@theia/request 1.71.0-next.8 → 1.71.0

package/src/node-request-service.ts

@@ -14,33 +14,20 @@
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
  ********************************************************************************/
 
-import * as http from 'http';
-import * as https from 'https';
-import { getProxyAgent, ProxyAgent } from './proxy';
+import type { Dispatcher } from 'undici';
+import { getProxyAgent } from './proxy';
 import { Headers, RequestConfiguration, RequestContext, RequestOptions, RequestService, CancellationToken } from './common-request-service';
-import { createGunzip } from 'zlib';
-
-export interface RawRequestFunction {
-    (options: http.RequestOptions, callback?: (res: http.IncomingMessage) => void): http.ClientRequest;
-}
 
 export interface NodeRequestOptions extends RequestOptions {
-    agent?: ProxyAgent | http.Agent | https.Agent | boolean;
     strictSSL?: boolean;
-    getRawRequest?(options: NodeRequestOptions): RawRequestFunction;
-};
+    dispatcher?: Dispatcher;
+}
 
 export class NodeRequestService implements RequestService {
     protected proxyUrl?: string;
     protected strictSSL?: boolean;
     protected authorization?: string;
 
-    protected getNodeRequest(options: RequestOptions): RawRequestFunction {
-        const endpoint = new URL(options.url);
-        const module = endpoint.protocol === 'https:' ? https : http;
-        return module.request;
-    }
-
     protected async getProxyUrl(url: string): Promise<string | undefined> {
         return this.proxyUrl;
     }
@@ -60,11 +47,12 @@ export class NodeRequestService implements RequestService {
     protected async processOptions(options: NodeRequestOptions): Promise<NodeRequestOptions> {
         const { strictSSL } = this;
         options.strictSSL = options.strictSSL ?? strictSSL;
-        const agent = options.agent ? options.agent : getProxyAgent(options.url || '', process.env, {
-            proxyUrl: await this.getProxyUrl(options.url),
-            strictSSL: options.strictSSL
-        });
-        options.agent = agent;
+        if (!options.dispatcher) {
+            options.dispatcher = getProxyAgent(options.url || '', process.env, {
+                proxyUrl: await this.getProxyUrl(options.url),
+                strictSSL: options.strictSSL
+            });
+        }
 
         const authorization = options.proxyAuthorization || this.authorization;
         if (authorization) {
@@ -74,100 +62,75 @@ export class NodeRequestService implements RequestService {
             };
         }
 
-        options.headers = {
-            'Accept-Encoding': 'gzip',
-            ...(options.headers || {}),
-        };
-
         return options;
     }
 
-    request(options: NodeRequestOptions, token?: CancellationToken): Promise<RequestContext> {
-        return new Promise(async (resolve, reject) => {
-            options = await this.processOptions(options);
-
-            const endpoint = new URL(options.url);
-            const rawRequest = options.getRawRequest
-                ? options.getRawRequest(options)
-                : this.getNodeRequest(options);
-
-            const opts: https.RequestOptions = {
-                hostname: endpoint.hostname,
-                port: endpoint.port ? parseInt(endpoint.port) : (endpoint.protocol === 'https:' ? 443 : 80),
-                protocol: endpoint.protocol,
-                path: endpoint.pathname + endpoint.search,
-                method: options.type || 'GET',
-                headers: options.headers,
-                agent: options.agent as https.Agent,
-                rejectUnauthorized: !!options.strictSSL
-            };
+    async request(options: NodeRequestOptions, token?: CancellationToken): Promise<RequestContext> {
+        options = await this.processOptions(options);
 
-            if (options.user && options.password) {
-                opts.auth = options.user + ':' + options.password;
-            }
+        const headers: Record<string, string> = { ...(options.headers || {}) };
 
-            const timeoutHandler = () => {
-                reject('timeout');
-            };
+        if (options.user && options.password) {
+            headers['Authorization'] = 'Basic ' + Buffer.from(options.user + ':' + options.password).toString('base64');
+        }
 
-            const req = rawRequest(opts, async res => {
-                const followRedirects = options.followRedirects ?? 3;
-                if (res.statusCode && res.statusCode >= 300 && res.statusCode < 400 && followRedirects > 0 && res.headers.location) {
-                    req.off('timeout', timeoutHandler);
-                    this.request({
-                        ...options,
-                        url: res.headers.location,
-                        followRedirects: followRedirects - 1
-                    }, token).then(resolve, reject);
-                } else {
-                    const chunks: Uint8Array[] = [];
-
-                    const stream = res.headers['content-encoding'] === 'gzip' ? res.pipe(createGunzip()) : res;
-
-                    stream.on('data', chunk => {
-                        chunks.push(chunk);
-                    });
-
-                    stream.on('end', () => {
-                        req.off('timeout', timeoutHandler);
-                        const buffer = Buffer.concat(chunks);
-                        resolve({
-                            url: options.url,
-                            res: {
-                                headers: res.headers as Headers,
-                                statusCode: res.statusCode
-                            },
-                            buffer
-                        });
-                    });
-
-                    stream.on('error', err => {
-                        reject(err);
-                    });
-                }
-            });
+        const signals: AbortSignal[] = [];
+        if (options.timeout) {
+            signals.push(AbortSignal.timeout(options.timeout));
+        }
 
