mockaton 11.2.6 → 11.3.0

package/src/server/ProxyRelay.js

@@ -3,8 +3,7 @@ import { randomUUID } from 'node:crypto'
 
 import { extFor } from './utils/mime.js'
 import { write, isFile } from './utils/fs.js'
-import { readBody, BodyReaderError } from './utils/http-request.js'
-import { sendUnprocessable, sendBadGateway } from './utils/http-response.js'
+import { readBody, BodyReaderError } from './utils/HttpIncomingMessage.js'
 
 import { config } from './config.js'
 import { makeMockFilename } from './Filename.js'
@@ -23,9 +22,9 @@ export async function proxy(req, response, delay) {
 	}
 	catch (error) { // TESTME
 		if (error instanceof BodyReaderError)
-			sendUnprocessable(response, error.name)
+			response.unprocessable(error.name)
 		else
-			sendBadGateway(response, error)
+			response.badGateway(error)
 		return
 	}
 

package/src/server/StaticDispatcher.js

@@ -4,7 +4,6 @@ import { readFileSync } from 'node:fs'
 import { isFile } from './utils/fs.js'
 import { logger } from './utils/logger.js'
 import { mimeFor } from './utils/mime.js'
-import { sendMockNotFound, sendPartialContent } from './utils/http-response.js'
 
 import { brokerByRoute } from './staticCollection.js'
 import { config, calcDelay } from './config.js'
@@ -16,19 +15,19 @@ export async function dispatchStatic(req, response) {
 
 	setTimeout(async () => {
 		if (!broker || broker.status === 404) {
-			sendMockNotFound(response)
+			response.mockNotFound()
 			return
 		}
 
 		const file = join(config.staticDir, broker.route)
 		if (!isFile(file)) {
-			sendMockNotFound(response)
+			response.mockNotFound()
 			return
 		}
 		
 		logger.accessMock(req.url, 'static200')
 		if (req.headers.range)
-			await sendPartialContent(response, req.headers.range, file)
+			await response.partialContent(req.headers.range, file)
 		else {
 			response.setHeader('Content-Type', mimeFor(file))
 			response.end(readFileSync(file))

package/src/server/Watcher.js

@@ -8,7 +8,6 @@ import {
 } from './ApiConstants.js'
 
 import { config } from './config.js'
-import { sendJSON } from './utils/http-response.js'
 import { isFile, isDirectory } from './utils/fs.js'
 
 import * as staticCollection from './staticCollection.js'
@@ -101,12 +100,12 @@ export function longPollClientSyncVersion(req, response) {
 	const clientVersion = req.headers[HEADER_SYNC_VERSION]
 	if (clientVersion !== undefined && uiSyncVersion.version !== Number(clientVersion)) {
 		// e.g., tab was hidden while new mocks were added or removed
-		sendJSON(response, uiSyncVersion.version)
+		response.json(uiSyncVersion.version)
 		return
 	}
 	function onARR() {
 		uiSyncVersion.unsubscribe(onARR)
-		sendJSON(response, uiSyncVersion.version)
+		response.json(uiSyncVersion.version)
 	}
 	response.setTimeout(LONG_POLL_SERVER_TIMEOUT, onARR)
 	req.on('error', () => {

package/src/server/WatcherDevClient.js

@@ -1,7 +1,6 @@
 import { join } from 'node:path'
 import { EventEmitter } from 'node:events'
 import { watch, readdirSync } from 'node:fs'
-import { sendJSON, sendNotFound } from './utils/http-response.js'
 import { LONG_POLL_SERVER_TIMEOUT } from './ApiConstants.js'
 
 
@@ -30,17 +29,17 @@ export function watchDevSPA() {
 /** Realtime notify Dev UI changes */
 export function longPollDevClientHotReload(req, response) {
 	if (!DEV) {
-		sendNotFound(response)
+		response.notFound()
 		return
 	}
 	
 	function onDevChange(file) {
 		devClientWatcher.unsubscribe(onDevChange)
-		sendJSON(response, file)
+		response.json(file)
 	}
 	response.setTimeout(LONG_POLL_SERVER_TIMEOUT, () => {
 		devClientWatcher.unsubscribe(onDevChange)
-		sendJSON(response, '')
+		response.json('')
 	})
 	req.on('error', () => {
 		devClientWatcher.unsubscribe(onDevChange)

