dbgate-api-premium 5.5.7-alpha.45

package/src/utility/sshTunnel.js

@@ -0,0 +1,106 @@
+const portfinder = require('portfinder');
+const stableStringify = require('json-stable-stringify');
+const _ = require('lodash');
+const AsyncLock = require('async-lock');
+const lock = new AsyncLock();
+const { fork } = require('child_process');
+const processArgs = require('../utility/processArgs');
+const { getLogger, extractErrorLogData } = require('dbgate-tools');
+const pipeForkLogs = require('./pipeForkLogs');
+const logger = getLogger('sshTunnel');
+
+const sshTunnelCache = {};
+
+const CONNECTION_FIELDS = [
+  'sshHost',
+  'sshPort',
+  'sshLogin',
+  'sshPassword',
+  'sshMode',
+  'sshKeyfile',
+  'sshBastionHost',
+  'sshKeyfilePassword',
+];
+const TUNNEL_FIELDS = [...CONNECTION_FIELDS, 'server', 'port'];
+
+function callForwardProcess(connection, tunnelConfig, tunnelCacheKey) {
+  let subprocess = fork(
+    global['API_PACKAGE'] || process.argv[1],
+    ['--is-forked-api', '--start-process', 'sshForwardProcess', ...processArgs.getPassArgs()],
+    {
+      stdio: ['ignore', 'pipe', 'pipe', 'ipc'],
+    }
+  );
+  pipeForkLogs(subprocess);
+
+  try {
+    subprocess.send({
+      msgtype: 'connect',
+      connection,
+      tunnelConfig,
+    });
+  } catch (err) {
+    logger.error(extractErrorLogData(err), 'Error connecting SSH');
+  }
+  return new Promise((resolve, reject) => {
+    subprocess.on('message', resp => {
+      // @ts-ignore
+      const { msgtype, errorMessage } = resp;
+      if (msgtype == 'connected') {
+        resolve(subprocess);
+      }
+      if (msgtype == 'error') {
+        reject(new Error(errorMessage));
+      }
+    });
+    subprocess.on('exit', code => {
+      logger.info('SSH forward process exited');
+      delete sshTunnelCache[tunnelCacheKey];
+    });
+  });
+}
+
+async function getSshTunnel(connection) {
+  const tunnelCacheKey = stableStringify(_.pick(connection, TUNNEL_FIELDS));
+
+  return await lock.acquire(tunnelCacheKey, async () => {
+    if (sshTunnelCache[tunnelCacheKey]) return sshTunnelCache[tunnelCacheKey];
+    const localPort = await portfinder.getPortPromise({ port: 10000, stopPort: 60000 });
+    // workaround for `getPortPromise` not releasing the port quickly enough
+    await new Promise(resolve => setTimeout(resolve, 500));
+    const tunnelConfig = {
+      fromPort: localPort,
+      toPort: connection.port,
+      toHost: connection.server,
+    };
+    try {
+      logger.info(
+        `Creating SSH tunnel to ${connection.sshHost}-${connection.server}:${connection.port}, using local port ${localPort}`
+      );
+
+      const subprocess = await callForwardProcess(connection, tunnelConfig, tunnelCacheKey);
+
+      logger.info(
+        `Created SSH tunnel to ${connection.sshHost}-${connection.server}:${connection.port}, using local port ${localPort}`
+      );
+
+      sshTunnelCache[tunnelCacheKey] = {
+        state: 'ok',
+        localPort,
+        subprocess,
+      };
+      return sshTunnelCache[tunnelCacheKey];
+    } catch (err) {
+      logger.error(extractErrorLogData(err), 'Error creating SSH tunnel:');
+      // error is not cached
+      return {
+        state: 'error',
+        message: err.message,
+      };
+    }
+  });
+}
+
+module.exports = {
+  getSshTunnel,
+};

package/src/utility/sshTunnelProxy.js

@@ -0,0 +1,36 @@
+const crypto = require('crypto');
+const { getLogger, extractErrorLogData } = require('dbgate-tools');
+const { getSshTunnel } = require('./sshTunnel');
+const logger = getLogger('sshTunnelProxy');
+
+const dispatchedMessages = {};
+
+async function handleGetSshTunnelRequest({ msgid, connection }, subprocess) {
+  const response = await getSshTunnel(connection);
+  try {
+    subprocess.send({ msgtype: 'getsshtunnel-response', msgid, response });
+  } catch (err) {
+    logger.error(extractErrorLogData(err), 'Error sending to SSH tunnel');
+  }
+}
+
+function handleGetSshTunnelResponse({ msgid, response }, subprocess) {
+  const { resolve } = dispatchedMessages[msgid];
+  delete dispatchedMessages[msgid];
+  resolve(response);
+}
+
+async function getSshTunnelProxy(connection) {
+  if (!process.send) return getSshTunnel(connection);
+  const msgid = crypto.randomUUID();
+  process.send({ msgtype: 'getsshtunnel-request', msgid, connection });
+  return new Promise((resolve, reject) => {
+    dispatchedMessages[msgid] = { resolve, reject };
+  });
+}
+
+module.exports = {
+  handleGetSshTunnelRequest,
+  handleGetSshTunnelResponse,
+  getSshTunnelProxy,
+};

