cloudcms-server 0.9.275 → 3.2.278

package/LICENSE

@@ -1,6 +1,6 @@
 Cloud CMS Application Server Module
 
-Copyright 2019 Gitana Software, Inc.
+Copyright 2022 Gitana Software, Inc.
 
 Licensed under the Apache License, Version 2.0 (the "License"); 
 you may not use this file except in compliance with the License. 

package/middleware/proxy/proxy.js

@@ -1,16 +1,6 @@
 var path = require('path');
-// var fs = require('fs');
-// var http = require('http');
-// var https = require('https');
-
-// var httpProxy = require('http-proxy');
-
-// var oauth2 = require("../../util/oauth2")();
-
-// var async = require("async");
 
 var util = require("../../util/util");
-// var auth = require("../../util/auth");
 
 var proxyFactory = require("../../util/proxy-factory");
 
@@ -211,7 +201,7 @@ exports = module.exports = function()
                 contentStore.writeFile(filePath + ".cache", JSON.stringify(cacheInfo), function() {
                     _end.call(res, data, encoding);
                 });
-``            };
+            };
 
             callback();
         });

package/package.json

@@ -6,7 +6,7 @@
   },
   "name": "cloudcms-server",
   "description": "Cloud CMS Application Server Module",
-  "version": "0.9.275",
+  "version": "3.2.278",
   "repository": {
     "type": "git",
     "url": "git://github.com/gitana/cloudcms-server.git"
@@ -16,7 +16,7 @@
     "@socket.io/redis-adapter": "^7.2.0",
     "@socket.io/sticky": "^1.0.1",
     "accepts": "^1.3.7",
-    "agentkeepalive": "^4.1.3",
+    "agentkeepalive": "^4.2.1",
     "alpaca": "^1.5.27",
     "archiver": "^1.3.0",
     "async": "^3.2.3",
@@ -40,13 +40,14 @@
     "express-session": "^1.17.3",
     "express-useragent": "^1.0.13",
     "extend-with-super": "^2.0.0",
+    "finalhandler": "^1.2.0",
     "gitana": "^1.0.322",
     "handlebars": "^4.4.2",
     "hbs": "^4.0.5",
     "helmet": "^4.6.0",
-    "install": "^0.13.0",
+    "http2-proxy": "^5.0.53",
     "ioredis": "4.28.5",
-    "json5": "^1.0.1",
+    "json5": "^2.2.1",
     "jsonwebtoken": "^8.5.1",
     "klaw": "^1.3.1",
     "lru-cache": "^4.1.5",
@@ -56,7 +57,6 @@
     "mkdirp": "^0.5.1",
     "moment": "^2.24.0",
     "morgan": "^1.9.1",
-    "npm": "^8.15.0",
     "object-hash": "^1.3.1",
     "object-merge": "^2.5.1",
     "on-headers": "^1.0.2",
@@ -76,7 +76,7 @@
     "recursive-readdir": "^2.2.2",
     "redis": "^4.2.0",
     "redlock": "4.2.0",
-    "request": "^2.88.0",
+    "request": "^2.88.2",
     "request-param": "^1.0.1",
     "response-time": "^2.3.2",
     "semver": "^7.3.7",
@@ -89,13 +89,10 @@
     "targz": "^1.0.1",
     "temp": "^0.8.3",
     "toobusy-js": "^0.5.1",
-    "uuid": "^3.3.2",
+    "uuid": "^8.3.2",
     "vm2": "^3.8.4",
     "watch": "^0.13.0",
-    "winston": "^3.3.3",
-    "eventemitter3": "^4.0.7",
-    "requires-port": "^1.0.0",
-    "follow-redirects": "^1.15.1"
+    "winston": "^3.3.3"
   },
   "contributors": [
     {

package/util/proxy-factory.js

@@ -2,14 +2,13 @@ var http = require("http");
 var https = require("https");
 var path = require("path");
 
