@sassoftware/viya-serverjs 0.5.5 → 0.6.1-1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env +15 -32
- package/.env.proxy +24 -0
- package/.env.server +20 -35
- package/Dockerfile +24 -30
- package/README.md +69 -37
- package/cli.js +2 -1
- package/lib/handlers/codeAuth.js +11 -9
- package/lib/handlers/getApp.js +7 -4
- package/lib/handlers/logon.js +4 -5
- package/lib/handlers/proxyMapUri.js +8 -7
- package/lib/handlers/setCookies.js +22 -15
- package/lib/iService.js +98 -234
- package/lib/index.js +29 -15
- package/lib/plugins/SASauth.js +2 -8
- package/lib/plugins/appCookie.js +3 -4
- package/lib/plugins/setContext.js +4 -1
- package/lib/plugins/setDefaultRoutes.js +33 -61
- package/lib/plugins/setupUserRoutes.js +11 -5
- package/lib/readCerts.js +38 -0
- package/package.json +15 -21
- package/public/help.html +1 -1
- package/public/index.html +302 -304
- package/public/indexold.html +356 -0
- package/server.js +10 -11
- package/src/handlers/codeAuth.js +10 -10
- package/src/handlers/getApp.js +6 -3
- package/src/handlers/logon.js +3 -4
- package/src/handlers/proxyMapUri.js +10 -9
- package/src/handlers/setCookies.js +8 -11
- package/src/iService.js +82 -173
- package/src/index.js +30 -17
- package/src/plugins/SASauth.js +2 -9
- package/src/plugins/appCookie.js +4 -5
- package/src/plugins/setContext.js +4 -4
- package/src/plugins/setDefaultRoutes.js +19 -25
- package/src/plugins/setupUserRoutes.js +6 -3
- package/src/readCerts.js +33 -0
- package/tls/viyatls.sh +3 -0
- package/mcpServer.js +0 -364
- package/public/auth.html +0 -25
- package/testca.js +0 -10
package/lib/iService.js
CHANGED
|
@@ -1,20 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
function _typeof(o) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (o) { return typeof o; } : function (o) { return o && "function" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? "symbol" : typeof o; }, _typeof(o); }
|
|
4
3
|
Object.defineProperty(exports, "__esModule", {
|
|
5
4
|
value: true
|
|
6
5
|
});
|
|
7
6
|
exports["default"] = void 0;
|
|
8
|
-
var _console = require("console");
|
|
9
7
|
var _setupAuth = _interopRequireDefault(require("./plugins/setupAuth"));
|
|
8
|
+
var _readCerts = _interopRequireDefault(require("./readCerts"));
|
|
10
9
|
function _interopRequireDefault(e) { return e && e.__esModule ? e : { "default": e }; }
|
|
11
10
|
function _regenerator() { /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/babel/babel/blob/main/packages/babel-helpers/LICENSE */ var e, t, r = "function" == typeof Symbol ? Symbol : {}, n = r.iterator || "@@iterator", o = r.toStringTag || "@@toStringTag"; function i(r, n, o, i) { var c = n && n.prototype instanceof Generator ? n : Generator, u = Object.create(c.prototype); return _regeneratorDefine2(u, "_invoke", function (r, n, o) { var i, c, u, f = 0, p = o || [], y = !1, G = { p: 0, n: 0, v: e, a: d, f: d.bind(e, 4), d: function d(t, r) { return i = t, c = 0, u = e, G.n = r, a; } }; function d(r, n) { for (c = r, u = n, t = 0; !y && f && !o && t < p.length; t++) { var o, i = p[t], d = G.p, l = i[2]; r > 3 ? (o = l === n) && (u = i[(c = i[4]) ? 5 : (c = 3, 3)], i[4] = i[5] = e) : i[0] <= d && ((o = r < 2 && d < i[1]) ? (c = 0, G.v = n, G.n = i[1]) : d < l && (o = r < 3 || i[0] > n || n > l) && (i[4] = r, i[5] = n, G.n = l, c = 0)); } if (o || r > 1) return a; throw y = !0, n; } return function (o, p, l) { if (f > 1) throw TypeError("Generator is already running"); for (y && 1 === p && d(p, l), c = p, u = l; (t = c < 2 ? e : u) || !y;) { i || (c ? c < 3 ? (c > 1 && (G.n = -1), d(c, u)) : G.n = u : G.v = u); try { if (f = 2, i) { if (c || (o = "next"), t = i[o]) { if (!(t = t.call(i, u))) throw TypeError("iterator result is not an object"); if (!t.done) return t; u = t.value, c < 2 && (c = 0); } else 1 === c && (t = i["return"]) && t.call(i), c < 2 && (u = TypeError("The iterator does not provide a '" + o + "' method"), c = 1); i = e; } else if ((t = (y = G.n < 0) ? u : r.call(n, G)) !== a) break; } catch (t) { i = e, c = 1, u = t; } finally { f = 1; } } return { value: t, done: y }; }; }(r, o, i), !0), u; } var a = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} t = Object.getPrototypeOf; var c = [][n] ? t(t([][n]())) : (_regeneratorDefine2(t = {}, n, function () { return this; }), t), u = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(c); function f(e) { return Object.setPrototypeOf ? Object.setPrototypeOf(e, GeneratorFunctionPrototype) : (e.__proto__ = GeneratorFunctionPrototype, _regeneratorDefine2(e, o, "GeneratorFunction")), e.prototype = Object.create(u), e; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, _regeneratorDefine2(u, "constructor", GeneratorFunctionPrototype), _regeneratorDefine2(GeneratorFunctionPrototype, "constructor", GeneratorFunction), GeneratorFunction.displayName = "GeneratorFunction", _regeneratorDefine2(GeneratorFunctionPrototype, o, "GeneratorFunction"), _regeneratorDefine2(u), _regeneratorDefine2(u, o, "Generator"), _regeneratorDefine2(u, n, function () { return this; }), _regeneratorDefine2(u, "toString", function () { return "[object Generator]"; }), (_regenerator = function _regenerator() { return { w: i, m: f }; })(); }
