@open-condo/miniapp-utils
Version:
A set of helper functions / components / hooks used to build new condo apps fast
516 lines (502 loc) • 17.7 kB
JavaScript
// src/helpers/apollo.ts
import { serialize as serializeCookie } from "cookie";
import { setCookie as setCookie3, getCookies } from "cookies-next";
// src/helpers/proxying/utils.ts
import jwt from "jsonwebtoken";
import proxyAddr from "proxy-addr";
import { z } from "zod";
// src/helpers/ip/utils.ts
var v4Seg = "(?:[0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])";
var v4Str = `(${v4Seg}[.]){3}${v4Seg}`;
var IPv4Reg = new RegExp(`^${v4Str}$`);
var v6Seg = "(?:[0-9a-fA-F]{1,4})";
var IPv6Reg = new RegExp(
`^((?:${v6Seg}:){7}(?:${v6Seg}|:)|(?:${v6Seg}:){6}(?:${v4Str}|:${v6Seg}|:)|(?:${v6Seg}:){5}(?::${v4Str}|(:${v6Seg}){1,2}|:)|(?:${v6Seg}:){4}(?:(:${v6Seg}){0,1}:${v4Str}|(:${v6Seg}){1,3}|:)|(?:${v6Seg}:){3}(?:(:${v6Seg}){0,2}:${v4Str}|(:${v6Seg}){1,4}|:)|(?:${v6Seg}:){2}(?:(:${v6Seg}){0,3}:${v4Str}|(:${v6Seg}){1,5}|:)|(?:${v6Seg}:){1}(?:(:${v6Seg}){0,4}:${v4Str}|(:${v6Seg}){1,6}|:)|(?::((?::${v6Seg}){0,5}:${v4Str}|(?::${v6Seg}){1,7}|:)))(%[0-9a-zA-Z]{1,})?$`
);
function isIPv4(s) {
return IPv4Reg.test(s);
}
function isIPv6(s) {
return IPv6Reg.test(s);
}
function isIP(s) {
if (isIPv4(s)) return 4;
if (isIPv6(s)) return 6;
return 0;
}
// src/helpers/ip/ipv4.ts
function ipv4ToLong(ip) {
if (!isIPv4(ip)) {
throw new Error(`not a valid IPv4 address: ${ip}`);
}
const octets = ip.split(".");
return (parseInt(octets[0], 10) << 24) + (parseInt(octets[1], 10) << 16) + (parseInt(octets[2], 10) << 8) + parseInt(octets[3], 10) >>> 0;
}
function createLongChecker(subnet) {
const [subnetAddress, prefixLengthString] = subnet.split("/");
const prefixLength = parseInt(prefixLengthString, 10);
if (!subnetAddress || !Number.isInteger(prefixLength)) {
throw new Error(`not a valid IPv4 subnet: ${subnet}`);
}
if (prefixLength < 0 || prefixLength > 32) {
throw new Error(`not a valid IPv4 prefix length: ${prefixLength} (from ${subnet})`);
}
const subnetLong = ipv4ToLong(subnetAddress);
return (addressLong) => {
if (prefixLength === 0) {
return true;
}
const subnetPrefix = subnetLong >> 32 - prefixLength;
const addressPrefix = addressLong >> 32 - prefixLength;
return subnetPrefix === addressPrefix;
};
}
function createChecker(subnetOrSubnets) {
if (Array.isArray(subnetOrSubnets)) {
const checks = subnetOrSubnets.map((subnet) => createLongChecker(subnet));
return (address) => {
const addressLong = ipv4ToLong(address);
return checks.some((check2) => check2(addressLong));
};
}
const check = createLongChecker(subnetOrSubnets);
return (address) => {
const addressLong = ipv4ToLong(address);
return check(addressLong);
};
}
// src/helpers/ip/ipv6.ts
var dot = /\./;
var mappedIpv4 = /^(.+:ffff:)(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(?:%.+)?$/;
var colon = /:/;
var doubleColon = /::/;
function mappedIpv4ToIpv6(ip) {
const matches = ip.match(mappedIpv4);
if (!matches || !isIPv4(matches[2])) {
throw new Error(`not a mapped IPv4 address: ${ip}`);
}
const prefix = matches[1];
const ipv4 = matches[2];
const parts = ipv4.split(dot).map((x) => parseInt(x, 10));
const segment7 = ((parts[0] << 8) + parts[1]).toString(16);
const segment8 = ((parts[2] << 8) + parts[3]).toString(16);
return `${prefix}${segment7}:${segment8}`;
