@vario-software/vario-app-framework-backend 2025.37.0

package/api/Api.js

@@ -0,0 +1,449 @@
+const { http, https } = require('follow-redirects');
+const { Readable } = require('stream');
+const { omitBy, isNil } = require('lodash');
+const fetchFn = require('#backend/api/helpers/fetch.js');
+const getResponseStreamFn = require('#backend/api/helpers/getResponseStream.js');
+const gatewayFn = require('#backend/api/helpers/gateway.js');
+const redirectRequestFn = require('#backend/api/helpers/redirectRequest.js');
+const vqlFn = require('#backend/api/helpers/vql.js');
+const { getApp } = require('#backend/utils/context.js');
+const HttpError = require('#backend/utils/httpError.js');
+
+class Api
+{
+  baseUrl = '';
+
+  constructor(path, {
+    method = 'GET',
+    saveResponse = true,
+    resolveOn = 'end',
+    timeout = 15 * 60 * 1000,
+    suppressLogs = false,
+    followRedirects,
+    body,
+    inputStream,
+    formData,
+    outputStream,
+    headers,
+    useInternalApi,
+    secret,
+    ...restOptions
+  } = {})
+  {
+    this.method = method;
+    this.saveResponse = saveResponse;
+    this.resolveOn = resolveOn;
+    this.timeout = timeout;
+    this.timer = performance.now();
+    this.outputStream = outputStream;
+    this.useInternalApi = useInternalApi;
+    this.secret = secret;
+    this.restOptions = restOptions;
+    this.suppressLogs = suppressLogs;
+    this.followRedirects = followRedirects;
+
+    this.app = getApp();
+
+    this.setPath(path);
+
+    this.setHeaders({
+      Accept: 'application/json',
+      'Content-Type': 'application/json',
+      'user-agent': this.app.client.appIdentifier,
+      ...headers,
+    });
+
+    if (formData ?? inputStream)
+    {
+      this.inputStream = formData ?? inputStream;
+    }
+    else if (body)
+    {
+      this.body = body;
+    }
+  }
+
+  get fullPath()
+  {
+    return this.baseUrl + this.path;
+  }
+
+  get serviceName()
+  {
+    return `backend/api/${this.constructor.name}`;
+  }
+
+  get requestOptions()
+  {
+    return {
+      method: this.method,
+      headers: omitBy(this.requestHeaders, isNil),
+      followRedirects: this.followRedirects,
+      ...this.restOptions,
+    };
+  }
+
+  setPath(path)
+  {
+    this.path = path;
+
+    return this;
+  }
+
+  setBaseUrl(baseUrl)
+  {
+    this.baseUrl = baseUrl;
+
+    return this;
+  }
+
+  setHeaders(headers)
+  {
+    const headerBlacklist = [
+      'host',
+      'x-forwarded-for',
+      'x-forwarded-proto',
+      'x-forwarded-port',
+      'x-amzn-trace-id',
+      'x-envoy-external-address',
+      'x-request-id',
+      'x-envoy-attempt-count',
+      'x-tenant-id',
+      'x-forwarded-client-cert',
+      'x-b3-traceid',
+      'x-b3-spanid',
+      'x-b3-parentspanid',
+      'x-b3-sampled',
+    ];
+
+    Object.keys(headers).forEach(key =>
+    {
+      if (headerBlacklist.includes(key.toLowerCase()))
+      {
+        delete headers[key];
+      }
+    });
+
+    this.requestHeaders = {
+      ...this.requestHeaders,
+      ...headers,
+    };
+
+    return this;
+  }
+
+  setAuthorization(Authorization)
+  {
+    this.requestHeaders.Authorization = Authorization;
+
+    return this;
+  }
+
+  getResponseHeaders()
+  {
+    return this.response?.headers;
+  }
+
+  getStatusCode()
+  {
+    return this.response?.statusCode;
+  }
+
+  handleData(chunk)
+  {
+    if (this.saveResponse)
+    {
+      this.data.push(chunk);
+    }
+
+    this.onData(chunk);
+  }
+
+  async finishRequest()
+  {
+    if (this.checkIfSuccessful())
+    {
+      const response = this.getData();
+
+      const message = {
+        request: {
+          requestUrl: this.fullPath,
+          requestOptions: this.requestOptions,
+          body: this.body,
+        },
+        response: this.secret ? maskSpecificKey(response, 'value') : response,
+        duration: `${(performance.now() - this.timer).toFixed(2)}ms`,
+        retryCount: this.retryCount,
+      };
+
+      await this.log(message);
+    }
+
+    await this.finish('end');
+
+    this.onEnd();
+  }
+
+  async log(message, level = 'DEBUG')
+  {
+    if (this.suppressLogs)
+    {
+      return null;
+    }
+
+    return this.app.log(message, this.serviceName, level);
+  }
+
+  async responseHandler()
+  {
+    this.data = [];
+
+    await this.onResponse();
+
+    await this.finish('response');
+  }
+
+  onBeforeRequest()
+  {
+  }
+
+  onData()
+  {
+  }
+
+  onEnd()
+  {
+  }
+
+  onResponse()
+  {
+  }
+
+  onClose()
+  {
+  }
+
+  async onError(error)
+  {
+    const message = {
+      request: {
+        requestUrl: this.fullPath,
+        requestOptions: this.requestOptions,
+        body: this.body,
+      },
+      response: error,
