@sassoftware/viya-serverjs 0.2.2 → 0.2.4

package/packages/core/handlers/setCookies.js

@@ -1,78 +0,0 @@
-/*
-* Copyright © 2019, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
-* SPDX-License-Identifier: Apache-2.0
-*/
-let uuid      = require('uuid');
-let debug = require('debug')('setcookies');
-
-async function setCookies (req, h, options) {
-    let credentials = req.auth.credentials;
-    debug('setcookie', credentials);
-    req.log('setcookie', credentials);
-    if (credentials != null && req.auth.error != null) {
-        debug('logon failed');
-        return { status: false, error: req.auth.error };
-    }
-        
-    // create a cookie(sid) and save credentials in cache
-    const sid = uuid.v4();
-    credentials.sid = sid;
-    if (options != null) {
-        options.allAppEnv.LOGONPAYLOAD.token = credentials.token;
-        options.allAppEnv.LOGONPAYLOAD.tokenType = 'bearer';
-        debug(options.allAppEnv.LOGONPAYLOAD);
-    }
-    
-    
-    await req.server.app.cache.set(sid, credentials, 0);
-    // Can we get away without setting cookie for this session?
-    // Need to also modify keepAlive
-    if (process.env.COOKIES !== 'NO') {
-        debugger;
-        req.cookieAuth.set({ sid });
-    };
-    debug('credentials query', credentials.query);
-    let redirect = (credentials.query != null && credentials.query.next != null) ? credentials.query.next : null;
-    req.server.log('setcookie-redirect', redirect);
-    return { status: true, error: null , redirect: redirect};
-}
-
-export default setCookies;
-
-/* 
- save for future reference - not used at this time
-async function getCredentials (req) {
-    let route = process.env.REDIRECT == null ? `/callback` : '/' + process.env.REDIRECT;
-    let info = req.server.info;
-    let location = info.uri + route;
-    if (info.host === '0.0.0.0') {
-        location = `${info.protocol}://${process.env.APPHOST}:${info.port}${route}`;
-    };
-
-    let payload = {
-		url   : `${process.env.VIYA_SERVER}/SASLogon/oauth/token`,
-		method: 'POST',
-
-		headers: {
-			// 'Authorization': 'Basic ' + Buffer.from(`${process.env.CLIENTID}:${process.env.CLIENTSECRET}`).toString('base64'),
-			'Accept'      : 'application/json',
-			'Content-Type': 'application/x-www-form-urlencoded'
-		},
-        data: qs.stringify({
-            client_id    : `${process.env.CLIENTID}`,
-            client_secret: `${process.env.CLIENTSECRET}`,
-            redirect_uri : `${location}`,
-
-			'grant_type': 'authorization_code',
-			code        : req.query.code
-		})
-	};
-    try {
-        let r = await axios(payload);
-        return r.data;
-    } catch (err) {
-        console.log(err);
-
-    }
-}
-*/

package/packages/core/iService.js

@@ -1,369 +0,0 @@
-/*
- *  ------------------------------------------------------------------------------------
- *  * Copyright (c) SAS Institute Inc.
- *  *  Licensed under the Apache License, Version 2.0 (the "License");
- *  * you may not use this file except in compliance with the License.
- *  * You may obtain a copy of the License at
- *  *
- *  * http://www.apache.org/licenses/LICENSE-2.0
- *  *
- *  *  Unless required by applicable law or agreed to in writing, software
- *  * distributed under the License is distributed on an "AS IS" BASIS,
- *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  * See the License for the specific language governing permissions and
- *  limitations under the License.
