webhook-tunnel - npm Package Compare versions

Comparing version 0.0.3 to 0.0.4

package.json

 {
   "name": "webhook-tunnel",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "description": "A little http proxy suitable to create tunnel for web hooks endpoint living behind a firewall or a VPN",
@@ -16,3 +16,3 @@ "main": "src/index.js",
     "test:lint": "eslint src test",
-    "test:unit": "jest --verbose",
+    "test:unit": "jest --verbose --coverage",
     "test": "npm run test:lint && npm run test:unit",
@@ -55,4 +55,6 @@ "package:create": "pkg . -t node8-win,node8-macos,node8-linux --out-dir build",
     "http-proxy": "^1.16.2",
+    "netmask": "^1.0.6",
+    "pino": "^4.10.1",
     "yargs": "^10.0.3"
   }
 }

README.md

@@ -54,7 +54,6 @@ # webhook-tunnel
 ```bash
-webhook-tunnel <port> <target>
+webhook-tunnel <target>
 ```
 
-Where `port` is the port on which the proxy will be listening to and `target` is the
-full URL where every request will be proxied to.
+Where `target` is the full URL where every request will be proxied to.
 
@@ -64,6 +63,37 @@ E.g.
 ```bash
-webhook-tunnel 12345 http://myprivatejenkins.tld/somepath/
+webhook-tunnel http://myprivatejenkins.tld/somepath/
 ```
 
+By default the server will be bound to `0.0.0.0:12345`.
 
+
+### Command line options
+
+This is the full list of supported command line options:
+
+```plain
+Options:
+  --help               Show help                                       [boolean]
+  --bind-address, -a   The bind address of the server
+                                                   [string] [default: "0.0.0.0"]
+  --port, -p           The port on which the server will be listening to
+                                                       [number] [default: 12345]
+  --expect-cidr, -C    Rejects the request if it is not coming from one of the
+                       specified IP ranges (CIDRs)                       [array]
+  --expect-path, -P    Rejects the request if it is not addressed to one of the
+                       specified path prefixes                           [array]
+  --expect-query, -Q   Rejects the request if it doesn't contain any of
+                       specified query parameters with a matching value (e.g.
+                       token=1234)                                       [array]
+  --expect-header, -H  Rejects the request if it doesn't contain any of
+                       specified headers with a matching value (e.g.
+                       x-token=1234)                                     [array]
+  --expect-method, -M  Rejects the request if it is not using one of the
+                       specified methods (e.g. `GET`)                    [array]
+  --log-level, -l      Logging level (one of 'fatal', 'error', 'warn', 'info',
+                       'debug', 'trace' or 'silent')  [string] [default: "info"]
+  --version            Show version number                             [boolean]
+```
+
+
 ## Contributing
@@ -70,0 +100,0 @@

src/index.js

 const http = require('http')
 const httpProxy = require('http-proxy')
+const pino = require('pino')
+const yargs = require('yargs')
+const filterRequest = require('./filterRequest')
 
-const port = process.argv[2]
-const target = process.argv[3]
-const proxy = httpProxy.createProxyServer({target})
+const argv = yargs
+  .usage(
+    '$0 <target>',
+    'Run the tunnel server',
+    (yargs) => {
+      yargs
+        .positional('target', {
+          describe: 'The URL to which proxy the requests to',
+          type: 'string'
+        })
+    }
+  )
+  .option('bind-address', {
+    alias: 'a',
+    describe: 'The bind address of the server',
+    type: 'string',
+    default: '0.0.0.0'
+  })
+  .option('port', {
+    alias: 'p',
+    describe: 'The port on which the server will be listening to',
+    type: 'number',
+    default: 12345
+  })
+  .option('expect-cidr', {
+    alias: 'C',
+    describe: 'Rejects the request if it is not coming from one of the specified IP ranges (CIDRs)',
+    type: 'array'
+  })
+  .option('expect-path', {
+    alias: 'P',
+    describe: 'Rejects the request if it is not addressed to one of the specified path prefixes',
+    type: 'array'
+  })
+  .option('expect-query', {
+    alias: 'Q',
+    describe: 'Rejects the request if it doesn\'t contain any of specified query parameters with a matching value (e.g. token=1234)',
+    type: 'array'
+  })
+  .option('expect-header', {
+    alias: 'H',
+    describe: 'Rejects the request if it doesn\'t contain any of specified headers with a matching value (e.g. x-token=1234)',
+    type: 'array'
+  })
+  .option('expect-method', {
+    alias: 'M',
+    describe: 'Rejects the request if it is not using one of the specified methods (e.g. `GET`)',
+    type: 'array'
+  })
+  .option('log-level', {
+    alias: 'l',
+    describe: 'Logging level (one of \'fatal\', \'error\', \'warn\', \'info\', \'debug\', \'trace\' or \'silent\')',
+    type: 'string',
+    default: 'info'
+  })
+  .version()
+  .argv
 