}
function extractMappedIpv4(ip) {
const matches = ip.match(mappedIpv4);
if (!matches || !isIPv4(matches[2])) {
throw new Error(`not a mapped IPv4 address: ${ip}`);
}
return matches[2];
}
function getIpv6Segments(ip) {
if (!isIPv6(ip)) {
throw new Error(`not a valid IPv6 address: ${ip}`);
}
if (dot.test(ip)) {
return getIpv6Segments(mappedIpv4ToIpv6(ip));
}
const [beforeChunk, afterChunk] = ip.split(doubleColon);
const beforeParts = beforeChunk && beforeChunk.split(colon) || [];
const afterParts = afterChunk && afterChunk.split(colon) || [];
const missingSegments = new Array(8 - (beforeParts.length + afterParts.length));
return beforeParts.concat(missingSegments, afterParts);
}
function createChecker2(subnetOrSubnets) {
if (Array.isArray(subnetOrSubnets)) {
const checks = subnetOrSubnets.map((subnet) => createSegmentChecker(subnet));
return (address) => {
const segments = getIpv6Segments(address);
return checks.some((check2) => check2(segments));
};
}
const check = createSegmentChecker(subnetOrSubnets);
return (address) => {
const segments = getIpv6Segments(address);
return check(segments);
};
}
function createSegmentChecker(subnet) {
const [subnetAddress, prefixLengthString] = subnet.split("/");
const prefixLength = parseInt(prefixLengthString, 10);
if (!subnetAddress || !Number.isInteger(prefixLength)) {
throw new Error(`not a valid IPv6 CIDR subnet: ${subnet}`);
}
if (prefixLength < 0 || prefixLength > 128) {
throw new Error(`not a valid IPv6 prefix length: ${prefixLength} (from ${subnet})`);
}
const subnetSegments = getIpv6Segments(subnetAddress);
return (addressSegments) => {
for (let i = 0; i < 8; ++i) {
const bitCount = Math.min(prefixLength - i * 16, 16);
if (bitCount <= 0) {
break;
}
const subnetPrefix = (subnetSegments[i] && parseInt(subnetSegments[i], 16) || 0) >> 16 - bitCount;
const addressPrefix = (addressSegments[i] && parseInt(addressSegments[i], 16) || 0) >> 16 - bitCount;
if (subnetPrefix !== addressPrefix) {
return false;
}
}
return true;
};
}
var specialNetsCache = {};
function isIPv4MappedAddress(address) {
if (!("mapped" in specialNetsCache)) {
specialNetsCache["mapped"] = createChecker2("::ffff:0:0/96");
}
if (specialNetsCache["mapped"](address)) {
const matches = address.match(mappedIpv4);
return Boolean(matches && isIPv4(matches[2]));
}
return false;
}
// src/helpers/ip/index.ts
function isInSubnet(address, subnetOrSubnets) {
return createChecker3(subnetOrSubnets)(address);
}
function createChecker3(subnetOrSubnets) {
if (!Array.isArray(subnetOrSubnets)) {
return createChecker3([subnetOrSubnets]);
}
const subnetsByVersion = subnetOrSubnets.reduce(
(acc, subnet) => {
const ip = subnet.split("/")[0];
acc[isIP(ip)].push(subnet);
return acc;
},
{ 0: [], 4: [], 6: [] }
);
if (subnetsByVersion[0].length !== 0) {
throw new Error(`some subnets are not valid IP addresses: ${subnetsByVersion[0]}`);
}
const check4 = createChecker(subnetsByVersion[4]);
const check6 = createChecker2(subnetsByVersion[6]);
return (address) => {
if (!isIP(address)) {
throw new Error(`not a valid IPv4 or IPv6 address: ${address}`);
}
if (isIPv6(address) && isIPv4MappedAddress(address)) {
return check6(address) || check4(extractMappedIpv4(address));
}
if (isIPv6(address)) {
return check6(address);
} else {
return check4(address);
}
};
}
// src/helpers/proxying/utils.ts