|
|
12
11
|
function _regeneratorDefine2(e, r, n, t) { var i = Object.defineProperty; try { i({}, "", {}); } catch (e) { i = 0; } _regeneratorDefine2 = function _regeneratorDefine(e, r, n, t) { function o(r, n) { _regeneratorDefine2(e, r, function (e) { return this._invoke(r, n, e); }); } r ? i ? i(e, r, { value: n, enumerable: !t, configurable: !t, writable: !t }) : e[r] = n : (o("next", 0), o("throw", 1), o("return", 2)); }, _regeneratorDefine2(e, r, n, t); }
|
|
13
|
-
function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
|
|
14
|
-
function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
|
|
15
|
-
function _defineProperty(e, r, t) { return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, { value: t, enumerable: !0, configurable: !0, writable: !0 }) : e[r] = t, e; }
|
|
16
|
-
function _toPropertyKey(t) { var i = _toPrimitive(t, "string"); return "symbol" == _typeof(i) ? i : i + ""; }
|
|
17
|
-
function _toPrimitive(t, r) { if ("object" != _typeof(t) || !t) return t; var e = t[Symbol.toPrimitive]; if (void 0 !== e) { var i = e.call(t, r || "default"); if ("object" != _typeof(i)) return i; throw new TypeError("@@toPrimitive must return a primitive value."); } return ("string" === r ? String : Number)(t); }
|
|
18
12
|
function _slicedToArray(r, e) { return _arrayWithHoles(r) || _iterableToArrayLimit(r, e) || _unsupportedIterableToArray(r, e) || _nonIterableRest(); }
|
|
19
13
|
function _nonIterableRest() { throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
|
|
20
14
|
function _unsupportedIterableToArray(r, a) { if (r) { if ("string" == typeof r) return _arrayLikeToArray(r, a); var t = {}.toString.call(r).slice(8, -1); return "Object" === t && r.constructor && (t = r.constructor.name), "Map" === t || "Set" === t ? Array.from(r) : "Arguments" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? _arrayLikeToArray(r, a) : void 0; } }
|
|
@@ -53,11 +47,11 @@ var Vision = require('@hapi/vision');
|
|
|
53
47
|
var inert = require('@hapi/inert');
|
|
54
48
|
var selfsigned = require('selfsigned');
|
|
55
49
|
var os = require('os');
|
|
56
|
-
function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode,
|
|
50
|
+
function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, userCache) {
|
|
57
51
|
// process.env.APPHOST_ADDR = process.env.APPHOST;
|
|
58
52
|
var init = /*#__PURE__*/function () {
|
|
59
53
|
var _ref = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee() {
|
|
60
|
-
var defaultMaxBytes, maxBytes, isSameSite, isSecure, _process$env$SAMESITE, _process$env$SAMESITE2, s1, s2, sConfig, hapiServer, nodeCacheOptions, storeCache, visionOptions, options,
|
|
54
|
+
var defaultMaxBytes, maxBytes, isSameSite, isSecure, _process$env$SAMESITE, _process$env$SAMESITE2, s1, s2, sConfig, hapiServer, nodeCacheOptions, storeCache, visionOptions, options, allRoutes, hh, msg;
|
|
61
55
|
return _regenerator().w(function (_context) {
|
|
62
56
|
while (1) switch (_context.n) {
|
|
63
57
|
case 0:
|
|
@@ -105,25 +99,16 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
105
99
|
};
|
|
106
100
|
if (process.env.HAPIDEBUG === 'YES') {
|
|
107
101
|
sConfig.debug = {
|
|
108
|
-
request: '*'
|
|
109
|
-
log: '*'
|
|
102
|
+
request: '*'
|
|
110
103
|
};
|
|
111
104
|
}
|
|
112
105
|
debug(JSON.stringify(sConfig, null, 4));
|
|
113
|
-
if (
|
|
114
|
-
|
|
115
|
-
|
|
106
|
+
if (process.env.HTTPS === 'true') {
|
|
107
|
+
sConfig.tls = getCertificates();
|
|
108
|
+
debug('Setup of SSL certificates completed');
|
|
109
|
+
} else {
|
|
110
|
+
debug('Running with no SSL certificates');
|
|
116
111
|
}
|
|
117
|
-
_context.n = 1;
|
|
118
|
-
return getCertificates();
|
|
119
|
-
case 1:
|
|
120
|
-
sConfig.tls = _context.v;
|
|
121
|
-
debug('Setup of SSL certificates completed');
|
|
122
|
-
_context.n = 3;
|
|
123
|
-
break;
|
|
124
|
-
case 2:
|
|
125
|
-
debug('Running with no SSL certificates');
|
|
126
|
-
case 3:
|
|
127
112
|
if (asset !== null) {
|
|
128
113
|
sConfig.routes.files = {
|
|
129
114
|
relativeTo: asset
|
|
@@ -153,42 +138,31 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
153
138
|
relativeTo: __dirname,
|
|
154
139
|
path: '.'