package/src/server/config.js

@@ -4,7 +4,7 @@ import { logger } from './utils/logger.js'
 import { isDirectory } from './utils/fs.js'
 import { openInBrowser } from './utils/openInBrowser.js'
 import { optional, is, validate } from './utils/validate.js'
-import { SUPPORTED_METHODS } from './utils/http-request.js'
+import { SUPPORTED_METHODS } from './utils/HttpIncomingMessage.js'
 import { validateCorsAllowedMethods, validateCorsAllowedOrigins } from './utils/http-cors.js'
 
 import { jsToJsonPlugin } from './MockDispatcher.js'

package/src/server/utils/{http-request.js → HttpIncomingMessage.js}

@@ -1,4 +1,4 @@
-import { METHODS } from 'node:http'
+import http, { METHODS } from 'node:http'
 
 
 export const SUPPORTED_METHODS = METHODS
@@ -12,6 +12,12 @@ export class BodyReaderError extends Error {
 	}
 }
 
+export class IncomingMessage extends http.IncomingMessage {
+	json() {
+		return readBody(this, JSON.parse)
+	}
+}
+
 export const parseJSON = req => readBody(req, JSON.parse)
 
 export function readBody(req, parser = a => a) {

package/src/server/utils/HttpServerResponse.js

@@ -0,0 +1,117 @@
+import http from 'node:http'
+import fs, { readFileSync } from 'node:fs'
+
+import { logger } from './logger.js'
+import { mimeFor } from './mime.js'
+import { HEADER_502 } from '../ApiConstants.js'
+
+
+export class ServerResponse extends http.ServerResponse {
+	setHeaderList(headers) {
+		for (let i = 0; i < headers.length; i += 2)
+			this.setHeader(headers[i], headers[i + 1])
+	}
+
+	ok() {
+		logger.access(this)
+		this.end()
+	}
+
+	html(html, csp) {
+		logger.access(this)
+		this.setHeader('Content-Type', mimeFor('html'))
+		this.setHeader('Content-Security-Policy', csp)
+		this.end(html)
+	}
+
+	json(payload) {
+		logger.access(this)
+		this.setHeader('Content-Type', 'application/json')
+		this.end(JSON.stringify(payload))
+	}
+
+	file(file) {
+		logger.access(this)
+		this.setHeader('Content-Type', mimeFor(file))
+		this.end(readFileSync(file, 'utf8'))
+	}
+
+	noContent() {
+		this.statusCode = 204
+		logger.access(this)
+		this.end()
+	}
+
+
+	badRequest() {
+		this.statusCode = 400
+		logger.access(this)
+		this.end()
+	}
+
+	notFound() {
+		this.statusCode = 404
+		logger.access(this)
+		this.end()
+	}
+
+	mockNotFound() {
+		this.statusCode = 404
+		logger.accessMock(this.req.url, '404')
+		this.end()
+	}
+
+	uriTooLong() {
+		this.statusCode = 414
+		logger.access(this)
+		this.end()
+	}
+
+	unprocessable(error) {
+		logger.access(this, error)
+		this.statusCode = 422
+		this.end(error)
+	}
+
+
+	internalServerError(error) {
+		logger.error(500, this.req.url, error?.message || error, error?.stack || '')
+		this.statusCode = 500
+		this.end()
+	}
+
+	badGateway(error) {
+		logger.warn('Fallback Proxy Error:', error.cause.message)
+		this.statusCode = 502
+		this.setHeader(HEADER_502, 1)
+		this.end()
+	}
+
+
+	async partialContent(range, file) {
+		const { size } = await fs.promises.lstat(file)
+		let [start, end] = range.replace(/bytes=/, '').split('-').map(n => parseInt(n, 10))
+		if (isNaN(end)) end = size - 1
+		if (isNaN(start)) start = size - end
+
+		if (start < 0 || start > end || start >= size || end >= size) {
+			this.statusCode = 416 // Range Not Satisfiable
+			this.setHeader('Content-Range', `bytes */${size}`)
+			this.end()
+		}
+		else {
+			this.statusCode = 206 // Partial Content
+			this.setHeader('Accept-Ranges', 'bytes')
+			this.setHeader('Content-Range', `bytes ${start}-${end}/${size}`)
+			this.setHeader('Content-Type', mimeFor(file))
+			const reader = fs.createReadStream(file, { start, end })
+			const response = this
+			reader.on('open', function () {
+				this.pipe(response)
+			})
+			reader.on('error', error => {
+				this.internalServerError(error)
+			})
+		}
+	}
+}

package/src/server/utils/http-cors.js

@@ -1,4 +1,4 @@
-import { methodIsSupported } from './http-request.js'
+import { methodIsSupported } from './HttpIncomingMessage.js'
 
