@wiajs/request 3.0.0 → 3.0.1

package/tests/test-headers.js

@@ -0,0 +1,305 @@
+'use strict'
+
+var server = require('./server')
+var request = require('../index')
+var util = require('util')
+var tape = require('tape')
+var url = require('url')
+var os = require('os')
+
+var interfaces = os.networkInterfaces()
+var loopbackKeyTest = os.platform() === 'win32' ? /Loopback Pseudo-Interface/ : /lo/
+var hasIPv6interface = Object.keys(interfaces).some(function (name) {
+  return loopbackKeyTest.test(name) && interfaces[name].some(function (info) {
+    return info.family === 'IPv6'
+  })
+})
+
+var s = server.createServer()
+
+s.on('/redirect/from', function (req, res) {
+  res.writeHead(301, {
+    location: '/redirect/to'
+  })
+  res.end()
+})
+
+s.on('/redirect/to', function (req, res) {
+  res.end('ok')
+})
+
+s.on('/headers.json', function (req, res) {
+  res.writeHead(200, {
+    'Content-Type': 'application/json'
+  })
+
+  res.end(JSON.stringify(req.headers))
+})
+
+function runTest (name, path, requestObj, serverAssertFn) {
+  tape(name, function (t) {
+    s.on('/' + path, function (req, res) {
+      serverAssertFn(t, req, res)
+      res.writeHead(200)
+      res.end()
+    })
+    requestObj.url = s.url + '/' + path
+    request(requestObj, function (err, res, body) {
+      t.equal(err, null)
+      t.equal(res.statusCode, 200)
+      t.end()
+    })
+  })
+}
+
+function addTests () {
+  runTest(
+    '#125: headers.cookie with no cookie jar',
+    'no-jar',
+    {headers: {cookie: 'foo=bar'}},
+    function (t, req, res) {
+      t.equal(req.headers.cookie, 'foo=bar')
+    })
+
+  var jar = request.jar()
+  jar.setCookie('quux=baz', s.url)
+  runTest(
+    '#125: headers.cookie + cookie jar',
+    'header-and-jar',
+    {jar: jar, headers: {cookie: 'foo=bar'}},
+    function (t, req, res) {
+      t.equal(req.headers.cookie, 'foo=bar; quux=baz')
+    })
+
+  var jar2 = request.jar()
+  jar2.setCookie('quux=baz; Domain=foo.bar.com', s.url, {ignoreError: true})
+  runTest(
+    '#794: ignore cookie parsing and domain errors',
+    'ignore-errors',
+    {jar: jar2, headers: {cookie: 'foo=bar'}},
+    function (t, req, res) {
+      t.equal(req.headers.cookie, 'foo=bar')
+    })
+
+  runTest(
+    '#784: override content-type when json is used',
+    'json',
+    {
+      json: true,
+      method: 'POST',
+      headers: { 'content-type': 'application/json; charset=UTF-8' },
+      body: { hello: 'my friend' }},
+    function (t, req, res) {
+      t.equal(req.headers['content-type'], 'application/json; charset=UTF-8')
+    }
+  )
+
+  runTest(
+    'neither headers.cookie nor a cookie jar is specified',
+    'no-cookie',
+    {},
+    function (t, req, res) {
+      t.equal(req.headers.cookie, undefined)
+    })
+}
+
+tape('setup', function (t) {
+  s.listen(0, function () {
+    addTests()
+    tape('cleanup', function (t) {
+      s.close(function () {
+        t.end()
+      })
+    })
+    t.end()
+  })
+})
+
+tape('upper-case Host header and redirect', function (t) {
+  // Horrible hack to observe the raw data coming to the server (before Node
+  // core lower-cases the headers)
+  var rawData = ''
+
+  s.on('connection', function (socket) {
+    if (socket.ondata) {
+      var ondata = socket.ondata
+    }
+    function handledata (d, start, end) {
+      if (ondata) {
+        rawData += d.slice(start, end).toString()
+        return ondata.apply(this, arguments)
+      } else {
+        rawData += d
+      }
+    }
+    socket.on('data', handledata)
+    socket.ondata = handledata
+  })
+
+  function checkHostHeader (host) {
+    t.ok(
+      new RegExp('^Host: ' + host + '$', 'm').test(rawData),
+      util.format(
+        'Expected "Host: %s" in data "%s"',
+        host, rawData.trim().replace(/\r?\n/g, '\\n')))
+    rawData = ''
+  }
+
+  var redirects = 0
+  request({
+    url: s.url + '/redirect/from',
+    headers: { Host: '127.0.0.1' }
+  }, function (err, res, body) {
+    t.equal(err, null)
+    t.equal(res.statusCode, 200)
+    t.equal(body, 'ok')
+    t.equal(redirects, 1)
+    // XXX should the host header change like this after a redirect?