|
|
155
140
|
};
|
|
156
|
-
_context.n =
|
|
141
|
+
_context.n = 1;
|
|
157
142
|
return hapiServer.register(Vision);
|
|
158
|
-
case
|
|
143
|
+
case 1:
|
|
159
144
|
hapiServer.views(visionOptions);
|
|
160
|
-
_context.n =
|
|
145
|
+
_context.n = 2;
|
|
161
146
|
return hapiServer.register(inert);
|
|
162
|
-
case
|
|
147
|
+
case 2:
|
|
163
148
|
if (!(process.env.HTTPS === 'true')) {
|
|
164
|
-
_context.n =
|
|
149
|
+
_context.n = 3;
|
|
165
150
|
break;
|
|
166
151
|
}
|
|
167
|
-
_context.n =
|
|
152
|
+
_context.n = 3;
|
|
168
153
|
return hapiServer.register({
|
|
169
154
|
plugin: require('hapi-require-https'),
|
|
170
155
|
options: {}
|
|
171
156
|
});
|
|
172
|
-
case
|
|
173
|
-
_context.n =
|
|
157
|
+
case 3:
|
|
158
|
+
_context.n = 4;
|
|
174
159
|
return hapiServer.register(H202);
|
|
175
|
-
case
|
|
176
|
-
/*
|
|
177
|
-
await hapiServer.register({
|
|
178
|
-
plugin : require('hapi-pino'),
|
|
179
|
-
options: {
|
|
180
|
-
prettyPrint: process.env.NODE_ENV !== 'production',
|
|
181
|
-
level : process.env.LOGLEVEL == null ? 'silent' : process.env.LOGLEVEL,
|
|
182
|
-
},
|
|
183
|
-
});
|
|
184
|
-
*/
|
|
185
|
-
//
|
|
160
|
+
case 4:
|
|
186
161
|
// setup authentication related plugins
|
|
187
162
|
options = {
|
|
188
163
|
serverMode: serverMode,
|
|
189
164
|
authFlow: process.env.AUTHFLOW,
|
|
190
165
|
host: process.env.VIYA_SERVER,
|
|
191
|
-
useLogon: process.env.USELOGON != null && process.env.USELOGON.toUpperCase() === 'FALSE' ? false : true,
|
|
192
166
|
isSameSite: isSameSite,
|
|
193
167
|
isSecure: isSecure,
|
|
194
168
|
ns: allAppEnv.LOGONPAYLOAD != null ? allAppEnv.LOGONPAYLOAD.ns : null,
|
|
@@ -196,7 +170,6 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
196
170
|
redirect: process.env.REDIRECT,
|
|
197
171
|
clientId: process.env.CLIENTID,
|
|
198
172
|
clientSecret: process.env.CLIENTSECRET,
|
|
199
|
-
pkce: allAppEnv.LOGONPAYLOAD.pkce,
|
|
200
173
|
redirectTo: "/".concat(process.env.APPNAME, "/logon"),
|
|
201
174
|
allAppEnv: allAppEnv,
|
|
202
175
|
useHapiCookie: true,
|
|
@@ -206,7 +179,7 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
206
179
|
userRouteTable: userRouteTable,
|
|
207
180
|
useDefault: useDefault,
|
|
208
181
|
/* not used - left here for potential reuse */
|
|
209
|
-
|
|
182
|
+
userCache: userCache || {},
|
|
210
183
|
https: process.env.HTTPS,
|
|
211
184
|
authDefault: false,
|
|
212
185
|
/* set later in setDefaultRoutes */
|
|
@@ -214,12 +187,12 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
214
187
|
};
|
|
215
188
|
debug2('Options', options);
|
|
216
189
|
if (!(process.env.AUTHFLOW != null)) {
|
|
217
|
-
_context.n =
|
|
190
|
+
_context.n = 6;
|
|
218
191
|
break;
|
|
219
192
|
}
|
|
220
|
-
_context.n =
|
|
193
|
+
_context.n = 5;
|
|
221
194
|
return (0, _setupAuth["default"])(hapiServer, options);
|
|
222
|
-
case
|
|
195
|
+
case 5:
|
|
223
196
|
if (process.env.PREAUTH === 'YES') {
|
|
224
197
|
console.log('Preauth enabled');
|
|
225
198
|
hapiServer.ext('onPreAuth', function (request, h) {
|
|
@@ -235,55 +208,17 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