var _ipSchema = z.union([z.ipv4(), z.ipv6()]);
var _timeStampBasicRegexp = /^\d+$/;
var DEFAULT_PROXY_TIMEOUT_IN_MS = 5e3;
var X_PROXY_ID_HEADER = "x-proxy-id";
var X_PROXY_IP_HEADER = "x-proxy-ip";
var X_PROXY_TIMESTAMP_HEADER = "x-proxy-timestamp";
var X_PROXY_SIGNATURE_HEADER = "x-proxy-signature";
function _getTimestampFromHeader(timestamp) {
if (!_timeStampBasicRegexp.test(timestamp)) return Number.NaN;
return new Date(parseInt(timestamp)).getTime();
}
function _isProxyIP(ip, proxyConfig) {
const addresses = Array.isArray(proxyConfig.address) ? proxyConfig.address : [proxyConfig.address];
const config = addresses.reduce((acc, addr) => {
const isSubnet = addr.split("/").length > 1;
if (isSubnet) {
acc.subnets.push(addr);
} else {
acc.ips.push(addr);
}
return acc;
}, { ips: [], subnets: [] });
if (config.ips.length && config.ips.includes(ip)) {
return true;
}
return !!(config.subnets.length && isInSubnet(ip, config.subnets));
}
function getRequestIp(req, trustProxyFn, knownProxies) {
const originalIP = proxyAddr(req, trustProxyFn);
if (!knownProxies) return originalIP;
const xProxyId = req.headers[X_PROXY_ID_HEADER];
const xProxyIp = req.headers[X_PROXY_IP_HEADER];
const xProxyTimestamp = req.headers[X_PROXY_TIMESTAMP_HEADER];
const xProxySignature = req.headers[X_PROXY_SIGNATURE_HEADER];
if (typeof xProxyId !== "string" || typeof xProxyIp !== "string" || typeof xProxyTimestamp !== "string" || typeof xProxySignature !== "string") {
return originalIP;
}
const { success: isValidIp } = _ipSchema.safeParse(xProxyIp);
if (!isValidIp) {
return originalIP;
}
const timestamp = _getTimestampFromHeader(xProxyTimestamp);
const now = Date.now();
if (Number.isNaN(timestamp) || timestamp > now || now - timestamp > DEFAULT_PROXY_TIMEOUT_IN_MS) {
return originalIP;
}
if (!Object.hasOwn(knownProxies, xProxyId)) {
return originalIP;
}
const proxyConfig = knownProxies[xProxyId];
if (!proxyConfig || !_isProxyIP(originalIP, proxyConfig)) {
return originalIP;
}
try {
const jwtPayload = jwt.verify(xProxySignature, proxyConfig.secret, { algorithms: ["HS256"] });
const expectedPayloadSchema = z.object({
[X_PROXY_TIMESTAMP_HEADER]: z.literal(xProxyTimestamp),
[X_PROXY_IP_HEADER]: z.literal(xProxyIp),
[X_PROXY_ID_HEADER]: z.literal(xProxyId),
method: z.literal(req.method),
url: z.literal(req.url)
});
const { success: isMatchingSignature } = expectedPayloadSchema.safeParse(jwtPayload);
return isMatchingSignature ? xProxyIp : originalIP;
} catch {
return originalIP;
}
}
function getProxyHeadersForIp(method, url, ip, proxyId, secret) {
const timestampString = String(Date.now());
return {
[X_PROXY_IP_HEADER]: ip,
[X_PROXY_ID_HEADER]: proxyId,
[X_PROXY_TIMESTAMP_HEADER]: timestampString,
[X_PROXY_SIGNATURE_HEADER]: jwt.sign({
[X_PROXY_IP_HEADER]: ip,
[X_PROXY_ID_HEADER]: proxyId,
[X_PROXY_TIMESTAMP_HEADER]: timestampString,
method,
url
}, secret, {
expiresIn: Math.round(DEFAULT_PROXY_TIMEOUT_IN_MS / 1e3),
algorithm: "HS256"
})
};
}
// src/helpers/proxying/proxy.ts
import httpProxy from "http-proxy";
// src/helpers/sender.ts
import { getCookie as getCookie2, setCookie as setCookie2 } from "cookies-next";
// src/helpers/embeddingContext.tsx
import { deleteCookie, getCookie, setCookie } from "cookies-next";
import React, { useEffect, useMemo, useState, createContext, useContext } from "react";