+    checkHostHeader('localhost:' + s.port)
+    t.end()
+  }).on('redirect', function () {
+    redirects++
+    t.equal(this.uri.href, s.url + '/redirect/to')
+    checkHostHeader('127.0.0.1')
+  })
+})
+
+tape('undefined headers', function (t) {
+  request({
+    url: s.url + '/headers.json',
+    headers: {
+      'X-TEST-1': 'test1',
+      'X-TEST-2': undefined
+    },
+    json: true
+  }, function (err, res, body) {
+    t.equal(err, null)
+    t.equal(body['x-test-1'], 'test1')
+    t.equal(typeof body['x-test-2'], 'undefined')
+    t.end()
+  })
+})
+
+tape('preserve port in host header if non-standard port', function (t) {
+  var r = request({
+    url: s.url + '/headers.json'
+  }, function (err, res, body) {
+    t.equal(err, null)
+    t.equal(r.originalHost, 'localhost:' + s.port)
+    t.end()
+  })
+})
+
+tape('strip port in host header if explicit standard port (:80) & protocol (HTTP)', function (t) {
+  var r = request({
+    url: 'http://localhost:80/headers.json'
+  }, function (_err, res, body) {
+    t.equal(r.req.socket._host, 'localhost')
+    t.end()
+  })
+})
+
+tape('strip port in host header if explicit standard port (:443) & protocol (HTTPS)', function (t) {
+  var r = request({
+    url: 'https://localhost:443/headers.json'
+  }, function (_err, res, body) {
+    t.equal(r.req.socket._host, 'localhost')
+    t.end()
+  })
+})
+
+tape('strip port in host header if implicit standard port & protocol (HTTP)', function (t) {
+  var r = request({
+    url: 'http://localhost/headers.json'
+  }, function (_err, res, body) {
+    t.equal(r.req.socket._host, 'localhost')
+    t.end()
+  })
+})
+
+tape('strip port in host header if implicit standard port & protocol (HTTPS)', function (t) {
+  var r = request({
+    url: 'https://localhost/headers.json'
+  }, function (_err, res, body) {
+    t.equal(r.req.socket._host, 'localhost')
+    t.end()
+  })
+})
+
+var isExpectedHeaderCharacterError = function (headerName, err) {
+  return err.message === 'The header content contains invalid characters' ||
+    err.message === ('Invalid character in header content ["' + headerName + '"]')
+}
+
+tape('catch invalid characters error - GET', function (t) {
+  request({
+    url: s.url + '/headers.json',
+    headers: {
+      'test': 'אבגד'
+    }
+  }, function (err, res, body) {
+    t.true(isExpectedHeaderCharacterError('test', err))
+  })
+  .on('error', function (err) {
+    t.true(isExpectedHeaderCharacterError('test', err))
+    t.end()
+  })
+})
+
+tape('catch invalid characters error - POST', function (t) {
+  request({
+    method: 'POST',
+    url: s.url + '/headers.json',
+    headers: {
+      'test': 'אבגד'
+    },
+    body: 'beep'
+  }, function (err, res, body) {
+    t.true(isExpectedHeaderCharacterError('test', err))
+  })
+  .on('error', function (err) {
+    t.true(isExpectedHeaderCharacterError('test', err))
+    t.end()
+  })
+})
+
+if (hasIPv6interface) {
+  tape('IPv6 Host header', function (t) {
