scimgateway 4.1.12 → 4.1.14

package/README.md

@@ -49,7 +49,7 @@ SCIM Gateway becomes a standalone SCIM endpoint
 Demonstrates user provisioning towards document-oriented database  
 Using [LokiJS](https://github.com/techfort/LokiJS) for a fast, in-memory document-oriented database (much like MongoDB/PouchDB)  
 Default gives two predefined test users loaded using in-memory only (no persistence)  
-Setting `{"persistence": true}` gives persistence file store (no test users)  
+Configuration `{"persistence": true}` gives persistence file store (no test users)  
 Example of a fully functional SCIM Gateway plugin  
 
 * **MongoDB** (NoSQL Document-Oriented Database)  
@@ -1146,6 +1146,12 @@ MIT © [Jarle Elshaug](https://www.elshaug.xyz)
 
 ## Change log  
 
+### v4.1.14  
+
+[Fixed]  
+
+- Do not create logs directory or log-file when configuration `log.loglevel.file` not defined or set to `"off"`. This fix will allow SCIM Gateway to run on systems having read-only disk like Google Cloud App Engine Standard    
+
 ### v4.1.12  
 
 [Added]  

package/lib/logger.js

@@ -44,12 +44,12 @@ const Log = function (config, logfile, _this) { // { loglevel: { file: "debug",
 
   const maskSecret = winston.format((info, opts) => {
     // mask json secrets
-    var rePattern = new RegExp(reJson, 'i')
+    let rePattern = new RegExp(reJson, 'i')
     let msg = info.message
     let endPos = msg.length - 1
     let found = false
     do {
-      var arrMatches = msg.substring(0, endPos).match(rePattern)
+      const arrMatches = msg.substring(0, endPos).match(rePattern)
       if (Array.isArray(arrMatches) && arrMatches.length === 3) {
         arrMatches[2] = arrMatches[2].replace(/[-\/\\^$*+?.()|[\]{}]/g, '\\$&') // escaping special regexp characters
         msg = msg.replace(new RegExp(arrMatches[2], 'g'), '********')
@@ -62,7 +62,7 @@ const Log = function (config, logfile, _this) { // { loglevel: { file: "debug",
     rePattern = new RegExp(reXml, 'i')
     endPos = msg.length - 1
     do {
-      arrMatches = msg.substring(0, endPos).match(rePattern)
+      const arrMatches = msg.substring(0, endPos).match(rePattern)
       if (Array.isArray(arrMatches) && arrMatches.length === 3) {
         arrMatches[2] = arrMatches[2].replace(/[-\/\\^$*+?.()|[\]{}]/g, '\\$&')
         msg = msg.replace(new RegExp('>' + arrMatches[2] + '<', 'g'), '>********<')
@@ -98,38 +98,48 @@ const Log = function (config, logfile, _this) { // { loglevel: { file: "debug",
     )
   }
 
-  Log.prototype.logger = winston.createLogger({
-    format: winston.format.combine(
-      maskSecret()
-    ),
-    transports: [
-      new winston.transports.File({
-        level: (config.loglevel.file && arrValidLevel.includes(config.loglevel.file.toLowerCase())) ? config.loglevel.file : 'debug',
-        filename: logfile,
-        handleExceptions: true,
-        format: fileFormat,
-        maxsize: 1024 * 1024 * 20, // 20 MB
-        maxFiles: 5
-      }),
-      new winston.transports.Console({ // note, console logging is synchronous e.g. node.js halts when console window is scrolled
-        level: (config.loglevel.console && arrValidLevel.includes(config.loglevel.console.toLowerCase())) ? config.loglevel.console : 'debug',
-        handleExceptions: true,
-        stderrLevels: ['error'],
-        format: (config.colorize) ? consoleFormat : Log.prototype.unColorize()
+  Log.prototype.logger = () => {
+    if (config.loglevel.file) {
+      return winston.createLogger({
+        format: winston.format.combine(
+          maskSecret()
+        ),
+        transports: [
+          new winston.transports.Console({ // note, console logging is synchronous e.g. node.js halts when console window is scrolled
+            level: (config.loglevel.console && arrValidLevel.includes(config.loglevel.console.toLowerCase())) ? config.loglevel.console : 'debug',
+            handleExceptions: true,
+            stderrLevels: ['error'],
+            format: (config.colorize) ? consoleFormat : Log.prototype.unColorize()
+          }),
+          new winston.transports.File({
+            level: (config.loglevel.file && arrValidLevel.includes(config.loglevel.file.toLowerCase())) ? config.loglevel.file : 'debug',
+            filename: logfile,
+            handleExceptions: true,
+            format: fileFormat,
+            maxsize: 1024 * 1024 * 20, // 20 MB
+            maxFiles: 5
+          })
+        ],
+        exitOnError: false
       })
-    ],
-    exitOnError: false
-  })
-
-  // flush to disk before exit (process.exit in main code will terminate logger and we may have unflushed logfile updates)
-  // note, still asynchronous (using exception is an alternative that gives synchronous flush and program exit)
-  Log.prototype.exitAfterFlush = (code) => {
-    Log.prototype.logger.transports[0].on('flush', function () {
-      process.exit(code)
+    }
+    return winston.createLogger({
+      format: winston.format.combine(
+        maskSecret()
+      ),
+      transports: [
+        new winston.transports.Console({
+          level: (config.loglevel.console && arrValidLevel.includes(config.loglevel.console.toLowerCase())) ? config.loglevel.console : 'debug',
+          handleExceptions: true,
+          stderrLevels: ['error'],
+          format: (config.colorize) ? consoleFormat : Log.prototype.unColorize()
+        })
+      ],
+      exitOnError: false
     })
   }
 
