWebEntity.entities.push(containerEntity);
+
+    var boundary = extractBoundaryFromString(state, parsedHeaders);
+    var newCoordinates = state.coordinates.slice();
+    newCoordinates.push({ level: coordinatesLastElement.level + 1 });
+    exports.parse(parsedBody, boundary, containerEntity, state.messageType, newCoordinates);
+  } else {
+    if (state.messageType === MESSAGE_TYPE.REQUEST) {
+      state.targetBasicWebEntity.entities.push(WebEntityRequest.create(parsedHeaders, parsedParameters, parsedBody));
+    } else {
+      state.targetBasicWebEntity.entities.push(WebEntityResponse.create(parsedHeaders, parsedBody));
+    }
+  }
+}
+
+function parseHeaders(state, strSinglePart) {
+  var areThereHeaders = strSinglePart.indexOf(CRLF) !== 0;
+  if (areThereHeaders) {
+    var endOfHeadersSection = strSinglePart.indexOf(CRLF + CRLF);
+    if (endOfHeadersSection < 0) {
+      throw new Error(buildErrorMessage(state) + ' There should be a blank line between the headers and the body. Providing a body (empty one is also acceptable) is mandatory');
+    }
+    var headersSection = strSinglePart.substring(0, endOfHeadersSection);
+    return HeadersParser.parse(headersSection);
+  } else {
+    return {};
+  }
+}
+
+function parseBody(strSinglePart) {
+  var areThereHeaders = strSinglePart.indexOf(CRLF) !== 0;
+  if (areThereHeaders) {
+    // here we rely that 'parseHeaders' has checked that there is a blank line between headers and body
+    var startOfBody = strSinglePart.indexOf(CRLF + CRLF) + CRLF.length + CRLF.length;
+    return strSinglePart.substring(startOfBody);
+  } else {
+    return strSinglePart.substring(CRLF.length);
+  }
+}
+
+function parseParameters(state, parsedHeaders, parsedBody) {
+  if (state.messageType === MESSAGE_TYPE.RESPONSE) {
+    return {};
+  }
+  if (parsedHeaders['content-type'] === 'application/x-www-form-urlencoded') {
+    return qs.parse(parsedBody);
+  } else {
+    return {};
+  }
+}
+
+function thereAreNestedEntities(parsedHeaders) {
+  var contentType = parsedHeaders['content-type'];
+  if (!contentType) {
+    return false;
+  }
+  return (contentType.indexOf('multipart') > -1);
+}
+
+function extractBoundaryFromString(state, parsedHeaders) {
+  var contentType = parsedHeaders['content-type'];
+  var boundary = contentTypeParser.parse(contentType).parameters.boundary;
+  if (!boundary) {
+    throw new Error(buildErrorMessage(state) + ' No boundary parameter found on header Content-Type (' + contentType + ')');
+  }
+  return boundary;
+}
+
+function buildErrorMessage(state) {
+  var str = 'Error in multipart message: ';
+  state.coordinates.forEach(function(coordinate) {
+    str += 'level ' + coordinate.level;
+    if (coordinate.part) {
+      str += ', part ' + coordinate.part;
+    }
+    str += '; ';
+  });
+  return str;
+}

package/lib/xsjs/web/utils/MultipartResponseBuilder.js

@@ -0,0 +1,73 @@
+'use strict';
+
+var CRLF = require('../../constants').WEB.MESSAGES.LINE_BREAK;
+
+var ALLOWED_CHARS_FOR_MULTIPART_BOUNDARY = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+var MULTIPART_BOUNDARY_LENGTH = 38;
+
+exports.build = function(webEntityResponse, boundary) {
+  var state = {
+    builtString: '',
+    usedBoundaries: [boundary]
+  };
+
+  handleEntities(webEntityResponse.entities, boundary, state);
+
+  return state.builtString;
+};
+
+function handleEntities(entities, boundary, state) {
+  entities.forEach(function(singleEntity) {
+    handleEntity(singleEntity, boundary, state);
+  });
+  state.builtString += '--' + boundary + '--' + CRLF;
+}
+
+function handleEntity(entity, boundary, state) {
+  state.builtString += '--' + boundary + CRLF;
+  handleHeaders(entity.headers, state);
+
+  if (entity.entities.length === 0) {
+    state.builtString += CRLF;
+    var body = (entity.body ? entity.body.asString() : '');
+    state.builtString += body + CRLF;
+  } else {
+    var newBoundary = generateNewBoundary(state);
+    state.builtString += 'content-type: multipart/mixed; boundary=' + newBoundary + CRLF;
+    state.builtString += CRLF;
+    handleEntities(entity.entities, newBoundary, state);
+  }
+}
+
+function handleHeaders(headers, state) {
+  headers.forEach(function (singleTupelPair) {
+    if (!isMultipart(singleTupelPair.name, singleTupelPair.value)) {
+      state.builtString += singleTupelPair.name + ': ' + singleTupelPair.value + CRLF;
+    }
+  });
+}
+
+function isMultipart(name, value) {
+  return (name === 'content-type' && value.indexOf('multipart') > -1);
+}
+
+exports.generateBoundary = function() {
+  var generatedBoundary = '';
+  var random;
+  for (var i = 0; i < MULTIPART_BOUNDARY_LENGTH; i++) {
+    random = Math.floor(Math.random() * ALLOWED_CHARS_FOR_MULTIPART_BOUNDARY.length);
+    generatedBoundary += ALLOWED_CHARS_FOR_MULTIPART_BOUNDARY.charAt(random);
+  }
+  return generatedBoundary;
+};
+
+function generateNewBoundary(state) {
+  var newBoundary;
+  var boundaryIsPresentInTheList;
+  do {
+    newBoundary = exports.generateBoundary();
+    boundaryIsPresentInTheList = (state.usedBoundaries.indexOf(newBoundary) > -1);
+  } while (boundaryIsPresentInTheList);
+  state.usedBoundaries.push(newBoundary);
+  return newBoundary;
+}