import { z as z2 } from "zod";
// src/helpers/uuid.ts
import { randomBytes } from "crypto";
function generateUUIDv4() {
let randomValues;
if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
return crypto.randomUUID();
} else if (typeof window !== "undefined" && window.crypto && window.crypto.getRandomValues) {
randomValues = new Uint8Array(16);
window.crypto.getRandomValues(randomValues);
} else {
randomValues = randomBytes(16);
}
randomValues[6] = randomValues[6] & 15 | 64;
randomValues[8] = randomValues[8] & 63 | 128;
return [...randomValues].map((value, index) => {
const hex = value.toString(16).padStart(2, "0");
if (index === 4 || index === 6 || index === 8 || index === 10) {
return `-${hex}`;
}
return hex;
}).join("");
}
// src/helpers/embeddingContext.tsx
var EMBEDDING_CONTEXT_COOKIE_NAME = "embeddingContext";
var EMBEDDING_CONTEXT_QUERY_PARAM = "embeddingContext";
var EMBEDDING_CONTEXT_SCHEMA = z2.strictObject({
dv: z2.literal(1),
app: z2.strictObject({
id: z2.string(),
version: z2.string().optional(),
build: z2.string().optional()
}),
platform: z2.enum(["iOS", "Android", "web"]),
os: z2.strictObject({
name: z2.string(),
version: z2.string().optional()
}).optional(),
device: z2.strictObject({
id: z2.string()
})
});
var EMBEDDING_CONTEXT_WITH_SOURCE_SCHEMA = z2.strictObject({
ctx: EMBEDDING_CONTEXT_SCHEMA,
source: z2.enum(["query", "cookie"])
});
var IS_PRIMARY_ALIVE_MESSAGE_SCHEMA = z2.object({
type: z2.literal("EmbeddingContextPrimaryPolling"),
data: z2.strictObject({
requestId: z2.string()
})
});
var IS_PRIMARY_ALIVE_RESPONSE_SCHEMA = z2.object({
type: z2.literal("EmbeddingContextPrimaryPollingResult"),
data: z2.strictObject({
requestId: z2.string(),
isPrimary: z2.boolean()
})
});
var ReactEmbeddingContext = createContext(null);
function b64toContext(b64) {
try {
const bytes = Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));
const decodedUTFString = new TextDecoder().decode(bytes);
const parsedCtx = JSON.parse(decodedUTFString);
return EMBEDDING_CONTEXT_SCHEMA.parse(parsedCtx);
} catch {
return null;
}
}
function getEmbeddingContext(req, res) {
try {
const queryParamValue = req ? new URL(req.url ?? "/", "https://_").searchParams.get(EMBEDDING_CONTEXT_QUERY_PARAM) : new URLSearchParams(window.location.search).get(EMBEDDING_CONTEXT_QUERY_PARAM);
if (queryParamValue) {
const ctx = b64toContext(decodeURIComponent(queryParamValue));
if (ctx) return { ctx, source: "query" };
}
} catch {
}
const cookieValue = getCookie(EMBEDDING_CONTEXT_COOKIE_NAME, { req, res });
if (cookieValue) {
const ctx = b64toContext(cookieValue);
if (ctx) return { ctx, source: "cookie" };
}
return null;
}
// src/helpers/sender.ts
var FINGERPRINT_ID_COOKIE_NAME = "fingerprint";
var FINGERPRINT_ID_LENGTH = 32;
var VERY_LONG_MAX_AGE_IN_SECONDS = Math.pow(2, 31) - 1;
function makeId(length) {
const croppedLength = Math.min(length, 32);
return generateUUIDv4().replaceAll("-", "").substring(0, croppedLength);
}
function generateFingerprint() {
return makeId(FINGERPRINT_ID_LENGTH);
}
function getClientSideFingerprint() {
const embeddingContext = getEmbeddingContext();
if (embeddingContext) {
return embeddingContext.ctx.device.id;
}
let fingerprint = getCookie2(FINGERPRINT_ID_COOKIE_NAME);
if (!fingerprint) {
fingerprint = generateFingerprint();