- * ----------------------------------------------------------------------------------------
- *
- */
-
-let fs = require('fs');
-let debug = require('debug')('service');
-let debug2 = require('debug')('tls');
-// let isDocker = require('is-docker');
-let Hapi = require('@hapi/hapi');
-let H202 = require('@hapi/h2o2');
-// const { isSameSiteNoneCompatible } = require('should-send-same-site-none');
-let NodeCache = require("node-cache-promise");
-let Vision = require('@hapi/vision');
-let inert = require('@hapi/inert');
-let selfsigned = require('selfsigned');
-import setupAuth from './plugins/setupAuth';
-
-let os = require('os');
-
-function iService (userRouteTable, useDefault, asset, allAppEnv, serverMode, userInfo) {
-	// process.env.APPHOST_ADDR = process.env.APPHOST;
-	const init = async () => {
-	
-		if (process.env.APPHOST === '*') {
-			process.env.APPHOST = os.hostname();
-		}
-		let defaultMaxBytes = 10485760;
-		let maxBytes;
-		if (isNaN(process.env.PAYLOADMAXBYTES)) {
-			maxBytes = defaultMaxBytes;
-		} else {
-			maxBytes = Number(process.env.PAYLOADMAXBYTES);
-		}
-		let isSameSite = 'None';
-		let isSecure = false;
-		
-		if (process.env.SAMESITE != null) {
-			let [s1, s2] = process.env.SAMESITE.split(',');
-			isSameSite = s1;
-			isSecure = s2 === 'secure' ? true : false;
-			if (process.env.HTTPS !== 'true') {
-				isSecure = false;
-			}
-		}
-	
-
-		let sConfig = {
-			port: process.env.APPPORT,
-			host: process.env.APPHOST,
-
-			state: {
-				isSameSite: isSameSite,
-				isSecure  : isSecure,
-
-			},
-	
-
-			routes: {
-				payload: {
-					maxBytes: maxBytes
-				},
-				cors: {
-					origin     : ['*'],
-					credentials: true,
-					
-					"headers": ["Accept", "Authorization", "Content-Type", "If-None-Match", "Accept-language"]
-					/*
-					'Access-Control-Allow-Methods': ['GET', 'POST', 'OPTIONS'],
-					additionalHeaders             : ['multipart/form-data', 'content-disposition'],
-					additionalExposedHeaders      : ['location'],
-					*/
-				}
-				
-			},
-		};
-		if (process.env.HAPIDEBUG === 'YES') {
-			sConfig.debug = { request: '*' };
-		}
-		debug(JSON.stringify(sConfig, null,4));
-		if (process.env.HTTPS === 'true') {
-			sConfig.tls = await getCertificates();
-			debug('Setup of SSL certificates completed');
-		} else {
-			debug('Running with no SSL certificates');
-		}
-		if (asset !== null) {
-			sConfig.routes.files= { relativeTo: asset };
-		}
-
-		debug2(
-			`Application information: 
-		APPLOC  : ${process.env.APPLOC}
-		APPENTRY: ${process.env.APPENTRY}
-`
-		);
-
-		let hapiServer = Hapi.server(sConfig);
-
-		/*
-		const cache = hapiServer.cache({ segment: 'sessions', expiresIn: 3 * 24 * 60 * 60 * 1000 });
-		hapiServer.app.cache = cache;
-		*/
-
-		let nodeCacheOptions = {
-			stdTTL        : 36000,
-			checkPeriod   : 3600,
-			errorOnMissing: true,
-			useClones     : false,
-			deleteOnExpire: true,
-		};
-		let storeCache = new NodeCache(nodeCacheOptions);
-		hapiServer.app.cache = storeCache;
-
-		// common plugins
-		let visionOptions = {
-			engines   : { html: require('handlebars') },
-			relativeTo: __dirname,
-			path      : '.',
-		};
-		await hapiServer.register(Vision);
-		hapiServer.views(visionOptions);
-		await hapiServer.register(inert);
-		if (process.env.HTTPS === 'true') {
-			await hapiServer.register({ plugin: require('hapi-require-https'), options: {} });
-		}
-		// register H202 for proxy handling
-		// https://hapi.dev/module/h2o2/api/?v=10.0.1
-		
-		await hapiServer.register(H202);
-		/*
-		await hapiServer.register({
-			plugin : require('hapi-pino'),
-			options: {
-				prettyPrint: process.env.NODE_ENV !== 'production',
-				level      : process.env.LOGLEVEL == null ? 'silent' : process.env.LOGLEVEL,
-			},
-		});
-		*/
-		
-		// setup authentication related plugins