-            req.on('error', err => {
-                reject(err);
+        let tokenAbortController: AbortController | undefined;
+        let cancellationListener: void | { dispose(): void } | undefined;
+        if (token) {
+            tokenAbortController = new AbortController();
+            signals.push(tokenAbortController.signal);
+            cancellationListener = token.onCancellationRequested(() => {
+                tokenAbortController!.abort();
             });
+        }
 
-            req.on('timeout', timeoutHandler);
+        const signal = signals.length > 0
+            ? (signals.length === 1 ? signals[0] : AbortSignal.any(signals))
+            : undefined;
 
-            if (options.timeout) {
-                req.setTimeout(options.timeout);
-            }
+        const fetchOptions: RequestInit & { dispatcher?: Dispatcher } = {
+            method: options.type || 'GET',
+            headers,
+            redirect: options.followRedirects === 0 ? 'manual' : 'follow',
+            signal,
+        };
 
-            if (options.data) {
-                req.write(options.data);
-            }
+        if (options.dispatcher) {
+            fetchOptions.dispatcher = options.dispatcher;
+        }
 
-            req.end();
+        if (options.data) {
+            fetchOptions.body = options.data;
+        }
+
+        try {
+            const response = await fetch(options.url, fetchOptions);
+            const arrayBuffer = await response.arrayBuffer();
+            const buffer = Buffer.from(arrayBuffer);
 
-            token?.onCancellationRequested(() => {
-                req.destroy();
-                reject();
+            const responseHeaders: Headers = {};
+            response.headers.forEach((value, key) => {
+                responseHeaders[key] = value;
             });
-        });
+
+            return {
+                url: options.url,
+                res: {
+                    headers: responseHeaders,
+                    statusCode: response.status
+                },
+                buffer
+            };
+        } finally {
+            if (cancellationListener) {
+                cancellationListener.dispose();
+            }
+        }
     }
 
     async resolveProxy(url: string): Promise<string | undefined> {

package/src/proxy.spec.ts

@@ -0,0 +1,94 @@
+/********************************************************************************
+ * Copyright (C) 2026 EclipseSource GmbH.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v. 2.0 which is available at
+ * http://www.eclipse.org/legal/epl-2.0.
+ *
+ * This Source Code may also be made available under the following Secondary
+ * Licenses when the conditions for such availability set forth in the Eclipse
+ * Public License v. 2.0 are satisfied: GNU General Public License, version 2
+ * with the GNU Classpath Exception which is available at
+ * https://www.gnu.org/software/classpath/license.html.
+ *
+ * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
+ ********************************************************************************/
+
+import { expect } from 'chai';
+import { getProxyAgent } from './proxy';
+
+describe('proxy', () => {
+    describe('getProxyAgent', () => {
+        it('should return undefined when no proxy is configured', () => {
+            const agent = getProxyAgent('https://example.com', {});
+            expect(agent).to.be.undefined;
+        });
+
+        it('should return a dispatcher when proxy URL is provided via options', () => {
+            const agent = getProxyAgent('https://example.com', {}, {
+                proxyUrl: 'http://proxy.example.com:8080'
+            });
+            expect(agent).to.not.be.undefined;
+        });
+
+        it('should return a dispatcher when HTTP_PROXY env variable is set for http URLs', () => {
+            const env = { HTTP_PROXY: 'http://proxy.example.com:8080' };
+            const agent = getProxyAgent('http://example.com', env);
+            expect(agent).to.not.be.undefined;
+        });
+
+        it('should return a dispatcher when http_proxy env variable is set for http URLs', () => {
+            const env = { http_proxy: 'http://proxy.example.com:8080' };
+            const agent = getProxyAgent('http://example.com', env);
+            expect(agent).to.not.be.undefined;
+        });
+
+        it('should return a dispatcher when HTTPS_PROXY env variable is set for https URLs', () => {
+            const env = { HTTPS_PROXY: 'http://proxy.example.com:8080' };
+            const agent = getProxyAgent('https://example.com', env);
+            expect(agent).to.not.be.undefined;
+        });
+
+        it('should fall back to HTTP_PROXY for https URLs when HTTPS_PROXY is not set', () => {
+            const env = { HTTP_PROXY: 'http://proxy.example.com:8080' };
+            const agent = getProxyAgent('https://example.com', env);
+            expect(agent).to.not.be.undefined;
+        });
+
+        it('should return undefined for invalid request URLs', () => {
+            const agent = getProxyAgent('not-a-url', {}, {
+                proxyUrl: 'http://proxy.example.com:8080'
+            });
+            expect(agent).to.be.undefined;
+        });
+
+        it('should return undefined for non-http proxy protocols', () => {
+            const agent = getProxyAgent('https://example.com', {}, {
+                proxyUrl: 'socks5://proxy.example.com:1080'
+            });
+            expect(agent).to.be.undefined;
+        });
+
+        it('should return undefined for invalid proxy URLs', () => {
+            const agent = getProxyAgent('https://example.com', {}, {
+                proxyUrl: 'not-a-valid-url'
+            });
+            expect(agent).to.be.undefined;
+        });
+
+        it('should return an Agent (not ProxyAgent) when strictSSL is false and no proxy is set', () => {
+            const agent = getProxyAgent('https://example.com', {}, {
+                strictSSL: false
+            });
+            expect(agent).to.not.be.undefined;
+        });
+
+        it('should prefer proxyUrl option over environment variables', () => {
+            const env = { HTTP_PROXY: 'http://env-proxy.example.com:8080' };
+            const agent = getProxyAgent('http://example.com', env, {
+                proxyUrl: 'http://option-proxy.example.com:9090'
+            });
+            expect(agent).to.not.be.undefined;
+        });
+    });
+});