 /* https://www.w3.org/TR/2020/SPSD-cors-20200602/#resource-processing-model */
 

package/src/server/utils/http-cors.test.js

@@ -0,0 +1,225 @@
+import { equal } from 'node:assert/strict'
+import { promisify } from 'node:util'
+import { createServer } from 'node:http'
+import { describe, test, after } from 'node:test'
+import { isPreflight, setCorsHeaders, CorsHeader as CH } from './http-cors.js'
+
+
+function headerIs(response, header, value) {
+	equal(response.headers.get(header), value)
+}
+
+const FooDotCom = 'http://foo.com'
+const AllowedDotCom = 'http://allowed.com'
+const NotAllowedDotCom = 'http://not-allowed.com'
+
+await describe('CORS', async () => {
+	let corsConfig = {}
+
+	const server = createServer((req, response) => {
+		setCorsHeaders(req, response, corsConfig)
+		if (isPreflight(req)) {
+			response.statusCode = 204
+			response.end()
+		}
+		else
+			response.end('NON_PREFLIGHT')
+	})
+	await promisify(server.listen).bind(server, 0, '127.0.0.1')()
+	after(() => {
+		server.close()
+	})
+	function preflight(headers, method = 'OPTIONS') {
+		const { address, port } = server.address()
+		return fetch(`http://${address}:${port}/`, { method, headers })
+	}
+	function request(headers, method) {
+		const { address, port } = server.address()
+		return fetch(`http://${address}:${port}/`, { method, headers })
+	}
+
+	await describe('Identifies Preflight Requests', async () => {
+		const requiredRequestHeaders = {
+			[CH.Origin]: 'http://localhost:9999',
+			[CH.AcRequestMethod]: 'POST'
+		}
+
+		await test('Ignores non-OPTIONS requests', async () => {
+			const res = await request(requiredRequestHeaders, 'POST')
+			equal(await res.text(), 'NON_PREFLIGHT')
+		})
+
+		await test(`Ignores non-parseable req ${CH.Origin} header`, async () => {
+			const headers = {
+				...requiredRequestHeaders,
+				[CH.Origin]: 'non-url'
+			}
+			const res = await preflight(headers)
+			equal(await res.text(), 'NON_PREFLIGHT')
+		})
+
+		await test(`Ignores missing method in ${CH.AcRequestMethod} header`, async () => {
+			const headers = { ...requiredRequestHeaders }
+			delete headers[CH.AcRequestMethod]
+			const res = await preflight(headers)
+			equal(await res.text(), 'NON_PREFLIGHT')
+		})
+
+		await test(`Ignores non-standard method in ${CH.AcRequestMethod} header`, async () => {
+			const headers = {
+				...requiredRequestHeaders,
+				[CH.AcRequestMethod]: 'NON_STANDARD'
+			}
+			const res = await preflight(headers)
+			equal(await res.text(), 'NON_PREFLIGHT')
+		})
+
+		await test('204 valid preflights', async () => {
+			const res = await preflight(requiredRequestHeaders)
+			equal(res.status, 204)
+		})
+	})
+
+	await describe('Preflight Response Headers', async () => {
+		await test('no origins allowed', async () => {
+			corsConfig = {
+				corsOrigins: [],
+				corsMethods: ['GET']
+			}
+			const p = await preflight({
+				[CH.Origin]: FooDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, null)
+			headerIs(p, CH.AcAllowMethods, null)
+			headerIs(p, CH.AcAllowCredentials, null)
+			headerIs(p, CH.AcAllowHeaders, null)
+			headerIs(p, CH.AcMaxAge, null)
+		})
+
+		await test('not in allowed origins', async () => {
+			corsConfig = {
+				corsOrigins: [AllowedDotCom],