-		let options = {
-			serverMode    : (serverMode === null) ? 'app' : 'api', /* api or app */
-			authFlow      : process.env.AUTHFLOW,
-			host          : process.env.VIYA_SERVER,
-			isSameSite    : isSameSite,
-			isSecure      : isSecure,
-			ns            : (allAppEnv.LOGONPAYLOAD != null) ? allAppEnv.LOGONPAYLOAD.ns : null,
-			nsHost        : (allAppEnv.LOGONPAYLOAD != null) ? allAppEnv.LOGONPAYLOAD.nsHost : null,
-			redirect      : process.env.REDIRECT,
-			clientId      : process.env.CLIENTID,
-			clientSecret  : process.env.CLIENTSECRET,
-			redirectTo    : `/${process.env.APPNAME}/logon`,
-			allAppEnv     : allAppEnv,
-			useHapiCookie : true,
-			appName       : process.env.APPNAME,
-			appHost       : process.env.APPHOST,
-			appPort       : process.env.APPPORT,
-			userRouteTable: userRouteTable,
-			useDefault    : useDefault, /* not used - left here for potential reuse */
-			userInfo      : userInfo,
-			https         : process.env.HTTPS,
-			authDefault   : false, /* set later in setDefaultRoutes */
-      authLogon     : false  /* set later in setDefaultRoutes */
-
-		};
-		
-		debug2('Options',options);
-		if (process.env.AUTHFLOW != null) {
-				await setupAuth(hapiServer, options);
-				if (process.env.PREAUTH === 'YES') {
-				console.log('Preauth enabled');
-				hapiServer.ext('onPreAuth', (request, h) => {
-					debugger;
-					if (!request.auth.isAuthenticated && !request.path.startsWith(`/login`)) {
-							const redirectTo = `${request.path}?${new URLSearchParams(request.query).toString()}`;
-							console.log('Redirect to login', {redirectTo});
-							debugger;
-							return h.redirect(`/login`).takeover();
-					}
-					return h.continue;
-				});
-			}
-		}
-		hapiServer.log('Plugin', process.env.PLUGIN);
-		
-		if (process.env.PLUGIN === 'hapi-swagger' && serverMode !== null) {
-			let	swaggerOptions = {
-				"info": {
-					"title"      : `API for ${process.env.APPNAME}`,
-					"version"    : "0.0.1",
-					"description": "This document was auto-generated at run time"
-				},
-				"schemes"          : ["http", "https"],
-				"cors"             : true,
-				"debug"            : true,
-				"jsonPath"         : `/${options.appName}/swagger.json`,
-			    "jsonRoutePath"    : `/${options.appName}/swagger.json`,
-			    "documentationPage": true,
-	    		"documentationPath": `/${options.appName}/documentation`,
-				"swaggerUI"        : true,
-				"swaggerUIPath"    : `/${options.appName}/swaggerui`,
-				auth               : options.authDefault
-				};
-
-			if (userInfo != null) {
-		    	let override = userInfo(options, 'SWAGGEROPTIONS');
-				swaggerOptions = {...swaggerOptions, ...override};
-			}
-			
-			debug('Swagger Options:' ,swaggerOptions);
-			await hapiServer.register({ plugin: serverMode, options: swaggerOptions });
-		} else if (process.env.PLUGIN == 'hapi-openapi' && serverMode !== null) {
-			console.log('hapi-openapi', 'coming soon');
-		} 
-		
-
-		//
-		// Start server
-		//
-		// eslint-disable-next-line no-unused-vars
-		let allRoutes = hapiServer.table();
-		await hapiServer.start();
-		let hh = hapiServer.info.uri;
-		hh = hh.replace(/0.0.0.0/, 'localhost');
-		console.log('====================================================================================');
-		console.log('Server Start Time: ', Date());
-		let msg =
-			options.serverMode === 'app'
-				? `Visit ${hh}/${process.env.APPNAME} to access application`
-				: `Visit ${hh}/${process.env.APPNAME}/api to access swagger`;
-		console.log('\x1b[1m%s\x1b[0m',msg);
-		console.log('NOTE: If running in container use the exported port');
-		process.env.APPSERVER = `${hh}/${process.env.APPNAME}`;
-		process.env.HEALTH = 'true';
-		console.log('====================================================================================');
-	};