+  // initializes logger
+const pretty = pino.pretty()
+pretty.pipe(process.stdout)
+const logger = pino({
+  name: 'webhook-tunnel',
+  safe: true,
+  level: argv.logLevel
+}, pretty)
+
+logger.debug({
+  runtime: process.argv[0],
+  script: process.argv[1],
+  arguments: argv
+}, 'Initializing')
+
+const proxy = httpProxy.createProxyServer({ target: argv.target })
+
 proxy.on('error', function (err, req, res) {
-  console.error(err)
-  res.writeHead(502, {'Content-Type': 'text/plain'})
-  return res.end('Proxy error')
+  logger.error(err)
+  res.writeHead(502, {'Content-Type': 'application/json'})
+  return res.end(JSON.stringify({error: 'Proxy error'}))
 })
 
 var server = http.createServer(function (req, res) {
-  console.log(req.url)
-  return proxy.web(req, res, { target: target })
+  logger.info(`Incoming request: ${req.method} ${req.url}`)
+  logger.debug(req)
+  try {
+    filterRequest(req, argv)
+    return proxy.web(req, res, { target: argv.target })
+  } catch (err) {
+    logger.error(err, 'Request rejected')
+    res.writeHead(502, {'Content-Type': 'application/json'})
+    return res.end(JSON.stringify({error: 'Request rejected'}))
+  }
 })
 
-console.log('listening on port ' + port)
-server.listen(port)
+server.listen(argv.port, argv.bindAddress, (err) => {
+  if (err) {
+    throw err
+  }
+
+  logger.info({
+    address: argv.bindAddress,
+    port: argv.port
+  }, 'Server started')
+})

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

12349

increased by84.29%

Number of package files

8

increased by14.29%

Lines of code

143

increased by793.75%

Number of lines in readme file

107

increased by38.96%

Worsened metrics

Dependency count

4

increased by100%

Number of medium supply chain risk alerts

3

increased by50%

Dependency changes

• + Addednetmask@^1.0.6

• + Addedpino@^4.10.1

• + Addedansi-styles@3.2.1(transitive)

• + Addedchalk@2.4.2(transitive)

• + Addedcolor-convert@1.9.3(transitive)

• + Addedcolor-name@1.1.3(transitive)

• + Addedcore-util-is@1.0.3(transitive)

• + Addedend-of-stream@1.4.4(transitive)

• + Addedescape-string-regexp@1.0.5(transitive)

• + Addedfast-json-parse@1.0.3(transitive)

• + Addedfast-safe-stringify@1.2.3(transitive)

• + Addedflatstr@1.0.12(transitive)

• + Addedhas-flag@3.0.0(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedisarray@1.0.0(transitive)

• + Addednetmask@1.0.6(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedpino@4.17.6(transitive)

• + Addedpino-std-serializers@2.5.0(transitive)

• + Addedprocess-nextick-args@2.0.1(transitive)

• + Addedpump@3.0.0(transitive)

• + Addedquick-format-unescaped@1.1.2(transitive)

• + Addedreadable-stream@2.3.8(transitive)

• + Addedsafe-buffer@5.1.2(transitive)

• + Addedsplit2@2.2.0(transitive)

• + Addedstring_decoder@1.1.1(transitive)

• + Addedsupports-color@5.5.0(transitive)

• + Addedthrough2@2.0.5(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• + Addedwrappy@1.0.2(transitive)

• + Addedxtend@4.0.2(transitive)