-var httpProxy = require("../temp/http-proxy");
-
 var auth = require("./auth");
 var util = require("./util");
 
 var oauth2 = require("./oauth2")();
 
 var urlTool = require("url");
+const finalhandler = require("finalhandler");
 
 var exports = module.exports;
 
@@ -64,84 +63,141 @@ var acquireProxyHandler = exports.acquireProxyHandler = function(proxyTarget, pa
     });
 };
 
+
+
+
 var createProxyHandler = function(proxyTarget, pathPrefix)
 {
-    ////////////////////////////////////////////////////////////////////////////
-    //
-    // HTTP/HTTPS Proxy Server to Cloud CMS
-    // Facilitates Cross-Domain communication between Browser and Cloud Server
-    // This must appear at the top of the app.js file (ahead of config) for things to work
-    //
-    ////////////////////////////////////////////////////////////////////////////
+    const proxy = require("http2-proxy");
+    const finalhandler = require('finalhandler')
     
-    // parse the target to get host
-    var proxyHost = urlTool.parse(proxyTarget).host;
+    const defaultWebHandler = function(err, req, res) {
+        if (err)
+        {
+            console.log("A web proxy error was caught, path: " + req.path + ", err: ", err);
+            try { res.status(500); } catch (e) { }
+            try { res.end('Something went wrong while proxying the request.'); } catch (e) { }
+        }
     
-    // NOTE: changeOrigin must be true because of the way that we set host to host:port
-    // in http-proxy's common.js line 102, the host is only properly set up if changeOrigin is set to true
-    // this sets the "host" header and it has to match what is set at the network/transport level in a way
-    // (inner workings of Node http request)
-    //
-    var proxyConfig = {
-        "target": proxyTarget,
-        "agent": http.globalAgent,
-        "xfwd": false,
-        "proxyTimeout": process.defaultHttpTimeoutMs,
-        //"changeOrigin": true
-        "headers": {
-            "host": proxyHost
-        },
-        "cookieDomainRewrite": true
+        finalhandler(req, res)(err);
     };
-
-    // use https?
-    if (util.isHttps(proxyTarget))
-    {
-        proxyConfig = {
-            "target": proxyTarget,
-            "agent": https.globalAgent,
-            "xfwd": false,
-            "proxyTimeout": process.defaultHttpTimeoutMs,
-            "headers": {
-                "host": proxyHost
-            },
-            "cookieDomainRewrite": true
-        };
-    }
-
-    // create proxy server instance
-    var proxyServer = new httpProxy.createProxyServer(proxyConfig);
-
-    // error handling
-    proxyServer.on("error", function(err, req, res) {
-        console.log("A proxy error was caught: " + err + ", json: " + JSON.stringify(err) + ", path: " + req.path);
-
-        // do our best to send something back
-        try
-        {
-            res.writeHead(500, {
-                'Content-Type': 'text/plain'
-            });
+    
+    // const defaultWsHandler = function(err, req, socket, head) {
+    //     if (err) {
+    //         console.error('proxy error (ws)', err);
+    //         socket.destroy();
+    //     }
+    // };
+    
+    //console.log("Proxy Target: " + proxyTarget);
+    
+    var hostname = urlTool.parse(proxyTarget).hostname;
+    var port = urlTool.parse(proxyTarget).port;
+    var protocol = urlTool.parse(proxyTarget).protocol;
+    
+    // web
+    var webConfig = {};
+    webConfig.hostname = hostname;
+    webConfig.port = port;
+    webConfig.protocol = protocol;
+    //webConfig.path = null;
+    webConfig.proxyTimeout = 120000;
+    webConfig.proxyName = "Cloud CMS UI Proxy";
+    webConfig.onReq = function(req, options) {
+
+        if (!options.headers) {
+            options.headers = {};
         }
-        catch (e) { }
+        var headers = options.headers;
 