-
-	process.on('unhandledRejection', (err) => {
-		console.log(err);
-		process.exit(1);
-	});
-	init();
-}
-
-async function getCertificates () {
-
-	let tls = {};
-	debug2('Getting tls certificates');
-	debug2('tls.crt', process.env['tls.crt'] != null);
-	debug2('tls.key', process.env['tls.key'] != null);
-	debug2('TLS_PFX', process.env.TLS_PFX != null);
-	debug2('TLS_PW', process.env.TLS_PW != null);
-	debug2('TLS_CERT', process.env.TLS_CERT != null);
-	debug2('TLS_CRT', process.env.TLS_CRT != null);
-	debug2('TLS_CREATE', process.env.TLS_CREATE != null);
-	if (process.env.TLS_CERT != null && process.env.TLS_CERT.length > 0) {
-		/* backward compatability */
-		debug2('TLS set: TLS_CERT');
-		tls.cert = fs.readFileSync(process.env.TLS_CERT);
-		tls.key = fs.readFileSync(process.env.TLS_KEY);
-	} else if (process.env.TLS_PFX != null) {
-		debug2('TLS set: PFX');
-		tls.pfx = fs.readFileSync(process.env.TLS_PFX);
-		if (process.env.TLS_PW != null) {
-			tls.passphrase = process.env.TLS_PW;
-		}
-	} else if (process.env.TLS_CRT != null && process.env.TLS_CRT.trim().length > 0) {
-		/* new key names to conform to k8s*/
-		debug2('TLS set: TLS_CRT');
-		tls.cert = process.env.TLS_CRT;
-		tls.key = process.env.TLS_KEY;
-	} else if (process.env['tls.crt'] != null) {
-		tls.cert = process.env['tls.crt'];
-		tls.key = process.env['tls.key'];
-	} else if (process.env.TLS_CREATE != null) {
-		/* unsigned certificate */
-		debug2('TLS set: TLS_CREATE=', process.env.TLS_CREATE);
-		tls = await getTls();
-	}
-
-	if (process.env.TLS_CABUNDLE != null) {
-		tls.CA = fs.readFileSync(process.env.TLS_CABUNDLE);
-	}
-	debug2('TLS', tls);
-	if (Object.keys(tls).length > 0) {
-		return tls;
-	} else {
-		console.log('Warning: The current host protocol is https: No TLS certificate information has been specified.');
-		return tls;
-	}
-}
-
-async function getTls () {
-	let options = {
-		keySize          : 2048,
-		days             : 360,
-		algorithm        : "sha256",
-		clientCertificate: true,
-		extensions       : {}, 
-	};
-	let subjt = process.env.TLS_CREATE.replaceAll('"', '').trim();
-	let subj  = subjt.split(',');
-	
-	let d = {};
-	subj.map(c => {
-		let r = c.split(':');
-		d[ r[ 0 ] ] = r[ 1 ];
-		return {  value: r[ 1 ] };
-	});
-
-	//  TLS_CREATE=C:US,ST:NC,L:Cary,O:SAS Institute,OU:STO,CN:localhost,ALT:na.sas.com
-	let attr = [
-		{
-			name : 'commonName',
-			value: d.CN /*process.env.APPHOST*/,
-		},
-		{
-			name : 'countryName',
-			value: d.C
-		}, {
-			shortName: 'ST',
-			value    : d.ST
-		}, {
-			name : 'localityName',
-			value: d.L,
-		}, {
-			name : 'organizationName',
-			value: d.O
-		},
-		{
-			shortName: 'OU',
-			value    : d.OU
-		}
-	];
-
-	options.extensions.altNames = [
-		//	{ type: 6, value: `http://${process.env.APPHOST}:${process.env.APPPORT}/${process.env.APPNAME}` },
-		{ type: 6, value: `https://${process.env.APPHOST}:${process.env.APPPORT}/${process.env.APPNAME}` },
-		{ type: 6, value: `https://${process.env.APPHOST}:${process.env.APPPORT}/${process.env.APPNAME}/api` },
-		{ type: 6, value: `https://${process.env.APPHOST}:${process.env.APPPORT}/${process.env.APPNAME}/logon` },
-		{ type: 6, value: `https://${process.env.APPHOST}/${process.env.APPNAME}` },
-		{ type: 6, value: `https://${process.env.APPHOST}/${process.env.APPNAME}/api` },
-		{ type: 6, value: `https://${process.env.APPHOST}/${process.env.APPNAME}/logon` },
-	];
-	debug('tls options ', JSON.stringify(options, null,4));
-	let pems = selfsigned.generate(attr, options);
-	let tls = {
-		cert: pems.cert,
-		key : pems.private
-	};
-	return tls;
-
-
-}
-export default iService;

package/packages/core/index.js

@@ -1,249 +0,0 @@
-/*
- *  ------------------------------------------------------------------------------------
- *  * Copyright (c) SAS Institute Inc.
