const { Dingus } = require('@squeep/api-dingus');
const common = require('./common');
const Manager = require('./manager');
-const { Authenticator, SessionManager } = require('@squeep/authentication-module');
-const { ResourceAuthenticator } = require('@squeep/resource-authentication-module');
-const { TemplateHelper: { initContext } } = require('@squeep/html-template-helper');
+const { Authenticator, ResourceAuthenticator, SessionManager } = require('@squeep/authentication-module');
+const { initContext, navLinks } = require('./template/template-helper');
const Enum = require('./enum');
+const { ResponseError } = require('./errors');
const _fileScope = common.fileScope(__filename);
+/**
+ * @typedef {import('node:http')} http
+ */
+
class Service extends Dingus {
- constructor(logger, db, options) {
+ constructor(logger, db, options, asyncLocalStorage) {
super(logger, {
...options.dingus,
ignoreTrailingSlash: false,
});
-
+ this.options = options;
+ this.asyncLocalStorage = asyncLocalStorage;
this.staticPath = path.normalize(path.join(__dirname, '..', 'static'));
this.manager = new Manager(logger, db, options);
this.authenticator = new Authenticator(logger, db, options);
const route = (r) => `/${options.route[r]}`; // eslint-disable-line security/detect-object-injection
// Service discovery
- this.on(['GET', 'HEAD'], route('metadata'), this.handlerGetMeta.bind(this));
+ this.on(['GET'], route('metadata'), this.handlerGetMeta.bind(this));
// Also respond with metadata on well-known oauth2 endpoint if base has no prefix
if ((options?.dingus?.selfBaseUrl?.match(/\//g) || []).length === 3) {
- this.on(['GET', 'HEAD'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this));
+ this.on(['GET'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this));
}
// Primary endpoints
this.on('POST', route('userinfo'), this.handlerPostUserInfo.bind(this));
// Information page about service
- this.on(['GET', 'HEAD'], '/', this.handlerGetRoot.bind(this));
+ this.on(['GET'], '/', this.handlerGetRoot.bind(this));
+
+ // Temmporary to see what rando payload someone is sending us unsolicited
+ this.on(['POST'], '/', this.handlerWhaGwan.bind(this));
// Give load-balancers something to check
- this.on(['GET', 'HEAD'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
+ this.on(['GET'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
// These routes are intended for accessing static content during development.
// In production, a proxy server would likely handle these first.
- this.on(['GET', 'HEAD'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`);
- this.on(['GET', 'HEAD'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html');
- this.on(['GET', 'HEAD'], '/static/:file', this.handlerGetStaticFile.bind(this));
- this.on(['GET', 'HEAD'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico');
- this.on(['GET', 'HEAD'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt');
+ this.on(['GET'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`);
+ this.on(['GET'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html');
+ this.on(['GET'], '/static/:file', this.handlerGetStaticFile.bind(this));
+ this.on(['GET'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico');
+ this.on(['GET'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt');
// Profile and token management for authenticated sessions
- this.on(['GET', 'HEAD'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
- this.on(['GET', 'HEAD'], '/admin/', this.handlerGetAdmin.bind(this));
+ this.on(['GET'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
+ this.on(['GET'], '/admin/', this.handlerGetAdmin.bind(this));
this.on(['POST'], '/admin/', this.handlerPostAdmin.bind(this));
// Ticket-proffering interface for authenticated sessions
- this.on(['GET', 'HEAD'], '/admin/ticket', this.handlerGetAdminTicket.bind(this));
+ this.on(['GET'], '/admin/ticket', this.handlerGetAdminTicket.bind(this));
this.on(['POST'], '/admin/ticket', this.handlerPostAdminTicket.bind(this));
// User authentication and session establishment
- this.on(['GET', 'HEAD'], '/admin/login', this.handlerGetAdminLogin.bind(this));
+ this.on(['GET'], '/admin/login', this.handlerGetAdminLogin.bind(this));
this.on(['POST'], '/admin/login', this.handlerPostAdminLogin.bind(this));
this.on(['GET'], '/admin/logout', this.handlerGetAdminLogout.bind(this));
+ this.on(['GET'], '/admin/settings', this.handlerGetAdminSettings.bind(this));
+ this.on(['POST'], '/admin/settings', this.handlerPostAdminSettings.bind(this));
// Page for upkeep info et cetera
- this.on(['GET', 'HEAD'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
+ this.on(['GET'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
}
/**
* Do a little more on each request.