235
208
|
return h["continue"];
|
|
236
209
|
});
|
|
237
210
|
}
|
|
238
|
-
case
|
|
211
|
+
case 6:
|
|
239
212
|
console.log('Plugin', process.env.PLUGIN);
|
|
240
|
-
|
|
241
|
-
_context.n = 11;
|
|
242
|
-
break;
|
|
243
|
-
}
|
|
244
|
-
swaggerOptions = {
|
|
245
|
-
"info": {
|
|
246
|
-
"title": "API for ".concat(process.env.APPNAME),
|
|
247
|
-
"version": "0.0.1",
|
|
248
|
-
"description": "This document was auto-generated at run time"
|
|
249
|
-
},
|
|
250
|
-
"schemes": ["http", "https"],
|
|
251
|
-
"cors": true,
|
|
252
|
-
"debug": true,
|
|
253
|
-
"jsonPath": "/".concat(options.appName, "/swagger.json"),
|
|
254
|
-
"jsonRoutePath": "/".concat(options.appName, "/swagger.json"),
|
|
255
|
-
"documentationPage": true,
|
|
256
|
-
"documentationPath": "/".concat(options.appName, "/documentation"),
|
|
257
|
-
"swaggerUI": true,
|
|
258
|
-
"swaggerUIPath": "/".concat(options.appName, "/swaggerui"),
|
|
259
|
-
auth: options.authDefault
|
|
260
|
-
};
|
|
261
|
-
if (userInfo != null) {
|
|
262
|
-
override = userInfo(options, 'SWAGGEROPTIONS');
|
|
263
|
-
swaggerOptions = _objectSpread(_objectSpread({}, swaggerOptions), override);
|
|
264
|
-
}
|
|
265
|
-
debug('Swagger Options:', swaggerOptions);
|
|
266
|
-
_context.n = 10;
|
|
267
|
-
return hapiServer.register({
|
|
268
|
-
plugin: serverMode,
|
|
269
|
-
options: swaggerOptions
|
|
270
|
-
});
|
|
271
|
-
case 10:
|
|
272
|
-
_context.n = 12;
|
|
273
|
-
break;
|
|
274
|
-
case 11:
|
|
275
|
-
if (process.env.PLUGIN == 'hapi-openapi' && serverMode === 'api') {
|
|
276
|
-
console.log('hapi-openapi', 'coming soon');
|
|
277
|
-
}
|
|
278
|
-
case 12:
|
|
213
|
+
|
|
279
214
|
//
|
|
280
215
|
// Start server
|
|
281
216
|
//
|
|
282
217
|
// eslint-disable-next-line no-unused-vars
|
|
283
218
|
allRoutes = hapiServer.table();
|
|
284
|
-
_context.n =
|
|
219
|
+
_context.n = 7;
|
|
285
220
|
return hapiServer.start();
|
|
286
|
-
case
|
|
221
|
+
case 7:
|
|
287
222
|
hh = hapiServer.info.uri;
|
|
288
223
|
hh = hh.replace(/0.0.0.0/, 'localhost');
|
|
289
224
|
console.log('====================================================================================');
|
|
@@ -294,7 +229,7 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
294
229
|
process.env.APPSERVER = "".concat(hh, "/").concat(process.env.APPNAME);
|
|
295
230
|
process.env.HEALTH = 'true';
|
|
296
231
|
console.log('====================================================================================');
|
|
297
|
-
case
|
|
232
|
+
case 8:
|
|
298
233
|
return _context.a(2);
|
|
299
234
|
}
|
|
300
235
|
}, _callee);
|
|
@@ -310,152 +245,81 @@ function iService(userRouteTable, useDefault, asset, allAppEnv, serverMode, user
|
|
|
310
245
|
init();
|
|
311
246
|
}
|
|
312
247
|
function getCertificates() {
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
while (1) switch (_context2.n) {
|
|
320
|
-
case 0:
|
|
321
|
-
options = null;
|
|
322
|
-
tlsdir = process.env.SSLCERT;
|
|
323
|
-
console.log('Reading SSL certificates from ', tlsdir);
|
|
324
|
-
if (!(tlsdir != null && tlsdir.trim().length > 0)) {
|
|
325
|
-
_context2.n = 1;