- *  *  Licensed under the Apache License, Version 2.0 (the 'License');
- *  * you may not use this file except in compliance with the License.
- *  * You may obtain a copy of the License at
- *  *
- *  * http://www.apache.org/licenses/LICENSE-2.0
- *  *
- *  *  Unless required by applicable law or agreed to in writing, software
- *  * distributed under the License is distributed on an 'AS IS' BASIS,
- *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  * See the License for the specific language governing permissions and
- *  limitations under the License.
- * ----------------------------------------------------------------------------------------
- *
- */
-
-import "core-js/stable";
-import "regenerator-runtime/runtime";
-import fs from "fs";
-import iService from "./iService";
-import config from "./config";
-let debug = require("debug")("startup");
-
-module.exports = function core (
-  uTable,
-  useDefault,
-  serverMode,
-  customize,
-  swaggerfcn
-) {
-  let argv = require("yargs").argv;
-  let env = argv.env == null ? null : argv.env;
-  let appenv = argv.appenv == null ? null : argv.appenv;
-  let docker = argv.docker == null ? null : argv.docker;
-  process.env.SERVERMODE = serverMode !== null ? "api" : "app";
-
-  if (useDefault == null) {
-    useDefault = true;
-  }
-  console.log(
-    "Initialization started ============================================================"
-  );
-  console.log(`version: 2, Build Date: `, Date());
-  console.log(
-    `\nCommand Line Configuration:
-          Dockerfile: ${docker}
-          env file  : ${env}
-          appenv    : ${appenv}
-          customize : ${customize != null}
-          `
-  );
-
-  iapp(null, env, docker, uTable, useDefault, serverMode, customize);
-};
-
-function iapp (
-  appSrc,
-  rafEnv,
-  dockerFile,
-  uTable,
-  useDefault,
-  serverMode,
-  customize
-) {
-  let asset = setup(rafEnv, dockerFile);
-  if (appSrc == null) {
-    appSrc = process.env.APPENV == null ? null : process.env.APPENV;
-  }
-  if (appSrc != null) {
-    console.log("appSrc",`+${appSrc}+`);
-    createPayload(appSrc, (err, r) => {
-      if (err) {
-        console.log(err);
-        console.log("createPayload failed");
-        process.exit(1);
-      } else {
-        iService(uTable, useDefault, asset, r, serverMode, customize);
-      }
-    });
-  } else {
-    let appEnv = getAllEnv({});
-    iService(uTable, useDefault, asset, appEnv, serverMode, customize);
-  }
-}
-
-function setup (rafEnv, dockerFile) {
-  config(rafEnv, dockerFile);
-  let asset = process.env.APPLOC === "." ? process.cwd() : process.env.APPLOC;
-  process.env.APPASSET = asset;
-  return asset;
-}
-
-function createPayload (srcName, cb) {
-  let src = fs.readFileSync(srcName, "utf8");
-  if (src === null) {
-    cb(`Error: ${srcName} was not found. `);
-  }
-  try {
-    // console.log(src);
-    let f = new Function(src);
-    console.log(`${srcName} compile completed`);
-    let r = f();
-    f = null;
-
-    let ar = getAllEnv(r);
-    cb(null, ar);
-  } catch (err) {
-    console.log(`${srcName} compile failed`);
-    cb(err);
-  }
-}
-
-function getAllEnv (userData) {
-  let env;
-  let l = null;
-  let host = trimit("VIYA_SERVER");
-  if (host === 'none'){
-    host = null;
-  }
- 
-  if (process.env.AUTHTYPE != null) {
