@azure/monitor-opentelemetry
Version:
Azure Monitor OpenTelemetry (Node.js)
146 lines • 5.77 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.QuickpulseSender = void 0;
const tslib_1 = require("tslib");
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
const url_1 = tslib_1.__importDefault(require("url"));
const core_rest_pipeline_1 = require("@azure/core-rest-pipeline");
const api_1 = require("@opentelemetry/api");
const index_js_1 = require("../../../generated/index.js");
const redirectUtils_js_1 = require("../redirectUtils.js");
const applicationInsightsResource = "https://monitor.azure.com/.default";
/**
* Quickpulse sender class
* @internal
*/
class QuickpulseSender {
quickpulseClient;
instrumentationKey;
endpointUrl;
credential;
credentialScopes;
constructor(options) {
// Build endpoint using provided configuration or default values
this.endpointUrl = options.endpointUrl;
const clientOptions = {
endpoint: this.endpointUrl,
};
this.instrumentationKey = options.instrumentationKey;
this.credential = options.credential;
// Configure credential scopes
if (options.credentialScopes) {
this.credentialScopes = Array.isArray(options.credentialScopes)
? options.credentialScopes
: [options.credentialScopes];
}
else {
this.credentialScopes = [applicationInsightsResource];
}
if (options.credential) {
clientOptions.credentials = { scopes: this.credentialScopes };
}
this.quickpulseClient = this.createQuickpulseClient(clientOptions);
}
createQuickpulseClient(clientOptions) {
const client = new index_js_1.QuickpulseClient(this.credential, clientOptions);
// Handle redirects in HTTP Sender
client.pipeline.removePolicy({ name: core_rest_pipeline_1.redirectPolicyName });
return client;
}
/**
* isSubscribed Quickpulse service
* @internal
*/
async isSubscribed(optionalParams) {
try {
let responseHeaders = {};
const body = await this.quickpulseClient.isSubscribed(this.instrumentationKey, {
...optionalParams,
onResponse: (rawResponse) => {
responseHeaders = rawResponse.headers.toJSON();
},
});
return {
...body,
xMsQpsSubscribed: responseHeaders["x-ms-qps-subscribed"],
xMsQpsConfigurationEtag: responseHeaders["x-ms-qps-configuration-etag"],
xMsQpsServicePollingIntervalHint: responseHeaders["x-ms-qps-service-polling-interval-hint"],
xMsQpsServiceEndpointRedirectV2: responseHeaders["x-ms-qps-service-endpoint-redirect-v2"],
};
}
catch (error) {
const restError = error;
api_1.diag.info("Failed to ping Quickpulse service", restError.message);
}
return;
}
/**
* publish Quickpulse service
* @internal
*/
async publish(optionalParams) {
try {
let responseHeaders = {};
const body = await this.quickpulseClient.publish(this.instrumentationKey, {
...optionalParams,
onResponse: (rawResponse) => {
responseHeaders = rawResponse.headers.toJSON();
},
});
return {
...body,
xMsQpsSubscribed: responseHeaders["x-ms-qps-subscribed"],
xMsQpsConfigurationEtag: responseHeaders["x-ms-qps-configuration-etag"],
};
}
catch (error) {
const restError = error;
api_1.diag.warn("Failed to post Quickpulse service", restError.message);
}
return;
}
/**
* Apply a server-issued Live Metrics redirect (`x-ms-qps-service-endpoint-redirect-v2`) by
* re-pointing the underlying client at the new host.
*
* Cross-origin redirects are refused (no state mutated) when the target is neither the configured
* Live Metrics host nor under a known Azure Monitor ingestion domain suffix. Refusing them is
* required to prevent an attacker-controlled redirect from causing the bearer auth policy to
* attach a freshly-signed AAD token (scope `https://monitor.azure.com/.default`) — and the
* telemetry body — to a foreign host on the next ping/publish call.
*/
handlePermanentRedirect(location) {
if (location) {
let locUrl;
try {
locUrl = new url_1.default.URL(location);
}
catch {
return;
}
if (!locUrl.host) {
return;
}
let currentHost = "";
try {
currentHost = new url_1.default.URL(this.endpointUrl).host;
}
catch {
currentHost = "";
}
if (!(0, redirectUtils_js_1.isSameRegisteredDomain)(currentHost, locUrl.host)) {
api_1.diag.error(`Refusing cross-origin Live Metrics redirect to https://${locUrl.host}: target is neither the configured endpoint host nor under a known Azure Monitor ingestion domain.`);
return;
}
this.endpointUrl = "https://" + locUrl.host;
// Recreate the client so subsequent requests use the new endpoint
this.quickpulseClient = this.createQuickpulseClient({
endpoint: this.endpointUrl,
credentials: { scopes: this.credentialScopes },
});
}
}
}
exports.QuickpulseSender = QuickpulseSender;
//# sourceMappingURL=sender.js.map