+      duration: `${(performance.now() - this.timer).toFixed(2)}ms`,
+      retryCount: this.retryCount,
+    };
+
+    const logId = await this.log(message);
+
+    this.reject(new HttpError(
+      'UNABLE_TO_SEND_REQUEST',
+      this.getStatusCode(),
+      this.serviceName,
+      {
+        request: {
+          requestUrl: this.fullPath,
+          requestOptions: this.requestOptions,
+          body: this.body,
+        },
+        response: {
+          data: error,
+        },
+      },
+      logId,
+    ));
+  }
+
+  async execute()
+  {
+    await this.onBeforeRequest();
+
+    return new Promise((resolve, reject) =>
+    {
+      this.resolve = resolve;
+      this.reject = reject;
+
+      const protocol = this.fullPath.startsWith('https://') ? https : http;
+
+      this.request = protocol.request(
+        this.fullPath,
+        this.requestOptions,
+        async response =>
+        {
+          this.response = response;
+
+          if (this.outputStream)
+          {
+            response.pipe(this.outputStream);
+          }
+
+          response.on('data', (...args) => this.handleData(...args));
+          response.on('end', (...args) => this.finishRequest(...args));
+          response.on('error', (...args) => this.onError(...args));
+
+          this.responseHandler(response);
+        });
+
+      this.request.on('error', (...args) => this.onError(...args));
+      this.request.on('close', (...args) => this.onClose(...args));
+
+      if (this.timeout)
+      {
+        this.request.setTimeout(this.timeout, () =>
+        {
+          this.request.destroy(new HttpError(
+            'REQUEST_TIMEOUT',
+            408,
+            this.serviceName,
+            {
+              requestUrl: this.fullPath,
+            },
+            undefined,
+            undefined,
+          ));
+        });
+      }
+
+      if (this.inputStream)
+      {
+        const buffer = [];
+
+        this.inputStream.on('data', chunk =>
+        {
+          if (!Buffer.isBuffer(chunk))
+          {
+            chunk = Buffer.from(chunk);
+          }
+
+          buffer.push(chunk);
+        });
+
+        this.inputStream.on('end', () =>
+        {
+          this.inputStream = Readable.from(Buffer.concat(buffer));
+        });
+
+        this.inputStream.pipe(this.request);
+      }
+      else
+      {
+        if (this.body)
+        {
+          if (typeof this.body !== 'string')
+          {
+            this.request.write(JSON.stringify(this.body));
+          }
+          else
+          {
+            this.request.write(this.body);
+          }
+        }
+
+        this.request.end();
+      }
+    });
+  }
+
+  getData()
+  {
+    const data = Buffer.concat(this.data);
+
+    if (!data.length)
+    {
+      return null;
+    }
+
+    const responseHeaders = this.getResponseHeaders();
+
+    if (!responseHeaders['content-type']?.startsWith('application/'))
+    {
+      return data.toString();
+    }
+
+    if (responseHeaders['content-type']?.startsWith('application/json'))
+    {
+      return JSON.parse(data);
+    }
+
+    return data;
+  }
+
+  async finish(type)
+  {
+    if (this.resolveOn !== type)
+    {
+      return;
+    }
+
+    const statusCode = this.getStatusCode();
+    const responseHeaders = this.getResponseHeaders();
+
+    if (statusCode === 429)
+    {
+      const retryInSeconds = Number(responseHeaders['x-rate-limit-retry-after-seconds']);
+
+      setTimeout(() =>
+      {
+        this.retryCount = (this.retryCount ?? 0) + 1;
+
+        this.execute()
+          .then(this.resolve)
+          .catch(this.reject);
+      }, Math.max(retryInSeconds * 1000, 6000));
+
+      return;
+    }
+
+    if (this.checkIfSuccessful())
+    {
+      this.resolve();
+    }
+    else
+    {
+      await this.onError(this.getData());
+    }
+  }
+
+  checkIfSuccessful()
+  {
+    const statusCode = this.getStatusCode();
+
+    return statusCode >= 200 && statusCode < 400;
+  }
+}
+
+Api.fetch = fetchFn;
+Api.getResponseStream = getResponseStreamFn;
+Api.gateway = gatewayFn;
+Api.vql = vqlFn;
+Api.redirectRequest = redirectRequestFn;
+
+module.exports = Api;
+
+function maskSpecificKey(response, keyToMask = 'value', mask = '[secret]')
+{
+  if (!response || typeof response !== 'object')
+  {
+    return response;
+  }
+
+  return Object.keys(response).reduce((acc, key) =>
+  {
+    if (key === keyToMask)
+    {
+      acc[key] = mask;
+    }
+    else if (typeof response[key] === 'object' && response[key] !== null)
+    {
+      acc[key] = maskSpecificKey(response[key], keyToMask, mask);
+    }
+    else
+    {
+      acc[key] = response[key];
+    }
+
+    return acc;
+  }, {});
+}