-    process.env.AUTHFLOW = process.env.AUTHTYPE;
-  }
-
-  let authflow = trimit("AUTHFLOW");
-  if (authflow === "authorization_code" || authflow === "code") {
-    authflow = "server";
-  }
-  if (host === null ) {
-    authflow = "none";
-  }
-  process.env.AUTHFLOW = authflow;
-  // let redirect = (process.env.REDIRECT != null) ? process.env.REDIRECT : null;
-  let redirect = trimit("REDIRECT");
- 
-  let clientID = trimit("CLIENTID");
- 
-  // eslint-disable-next-line no-unused-vars
-  let clientSecret = trimit("CLIENTSECRET");
-  let keepAlive = trimit("KEEPALIVE");
-  let appName = trimit("APPNAME");
-  let ns = trimit("NAMESPACE");
-  let nsHost = trimit("NSHOST");
-
-  l = {
-    authType: authflow,
-    redirect: redirect,
-
-    host    : host,
-    clientID: clientID,
-    appName : appName,
-    
-    keepAlive: null,
-    useToken : process.env.USETOKEN,
-
-    ns    : ns,
-    nsHost: nsHost,
-  };
-  if (authflow === "server" || authflow === "implicit") {
-    if (authflow === "implicit") {
-      if (redirect === null) {
-        redirect = `${appName}/callback`;
-        process.env.REDIRECT = "callback";
-      } else {
-        if (redirect !== null && redirect.indexOf("/") !== 0) {
-          redirect =
-            redirect.indexOf("http") != -1
-              ? redirect
-              : `${process.env.APPNAME}/${redirect}`;
-        }
-      }
-
-      l = {
-        authType : authflow,
-        redirect : redirect,
-        host     : host,
-        clientID : clientID,
-        appName  : appName,
-        keepAlive: null,
-        useToken : process.env.USETOKEN,
-        ns       : ns,
-        nsHost   : nsHost,
-      };
-
-      if (authflow === "server" && keepAlive === "YES") {
-        let protocol = process.env.HTTPS === "true" ? "https://" : "http://";
-        l.keepAlive = `${protocol}${process.env.APPHOST}:${process.env.APPPORT}/${appName}/keepAlive`;
-        l.keepAlive = l.keepAlive.replace(/0.0.0.0/, "localhost");
-      }
-      if (process.env.TIMERS != null) {
-        l.timers = process.env.TIMERS;
-      }
-    }
-    // allow for no authtype
-    l = {
-      authType: authflow,
-      redirect: redirect,
-
-      host    : host,
-      clientID: clientID,
-      appName : appName,
-
-      keepAlive: null,
-      useToken : process.env.USETOKEN,
-
-      ns    : ns,
-      nsHost: nsHost,
-    };
-  }
-
-  // pick up the app env's - replacement for appenv.js
-  // appenv.js still supported for backward compatibility
-  for (let key in process.env) {
-    debug(key);
-    if (key.indexOf("APPENV_") === 0) {
-      let k = key.substring(7);
-      let v = process.env[key];
-      if (v != null && v.trim().length > 0) {
-        if (v.startsWith('$')) {
-          v = process.env[v.substring(1)];
-        }
-        userData[k] = (v != null) ?  v.trim() : null;
-      } else {
-        userData[k] = null;
-
-      }
-    }
-  }
-
-  env = {
-    LOGONPAYLOAD: l,
-    APPENV      : userData,
-  };
-  console.log("Final APPENV configuration for the server");
-  console.log(JSON.stringify(env, null, 4));
-  console.log(Date());
-  return env;
-}
-
-function trimit (e) {
-  let a = process.env[e];
-  if (a == null) {
-    return null;
-  }
-  a = a.trim();
-  return a.length === 0 ? null : a;
-}