-  const logger = Log.prototype.logger // fix multiple loggers using stream
+  const logger = Log.prototype.logger() // fix multiple loggers using stream
   Log.prototype.stream = {
     write: function (message, encoding) {
       logger.info(message)

package/lib/scimgateway.js

@@ -46,8 +46,8 @@ const ScimGateway = function () {
   const gwName = path.basename(__filename, '.js') // prefix of current file
   const logDir = path.join(path.dirname(requester), '..', 'logs')
   const Log = require('../lib/logger').Log
-  const log = new Log(utils.extendObj(utils.copyObj(config.log), { category: pluginName, colorize: process.stdout.isTTY || false, loglevel: { file: 'debug', console: 'debug' } }), path.join(`${logDir}`, `${pluginName}.log`))
-  const logger = log.logger
+  const log = new Log(utils.extendObj(utils.copyObj(config.log), { category: pluginName, colorize: process.stdout.isTTY || false, loglevel: { file: (!config.log.loglevel.file || config.log.loglevel.file === 'off') ? null : 'debug', console: 'debug' } }), path.join(`${logDir}`, `${pluginName}.log`))
+  const logger = log.logger()
   this.logger = logger // exposed to plugin-code
   this.notValidAttributes = notValidAttributes // exposed to plugin-code
   let pwErrCount = 0
@@ -228,10 +228,12 @@ const ScimGateway = function () {
     logger.error(`${gwName}[${pluginName}] stopping...\n`)
     throw (new Error('Using exception to stop further asynchronous code execution (ensure synchronous logger flush to logfile and exit program), please ignore this one...'))
   }
-  if (!fs.existsSync(logDir)) fs.mkdirSync(logDir)
-  if (!fs.existsSync(configDir + '/wsdls')) fs.mkdirSync(configDir + '/wsdls')
-  if (!fs.existsSync(configDir + '/certs')) fs.mkdirSync(configDir + '/certs')
-  if (!fs.existsSync(configDir + '/schemas')) fs.mkdirSync(configDir + '/schemas')
+
+  try {
+    if (!fs.existsSync(configDir + '/wsdls')) fs.mkdirSync(configDir + '/wsdls')
+    if (!fs.existsSync(configDir + '/certs')) fs.mkdirSync(configDir + '/certs')
+    if (!fs.existsSync(configDir + '/schemas')) fs.mkdirSync(configDir + '/schemas')
+  } catch (err) {}
 
   let isScimv2 = false
   if (config.scim.version === '2.0' || config.scim.version === 2) {
@@ -317,7 +319,7 @@ const ScimGateway = function () {
   // start auth methods - used by auth
   const basic = (baseEntity, method, authType, authToken, url) => {
     return new Promise((resolve, reject) => { // basic auth
-      if (url === '/ping' || url.endsWith('/oauth/token') || url === '/favicon.ico') resolve(true) // no auth
+      if (url === '/ping' || url.endsWith('/oauth/token') || url === '/_ah/start' || url === '/_ah/stop' || url === '/favicon.ico') resolve(true) // no auth
       if (authType !== 'Basic') resolve(false)
       if (!foundBasic) resolve(false) // not configured
       const [userName, userPassword] = (Buffer.from(authToken, 'base64').toString() || '').split(':')
@@ -597,6 +599,18 @@ const ScimGateway = function () {
     ctx.body = tx
   })
 
+  // Google App Engine B-class instance start/stop request
+  router.get(['/_ah/start', '/_ah/stop'], async (ctx) => {
+    const cli = ctx.request.ipcli
+    const ver = process.env.GAE_VERSION
+    if (!cli || cli !== '0.1.0.3' || !ver || !ctx.origin.includes(`.${ver}.`)) { // ctx.origin = http://<instance>.<version>.<project-id>.<region>.r.appspot.com
+      ctx.status = 403 // request not coming from GCP App Engine
+      return
+    }
+    // could have some start/stop logic here
+    ctx.status = 200
+  })
+
   // Initial connection, step #1: GET /ServiceProviderConfigs
   // If not included => Provisioning will always use GET /Users without any paramenters
   // scimv1 = ServiceProviderConfigs, scimv2 ServiceProviderConfig
@@ -1785,11 +1799,11 @@ const ScimGateway = function () {
     logger.close()
     server.close(function () {
       setTimeout(function () { // plugins may also use SIGTERM/SIGINT
-        process.exit(1)
+        process.exit(0)
       }, 0.5 * 1000)
     })
     setTimeout(function () { // problem closing server connections in time due to keep-alive sessions (active browser connection?), now forcing exit
-      process.exit(2)
+      process.exit(1)
     }, 2 * 1000)
   }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scimgateway",
-  "version": "4.1.12",
+  "version": "4.1.14",
   "description": "Using SCIM protocol as a gateway for user provisioning to other endpoints",
   "author": "Jarle Elshaug <jarle.elshaug@gmail.com> (https://elshaug.xyz)",
   "homepage": "https://elshaug.xyz",