+    // Horrible hack to observe the raw data coming to the server
+    var rawData = ''
+
+    s.on('connection', function (socket) {
+      if (socket.ondata) {
+        var ondata = socket.ondata
+      }
+      function handledata (d, start, end) {
+        if (ondata) {
+          rawData += d.slice(start, end).toString()
+          return ondata.apply(this, arguments)
+        } else {
+          rawData += d
+        }
+      }
+      socket.on('data', handledata)
+      socket.ondata = handledata
+    })
+
+    function checkHostHeader (host) {
+      t.ok(
+        new RegExp('^Host: ' + host + '$', 'im').test(rawData),
+        util.format(
+          'Expected "Host: %s" in data "%s"',
+          host, rawData.trim().replace(/\r?\n/g, '\\n')))
+      rawData = ''
+    }
+
+    request({
+      url: s.url.replace(url.parse(s.url).hostname, '[::1]') + '/headers.json'
+    }, function (err, res, body) {
+      t.equal(err, null)
+      t.equal(res.statusCode, 200)
+      checkHostHeader('\\[::1\\]:' + s.port)
+      t.end()
+    })
+  })
+}

package/tests/test-http-signature.js

@@ -0,0 +1,110 @@
+'use strict'
+
+var http = require('http')
+var request = require('../index')
+var httpSignature = require('http-signature')
+var tape = require('tape')
+
+var privateKeyPEMs = {}
+
+privateKeyPEMs['key-1'] =
+  '-----BEGIN RSA PRIVATE KEY-----\n' +
+  'MIIEpAIBAAKCAQEAzWSJl+Z9Bqv00FVL5N3+JCUoqmQPjIlya1BbeqQroNQ5yG1i\n' +
+  'VbYTTnMRa1zQtR6r2fNvWeg94DvxivxIG9diDMnrzijAnYlTLOl84CK2vOxkj5b6\n' +
+  '8zrLH9b/Gd6NOHsywo8IjvXvCeTfca5WUHcuVi2lT9VjygFs1ILG4RyeX1BXUumu\n' +
+  'Y8fzmposxLYdMxCqUTzAn0u9Saq2H2OVj5u114wS7OQPigu6G99dpn/iPHa3zBm8\n' +
+  '7baBWDbqZWRW0BP3K6eqq8sut1+NLhNW8ADPTdnO/SO+kvXy7fqd8atSn+HlQcx6\n' +
+  'tW42dhXf3E9uE7K78eZtW0KvfyNGAjsI1Fft2QIDAQABAoIBAG1exe3/LEBrPLfb\n' +
+  'U8iRdY0lxFvHYIhDgIwohC3wUdMYb5SMurpNdEZn+7Sh/fkUVgp/GKJViu1mvh52\n' +
+  'bKd2r52DwG9NQBQjVgkqY/auRYSglIPpr8PpYNSZlcneunCDGeqEY9hMmXc5Ssqs\n' +
+  'PQYoEKKPN+IlDTg6PguDgAfLR4IUvt9KXVvmB/SSgV9tSeTy35LECt1Lq3ozbUgu\n' +
+  '30HZI3U6/7H+X22Pxxf8vzBtzkg5rRCLgv+OeNPo16xMnqbutt4TeqEkxRv5rtOo\n' +
+  '/A1i9khBeki0OJAFJsE82qnaSZodaRsxic59VnN8sWBwEKAt87tEu5A3K3j4XSDU\n' +
+  '/avZxAECgYEA+pS3DvpiQLtHlaO3nAH6MxHRrREOARXWRDe5nUQuUNpS1xq9wte6\n' +
+  'DkFtba0UCvDLic08xvReTCbo9kH0y6zEy3zMpZuJlKbcWCkZf4S5miYPI0RTZtF8\n' +
+  'yps6hWqzYFSiO9hMYws9k4OJLxX0x3sLK7iNZ32ujcSrkPBSiBr0gxkCgYEA0dWl\n' +
+  '637K41AJ/zy0FP0syq+r4eIkfqv+/t6y2aQVUBvxJYrj9ci6XHBqoxpDV8lufVYj\n' +
+  'fUAfeI9/MZaWvQJRbnYLre0I6PJfLuCBIL5eflO77BGso165AF7QJZ+fwtgKv3zv\n' +
+  'ZX75eudCSS/cFo0po9hlbcLMT4B82zEkgT8E2MECgYEAnz+3/wrdOmpLGiyL2dff\n' +
+  '3GjsqmJ2VfY8z+niSrI0BSpbD11tT9Ct67VlCBjA7hsOH6uRfpd6/kaUMzzDiFVq\n' +
+  'VDAiFvV8QD6zNkwYalQ9aFvbrvwTTPrBpjl0vamMCiJ/YC0cjq1sGr2zh3sar1Ph\n' +
+  'S43kP+s97dcZeelhaiJHVrECgYEAsx61q/loJ/LDFeYzs1cLTVn4V7I7hQY9fkOM\n' +
+  'WM0AhInVqD6PqdfXfeFYpjJdGisQ7l0BnoGGW9vir+nkcyPvb2PFRIr6+B8tsU5j\n' +
+  '7BeVgjDoUfQkcrEBK5fEBtnj/ud9BUkY8oMZZBjVNLRuI7IMwZiPvMp0rcj4zAN/\n' +