|
|
326
|
-
break;
|
|
327
|
-
}
|
|
328
|
-
options = readTLS(tlsdir);
|
|
329
|
-
options.rejectUnauthorized = true;
|
|
330
|
-
_context2.n = 3;
|
|
331
|
-
break;
|
|
332
|
-
case 1:
|
|
333
|
-
console.log('No SSL certificates found, generating self-signed certificates');
|
|
334
|
-
_context2.n = 2;
|
|
335
|
-
return getTls();
|
|
336
|
-
case 2:
|
|
337
|
-
options = _context2.v;
|
|
338
|
-
options.rejectUnauthorized = false;
|
|
339
|
-
case 3:
|
|
340
|
-
return _context2.a(2, options);
|
|
341
|
-
}
|
|
342
|
-
}, _callee2);
|
|
343
|
-
}));
|
|
344
|
-
return _getCertificates.apply(this, arguments);
|
|
345
|
-
}
|
|
346
|
-
function readTLS(tlsdir) {
|
|
347
|
-
console.log("[Note] Using TLS dir: " + tlsdir);
|
|
348
|
-
if (fs.existsSync(tlsdir) === false) {
|
|
349
|
-
console.log("[Warning] Specified TLS dir does not exist: " + tlsdir);
|
|
350
|
-
return null;
|
|
351
|
-
}
|
|
352
|
-
var listOfFiles = fs.readdirSync(tlsdir);
|
|
353
|
-
console.log("[Note] TLS/SSL files found: " + listOfFiles);
|
|
354
|
-
var options = {};
|
|
355
|
-
for (var i = 0; i < listOfFiles.length; i++) {
|
|
356
|
-
var fname = listOfFiles[i];
|
|
357
|
-
var name = tlsdir + '/' + listOfFiles[i];
|
|
358
|
-
var key = fname.split('.')[0];
|
|
359
|
-
options[key] = fs.readFileSync(name, {
|
|
360
|
-
encoding: 'utf8'
|
|
361
|
-
});
|
|
248
|
+
var tlsdir = process.env.SSLCERT;
|
|
249
|
+
var options = (0, _readCerts["default"])(tlsdir);
|
|
250
|
+
if (options === null) {
|
|
251
|
+
console.log('No SSL certificates found, generating self-signed certificates');
|
|
252
|
+
options = getTls();
|
|
253
|
+
options.rejectUnauthorized = false;
|
|
362
254
|
}
|
|
363
|
-
console.log('TLS FILES', Object.keys(options));
|
|
364
255
|
return options;
|
|
365
256
|
}
|
|
366
257
|
function getTls() {
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
d = {};
|
|
385
|
-
subj.map(function (c) {
|
|
386
|
-
var r = c.split(':');
|
|
387
|
-
d[r[0]] = r[1];
|
|
388
|
-
return {
|
|
389
|
-
value: r[1]
|
|
390
|
-
};
|
|
391
|
-
});
|
|
258
|
+
var options = {
|
|
259
|
+
keySize: 2048,
|
|
260
|
+
days: 360,
|
|
261
|
+
algorithm: "sha256",
|
|
262
|
+
clientCertificate: true,
|
|
263
|
+
extensions: {}
|
|
264
|
+
};
|
|
265
|
+
var subjt = process.env.TLS_CREATE.replaceAll('"', '').trim();
|
|
266
|
+
var subj = subjt.split(',');
|
|
267
|
+
var d = {};
|
|
268
|
+
subj.map(function (c) {
|
|
269
|
+
var r = c.split(':');
|
|
270
|
+
d[r[0]] = r[1];
|
|
271
|
+
return {
|
|
272
|
+
value: r[1]
|
|
273
|
+
};
|
|
274
|
+
});
|
|
392
275
|
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
// IPv4
|
|
442
|
-
{
|
|
443
|
-
type: 7,
|
|
444
|
-
ip: '::1'
|
|
445
|
-
} // IPv6
|
|
446
|
-
]
|
|
447
|
-
}];
|
|
448
|
-
console.log('tls options ', JSON.stringify(options, null, 4));
|
|
449
|
-
pems = selfsigned.generate(attr, options);
|
|
450
|
-
tls = {
|
|
451
|
-
cert: pems.cert,
|
|
452
|
-
key: pems["private"]
|
|
453
|
-
};
|
|
454
|
-
console.log('Self-signed certificates created', tls);
|
|
455
|
-
return _context3.a(2, tls);
|
|
456
|
-
}
|
|
457
|
-
}, _callee3);
|
|
458