-        try
-        {
-            res.end('Something went wrong while proxying the request.');
+        if (options.path && options.path.startsWith("/proxy")) {
+            options.path = options.path.substring(6);
+        }
+    
+        if (pathPrefix) {
+            options.path = path.join(pathPrefix, options.path);
         }
-        catch (e) { }
-    });
-
-    // if we're using auth credentials that are picked up in SSO chain, then we listen for a 401
-    // and if we hear it, we automatically invalidate the SSO chain so that the next request
-    // will continue to work
-    proxyServer.on("proxyRes", function (proxyRes, req, res) {
         
-        console.log("proxyRes.1");
+        // used to auto-assign the client header for /oauth/token requests
+        oauth2.autoProxy(req);
+    
+        // copy domain host into "x-cloudcms-domainhost"
+        if (req.domainHost) {
+            headers["x-cloudcms-domainhost"] = req.domainHost; // this could be "localhost"
+        }
+    
+        // copy virtual host into "x-cloudcms-virtualhost"
+        if (req.virtualHost) {
+            headers["x-cloudcms-virtualhost"] = req.virtualHost; // this could be "root.cloudcms.net" or "abc.cloudcms.net"
+        }
+    
+        // copy deployment descriptor info
+        if (req.descriptor)
+        {
+            if (req.descriptor.tenant)
+            {
+                if (req.descriptor.tenant.id)
+                {
+                    headers["x-cloudcms-tenant-id"] = req.descriptor.tenant.id;
+                }
+            
+                if (req.descriptor.tenant.title)
+                {
+                    headers["x-cloudcms-tenant-title"] = req.descriptor.tenant.title;
+                }
+            }
         
+            if (req.descriptor.application)
+            {
+                if (req.descriptor.application.id)
+                {
+                    headers["x-cloudcms-application-id"] = req.descriptor.application.id;
+                }
+            
+                if (req.descriptor.application.title)
+                {
+                    headers["x-cloudcms-application-title"] = req.descriptor.application.title;
+                }
+            }
+        }
+    
+        // set optional "x-cloudcms-origin" header
+        var cloudcmsOrigin = null;
+        if (req.virtualHost)
+        {
+            cloudcmsOrigin = req.virtualHost;
+        }
+        if (cloudcmsOrigin)
+        {
+            headers["x-cloudcms-origin"] = cloudcmsOrigin;
+        }
+    
+        // set x-cloudcms-server-version header
+        headers["x-cloudcms-server-version"] = process.env.CLOUDCMS_APPSERVER_PACKAGE_VERSION;
+    
+        // keep alive
+        //req.headers["connection"] = "keep-alive";
+    
+        // if the incoming request didn't have an "Authorization" header
+        // and we have a logged in Gitana User via Auth, then set authorization header to Bearer Access Token
+        if (!req.headers["authorization"])
+        {
+            if (req.gitana_user)
+            {
+                headers["authorization"] = "Bearer " + req.gitana_user.getDriver().http.accessToken();
+            }
+            else if (req.gitana_proxy_access_token)
+            {
+                headers["authorization"] = "Bearer " + req.gitana_proxy_access_token;
+            }
+        }
+    };
+    webConfig.onRes = function(req, res, proxyRes) {
+    
         if (req.gitana_user)
         {
             var chunks = [];
+            
             // triggers on data receive
             proxyRes.on('data', function(chunk) {
                 // add received chunk to chunks array
@@ -149,8 +205,6 @@ var createProxyHandler = function(proxyTarget, pathPrefix)
             });
 
             proxyRes.on("end", function () {
-    
-                console.log("proxyRes.end, code: " + proxyRes.statusCode);
 
                 if (proxyRes.statusCode === 401)
                 {
@@ -160,15 +214,16 @@ var createProxyHandler = function(proxyTarget, pathPrefix)
                         var identifier = req.identity_properties.provider_id + "/" + req.identity_properties.user_identifier;
 
