npm - @sassoftware/viya-serverjs - Versions diffs - 0.5.3 → 0.5.5 - Mend

@sassoftware/viya-serverjs 0.5.3 → 0.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/.env +4 -3
package/Dockerfile +37 -31
package/lib/handlers/setCookies.js +4 -0
package/lib/iService.js +3 -1
package/lib/plugins/SASauth.js +7 -3
package/lib/plugins/setDefaultRoutes.js +2 -2
package/package.json +3 -2
package/public/auth.html +5 -4
package/src/handlers/setCookies.js +3 -0
package/src/iService.js +2 -1
package/src/plugins/SASauth.js +6 -3
package/src/plugins/setDefaultRoutes.js +2 -2

package/.env CHANGED Viewed

@@ -7,11 +7,12 @@ APPPORT=8080
 APPNAME=mcpserver
 AUTHFLOW=code
 CLIENTID=mcpserver
-CLIENTSECRET=jellico
-USELOGON=TRUE
+# CLIENTSECRET=jellico
+USELOGON=FALSE
 USETOKEN=TRUE
-//REDIRECT=mcp
+# REDIRECT=mcp
 # APPDIR=./appDir
 HTTPS=true

package/Dockerfile CHANGED Viewed

@@ -8,37 +8,43 @@ RUN npm install
 # will auto change to localhost in non-docker environments
 ENV APPHOST=0.0.0.0
+ENV APPLOC=./public
 ENV PORT=8080
 EXPOSE 8080
 ENV HTTPS=true
-ENV VIYA_SERVER=
-# ENV APPSERVERLEVEL=v2
-#######################################################################
-# You can override these(but in container leave APPHOST as shown below)
-########################################################################
-# set this the same as EXPOSE here and override in env or as -p option in dockerrun
-# ENV APPPORT=8080
-ENV APPNAME=viyaapp
-ENV AUTHFLOW=server
-ENV CLIENTID=viyaapp
-ENV CLIENTSECRET=
-# ENV HAPIDEBUG=NO
-# ENV LOGLEVEL=info
-# ENV USETOKEN=YES
-# specify ssl/tls cert and key in a folder
-# example below
-# ENV SSLCERT=c:/Users/kumar/.tls
-#sample setup for creating a temporary cert and key
-ENV TLS_CREATE="C:US,ST:NC,L:Cary,O:SAS Institute,OU:STO,CN:localhost"
-# Samesite specification
-ENV SAMESITE=None,secure
-# If your Viya instance still has a unsigned certificate set this value prior to invoking the server
-# ENV NODE_TLS_REJECT_UNAUTHORIZED=0
-#####################################################################
-CMD ["npm", "run", "indocker"]
+ENV APPPORT=8080
+ENV APPNAME=mcpserver
+ENV AUTHFLOW=code
+ENV CLIENTID=mcpserver
+ENV CLIENTSECRET=jellico
+ENV USELOGON=FALSE
+ENV USETOKEN=TRUE
+ENV SSLCERT=
+ENV VIYACERT=
+# Most modern browsers do not accept self-signed certs from localhost
+# Options:
+# 1. provide signed certificates for localhost
+# 2. Use libraries like mkcert to create temporary trusted certs for localhost
+# 3. Use the app server as a proxy to the Viya server to avoid CORS issues.
+#    This requires that the app redirect all Viya API calls to the app server proxy endpoint
+#    Users of restaf can simply set the APPENV_PROXY env to TRUE to enable this behavior
+# 4. set USETOKEN to TRUE and use the token in the APPENV object to make the calls
+# either use the proper ssl/tsl certs or use the "proxy" method
+# to avoid CORS issues with self-signed certs
+# so run all apps thru the proxy and call Viya from there
+ENV APPENV_PROXY=false
+# APPENV_PROXYSERVER=true
+# USETOKEN=true
+ENV SHOWENV=true
+ENV APPENV_XYZ=AA
+ENV APPENV_BAD=
+CMD ["npm", "start"]

package/lib/handlers/setCookies.js CHANGED Viewed

@@ -45,6 +45,9 @@ function _setCookies() {
           _context.n = 1;
           return req.server.app.cache.set(sid, credentials, 0);
         case 1:
+          _context.n = 2;
+          return req.server.app.cache.set('credentials', credentials, 0);
+        case 2:
           // Can we get away without setting cookie for this session?
           // Need to also modify keepAlive
           if (process.env.COOKIES !== 'NO') {
@@ -52,6 +55,7 @@ function _setCookies() {
             req.cookieAuth.set({
               sid: sid
             });
+            // req.cookieAuth.set({auth: credentials});
           }
           ;
           debug('credentials query', credentials.query);