+				corsMethods: ['GET']
+			}
+			const p = await preflight({
+				[CH.Origin]: NotAllowedDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, null)
+			headerIs(p, CH.AcAllowMethods, null)
+			headerIs(p, CH.AcAllowCredentials, null)
+			headerIs(p, CH.AcAllowHeaders, null)
+		})
+
+		await test('origin and method match', async () => {
+			corsConfig = {
+				corsOrigins: [AllowedDotCom],
+				corsMethods: ['GET']
+			}
+			const p = await preflight({
+				[CH.Origin]: AllowedDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AcAllowMethods, 'GET')
+			headerIs(p, CH.AcAllowCredentials, null)
+			headerIs(p, CH.AcAllowHeaders, null)
+		})
+
+		await test('origin matches from multiple', async () => {
+			corsConfig = {
+				corsOrigins: [AllowedDotCom, FooDotCom],
+				corsMethods: ['GET']
+			}
+			const p = await preflight({
+				[CH.Origin]: AllowedDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AcAllowMethods, 'GET')
+			headerIs(p, CH.AcAllowCredentials, null)
+			headerIs(p, CH.AcAllowHeaders, null)
+		})
+
+		await test('wildcard origin', async () => {
+			corsConfig = {
+				corsOrigins: ['*'],
+				corsMethods: ['GET']
+			}
+			const p = await preflight({
+				[CH.Origin]: FooDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, FooDotCom)
+			headerIs(p, CH.AcAllowMethods, 'GET')
+			headerIs(p, CH.AcAllowCredentials, null)
+			headerIs(p, CH.AcAllowHeaders, null)
+		})
+
+		await test(`wildcard and credentials`, async () => {
+			corsConfig = {
+				corsOrigins: ['*'],
+				corsMethods: ['GET'],
+				corsCredentials: true
+			}
+			const p = await preflight({
+				[CH.Origin]: FooDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, FooDotCom)
+			headerIs(p, CH.AcAllowMethods, 'GET')
+			headerIs(p, CH.AcAllowCredentials, 'true')
+			headerIs(p, CH.AcAllowHeaders, null)
+		})
+
+		await test(`wildcard, credentials, and headers`, async () => {
+			corsConfig = {
+				corsOrigins: ['*'],
+				corsMethods: ['GET'],
+				corsCredentials: true,
+				corsHeaders: ['content-type', 'my-header']
+			}
+			const p = await preflight({
+				[CH.Origin]: FooDotCom,
+				[CH.AcRequestMethod]: 'GET'
+			})
+			headerIs(p, CH.AcAllowOrigin, FooDotCom)
+			headerIs(p, CH.AcAllowMethods, 'GET')
+			headerIs(p, CH.AcAllowCredentials, 'true')
+			headerIs(p, CH.AcAllowHeaders, 'content-type,my-header')
+		})
+	})
+
+	await describe('Non-Preflight (Actual Response) Headers', async () => {
+		await test('no origins allowed', async () => {
+			corsConfig = {
+				corsOrigins: [],
+				corsMethods: ['GET']
+			}
+			const p = await request({
+				[CH.Origin]: NotAllowedDotCom
+			})
+			equal(p.status, 200)
+			headerIs(p, CH.AcAllowOrigin, null)
+			headerIs(p, CH.AcAllowCredentials, null)
+			headerIs(p, CH.AcExposeHeaders, null)
+		})
+
+		await test('origin allowed', async () => {
+			corsConfig = {
+				corsOrigins: [AllowedDotCom],
+				corsMethods: ['GET'],
+				corsCredentials: true,
+				corsExposedHeaders: ['x-h1', 'x-h2']
+			}
+			const p = await request({
+				[CH.Origin]: AllowedDotCom
+			})
+			equal(p.status, 200)
+			headerIs(p, CH.AcAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AcAllowCredentials, 'true')
+			headerIs(p, CH.AcExposeHeaders, 'x-h1,x-h2')
+		})
+	})
+})