                         _LOCK([identifier], function(err, releaseLockFn) {
-    
+
                             if (err)
                             {
                                 // failed to acquire lock
                                 console.log("FAILED TO ACQUIRE LOCK", err);
                                 req.log("FAILED TO ACQUIRE LOCK", err);
+                                try { releaseLockFn(); } catch (e) { }
                                 return;
                             }
-    
+
                             var cleanup = function (full)
                             {
                                 delete Gitana.APPS[req.identity_properties.token];
@@ -186,8 +241,7 @@ var createProxyHandler = function(proxyTarget, pathPrefix)
                                 if (err) {
                                     cleanup(true);
                                     req.log("Invalidated auth state for gitana user: " + req.identity_properties.token);
-                                    releaseLockFn();
-                                    return;
+                                    return releaseLockFn();
                                 }
 
                                 req.gitana_user.getDriver().reloadAuthInfo(function () {
@@ -202,112 +256,92 @@ var createProxyHandler = function(proxyTarget, pathPrefix)
                 }
             });
         }
-    });
-
-    var proxyHandlerServer = http.createServer(function(req, res) {
-
-        console.log("proxy.1: " + req.url);
-        if (req.headers)
-        {
-            for (var k in req.headers)
-            {
-                console.log("proxy.2 header " + k + " = " + req.headers[k]);
-            }
-        }
-
-        // used to auto-assign the client header for /oauth/token requests
-        oauth2.autoProxy(req);
-
-        // copy domain host into "x-cloudcms-domainhost"
-        if (req.domainHost)
-        {
-            req.headers["x-cloudcms-domainhost"] = req.domainHost; // this could be "localhost"
-        }
-
-        // copy virtual host into "x-cloudcms-virtualhost"
-        if (req.virtualHost)
-        {
-            req.headers["x-cloudcms-virtualhost"] = req.virtualHost; // this could be "root.cloudcms.net" or "abc.cloudcms.net"
-        }
-
-        // copy deployment descriptor info
-        if (req.descriptor)
-        {
-            if (req.descriptor.tenant)
-            {
-                if (req.descriptor.tenant.id)
-                {
-                    req.headers["x-cloudcms-tenant-id"] = req.descriptor.tenant.id;
-                }
-
-                if (req.descriptor.tenant.title)
-                {
-                    req.headers["x-cloudcms-tenant-title"] = req.descriptor.tenant.title;
-                }
-            }
-
-            if (req.descriptor.application)
-            {
-                if (req.descriptor.application.id)
-                {
-                    req.headers["x-cloudcms-application-id"] = req.descriptor.application.id;
-                }
-
-                if (req.descriptor.application.title)
-                {
-                    req.headers["x-cloudcms-application-title"] = req.descriptor.application.title;
-                }
-            }
-        }
-
-        // set optional "x-cloudcms-origin" header
-        var cloudcmsOrigin = null;
-        if (req.virtualHost)
-        {
-            cloudcmsOrigin = req.virtualHost;
-        }
-        if (cloudcmsOrigin)
-        {
-            req.headers["x-cloudcms-origin"] = cloudcmsOrigin;
-        }
-
-        // set x-cloudcms-server-version header
-        req.headers["x-cloudcms-server-version"] = process.env.CLOUDCMS_APPSERVER_PACKAGE_VERSION;
-    
-        // keep alive
-        req.headers["connection"] = "keep-alive";
-
-        // if the incoming request didn't have an "Authorization" header
-        // and we have a logged in Gitana User via Auth, then set authorization header to Bearer Access Token
-        if (!req.headers["authorization"])
-        {
-            if (req.gitana_user)
-            {
-                req.headers["authorization"] = "Bearer " + req.gitana_user.getDriver().http.accessToken();
-            }
-            else if (req.gitana_proxy_access_token)
-            {
-                req.headers["authorization"] = "Bearer " + req.gitana_proxy_access_token;
-            }
-        }
         