package/src/utility/timingSafeCheckToken.js

@@ -0,0 +1,9 @@
+const crypto = require('crypto');
+
+function timingSafeCheckToken(a, b) {
+  if (!a || !b) return false;
+  if (a.length != b.length) return false;
+  return crypto.timingSafeEqual(Buffer.from(a), Buffer.from(b));
+}
+
+module.exports = timingSafeCheckToken;

package/src/utility/useController.js

@@ -0,0 +1,99 @@
+const _ = require('lodash');
+const express = require('express');
+const getExpressPath = require('./getExpressPath');
+const { MissingCredentialsError } = require('./exceptions');
+const { getLogger, extractErrorLogData } = require('dbgate-tools');
+
+const logger = getLogger('useController');
+/**
+ * @param {string} route
+ */
+module.exports = function useController(app, electron, route, controller) {
+  const router = express.Router();
+
+  if (controller._init) {
+    logger.info(`Calling init controller for controller ${route}`);
+    try {
+      controller._init();
+    } catch (err) {
+      logger.error(extractErrorLogData(err), `Error initializing controller, exiting application`);
+      process.exit(1);
+    }
+  }
+
+  for (const key of _.keys(controller)) {
+    const obj = controller[key];
+    if (!_.isFunction(obj)) continue;
+    const meta = controller[`${key}_meta`];
+    if (!meta) continue;
+
+    const routeAction = `/${_.kebabCase(key)}`;
+
+    if (electron) {
+      if (meta === true) {
+        const handler = `${route.substring(1)}-${_.kebabCase(key)}`;
+        // console.log('REGISTERING HANDLER', handler);
+        electron.ipcMain.handle(handler, async (event, args) => {
+          try {
+            const data = await controller[key](args);
+            // console.log('HANDLED API', handler, data);
+            if (data === undefined) return null;
+            return data;
+          } catch (err) {
+            if (err instanceof MissingCredentialsError) {
+              return {
+                missingCredentials: true,
+                apiErrorMessage: 'Missing credentials',
+                detail: err.detail,
+              };
+            }
+            return { apiErrorMessage: err.message };
+          }
+        });
+      }
+
+      continue;
+    }
+
+    let method = 'post';
+    let raw = false;
+
+    // if (_.isString(meta)) {
+    //   method = meta;
+    // }
+    if (_.isPlainObject(meta)) {
+      method = meta.method;
+      raw = meta.raw;
+    }
+
+    if (raw) {
+      router[method](routeAction, (req, res) => controller[key](req, res));
+    } else {
+      router[method](routeAction, async (req, res) => {
+        // if (controller._init && !controller._init_called) {
+        //   await controller._init();
+        //   controller._init_called = true;
+        // }
+        try {
+          const data = await controller[key]({ ...req.body, ...req.query }, req);
+          res.json(data);
+        } catch (err) {
+          logger.error(extractErrorLogData(err), `Error when processing route ${route}/${key}`);
+          if (err instanceof MissingCredentialsError) {
+            res.json({
+              missingCredentials: true,
+              apiErrorMessage: 'Missing credentials',
+              detail: err.detail,
+            });
+          } else {
+            res.status(500).json({ apiErrorMessage: err.message });
+          }
+        }
+      });
+    }
+  }
+
+  if (app) {
+    app.use(getExpressPath(route), router);
+  }
+};

package/tsconfig.json

@@ -0,0 +1,13 @@
+{
+    "compilerOptions": {
+        "module": "commonjs",
+        "allowJs": true,
+        "checkJs": true,
+        "noEmit": true,
+        "moduleResolution": "node",
+        "skipLibCheck": true,
+    },
+    "include": [
+        "src"
+    ]
+}

package/webpack.config.js

@@ -0,0 +1,55 @@
+var webpack = require('webpack');
+var path = require('path');
+
+var config = {
+  context: __dirname + '/src',
+
+  entry: {
+    app: './index.js',
+  },
+  target: 'node',
+  node: {
+    __dirname: false,
+  },
+  output: {
+    path: path.resolve(__dirname, 'dist'),
+    filename: 'bundle.js',
+    libraryTarget: 'commonjs2',
+  },
+
+  // optimization: {
+  //   minimize: false,
+  // },
+
+  module: {
+    rules: [
+      {
+        test: /\.node$/,
+        use: 'node-loader',
+      },
+    ],
+  },
+  plugins: [
+    new webpack.IgnorePlugin({
+      checkResource(resource) {
+        const lazyImports = ['uws'];
+        if (!lazyImports.includes(resource)) {
+          return false;
+        }
+        try {
+          require.resolve(resource);
+        } catch (err) {
+          return true;
+        }
+        return false;
+      },
+    }),
+  ],
+  externals: {
+    'better-sqlite3': 'commonjs better-sqlite3',
+    'oracledb': 'commonjs oracledb',
+    'msnodesqlv8': 'commonjs msnodesqlv8',
+  },
+};
+
+module.exports = config;