ui5-middleware-http-proxy
Advanced tools
Comparing version 1.1.1 to 2.0.0
module.exports = { | ||
env: { | ||
browser: true, | ||
commonjs: true, | ||
es6: true | ||
es2021: true, | ||
node: true | ||
}, | ||
@@ -10,8 +10,4 @@ extends: [ | ||
], | ||
globals: { | ||
Atomics: 'readonly', | ||
SharedArrayBuffer: 'readonly' | ||
}, | ||
parserOptions: { | ||
ecmaVersion: 2018 | ||
ecmaVersion: 12 | ||
}, | ||
@@ -18,0 +14,0 @@ rules: { |
@@ -1,5 +0,4 @@ | ||
const log = require('@ui5/logger').getLogger('ui5-middleware-http-proxy') | ||
const ui5Logger = require('@ui5/logger') | ||
const dotenv = require('dotenv') | ||
const request = require('request') | ||
const dotenv = require('dotenv') | ||
const lodash = require('lodash') | ||
@@ -9,22 +8,54 @@ // load .env | ||
const _getAuth = ({ auth = {} }) => { | ||
const { HTTP_PROXY_AUTH_USER, HTTP_PROXY_AUTH_PASS } = process.env | ||
if (!auth.user && HTTP_PROXY_AUTH_USER) { | ||
auth.user = HTTP_PROXY_AUTH_USER | ||
// get logger instance | ||
const log = ui5Logger.getLogger('ui5-middleware-http-proxy') | ||
/** | ||
* Resolve an entry pattern of env:key | ||
* @private | ||
* @param {string} entry - .env entry to be resolved | ||
* @returns {string} the resolved key from process.env | ||
*/ | ||
const _resolveDotenv = entry => { | ||
const key = entry.split(':')[1] | ||
return process.env[key] | ||
} | ||
/** | ||
* Resolve http basic auth credentials | ||
* @private | ||
* @param {object} auth - the auth object to be resolved | ||
* @param {string} [auth.user] - the user | ||
* @param {string} [auth.pass] - the pass | ||
* @returns {object} the resolved auth object containing user and pass | ||
*/ | ||
const _resolveAuth = auth => { | ||
if (Object.entries(auth).length === 0) { | ||
return null | ||
} | ||
if (!auth.pass && HTTP_PROXY_AUTH_PASS) { | ||
auth.pass = HTTP_PROXY_AUTH_PASS | ||
const { user = '', pass = '' } = auth | ||
const resolvedUser = user.startsWith('env:') ? _resolveDotenv(user) : user | ||
const resolvedPass = pass.startsWith('env:') ? _resolveDotenv(pass) : pass | ||
return { | ||
user: resolvedUser, | ||
pass: resolvedPass | ||
} | ||
return !lodash.isEmpty(auth) ? auth : null | ||
} | ||
const _resolvePath = ({ path, req }) => { | ||
// resolve paths | ||
let resolvedPath = `${path}${req.path}` | ||
/** | ||
* Resolve the uri for a given path and request incl. any query | ||
* @private | ||
* @param {object} options - the options | ||
* @param {string} options.path - the path to be resolved | ||
* @param {object} options.req - the req incl. any query | ||
* @returns {string} the resolved uri | ||
*/ | ||
const _resolveUri = ({ path, req }) => { | ||
// resolve path | ||
let resolvedUri = `${path}${req.path}` | ||
const query = req.url.split('?')[1] | ||
// append query | ||
// append query, if any | ||
if (query) { | ||
resolvedPath += '?' + query | ||
resolvedUri += '?' + query | ||
} | ||
return resolvedPath | ||
return resolvedUri | ||
} | ||
@@ -35,4 +66,4 @@ | ||
* | ||
* @param {Object} parameters Parameters | ||
* @param {Object} parameters.resources Resource collections | ||
* @param {object} parameters Parameters | ||
* @param {object} parameters.resources Resource collections | ||
* @param {module:@ui5/fs.AbstractReader} parameters.resources.all Reader or Collection to read resources of the | ||
@@ -44,3 +75,5 @@ * root project and its dependencies | ||
* the projects dependencies | ||
* @param {Object} parameters.options Options | ||
* @param {object} parameters.middlewareUtil Specification version dependent interface to a | ||
* [MiddlewareUtil]{@link module:@ui5/server.middleware.MiddlewareUtil} instance | ||
* @param {object} parameters.options Options | ||
* @param {string} [parameters.options.configuration] Custom server middleware configuration if given in ui5.yaml | ||
@@ -50,7 +83,4 @@ * @returns {function} Middleware function to use | ||
module.exports = ({ options: { configuration = {} } }) => { | ||