|
-
}));
|
|
459
|
-
return _getTls.apply(this, arguments);
|
|
276
|
+
// TLS_CREATE=C:US,ST:NC,L:Cary,O:SAS Institute,OU:STO,CN:localhost,ALT:na.sas.com
|
|
277
|
+
var attr = [{
|
|
278
|
+
name: 'commonName',
|
|
279
|
+
value: d.CN /*process.env.APPHOST*/
|
|
280
|
+
}, {
|
|
281
|
+
name: 'countryName',
|
|
282
|
+
value: d.C
|
|
283
|
+
}, {
|
|
284
|
+
shortName: 'ST',
|
|
285
|
+
value: d.ST
|
|
286
|
+
}, {
|
|
287
|
+
name: 'localityName',
|
|
288
|
+
value: d.L
|
|
289
|
+
}, {
|
|
290
|
+
name: 'organizationName',
|
|
291
|
+
value: d.O
|
|
292
|
+
}, {
|
|
293
|
+
shortName: 'OU',
|
|
294
|
+
value: d.OU
|
|
295
|
+
}];
|
|
296
|
+
options.extensions.altNames = [
|
|
297
|
+
// { type: 6, value: `http://${process.env.APPHOST}:${process.env.APPPORT}/${process.env.APPNAME}` },
|
|
298
|
+
{
|
|
299
|
+
type: 6,
|
|
300
|
+
value: "https://".concat(process.env.APPHOST, ":").concat(process.env.APPPORT, "/").concat(process.env.APPNAME)
|
|
301
|
+
}, {
|
|
302
|
+
type: 6,
|
|
303
|
+
value: "https://".concat(process.env.APPHOST, ":").concat(process.env.APPPORT, "/").concat(process.env.APPNAME, "/api")
|
|
304
|
+
}, {
|
|
305
|
+
type: 6,
|
|
306
|
+
value: "https://".concat(process.env.APPHOST, ":").concat(process.env.APPPORT, "/").concat(process.env.APPNAME, "/logon")
|
|
307
|
+
}, {
|
|
308
|
+
type: 6,
|
|
309
|
+
value: "https://".concat(process.env.APPHOST, "/").concat(process.env.APPNAME)
|
|
310
|
+
}, {
|
|
311
|
+
type: 6,
|
|
312
|
+
value: "https://".concat(process.env.APPHOST, "/").concat(process.env.APPNAME, "/api")
|
|
313
|
+
}, {
|
|
314
|
+
type: 6,
|
|
315
|
+
value: "https://".concat(process.env.APPHOST, "/").concat(process.env.APPNAME, "/logon")
|
|
316
|
+
}];
|
|
317
|
+
debug('tls options ', JSON.stringify(options, null, 4));
|
|
318
|
+
var pems = selfsigned.generate(attr, options);
|
|
319
|
+
var tls = {
|
|
320
|
+
cert: pems.cert,
|
|
321
|
+
key: pems["private"]
|
|
322
|
+
};
|
|
323
|
+
return tls;
|
|
460
324
|
}
|
|
461
325
|
var _default = exports["default"] = iService;
|
package/lib/index.js
CHANGED
|
@@ -5,6 +5,7 @@ require("regenerator-runtime/runtime");
|
|
|
5
5
|
var _fs = _interopRequireDefault(require("fs"));
|
|
6
6
|
var _iService = _interopRequireDefault(require("./iService"));
|
|
7
7
|
var _config = _interopRequireDefault(require("./config"));
|
|
8
|
+
var _readCerts = _interopRequireDefault(require("./readCerts"));
|
|
8
9
|
var _yargs = _interopRequireDefault(require("yargs"));
|
|
9
10
|
var _helpers = require("yargs/helpers");
|
|
10
11
|
function _interopRequireDefault(e) { return e && e.__esModule ? e : { "default": e }; }
|
|
@@ -27,9 +28,9 @@ function _interopRequireDefault(e) { return e && e.__esModule ? e : { "default":
|
|
|
27
28
|
*/
|
|
28
29
|
|
|
29
30
|
var debug = require("debug")("startup");
|
|
30
|
-
module.exports = function core(uTable, useDefault, serverMode, customize,
|
|
31
|
+
module.exports = function core(uTable, useDefault, serverMode, customize, userCache) {
|
|
31
32
|
var argv = (0, _yargs["default"])((0, _helpers.hideBin)(process.argv)).argv;
|
|
32
|
-
var env = argv.env == null ?