package/lib/iService.js CHANGED Viewed

@@ -5,6 +5,7 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports["default"] = void 0;
+var _console = require("console");
 var _setupAuth = _interopRequireDefault(require("./plugins/setupAuth"));
 function _interopRequireDefault(e) { return e && e.__esModule ? e : { "default": e }; }
 function _regenerator() { /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/babel/babel/blob/main/packages/babel-helpers/LICENSE */ var e, t, r = "function" == typeof Symbol ? Symbol : {}, n = r.iterator || "@@iterator", o = r.toStringTag || "@@toStringTag"; function i(r, n, o, i) { var c = n && n.prototype instanceof Generator ? n : Generator, u = Object.create(c.prototype); return _regeneratorDefine2(u, "_invoke", function (r, n, o) { var i, c, u, f = 0, p = o || [], y = !1, G = { p: 0, n: 0, v: e, a: d, f: d.bind(e, 4), d: function d(t, r) { return i = t, c = 0, u = e, G.n = r, a; } }; function d(r, n) { for (c = r, u = n, t = 0; !y && f && !o && t < p.length; t++) { var o, i = p[t], d = G.p, l = i[2]; r > 3 ? (o = l === n) && (u = i[(c = i[4]) ? 5 : (c = 3, 3)], i[4] = i[5] = e) : i[0] <= d && ((o = r < 2 && d < i[1]) ? (c = 0, G.v = n, G.n = i[1]) : d < l && (o = r < 3 || i[0] > n || n > l) && (i[4] = r, i[5] = n, G.n = l, c = 0)); } if (o || r > 1) return a; throw y = !0, n; } return function (o, p, l) { if (f > 1) throw TypeError("Generator is already running"); for (y && 1 === p && d(p, l), c = p, u = l; (t = c < 2 ? e : u) || !y;) { i || (c ? c < 3 ? (c > 1 && (G.n = -1), d(c, u)) : G.n = u : G.v = u); try { if (f = 2, i) { if (c || (o = "next"), t = i[o]) { if (!(t = t.call(i, u))) throw TypeError("iterator result is not an object"); if (!t.done) return t; u = t.value, c < 2 && (c = 0); } else 1 === c && (t = i["return"]) && t.call(i), c < 2 && (u = TypeError("The iterator does not provide a '" + o + "' method"), c = 1); i = e; } else if ((t = (y = G.n < 0) ? u : r.call(n, G)) !== a) break; } catch (t) { i = e, c = 1, u = t; } finally { f = 1; } } return { value: t, done: y }; }; }(r, o, i), !0), u; } var a = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} t = Object.getPrototypeOf; var c = [][n] ? t(t([][n]())) : (_regeneratorDefine2(t = {}, n, function () { return this; }), t), u = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(c); function f(e) { return Object.setPrototypeOf ? Object.setPrototypeOf(e, GeneratorFunctionPrototype) : (e.__proto__ = GeneratorFunctionPrototype, _regeneratorDefine2(e, o, "GeneratorFunction")), e.prototype = Object.create(u), e; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, _regeneratorDefine2(u, "constructor", GeneratorFunctionPrototype), _regeneratorDefine2(GeneratorFunctionPrototype, "constructor", GeneratorFunction), GeneratorFunction.displayName = "GeneratorFunction", _regeneratorDefine2(GeneratorFunctionPrototype, o, "GeneratorFunction"), _regeneratorDefine2(u), _regeneratorDefine2(u, o, "Generator"), _regeneratorDefine2(u, n, function () { return this; }), _regeneratorDefine2(u, "toString", function () { return "[object Generator]"; }), (_regenerator = function _regenerator() { return { w: i, m: f }; })(); }
@@ -104,7 +105,8 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
             };
             if (process.env.HAPIDEBUG === 'YES') {
               sConfig.debug = {
-                request: '*'
+                request: '*',
+                log: '*'
               };
             }
             debug(JSON.stringify(sConfig, null, 4));

package/lib/plugins/SASauth.js CHANGED Viewed

@@ -75,6 +75,13 @@ function _iSASauth() {
               return profile;
             }()
           };
+          // Reference: https://github.com/hapijs/bell/blob/master/lib/oauth.js
+          // for some reason the bell doc is out of date on pkce
+          console.log('pkce', options.pkce);
+          if (options.pkce === true) {
+            provider.pkce = 'S256';
+          }
           bellAuthOptions = {
             provider: provider,
             password: uuid.v4(),
@@ -83,9 +90,6 @@ function _iSASauth() {
             //   isSameSite  : options.isSameSite,
             isSecure: options.isSecure
           };
-          if (options.pkce === true) {
-            bellAuthOptions.pkce = 'S256';
-          }
           debug('belloptions', bellAuthOptions);
           server.log('SASAuth', bellAuthOptions);
           _context2.n = 1;