package/api/ErpApi.js

@@ -0,0 +1,94 @@
+const Api = require('#backend/api/Api.js');
+const { getTenant } = require('#backend/utils/context.js');
+
+const PromiseSingletonMap = require('#backend/utils/promiseSingletonMap.js');
+const refreshAccessToken = require('#backend/utils/keycloak.js');
+const Eav = require('#backend/api/modules/eav.js');
+const Migration = require('#backend/api/modules/migration.js');
+const TextEnum = require('#backend/api/modules/textEnum.js');
+const Webhook = require('#backend/api/modules/webhook.js');
+const { validateOfflineToken } = require('#backend/utils/token.js');
+
+const singletonPromise = new PromiseSingletonMap();
+class ErpApi extends Api
+{
+  async onBeforeRequest()
+  {
+    const { baseUrl, Authorization } = await this.getAuthorization();
+
+    this.setAuthorization(Authorization);
+
+    if (this.useInternalApi)
+    {
+      this.setBaseUrl(`${baseUrl}/api/vario`);
+    }
+    else
+    {
+      this.setBaseUrl(`${baseUrl}/api/vario/community/${this.app.version}`);
+    }
+  }
+
+  async onResponse()
+  {
+    const statusCode = this.getStatusCode();
+
+    if (statusCode === 401)
+    {
+      const tenant = getTenant();
+
+      await this.app.accessToken.delete(tenant);
+    }
+  }
+
+  async getAuthorization()
+  {
+    const tenant = getTenant();
+
+    return singletonPromise.run(tenant, async () =>
+    {
+      const savedAccessToken = await this.app.accessToken.get(tenant);
+
+      if (savedAccessToken)
+      {
+        const baseUrl = await this.app.baseUrlCache.get();
+
+        return {
+          baseUrl,
+          Authorization: `Bearer ${savedAccessToken}`,
+        };
+      }
+
+      const offlineToken = await this.app.offlineToken.get(tenant);
+      const { iss } = await validateOfflineToken(offlineToken);
+
+      const domain = iss.replace('https://sso.', '').split('/')[0];
+      const baseUrl = `https://${tenant}.${domain}`;
+
+      await this.app.baseUrlCache.set(baseUrl);
+
+      const {
+        access_token: accessToken,
+        expires_in: expiresIn,
+      } = await refreshAccessToken(
+        offlineToken,
+        `${iss}/protocol/openid-connect/token`,
+      );
+
+      const expiresAt = Date.now() + (expiresIn * 0.9) * 1000;
+
+      this.app.accessToken.set(tenant, accessToken, expiresAt);
+
+      return {
+        baseUrl,
+        Authorization: `Bearer ${accessToken}`,
+      };
+    });
+  }
+}
+
+ErpApi.migration = new Migration(ErpApi);
+ErpApi.eav = new Eav(ErpApi);
+ErpApi.textenum = new TextEnum(ErpApi);
+ErpApi.webhook = new Webhook(ErpApi);
+
+module.exports = ErpApi;