const { debug = false, baseUrl, path = '/', secure = true } = configuration | ||
const { debug = false, baseUrl, path = '/', secure = true, auth = {} } = configuration | ||
// get http basic auth if any | ||
const auth = _getAuth(configuration) | ||
// baseUrl is mandatory | ||
@@ -66,2 +96,5 @@ if (!baseUrl) { | ||
// get http basic auth, if any | ||
const resolvedAuth = _resolveAuth(auth) | ||
// cookie jar for subsequent requests | ||
@@ -72,7 +105,8 @@ const jar = request.jar() | ||
return (req, res, next) => { | ||
const resolvedPath = _resolvePath({ path, req }) | ||
// resolve the uri | ||
const resolvedUri = _resolveUri({ path, req }) | ||
// debug log for each request | ||
if (debug) { | ||
log.info(`${req.method} ${req.url} -> ${baseUrl}${resolvedPath}`) | ||
log.info(`${req.method} ${req.url} -> ${baseUrl}${resolvedUri}`) | ||
} | ||
@@ -83,4 +117,4 @@ | ||
baseUrl, | ||
uri: resolvedPath, | ||
auth, | ||
uri: resolvedUri, | ||
auth: resolvedAuth, | ||
strictSSL: secure, | ||
@@ -87,0 +121,0 @@ jar |
{ | ||
"name": "ui5-middleware-http-proxy", | ||
"version": "1.1.1", | ||
"version": "2.0.0", | ||
"description": "custom ui5 middleware extension for proxying http requests", | ||
@@ -22,13 +22,11 @@ "keywords": [ | ||
"dotenv": "^8.2.0", | ||
"lodash": "^4.17.20", | ||
"request": "^2.88.0" | ||
}, | ||
"devDependencies": { | ||
"eslint": "^7.12.1", | ||
"eslint-config-standard": "^15.0.1", | ||
"eslint-plugin-import": "^2.19.1", | ||
"eslint": "^7.19.0", | ||
"eslint-config-standard": "^16.0.2", | ||
"eslint-plugin-import": "^2.22.1", | ||
"eslint-plugin-node": "^11.1.0", | ||
"eslint-plugin-promise": "^4.2.1", | ||
"eslint-plugin-standard": "^4.0.1" | ||
"eslint-plugin-promise": "^4.2.1" | ||
} | ||
} |
@@ -98,4 +98,4 @@ [![JavaScript Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://standardjs.com) | ||
| `auth` | object | credentials for http basic authentication | no | - | | | ||
| `auth.user` | string | user for http basic authentication | no | - | `kratos` | | ||
| `auth.pass` | string | password for http basic authentication | no | - | `atreus` | | ||
| `auth.user` | string | user for http basic authentication | no | - | `kratos`, `env:HTTP_PROXY_AUTH_USER` | | ||
| `auth.pass` | string | password for http basic authentication | no | - | `atreus`, `env:HTTP_PROXY_AUTH_PASS` | | ||
@@ -106,14 +106,42 @@ #### Support for .env files | ||
The following environment variables are supported and will be mapped to the given configuration option: | ||
Simply prefix your `.env` variables for with `env:` and provide them as `auth.user` and `auth.pass` in your `configuration`. | ||
| Environment Variable | Configuration Option | | ||
|:----------------------:|:--------------------:| | ||
| `HTTP_PROXY_AUTH_USER` | `auth.user` | | ||
| `HTTP_PROXY_AUTH_PASS` | `auth.pass` | | ||
Instead of taking the plain string value, the variable will then be resolved against your `.env` file. | ||
Example `configuration` file: | ||
```yaml | ||
server: | ||
customMiddleware: | ||
# proxy using .env credentials | ||
- name: ui5-middleware-http-proxy | ||
mountPath: /service | ||
afterMiddleware: compression | ||
configuration: | ||
debug: true | ||
baseUrl: https://services.odata.org | ||
path: /V2/Northwind/Northwind.svc | ||
secure: false | ||
auth: | ||
user: env:MY_HTTP_PROXY_AUTH_USER | ||
pass: env:MY_HTTP_PROXY_AUTH_PASS | ||
``` | ||
Example `.env` file: | ||
```shell | ||
HTTP_PROXY_AUTH_USER=kratos | ||
HTTP_PROXY_AUTH_PASS=atreus | ||
MY_HTTP_PROXY_AUTH_USER=kratos | ||
MY_HTTP_PROXY_AUTH_PASS=atreus | ||
``` | ||
##### NOTE: | ||
This is a breaking API change as of version `^2.0.0`. | ||
Version `^1.1.0` only supports static `.env` variables: | ||
- `HTTP_PROXY_AUTH_USER` | ||
- `HTTP_PROXY_AUTH_PASS` | ||
## Example app | ||
Please have look at [bookshop-ui](https://github.com/pwasem/bookshop-ui). |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
3
5
146
11067
8
131
- Removedlodash@^4.17.20
- Removedlodash@4.17.21(transitive)