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async preHandler(req, res, ctx) {
+ const _scope = _fileScope('preHandler');
+
await super.preHandler(req, res, ctx);
ctx.url = req.url; // Persist this for logout redirect
+
+ const logObject = this.asyncLocalStorage.getStore();
+ // istanbul ignore else
+ if (logObject) { // Debugging in vscode seems to kill ALS, work around
+ logObject.requestId = ctx.requestId;
+ delete ctx.requestId;
+ } else {
+ this.logger.debug(_scope, 'no async local store');
+ }
}
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminLogin(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminLogin');
this.logger.debug(_scope, 'called', { req, ctx });
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.sessionManager.getAdminLogin(res, ctx);
+ await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
+ await this.sessionManager.getAdminLogin(res, ctx, navLinks);
}
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAdminLogin(req, res, ctx) {
const _scope = _fileScope('handlerPostAdminLogin');
await this.ingestBody(req, res, ctx);
- await this.sessionManager.postAdminLogin(res, ctx);
+ await this.sessionManager.postAdminLogin(res, ctx, navLinks);
}
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
+ */
+ async handlerGetAdminSettings(req, res, ctx) {
+ const _scope = _fileScope('handlerGetAdminSettings');
+ this.logger.debug(_scope, 'called', { req, ctx });
+
+ initContext(ctx);
+
+ this.setResponseType(this.responseTypes, req, res, ctx);
+
+ if (await this.authenticator.sessionRequiredLocal(req, res, ctx)) {
+ await this.sessionManager.getAdminSettings(res, ctx, navLinks);
+ }
+ }
+
+
+ /**
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
+ */
+ async handlerPostAdminSettings(req, res, ctx) {
+ const _scope = _fileScope('handlerPostAdminSettings');
+ this.logger.debug(_scope, 'called', { req, ctx });
+
+ initContext(ctx);
+
+ this.setResponseType(this.responseTypes, req, res, ctx);
+
+ if (await this.authenticator.sessionRequiredLocal(req, res, ctx)) {
+ await this.ingestBody(req, res, ctx);
+ await this.sessionManager.postAdminSettings(res, ctx, navLinks);
+ }
+ }
+
+
+ /**
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminLogout(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminLogout');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdmin(req, res, ctx) {
const _scope = _fileScope('handlerGetAdmin');
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAdmin(req, res, ctx) {
const _scope = _fileScope('handlerPostAdmin');
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminTicket(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminTicket');
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAdminTicket(req, res, ctx) {
const _scope = _fileScope('handlerPostAdminTicket');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetMeta(req, res, ctx) {
const _scope = _fileScope('handlerGetMeta');
Enum.ContentType.TextPlain,
];
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(responseTypes, req, res, ctx);
await this.authenticator.sessionOptionalLocal(req, res, ctx);
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAuthorization(req, res, ctx) {
const _scope = _fileScope('handlerGetAuthorization');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAuthorization(req, res, ctx) {
const _scope = _fileScope('handlerPostAuthorization');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostConsent(req, res, ctx) {
const _scope = _fileScope('handlerPostConsent');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostTicket(req, res, ctx) {
const _scope = _fileScope('handlerPostTicket');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostToken(req, res, ctx) {
const _scope = _fileScope('handlerPostToken');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostRevocation(req, res, ctx) {
const _scope = _fileScope('handlerPostRevocation');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostIntrospection(req, res, ctx) {
const _scope = _fileScope('handlerPostIntrospection');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostUserInfo(req, res, ctx) {
const _scope = _fileScope('handlerPostUserInfo');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetRoot(req, res, ctx) {
const _scope = _fileScope('handlerGetRoot');
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(responseTypes, req, res, ctx);
await this.authenticator.sessionOptionalLocal(req, res, ctx);
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * Temporary to see what an unsolicited payload contains.
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
+ */
+ async handlerWhaGwan(req, res, ctx) {
+ this.setResponseType(this.responseTypes, req, res, ctx);
+ await this.ingestBody(req, res, ctx);
+ throw new ResponseError(Enum.ErrorResponse.MethodNotAllowed);
+ }
+
+ /**
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetHealthcheck(req, res, ctx) {
const _scope = _fileScope('handlerGetHealthcheck');
this.logger.debug(_scope, 'called', { req, ctx });
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
await this.manager.getHealthcheck(res, ctx);
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminMaintenance(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminMaintenance');
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
/**
* FIXME: This doesn't seem to be working as envisioned. Maybe override render error method instead???
* Intercept this and redirect if we have enough information, otherwise default to framework.
+ * Fixing this will likely have to wait until an e2e test framework is in place.
* The redirect attempt should probably be contained in a Manager method, but here it is for now.
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerInternalServerError(req, res, ctx) {
const _scope = _fileScope('handlerInternalServerError');
return;
}
- super.handlerInternalServerError(req, res, ctx);
+ await super.handlerInternalServerError(req, res, ctx);
}