package/api/helpers/fetch.js

@@ -0,0 +1,10 @@
+async function fetch(path, options = {})
+{
+  const apiRequest = new this(path, options);
+
+  await apiRequest.execute();
+
+  return { data: apiRequest.getData(), response: apiRequest.response };
+}
+
+module.exports = fetch;

package/api/helpers/gateway.js

@@ -0,0 +1,19 @@
+const { getResponse } = require('#backend/utils/context.js');
+
+async function gateway(path, options = {})
+{
+  const res = getResponse();
+
+  options.outputStream = res;
+
+  const apiRequest = new this(path, options);
+
+  apiRequest.onResponse = () =>
+  {
+    res.set(apiRequest.getResponseHeaders());
+  };
+
+  await apiRequest.execute();
+}
+
+module.exports = gateway;

package/api/helpers/getResponseStream.js

@@ -0,0 +1,17 @@
+const { PassThrough } = require('stream');
+
+async function getResponseStream(path, options = {})
+{
+  const stream = new PassThrough();
+
+  options.outputStream = stream;
+  options.resolveOn = 'response';
+
+  const apiRequest = new this(path, options);
+
+  await apiRequest.execute();
+
+  return stream;
+}
+
+module.exports = getResponseStream;

package/api/helpers/redirectRequest.js

@@ -0,0 +1,13 @@
+const { getRequest } = require('#backend/utils/context.js');
+
+async function redirectRequest(path, options = {})
+{
+  const req = getRequest();
+
+  options.headers = req.headers;
+  options.inputStream = req;
+
+  return this.getResponseStream(path, options);
+}
+
+module.exports = redirectRequest;

package/api/helpers/vql.js

@@ -0,0 +1,61 @@
+async function vql({ statement, variableSubstitutions = [], limit = null, offset = null })
+{
+  const payload = {
+    statement,
+    variableSubstitutionList: {
+      variableSubstitutions,
+    },
+  };
+
+  if (limit)
+  {
+    payload.limit = limit;
+  }
+
+  if (offset > 0)
+  {
+    payload.offset = offset;
+  }
+
+  const result = await this.fetch('/cmn/computed-queries/execute', {
+    useInternalApi: true,
+    method: 'POST',
+    body: JSON.stringify(payload),
+  });
+
+  return {
+    ...result.data,
+    data: mapDisplayName(result.data.definition, result.data.data),
+    moreElements: result.response.headers['x-query-more-elements'],
+    nextOffset: result.response.headers['x-query-next-offset'],
+  };
+}
+
+module.exports = vql;
+
+function mapDisplayName(definition, items)
+{
+  const transformedArray = [];
+
+  items.forEach(item =>
+  {
+    const newItem = {};
+
+    definition.forEach(def =>
+    {
+      if (item[def.attribute] !== null && item[def.attribute] !== undefined)
+      {
+        newItem[def.displayName] = item[def.attribute];
+      }
+      // Special Case: Computed Array of Objects (i.e. contacts)
+      else if (def.definition && def._type === 'meta' && item[def.definition.path])
+      {
+        newItem[def.definition.displayName] = item[def.definition.path];
+      }
+    });
+
+    transformedArray.push(newItem);
+  });
+
+  return transformedArray;
+}