|
|
33
|
+
var env = argv.env == null ? null : argv.env;
|
|
33
34
|
var appenv = argv.appenv == null ? null : argv.appenv;
|
|
34
35
|
var docker = argv.docker == null ? null : argv.docker;
|
|
35
36
|
//process.env.SERVERMODE = serverMode !== null ? "api" : "app";
|
|
@@ -40,9 +41,9 @@ module.exports = function core(uTable, useDefault, serverMode, customize, swagge
|
|
|
40
41
|
console.log("Initialization started ============================================================");
|
|
41
42
|
console.log("version: 2, Build Date: ", Date());
|
|
42
43
|
console.log("\nCommand Line Configuration:\n Dockerfile: ".concat(docker, "\n env file : ").concat(env, "\n appenv : ").concat(appenv, "\n customize : ").concat(customize != null, "\n "));
|
|
43
|
-
iapp(null, env, docker, uTable, useDefault, serverMode, customize);
|
|
44
|
+
iapp(null, env, docker, uTable, useDefault, serverMode, customize, userCache);
|
|
44
45
|
};
|
|
45
|
-
function iapp(appSrc, rafEnv, dockerFile, uTable, useDefault, serverMode, customize) {
|
|
46
|
+
function iapp(appSrc, rafEnv, dockerFile, uTable, useDefault, serverMode, customize, userCache) {
|
|
46
47
|
var asset = setup(rafEnv, dockerFile);
|
|
47
48
|
if (appSrc == null) {
|
|
48
49
|
appSrc = process.env.APPENV == null ? null : process.env.APPENV;
|
|
@@ -55,12 +56,12 @@ function iapp(appSrc, rafEnv, dockerFile, uTable, useDefault, serverMode, custom
|
|
|
55
56
|
console.log("createPayload failed");
|
|
56
57
|
process.exit(1);
|
|
57
58
|
} else {
|
|
58
|
-
(0, _iService["default"])(uTable, useDefault, asset, r, serverMode, customize);
|
|
59
|
+
(0, _iService["default"])(uTable, useDefault, asset, r, serverMode, customize, userCache);
|
|
59
60
|
}
|
|
60
61
|
});
|
|
61
62
|
} else {
|
|
62
63
|
var appEnv = getAllEnv({});
|
|
63
|
-
(0, _iService["default"])(uTable, useDefault, asset, appEnv, serverMode, customize);
|
|
64
|
+
(0, _iService["default"])(uTable, useDefault, asset, appEnv, serverMode, customize, userCache);
|
|
64
65
|
}
|
|
65
66
|
}
|
|
66
67
|
function setup(rafEnv, dockerFile) {
|
|
@@ -87,7 +88,7 @@ function createPayload(srcName, cb) {
|
|
|
87
88
|
cb(err);
|
|
88
89
|
}
|
|
89
90
|
}
|
|
90
|
-
function getAllEnv(
|
|
91
|
+
function getAllEnv(userInfo) {
|
|
91
92
|
var env;
|
|
92
93
|
var l = null;
|
|
93
94
|
var host = trimit("VIYA_SERVER");
|
|
@@ -95,11 +96,20 @@ function getAllEnv(userData) {
|
|
|
95
96
|
console.log('Note: setting host to null');
|
|
96
97
|
host = null;
|
|
97
98
|
}
|
|
99
|
+
|
|
100
|
+
/*
|
|
101
|
+
if (process.env.AUTHTYPE != null) {
|
|
102
|
+
process.env.AUTHFLOW = process.env.AUTHTYPE;
|
|
103
|
+
}
|
|
104
|
+
*/
|
|
105
|
+
|
|
98
106
|
var authflow = trimit("AUTHFLOW");
|
|
99
|
-
|
|
100
|
-
if (authflow === "authorization_code" || authflow === "code" || authflow === "server" || authflow === "null" || authflow === "pkce") {
|
|
107
|
+
if (authflow === "authorization_code" || authflow === "code") {
|
|
101
108
|
authflow = "server";
|
|
102
109
|
}
|
|
110
|
+
if (authflow === null) {
|
|
111
|
+
host = null;
|
|
112
|
+
}
|
|
103
113
|
if (host === null) {
|
|
104
114
|
authflow = null;
|
|
105
115
|
console.log('Note: setting authflow to null');
|
|
@@ -110,7 +120,7 @@ function getAllEnv(userData) {
|
|
|
110
120
|
var clientID = trimit("CLIENTID");
|
|
111
121
|
|
|
112
122
|
// eslint-disable-next-line no-unused-vars
|
|
113
|
-
|
|
123
|
+
var clientSecret = trimit("CLIENTSECRET");
|
|
114
124
|
var keepAlive = trimit("KEEPALIVE");
|
|
115
125
|
var appName = trimit("APPNAME");
|
|
116
126
|
var ns = trimit("NAMESPACE");
|
|
@@ -121,7 +131,6 @@ function getAllEnv(userData) {
|
|
|
121
131
|
host: host,
|
|
122
132
|
clientID: clientID,
|
|
123
133
|
appName: appName,
|
|
124
|
-
pkce: pkce,
|
|
125
134
|
keepAlive: null,
|
|
126
135
|
useToken: process.env.USETOKEN,
|
|
127
136
|
ns: ns,
|
|
@@ -172,16 +181,17 @@ function getAllEnv(userData) {
|
|
|
172
181
|
if (v.startsWith('$')) {
|
|
173
182
|
v = process.env[v.substring(1)];