-        if (pathPrefix) {
-            req.url = path.join(pathPrefix, req.url);
-        }
+        //res.setHeader('x-powered-by', 'cloudcms');
+        res.writeHead(proxyRes.statusCode, proxyRes.headers)
+        proxyRes.pipe(res)
+    };
     
-        console.log("proxy.4: " + req.url);
-        if (req.headers)
-        {
-            for (var k in req.headers)
-            {
-                console.log("proxy.4 header " + k + " = " + req.headers[k]);
-            }
-        }
-
-        proxyServer.web(req, res);
-        
-        console.log("proxy.5");
-    });
+    var proxyRequestHandler = function(req, res) {
+        proxy.web(req, res, webConfig, function(err, req, res) {
+            defaultWebHandler(err, req, res);
+        });
+    };
+    
+    
+    // cookie domain rewrite?
+    
+    // // if we're using auth credentials that are picked up in SSO chain, then we listen for a 401
+    // // and if we hear it, we automatically invalidate the SSO chain so that the next request
+    // // will continue to work
+    // proxyServer.on("proxyRes", function (proxyRes, req, res) {
+    //
+    //     console.log("proxyRes.1");
+    //
+    //     if (req.gitana_user)
+    //     {
+    //         var chunks = [];
+    //         // triggers on data receive
+    //         proxyRes.on('data', function(chunk) {
+    //             // add received chunk to chunks array
+    //             chunks.push(chunk);
+    //         });
+    //
+    //         proxyRes.on("end", function () {
+    //
+    //             console.log("proxyRes.end, code: " + proxyRes.statusCode);
+    //
+    //             if (proxyRes.statusCode === 401)
+    //             {
+    //                 var text = "" + Buffer.concat(chunks);
+    //                 if (text && (text.indexOf("invalid_token") > -1) || (text.indexOf("invalid_grant") > -1))
+    //                 {
+    //                     var identifier = req.identity_properties.provider_id + "/" + req.identity_properties.user_identifier;
+    //
+    //                     _LOCK([identifier], function(err, releaseLockFn) {
+    //
+    //                         if (err)
+    //                         {
+    //                             // failed to acquire lock
+    //                             console.log("FAILED TO ACQUIRE LOCK", err);
+    //                             req.log("FAILED TO ACQUIRE LOCK", err);
+    //                             return;
+    //                         }
+    //
+    //                         var cleanup = function (full)
+    //                         {
+    //                             delete Gitana.APPS[req.identity_properties.token];
+    //                             delete Gitana.PLATFORM_CACHE[req.identity_properties.token];
+    //
+    //                             if (full) {
+    //                                 auth.removeUserCacheEntry(identifier);
+    //                             }
+    //                         };
+    //
+    //                         // null out the access token
+    //                         // this will force the refresh token to be used to get a new one on the next request
+    //                         req.gitana_user.getDriver().http.refresh(function (err) {
+    //
+    //                             if (err) {
+    //                                 cleanup(true);
+    //                                 req.log("Invalidated auth state for gitana user: " + req.identity_properties.token);
+    //                                 releaseLockFn();
+    //                                 return;
+    //                             }
+    //
+    //                             req.gitana_user.getDriver().reloadAuthInfo(function () {
+    //                                 cleanup(true);
+    //                                 req.log("Refreshed token for gitana user: " + req.identity_properties.token);
+    //                                 releaseLockFn();
+    //                             });
+    //                         });
+    //                     });
+    //                 }
+    //
+    //             }
+    //         });
+    //     }
+    // });
 
-    return proxyHandlerServer.listeners('request')[0];
+    return proxyRequestHandler;
 };

package/temp/http-proxy/.auto-changelog

@@ -1,6 +0,0 @@
-{
-  "output": "CHANGELOG.md",
-  "template": "keepachangelog",
-  "unreleased": true,
-  "commitLimit": false
-}

package/temp/http-proxy/.gitattributes

@@ -1 +0,0 @@
-package-lock.json binary