package/src/server/utils/logger.js

@@ -1,4 +1,4 @@
-import { decode, reControlAndDelChars } from './http-request.js'
+import { decode, reControlAndDelChars } from './HttpIncomingMessage.js'
 
 
 export const logger = new class {

package/src/server/utils/mime.test.js

@@ -0,0 +1,24 @@
+import { test } from 'node:test'
+import { equal } from 'node:assert/strict'
+import { parseMime, extFor, mimeFor } from './mime.js'
+
+
+test('parseMime', () => [
+	'text/html',
+	'TEXT/html',
+	'text/html; charset=utf-8'
+].map(input =>
+	equal(parseMime(input), 'text/html')))
+
+test('extFor', () => [
+	'text/html',
+	'Text/html',
+	'text/Html; charset=UTF-16'
+].map(input =>
+	equal(extFor(input), 'html')))
+
+test('mimeFor', () => [
+	'file.html',
+	'file.HTmL'
+].map(input =>
+	equal(mimeFor(input), 'text/html')))

package/src/server/utils/validate.test.js

@@ -0,0 +1,47 @@
+import { describe, test } from 'node:test'
+import { doesNotThrow, throws } from 'node:assert/strict'
+import { validate, is, optional } from './validate.js'
+
+
+describe('validate', () => {
+	describe('optional', () => {
+		test('accepts undefined', () =>
+			doesNotThrow(() =>
+				validate({}, { field: optional(Number.isInteger) })))
+
+		test('accepts falsy value regardless of type', () =>
+			doesNotThrow(() =>
+				validate({ field: 0 }, { field: optional(Array.isArray) })))
+
+		test('accepts when tester func returns truthy', () =>
+			doesNotThrow(() =>
+				validate({ field: [] }, { field: optional(Array.isArray) })))
+
+		test('rejects when tester func returns falsy', () =>
+			throws(() =>
+					validate({ field: 1 }, { field: optional(Array.isArray) }),
+				/field=1 is invalid/))
+	})
+
+	describe('is', () => {
+		test('rejects mismatched type', () =>
+			throws(() =>
+					validate({ field: 1 }, { field: is(String) }),
+				/field=1 is invalid/))
+
+		test('accepts matched type', () =>
+			doesNotThrow(() =>
+				validate({ field: '' }, { field: is(String) })))
+	})
+
+	describe('custom tester func', () => {
+		test('rejects mismatched type', () =>
+			throws(() =>
+					validate({ field: 0.1 }, { field: Number.isInteger }),
+				/field=0.1 is invalid/))
+
+		test('accepts matched type', () =>
+			doesNotThrow(() =>
+				validate({ field: 1 }, { field: Number.isInteger })))
+	})
+})

package/src/server/utils/http-response.js

@@ -1,113 +0,0 @@
-import fs, { readFileSync } from 'node:fs'
-
-import { logger } from './logger.js'
-import { mimeFor } from './mime.js'
-import { HEADER_502 } from '../ApiConstants.js'
-
-
-export function setHeaders(response, headers) {
-	for (let i = 0; i < headers.length; i += 2)
-		response.setHeader(headers[i], headers[i + 1])
-}
-
-export function sendOK(response) {
-	logger.access(response)
-	response.end()
-}
-
-export function sendHTML(response, html, csp) {
-	logger.access(response)
-	response.setHeader('Content-Type', mimeFor('html'))
-	response.setHeader('Content-Security-Policy', csp)
-	response.end(html)
-}
-
-export function sendJSON(response, payload) {
-	logger.access(response)
-	response.setHeader('Content-Type', 'application/json')
-	response.end(JSON.stringify(payload))
-}
-
-export function sendFile(response, file) {
-	logger.access(response)
-	response.setHeader('Content-Type', mimeFor(file))
-	response.end(readFileSync(file, 'utf8'))
-}
-
-export function sendNoContent(response) {
-	response.statusCode = 204
-	logger.access(response)
-	response.end()
-}
-
-
-export function sendBadRequest(response) {
-	response.statusCode = 400
-	logger.access(response)
-	response.end()
-}
-
-export function sendNotFound(response) {
-	response.statusCode = 404
-	logger.access(response)
-	response.end()
-}
-
-export function sendMockNotFound(response) {
-	response.statusCode = 404
-	logger.accessMock(response.req.url, '404')
-	response.end()
-}
-
-export function sendTooLongURI(response) {
-	response.statusCode = 414
-	logger.access(response)
-	response.end()
-}
-
-export function sendUnprocessable(response, error) {
-	logger.access(response, error)
-	response.statusCode = 422
-	response.end(error)
-}
-
-
-export function sendInternalServerError(response, error) {
-	logger.error(500, response.req.url, error?.message || error, error?.stack || '')
-	response.statusCode = 500
-	response.end()
-}
-
-export function sendBadGateway(response, error) {
-	logger.warn('Fallback Proxy Error:', error.cause.message)
-	response.statusCode = 502
-	response.setHeader(HEADER_502, 1)
-	response.end()
-}
-
-
-export async function sendPartialContent(response, range, file) {
-	const { size } = await fs.promises.lstat(file)
-	let [start, end] = range.replace(/bytes=/, '').split('-').map(n => parseInt(n, 10))
-	if (isNaN(end)) end = size - 1
-	if (isNaN(start)) start = size - end
-
-	if (start < 0 || start > end || start >= size || end >= size) {
-		response.statusCode = 416 // Range Not Satisfiable
-		response.setHeader('Content-Range', `bytes */${size}`)
-		response.end()
-	}
-	else {
-		response.statusCode = 206 // Partial Content
-		response.setHeader('Accept-Ranges', 'bytes')
-		response.setHeader('Content-Range', `bytes ${start}-${end}/${size}`)
-		response.setHeader('Content-Type', mimeFor(file))
-		const reader = fs.createReadStream(file, { start, end })
-		reader.on('open', function () {
-			this.pipe(response)
-		})
-		reader.on('error', function (error) {
-			sendInternalServerError(response, error)
-		})
-	}
-}