|
|
174
183
|
}
|
|
175
|
-
|
|
184
|
+
userInfo[k] = v != null ? v.trim() : null;
|
|
176
185
|
} else {
|
|
177
|
-
|
|
186
|
+
userInfo[k] = null;
|
|
178
187
|
}
|
|
179
188
|
}
|
|
180
189
|
}
|
|
181
|
-
|
|
190
|
+
userInfo.viyaCert = (0, _readCerts["default"])(process.env.VIYACERT);
|
|
191
|
+
userInfo.appName = appName;
|
|
182
192
|
env = {
|
|
183
193
|
LOGONPAYLOAD: l,
|
|
184
|
-
APPENV:
|
|
194
|
+
APPENV: userInfo
|
|
185
195
|
};
|
|
186
196
|
console.log("Final APPENV configuration for the server");
|
|
187
197
|
console.log(JSON.stringify(env, null, 4));
|
|
@@ -195,4 +205,8 @@ function trimit(e) {
|
|
|
195
205
|
}
|
|
196
206
|
a = a.trim();
|
|
197
207
|
return a.length === 0 ? null : a;
|
|
208
|
+
}
|
|
209
|
+
function readVIYACERT() {
|
|
210
|
+
var certs = null;
|
|
211
|
+
var certfile = process.env.VIYACERT;
|
|
198
212
|
}
|
package/lib/plugins/SASauth.js
CHANGED
|
@@ -75,21 +75,15 @@ function _iSASauth() {
|
|
|
75
75
|
return profile;
|
|
76
76
|
}()
|
|
77
77
|
};
|
|
78
|
-
// Reference: https://github.com/hapijs/bell/blob/master/lib/oauth.js
|
|
79
|
-
// for some reason the bell doc is out of date on pkce
|
|
80
|
-
|
|
81
|
-
console.log('pkce', options.pkce);
|
|
82
|
-
if (options.pkce === true) {
|
|
83
|
-
provider.pkce = 'S256';
|
|
84
|
-
}
|
|
85
78
|
bellAuthOptions = {
|
|
86
79
|
provider: provider,
|
|
87
80
|
password: uuid.v4(),
|
|
88
81
|
clientId: options.clientId,
|
|
89
|
-
clientSecret: options.clientSecret
|
|
82
|
+
clientSecret: options.clientSecret,
|
|
90
83
|
// isSameSite : options.isSameSite,
|
|
91
84
|
isSecure: options.isSecure
|
|
92
85
|
};
|
|
86
|
+
// console.log('SASAuth options', bellAuthOptions);
|
|
93
87
|
debug('belloptions', bellAuthOptions);
|
|
94
88
|
server.log('SASAuth', bellAuthOptions);
|
|
95
89
|
_context2.n = 1;
|
package/lib/plugins/appCookie.js
CHANGED
|
@@ -16,7 +16,7 @@ module.exports = /*#__PURE__*/function () {
|
|
|
16
16
|
return server.register(require('@hapi/cookie'));
|
|
17
17
|
case 1:
|
|
18
18
|
debug('in appCookie');
|
|
19
|
-
debug(
|
|
19
|
+
debug(options.redirectTo);
|
|
20
20
|
cookieOptions = {
|
|
21
21
|
cookie: {
|
|
22
22
|
name: 'cookie',
|
|
@@ -34,8 +34,7 @@ module.exports = /*#__PURE__*/function () {
|
|
|
34
34
|
return _regenerator().w(function (_context) {
|
|
35
35
|
while (1) switch (_context.n) {
|
|
36
36
|
case 0:
|
|
37
|
-
|
|
38
|
-
debug('Cookie validate', "path - ".concat(req.path));
|
|
37
|
+
debug('Cookie validateFunc', "path - ".concat(req.path));
|
|
39
38
|
if (!(session == null)) {
|
|
40
39
|
_context.n = 1;
|
|
41
40
|
break;
|
|
@@ -68,7 +67,7 @@ module.exports = /*#__PURE__*/function () {
|
|
|
68
67
|
isValid: false
|
|
69
68
|
});
|
|
70
69
|
case 4:
|
|
71
|
-
debug('Cookie
|
|
70
|
+
debug('Cookie validateFunc', sid);
|
|
72
71
|
return _context.a(2, {
|
|
73
72
|
isValid: true,
|
|
74
73
|
credentials: credentials
|
|
@@ -25,6 +25,8 @@ function _asyncToGenerator(n) { return function () { var t = this, e = arguments
|
|
|
25
25
|
* ---------------------------------------------------------------------------------------
|
|
26
26
|
*
|
|
27
27
|
*/
|
|
28
|
+
|
|
29
|
+
var debug = require('debug')('context');
|
|
28
30
|
function setContext(_x, _x2) {
|
|
29
31
|
return _setContext.apply(this, arguments);
|
|
30
32
|
}
|
|
@@ -35,7 +37,7 @@ function _setContext() {
|
|
|
35
37
|
while (1) switch (_context.n) {
|
|
36
38
|
case 0:
|
|
37
39
|
credentials = req.auth.credentials;
|
|
38
|
-
|
|
40
|
+
debug(credentials);
|
|
39
41
|
context = {
|
|
40
42
|
path: req.path,
|
|
41
43
|
params: req.params,
|
|
@@ -43,6 +45,7 @@ function _setContext() {
|
|
|
43
45
|
payload: req.payload,
|
|
44
46
|
queryOrig: credentials != null ? credentials.query : {},
|
|
45
47
|
token: credentials != null ? "bearer ".concat(credentials.token) : null,
|
|
48
|
+
credentials: credentials,
|
|
46
49
|
host: process.env.VIYA_SERVER
|
|
47
50
|
};
|
|
48
51
|
return _context.a(2, context);
|