+  'LfUlpgECgYArBvFcBxSkNAzR3Rtteud1YDboSKluRM37Ey5plrn4BS0DD0jm++aD\n' +
+  '0pG2Hsik000hibw92lCkzvvBVAqF8BuAcnPlAeYfsOaa97PGEjSKEN5bJVWZ9/om\n' +
+  '9FV1axotRN2XWlwrhixZLEaagkREXhgQc540FS5O8IaI2Vpa80Atzg==\n' +
+  '-----END RSA PRIVATE KEY-----'
+
+var publicKeyPEMs = {}
+
+publicKeyPEMs['key-1'] =
+  '-----BEGIN PUBLIC KEY-----\n' +
+  'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWSJl+Z9Bqv00FVL5N3+\n' +
+  'JCUoqmQPjIlya1BbeqQroNQ5yG1iVbYTTnMRa1zQtR6r2fNvWeg94DvxivxIG9di\n' +
+  'DMnrzijAnYlTLOl84CK2vOxkj5b68zrLH9b/Gd6NOHsywo8IjvXvCeTfca5WUHcu\n' +
+  'Vi2lT9VjygFs1ILG4RyeX1BXUumuY8fzmposxLYdMxCqUTzAn0u9Saq2H2OVj5u1\n' +
+  '14wS7OQPigu6G99dpn/iPHa3zBm87baBWDbqZWRW0BP3K6eqq8sut1+NLhNW8ADP\n' +
+  'TdnO/SO+kvXy7fqd8atSn+HlQcx6tW42dhXf3E9uE7K78eZtW0KvfyNGAjsI1Fft\n' +
+  '2QIDAQAB\n' +
+  '-----END PUBLIC KEY-----'
+
+publicKeyPEMs['key-2'] =
+  '-----BEGIN PUBLIC KEY-----\n' +
+  'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp04VVr9OThli9b35Omz\n' +
+  'VqSfWbsoQuRrgyWsrNRn3XkFmbWw4FzZwQ42OgGMzQ84Ta4d9zGKKQyFriTiPjPf\n' +
+  'xhhrsaJnDuybcpVhcr7UNKjSZ0S59tU3hpRiEz6hO+Nc/OSSLkvalG0VKrxOln7J\n' +
+  'LK/h3rNS/l6wDZ5S/KqsI6CYtV2ZLpn3ahLrizvEYNY038Qcm38qMWx+VJAvZ4di\n' +
+  'qqmW7RLIsLT59SWmpXdhFKnkYYGhxrk1Mwl22dBTJNY5SbriU5G3gWgzYkm8pgHr\n' +
+  '6CtrXch9ciJAcDJehPrKXNvNDOdUh8EW3fekNJerF1lWcwQg44/12v8sDPyfbaKB\n' +
+  'dQIDAQAB\n' +
+  '-----END PUBLIC KEY-----'
+
+var server = http.createServer(function (req, res) {
+  var parsed = httpSignature.parseRequest(req)
+  var publicKeyPEM = publicKeyPEMs[parsed.keyId]
+  var verified = httpSignature.verifySignature(parsed, publicKeyPEM)
+  res.writeHead(verified ? 200 : 400)
+  res.end()
+})
+
+tape('setup', function (t) {
+  server.listen(0, function () {
+    server.url = 'http://localhost:' + this.address().port
+    t.end()
+  })
+})
+
+tape('correct key', function (t) {
+  var options = {
+    httpSignature: {
+      keyId: 'key-1',
+      key: privateKeyPEMs['key-1']
+    }
+  }
+  request(server.url, options, function (err, res, body) {
+    t.equal(err, null)
+    t.equal(200, res.statusCode)
+    t.end()
+  })
+})
+
+tape('incorrect key', function (t) {
+  var options = {
+    httpSignature: {
+      keyId: 'key-2',
+      key: privateKeyPEMs['key-1']
+    }
+  }
+  request(server.url, options, function (err, res, body) {
+    t.equal(err, null)
+    t.equal(400, res.statusCode)
+    t.end()
+  })
+})
+
+tape('cleanup', function (t) {
+  server.close(function () {
+    t.end()
+  })
+})

package/tests/test-httpModule.js

@@ -0,0 +1,112 @@
+'use strict'
+
+var http = require('http')
+var https = require('https')
+var destroyable = require('server-destroy')
+var server = require('./server')
+var request = require('../index')
+var tape = require('tape')
+
+var fauxRequestsMade
+
+function clearFauxRequests () {
+  fauxRequestsMade = { http: 0, https: 0 }
+}
+
+function wrapRequest (name, module) {
+  // Just like the http or https module, but note when a request is made.
+  var wrapped = {}
