kerberos-server 0.2.0 → 1.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+ 
+Copyright (c) 2015 Auth0, Inc. <support@auth0.com> (http://auth0.com)
+ 
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+ 
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+ 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -13,7 +13,7 @@ __Note:__ you need .Net Framework 4.5 installed.
 ~~~javascript
 var express = require('express');
 var app = express();
-var kerberos_server = require('./..');
+var KerberosServer = require('./..');
 
 app.configure(function () {
   this.use(express.logger());
@@ -23,37 +23,28 @@ app.get('/', function (req, res) {
   res.send('hello ' + req.get('X-User'));
 });
 
-kerberos_server
-  .createServer({
-    port: 8919,
-    header: 'X-User'
-  }, app);
+var server = new KerberosServer(app);
+
+server.listen(8080, function () {
+  console.log('app listening on http://localhost:8080');
+}).on('error', function (err) {
+  console.error(err.message);
+  process.exit(1);
+});
 ~~~
 
 ## How it works?
 
-The server has always a .Net proxy running it listening to port, it authenticate requests and pipe to the real node http server running on a random free port.
+The server has always a .Net proxy running listening to port, it authenticate requests and pipe to the real node http server running on a random free port (localhost only).
 
-## License
+## Issue Reporting
 
-The MIT License (MIT)
+If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
 
-Copyright (c) 2013 AUTH10 LLC
+## Author
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
+[Auth0](auth0.com)
 
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
+## License
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.

package/example/server.js

@@ -1,6 +1,6 @@
 var express = require('express');
 var app = express();
-var kerberos_server = require('./..');
+var KerberosServer = require('./..');
 
 app.configure(function () {
   this.use(express.logger());
@@ -10,8 +10,11 @@ app.get('/', function (req, res) {
   res.send('hello ' + req.get('X-User'));
 });
 
-kerberos_server
-  .createServer({
-    port: 8919,
-    header: 'X-User'
-  }, app);
+var server = new KerberosServer(app);
+
+server.listen(8080, function () {
+  console.log('app listening on http://localhost:8080');
+}).on('error', function (err) {
+  console.error(err.message);
+  process.exit(1);
+});

package/index.js

@@ -1,29 +1,54 @@
-var http            = require('http');
-var https           = require('https');
-var freeport        = require('freeport');
-var kerberos_proxy  = require('./kerberos_proxy');
-
-exports.createServer = function (options, app) {
-  if (!isNaN(options)) {
-    options = {
-      port: options
-    };
-  }
+var Server = require('http').Server;
+var util = require('util');
+var freeport = require('freeport');
+var kerberos_proxy = require('./kerberos_proxy');
+
+function KerberosServer(handler, options) {
+  // In case maxHeaderSize is not defined we can use the default
+  const maxHeaderSize = options?.maxHeaderSize ?? 16834;
+
+  Server.call(this, { maxHeaderSize }, handler);
+  this._options = options || {};
+}
+
+util.inherits(KerberosServer, Server);
+
+KerberosServer.prototype.listen = function (handle, callback) {
+  var self = this;
 
   freeport(function (err, node_port) {
     var opts = {
-      proxy_to: node_port,
-      port: options.port,
-      header: options.header || 'X-Forwarded-User',
-      test_user: options.test_user
+      proxy_to:  node_port,
+      port:      handle,
+      header:    self._options.header || 'X-Forwarded-User',
+      test_user: self._options.test_user
     };
 
-    kerberos_proxy.start(opts);
-    
-    if (options.key || options.pfx) { // use https
-      https.createServer(options, app).listen(node_port);
-    } else {
-      http.createServer(app).listen(node_port);
+    KerberosServer.super_.prototype.listen.call(self, node_port, callback);
+
+    var proxy = kerberos_proxy.start(opts);
+
+    var proxyOutput = '';
+
+    function storeProxyOutput (data) {
+      proxyOutput += data.toString();
     }
+
+    proxy.stdout.on('data', storeProxyOutput);
+    proxy.stderr.on('data', storeProxyOutput);
+
+    proxy.on('exit', function (signal) {
+      if (signal) {
+        var err = new Error('The .Net proxy exited with status ' + signal + '\n' +
+                            'This is the full STDOOUT/STDERR of the process \n' + proxyOutput);
+        self.emit('error', err);
+      }
+    });
+
+    self._proxy = proxy;
   });
+
+  return self;
 };
+
+module.exports = KerberosServer;

package/kerberos_proxy.js

@@ -1,30 +1,7 @@
 var exec = require('child_process').exec;
-var debug = require('debug')('kerberos-server');
 var proxy_path = '"' + __dirname + '\\kerberosproxy.net\\KerberosProxy\\bin\\Debug\\KerberosProxy.exe"';
 
 exports.start = function (options) {
   var cmd = [proxy_path, options.port, 'http://localhost:' + options.proxy_to, options.header, options.test_user].join(' ');
-
-  debug('running: ' + cmd);
-
-  //start the proxy
-  var proc = exec(cmd, function (err) {
-    if (err) {
-      console.log('can\'t start kerberosproxy.exe');
-      process.exit(1);
-    }
-  }).on('exit', function (code) {
-    if (code) {
-      console.log('kerberosproxy.exe closed with status code ' + code);
-      process.exit(1);
-    }
-  });
-
-  proc.stdout.on('data', function (data) {
-    debug('proxy: ' + data.toString());
-  });
-
-  proc.stderr.on('data', function (data) {
-    debug('proxy: ' + data.toString());
-  });
-};
+  return exec(cmd);
+};

package/kerberosproxy.net/KerberosProxy/Program.cs

@@ -51,10 +51,13 @@ namespace KerberosProxy
             HttpListener listener =
                 (HttpListener)app.Properties["System.Net.HttpListener"];
 
-            listener.AuthenticationSchemes =
-                AuthenticationSchemes.IntegratedWindowsAuthentication;
-            
-            listener.UnsafeConnectionNtlmAuthentication = true;
+            if (Program.TestUser == null)
+            {
+                listener.AuthenticationSchemes =
+                    AuthenticationSchemes.IntegratedWindowsAuthentication;
+
+                listener.UnsafeConnectionNtlmAuthentication = true;
+            }
 
             app.Run(async context =>
             {

package/kerberosproxy.net/KerberosProxy/obj/Debug/.NETFramework,Version=v4.5.AssemblyAttributes.cs

@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.5", FrameworkDisplayName = "")]

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kerberos-server",
-  "version": "0.2.0",
+  "version": "1.1.0",
   "description": "Kerberos http server interface",
   "main": "index.js",
   "repository": {
@@ -13,7 +13,6 @@
     "express": "~3.4.7"
   },
   "dependencies": {
-    "debug": "~0.7.4",
     "freeport": "~1.0.2"
   }
 }

package/.npmignore

@@ -1,18 +0,0 @@
-# Created by http://gitignore.io
-
-### Node ###
-lib-cov
-*.seed
-*.log
-*.csv
-*.dat
-*.out
-*.pid
-*.gz
-
-pids
-logs
-results
-
-npm-debug.log
-node_modules