package/lib/xsjs/web/utils/SetCookieParser.js

@@ -0,0 +1,32 @@
+'use strict';
+
+var _ = require('lodash');
+
+exports.parse = function(arg) {
+  var parsedContent = {};
+
+  if (_.isString(arg)) {
+    parseFromString(arg, parsedContent);
+  } else if (_.isArray(arg)) {
+    parseFromArrayOfStrings(arg, parsedContent);
+  } else {
+    throw new Error('SetCookieParser: case not supported. Pass either a string or an array.');
+  }
+
+  return parsedContent;
+};
+
+function parseFromString(str, parsedContent) {
+  var result = /([^=]+)=(.*)/.exec(str);
+  if (result && result.length === 3) {
+    var cookieName = result[1];
+    var cookieValue = result[2];
+    parsedContent[cookieName] = cookieValue;
+  }
+}
+
+function parseFromArrayOfStrings(arr, parsedContent) {
+  arr.forEach(function(singleCookie) {
+    parseFromString(singleCookie, parsedContent);
+  });
+}

package/lib/xsjslib/TextBundleWrapper.js

@@ -0,0 +1,46 @@
+'use strict';
+
+var TextBundle = require('@sap/textbundle').TextBundle;
+var utils = require('../utils');
+var nodeUtils = require('util');
+var fs = require('fs');
+var path = require('path');
+var assert = require('assert');
+
+module.exports = TextBundleWrapperFactory;
+
+function TextBundleWrapperFactory(xsRootDirs) {
+  assert(nodeUtils.isArray(xsRootDirs), 'Invalid root dirs parameter provided, array of directories expected');
+  this._xsRootDirs = xsRootDirs;
+}
+
+TextBundleWrapperFactory.prototype.loadBundle = function(sapPackage, file, locale) {
+  var modifiedPath;
+  var textBundlePath;
+  var i = 0;
+
+  for (i = 0; i < this._xsRootDirs.length; i++) {
+    modifiedPath = path.join(this._xsRootDirs[i], utils.toPath(sapPackage, file));
+    if (fs.existsSync(modifiedPath + '.hdbtextbundle')) {
+      textBundlePath = modifiedPath + '.hdbtextbundle';
+    } else if (fs.existsSync(modifiedPath + '.properties')) {
+      textBundlePath = modifiedPath + '.properties';
+    }
+  }
+  assert(textBundlePath, 'Could not find bundle ' + file + ' in package ' + sapPackage);
+  return new TextBundleWrapper(new TextBundle({ path: textBundlePath, locale: locale }));
+};
+
+function TextBundleWrapper(textBundle) {
+  this.textBundle = textBundle;
+}
+
+TextBundleWrapper.prototype.getText = function(key, args) {
+  var params = args;
+  if (typeof args === 'object' && !nodeUtils.isArray(args)) {
+    params = Object.keys(args).sort().map(function(element) {
+      return args[element];
+    });
+  }
+  return this.textBundle.getText(key, params);
+};

package/lib/xsjslib/index.js

@@ -0,0 +1,11 @@
+'use strict';
+
+var TextBundleWrapper = require('./TextBundleWrapper');
+var sqlInjectionUtils = require('@sap/hdbext').sqlInjectionUtils;
+
+module.exports = function(xsruntime) {
+  return {
+    'sap.hana.xs.i18n.text' : new TextBundleWrapper(xsruntime.settings.rootDirs),
+    'sap.hana.admin.common.lib.SQLInjectionUtils' : sqlInjectionUtils
+  };
+};