+  Object.keys(module).forEach(function (key) {
+    var value = module[key]
+
+    if (key === 'request') {
+      wrapped[key] = function (/* options, callback */) {
+        fauxRequestsMade[name] += 1
+        return value.apply(this, arguments)
+      }
+    } else {
+      wrapped[key] = value
+    }
+  })
+
+  return wrapped
+}
+
+var fauxHTTP = wrapRequest('http', http)
+var fauxHTTPS = wrapRequest('https', https)
+var plainServer = server.createServer()
+var httpsServer = server.createSSLServer()
+
+destroyable(plainServer)
+destroyable(httpsServer)
+
+tape('setup', function (t) {
+  plainServer.listen(0, function () {
+    plainServer.on('/plain', function (req, res) {
+      res.writeHead(200)
+      res.end('plain')
+    })
+    plainServer.on('/to_https', function (req, res) {
+      res.writeHead(301, { 'location': 'https://localhost:' + httpsServer.port + '/https' })
+      res.end()
+    })
+
+    httpsServer.listen(0, function () {
+      httpsServer.on('/https', function (req, res) {
+        res.writeHead(200)
+        res.end('https')
+      })
+      httpsServer.on('/to_plain', function (req, res) {
+        res.writeHead(302, { 'location': 'http://localhost:' + plainServer.port + '/plain' })
+        res.end()
+      })
+
+      t.end()
+    })
+  })
+})
+
+function runTests (name, httpModules) {
+  tape(name, function (t) {
+    var toHttps = 'http://localhost:' + plainServer.port + '/to_https'
+    var toPlain = 'https://localhost:' + httpsServer.port + '/to_plain'
+    var options = { httpModules: httpModules, strictSSL: false }
+    var modulesTest = httpModules || {}
+
+    clearFauxRequests()
+
+    request(toHttps, options, function (err, res, body) {
+      t.equal(err, null)
+      t.equal(res.statusCode, 200)
+      t.equal(body, 'https', 'Received HTTPS server body')
+
+      t.equal(fauxRequestsMade.http, modulesTest['http:'] ? 1 : 0)
+      t.equal(fauxRequestsMade.https, modulesTest['https:'] ? 1 : 0)
+
+      request(toPlain, options, function (err, res, body) {
+        t.equal(err, null)
+        t.equal(res.statusCode, 200)
+        t.equal(body, 'plain', 'Received HTTPS server body')
+
+        t.equal(fauxRequestsMade.http, modulesTest['http:'] ? 2 : 0)
+        t.equal(fauxRequestsMade.https, modulesTest['https:'] ? 2 : 0)
+
+        t.end()
+      })
+    })
+  })
+}
+
+runTests('undefined')
+runTests('empty', {})
+runTests('http only', { 'http:': fauxHTTP })
+runTests('https only', { 'https:': fauxHTTPS })
+runTests('http and https', { 'http:': fauxHTTP, 'https:': fauxHTTPS })
+
+tape('cleanup', function (t) {
+  plainServer.destroy(function () {
+    httpsServer.destroy(function () {
+      t.end()
+    })
+  })
+})

package/tests/test-https.js

@@ -0,0 +1,116 @@
+'use strict'
+
+// a test where we validate the siguature of the keys
+// otherwise exactly the same as the ssl test
+
+var server = require('./server')
+var request = require('../index')
+var fs = require('fs')
+var path = require('path')