package/lib/plugins/setDefaultRoutes.js CHANGED Viewed

@@ -90,8 +90,8 @@ module.exports = function setDefaultRoutes(server, options) {
     method: ["GET"],
     path: "".concat(appName),
     options: {
-      //auth: (process.env.USELOGON.toUpperCase() === 'TRUE') ? null : options.serverMode === "app" ? authLogon : authDefault,
-      auth: null,
+      auth: process.env.USELOGON.toUpperCase() === 'TRUE' ? null : options.serverMode === "app" ? authLogon : authDefault,
+      //  auth: null,
       handler: function () {
         var _handler2 = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee2(req, h) {
           return _regenerator().w(function (_context2) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sassoftware/viya-serverjs",
-  "version": "0.5.3",
+  "version": "0.5.5",
   "description": "Easy to use app server for SAS Viya applications",
   "author": "Deva Kumaraswamy <deva.kumar@sas.com>",
   "license": "Apache-2.0",
@@ -35,7 +35,8 @@
     "debug": "cross-env NODE_TLS_REJECT_UNAUTHORIZED=0  node --inspect-brk server.js --env=./.env.server --docker=./Dockerfile",
     "proxy": "cross-env NODE_TLS_REJECT_UNAUTHORIZED=0 node cli --env=./.env.proxy --docker=./Dockerfile",
     "pub": "npm publish --tag alpha --access public",
-    "lint": "npx eslint --fix src/*.js"
+    "lint": "npx eslint --fix src/*.js",
+    "indocker": "npx @sassoftware/sas-score-mcp-serverjs@alpha"
   },
   "dependencies": {
     "@hapi/bell": "^13.1.0",

package/public/auth.html CHANGED Viewed

@@ -1,4 +1,3 @@
 <!DOCTYPE html>
 <html>
   <body>
@@ -15,10 +14,12 @@
         } catch (e) {
           // ignore
         }
-        // Attempt to close the popup.
-        window.close();
+        // Attempt to close the popup after 5 seconds.
+        setTimeout(function() {
+          window.close();
+        }, 5000);
       })();
     </script>
     <p>Server is active. You can close this window.</p>
   </body>
-</html>`;
+</html>

package/src/handlers/setCookies.js CHANGED Viewed

@@ -29,11 +29,14 @@ async function setCookies (req, h, options) {
     await req.server.app.cache.set(sid, credentials, 0);
+    await req.server.app.cache.set('credentials', credentials, 0);
     // Can we get away without setting cookie for this session?
     // Need to also modify keepAlive
     if (process.env.COOKIES !== 'NO') {
         debugger;
         req.cookieAuth.set({ sid });
+       // req.cookieAuth.set({auth: credentials});
     };
     debug('credentials query', credentials.query);
     let redirect = (credentials.query != null && credentials.query.next != null) ? credentials.query.next : null;

package/src/iService.js CHANGED Viewed

@@ -28,6 +28,7 @@ let Vision = require('@hapi/vision');
 let inert = require('@hapi/inert');
 let selfsigned = require('selfsigned');
+import { log } from 'console';
 import setupAuth from './plugins/setupAuth';
 let os = require('os');
@@ -89,7 +90,7 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
 			},
 		};
 		if (process.env.HAPIDEBUG === 'YES') {
-			sConfig.debug = { request: '*' };
+			sConfig.debug = { request: '*' ,log: '*'};
 		}
 		debug(JSON.stringify(sConfig, null, 4));
 		if (process.env.HTTPS === 'true') {

package/src/plugins/SASauth.js CHANGED Viewed

@@ -60,7 +60,13 @@ async function iSASauth (server, options) {
     };
+    // Reference: https://github.com/hapijs/bell/blob/master/lib/oauth.js
+    // for some reason the bell doc is out of date on pkce
+    console.log('pkce', options.pkce);
+    if (options.pkce === true) {
+        provider.pkce = 'S256';
+    }
     bellAuthOptions = {
         provider    : provider,
         password    : uuid.v4(),
@@ -70,9 +76,6 @@ async function iSASauth (server, options) {
         isSecure    : options.isSecure
     };
-    if (options.pkce === true) {
-        bellAuthOptions.pkce = 'S256';
-    }
     debug('belloptions', bellAuthOptions);
     server.log('SASAuth',bellAuthOptions);

package/src/plugins/setDefaultRoutes.js CHANGED Viewed

@@ -90,8 +90,8 @@ module.exports = function setDefaultRoutes(server, options) {
       path: `${appName}`,
       options: {
-        //auth: (process.env.USELOGON.toUpperCase() === 'TRUE') ? null : options.serverMode === "app" ? authLogon : authDefault,
-        auth: null,
+        auth: (process.env.USELOGON.toUpperCase() === 'TRUE') ? null : options.serverMode === "app" ? authLogon : authDefault,
+      //  auth: null,
         handler: async (req,h) => {
           console.log(`>>>>>>>>>>>>>>>>>>>>>>>in ${appName}`);
           return getAppb(req, h);