package/src/proxy.ts

@@ -14,13 +14,9 @@
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
  ********************************************************************************/
 
-import { parse as parseUrl, Url } from 'url';
-import * as httpAgent from 'http-proxy-agent';
-import * as httpsAgent from 'https-proxy-agent';
+import { ProxyAgent, Agent, Dispatcher } from 'undici';
 
-export type ProxyAgent = httpAgent.HttpProxyAgent | httpsAgent.HttpsProxyAgent;
-
-function getSystemProxyURI(requestURL: Url, env: typeof process.env): string | undefined {
+function getSystemProxyURI(requestURL: URL, env: typeof process.env): string | undefined {
     if (requestURL.protocol === 'http:') {
         return env.HTTP_PROXY || env.http_proxy;
     } else if (requestURL.protocol === 'https:') {
@@ -35,27 +31,46 @@ export interface ProxySettings {
     strictSSL?: boolean;
 }
 
-export function getProxyAgent(rawRequestURL: string, env: typeof process.env, options: ProxySettings = {}): ProxyAgent | undefined {
-    const requestURL = parseUrl(rawRequestURL);
+export function getProxyAgent(rawRequestURL: string, env: typeof process.env, options: ProxySettings = {}): Dispatcher | undefined {
+    let requestURL: URL;
+    try {
+        requestURL = new URL(rawRequestURL);
+    } catch {
+        return undefined;
+    }
+
     const proxyURL = options.proxyUrl || getSystemProxyURI(requestURL, env);
 
     if (!proxyURL) {
+        if (options.strictSSL === false) {
+            return new Agent({
+                connect: { rejectUnauthorized: false }
+            });
+        }
         return undefined;
     }
 
-    const proxyEndpoint = parseUrl(proxyURL);
+    let proxyEndpoint: URL;
+    try {
+        proxyEndpoint = new URL(proxyURL);
+    } catch {
+        return undefined;
+    }
 
-    if (!/^https?:$/.test(proxyEndpoint.protocol || '')) {
+    if (!/^https?:$/.test(proxyEndpoint.protocol)) {
         return undefined;
     }
 
-    const opts = {
-        host: proxyEndpoint.hostname || '',
-        port: proxyEndpoint.port || (proxyEndpoint.protocol === 'https' ? '443' : '80'),
-        auth: proxyEndpoint.auth,
-        rejectUnauthorized: !!options.strictSSL,
+    const proxyAgentOptions: ProxyAgent.Options = {
+        uri: proxyURL,
+        token: proxyEndpoint.username
+            ? `Basic ${Buffer.from(`${decodeURIComponent(proxyEndpoint.username)}:${decodeURIComponent(proxyEndpoint.password)}`).toString('base64')}`
+            : undefined,
     };
 
-    const createAgent = requestURL.protocol === 'http:' ? httpAgent : httpsAgent;
-    return createAgent(opts);
+    if (options.strictSSL === false) {
+        proxyAgentOptions.requestTls = { rejectUnauthorized: false };
+    }
+
+    return new ProxyAgent(proxyAgentOptions);
 }

package/lib/package.spec.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"package.spec.d.ts","sourceRoot":"","sources":["../src/package.spec.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;kFAckF"}

package/lib/package.spec.js

@@ -1,26 +0,0 @@
-/********************************************************************************
- * Copyright (C) 2022 TypeFox and others.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0 which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the Eclipse
- * Public License v. 2.0 are satisfied: GNU General Public License, version 2
- * with the GNU Classpath Exception which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
- ********************************************************************************/
-/* note: this bogus test file is required so that
-   we are able to run mocha unit tests on this
-   package, without having any actual unit tests in it.
-   This way a coverage report will be generated,
-   showing 0% coverage, instead of no report.
-   This file can be removed once we have real unit
-   tests in place. */
-describe('request package', () => {
-    it('should support code coverage statistics', () => true);
-});
-//# sourceMappingURL=package.spec.js.map

package/lib/package.spec.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"package.spec.js","sourceRoot":"","sources":["../src/package.spec.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;kFAckF;AAElF;;;;;;qBAMqB;AAErB,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAE7B,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;AAC9D,CAAC,CAAC,CAAC"}