+var tape = require('tape')
+
+var s = server.createSSLServer()
+var caFile = path.resolve(__dirname, 'ssl/ca/ca.crt')
+var ca = fs.readFileSync(caFile)
+var opts = {
+  ciphers: 'AES256-SHA',
+  key: path.resolve(__dirname, 'ssl/ca/server.key'),
+  cert: path.resolve(__dirname, 'ssl/ca/server.crt')
+}
+var sStrict = server.createSSLServer(opts)
+
+function runAllTests (strict, s) {
+  var strictMsg = (strict ? 'strict ' : 'relaxed ')
+
+  tape(strictMsg + 'setup', function (t) {
+    s.listen(0, function () {
+      t.end()
+    })
+  })
+
+  function runTest (name, test) {
+    tape(strictMsg + name, function (t) {
+      s.on('/' + name, test.resp)
+      test.uri = s.url + '/' + name
+      if (strict) {
+        test.strictSSL = true
+        test.ca = ca
+        test.headers = { host: 'testing.request.mikealrogers.com' }
+      } else {
+        test.rejectUnauthorized = false
+      }
+      request(test, function (err, resp, body) {
+        t.equal(err, null)
+        if (test.expectBody) {
+          t.deepEqual(test.expectBody, body)
+        }
+        t.end()
+      })
+    })
+  }
+
+  runTest('testGet', {
+    resp: server.createGetResponse('TESTING!'), expectBody: 'TESTING!'
+  })
+
+  runTest('testGetChunkBreak', {
+    resp: server.createChunkResponse(
+      [ Buffer.from([239]),
+        Buffer.from([163]),
+        Buffer.from([191]),
+        Buffer.from([206]),
+        Buffer.from([169]),
+        Buffer.from([226]),
+        Buffer.from([152]),
+        Buffer.from([131])
+      ]),
+    expectBody: '\uf8ff\u03a9\u2603'
+  })
+
+  runTest('testGetJSON', {
+    resp: server.createGetResponse('{"test":true}', 'application/json'), json: true, expectBody: {'test': true}
+  })
+
+  runTest('testPutString', {
+    resp: server.createPostValidator('PUTTINGDATA'), method: 'PUT', body: 'PUTTINGDATA'
+  })
+
+  runTest('testPutBuffer', {
+    resp: server.createPostValidator('PUTTINGDATA'), method: 'PUT', body: Buffer.from('PUTTINGDATA')
+  })
+
+  runTest('testPutJSON', {
+    resp: server.createPostValidator(JSON.stringify({foo: 'bar'})), method: 'PUT', json: {foo: 'bar'}
+  })
+
+  runTest('testPutMultipart', {
+    resp: server.createPostValidator(
+      '--__BOUNDARY__\r\n' +
+      'content-type: text/html\r\n' +
+      '\r\n' +
+      '<html><body>Oh hi.</body></html>' +
+      '\r\n--__BOUNDARY__\r\n\r\n' +
+      'Oh hi.' +
+      '\r\n--__BOUNDARY__--'
+    ),
+    method: 'PUT',
+    multipart: [ {'content-type': 'text/html', 'body': '<html><body>Oh hi.</body></html>'},
+      {'body': 'Oh hi.'}
+    ]
+  })
+
+  tape(strictMsg + 'cleanup', function (t) {
+    s.close(function () {
+      t.end()
+    })
+  })
+}
+
+runAllTests(false, s)
+
+if (!process.env.running_under_istanbul) {
+  // somehow this test modifies the process state
+  // test coverage runs all tests in a single process via tape
+  // executing this test causes one of the tests in test-tunnel.js to throw
+  runAllTests(true, sStrict)
+}