}
setCookie2(FINGERPRINT_ID_COOKIE_NAME, fingerprint, {
maxAge: VERY_LONG_MAX_AGE_IN_SECONDS
// no "maxAge" or "expires" means that cookie clears when session ends (f.e. when browser closes)
});
return fingerprint;
}
// src/helpers/tracing.ts
import { parse as parseCookieString } from "cookie";
var SSR_DEFAULT_FINGERPRINT = "webAppSSR";
var COOKIE_HEADER_NAME = "cookie";
var REMOTE_APP_HEADER_NAME = "x-remote-app";
var REMOTE_VERSION_HEADER_NAME = "x-remote-version";
var REMOTE_CLIENT_HEADER_NAME = "x-remote-client";
var REMOTE_ENV_HEADER_NAME = "x-remote-env";
var TARGET_HEADER_NAME = "x-target";
var START_REQUEST_ID_HEADER_NAME = "x-start-request-id";
var PARENT_REQUEST_ID_HEADER_NAME = "x-parent-request-id";
function generateRequestId() {
return `BR${generateUUIDv4().replaceAll("-", "")}`;
}
function getAppTracingHeaders(options) {
const reqId = generateRequestId();
const headers = {
...options.previousHeaders,
[REMOTE_APP_HEADER_NAME]: options.serviceUrl,
[REMOTE_VERSION_HEADER_NAME]: options.codeVersion,
[PARENT_REQUEST_ID_HEADER_NAME]: reqId,
[START_REQUEST_ID_HEADER_NAME]: reqId
};
if (options.target) {
headers[TARGET_HEADER_NAME] = options.target;
}
headers[REMOTE_ENV_HEADER_NAME] = typeof document === "undefined" ? "SSR" : "CSR";
if (typeof document !== "undefined" && document.cookie) {
headers[REMOTE_CLIENT_HEADER_NAME] = getClientSideFingerprint();
} else if (headers[COOKIE_HEADER_NAME]) {
const ssrCookies = parseCookieString(headers[COOKIE_HEADER_NAME]);
headers[REMOTE_CLIENT_HEADER_NAME] = ssrCookies[FINGERPRINT_ID_COOKIE_NAME] || SSR_DEFAULT_FINGERPRINT;
}
return headers;
}
// src/helpers/apollo.ts
function getTracingMiddleware(options) {
return function(operation, forward) {
operation.setContext((previousContext) => {
const { headers: previousHeaders } = previousContext;
return {
...previousContext,
headers: getAppTracingHeaders({
...options,
previousHeaders
})
};
});
return forward(operation);
};
}
function getSSRProxyingMiddleware({ proxyId, proxySecret, apiUrl }) {
return function(operation, forward) {
operation.setContext((previousContext) => {
if (typeof previousContext.clientIp !== "string" || !proxyId || !proxySecret) return previousContext;
const proxyHeaders = getProxyHeadersForIp(
"POST",
apiUrl,
previousContext.clientIp,
proxyId,
proxySecret
);
return {
...previousContext,
headers: {
...previousContext.headers,
...proxyHeaders
}
};
});
return forward(operation);
};
}
function prepareSSRContext(req, res) {
if (!req) {
return {
headers: {},
defaultContext: {}
};
}
const requestCookies = getCookies({ req, res });
if (!requestCookies[FINGERPRINT_ID_COOKIE_NAME]) {
const fingerprint = generateFingerprint();
requestCookies[FINGERPRINT_ID_COOKIE_NAME] = fingerprint;
setCookie3(FINGERPRINT_ID_COOKIE_NAME, fingerprint, { req, res });
}
const cookieHeader = Object.entries(requestCookies).map(([name, value]) => value ? serializeCookie(name, value) : null).filter(Boolean).join(";");
const clientIp = getRequestIp(req, () => true);
const headers = {
"cookie": cookieHeader
};
if (req.headers["accept-language"]) {
headers["accept-language"] = req.headers["accept-language"];
}
return {
headers,
defaultContext: {
clientIp
}
};
}
export {
getSSRProxyingMiddleware,
getTracingMiddleware,
prepareSSRContext
};
//# sourceMappingURL=apollo.mjs.map