mockttp-mvs
Version:
Mock HTTP server for testing HTTP clients and stubbing webservices
342 lines • 16.2 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.WsHandlerLookup = exports.TimeoutHandler = exports.ResetConnectionHandler = exports.CloseConnectionHandler = exports.RejectWebSocketHandler = exports.ListenWebSocketHandler = exports.EchoWebSocketHandler = exports.PassThroughWebSocketHandler = void 0;
const _ = require("lodash");
const url = require("url");
const tls = require("tls");
const fs = require("fs/promises");
const WebSocket = require("ws");
const cacheable_lookup_1 = require("cacheable-lookup");
const serialization_1 = require("../../serialization/serialization");
const request_handlers_1 = require("../requests/request-handlers");
Object.defineProperty(exports, "CloseConnectionHandler", { enumerable: true, get: function () { return request_handlers_1.CloseConnectionHandler; } });
Object.defineProperty(exports, "ResetConnectionHandler", { enumerable: true, get: function () { return request_handlers_1.ResetConnectionHandler; } });
Object.defineProperty(exports, "TimeoutHandler", { enumerable: true, get: function () { return request_handlers_1.TimeoutHandler; } });
const request_utils_1 = require("../../util/request-utils");
const header_utils_1 = require("../../util/header-utils");
const buffer_utils_1 = require("../../util/buffer-utils");
const socket_util_1 = require("../../util/socket-util");
const http_agents_1 = require("../http-agents");
const rule_parameters_1 = require("../rule-parameters");
const passthrough_handling_1 = require("../passthrough-handling");
const websocket_handler_definitions_1 = require("./websocket-handler-definitions");
function isOpen(socket) {
return socket.readyState === WebSocket.OPEN;
}
// Based on ws's validation.js
function isValidStatusCode(code) {
return ( // Standard code:
code >= 1000 &&
code <= 1014 &&
code !== 1004 &&
code !== 1005 &&
code !== 1006) || ( // Application-specific code:
code >= 3000 && code <= 4999);
}
const INVALID_STATUS_REGEX = /Invalid WebSocket frame: invalid status code (\d+)/;
function pipeWebSocket(inSocket, outSocket) {
const onPipeFailed = (op) => (err) => {
if (!err)
return;
inSocket.close();
console.error(`Websocket ${op} failed`, err);
};
inSocket.on('message', (msg, isBinary) => {
if (isOpen(outSocket)) {
outSocket.send(msg, { binary: isBinary }, onPipeFailed('message'));
}
});
inSocket.on('close', (num, reason) => {
if (isValidStatusCode(num)) {
try {
outSocket.close(num, reason);
}
catch (e) {
console.warn(e);
outSocket.close();
}
}
else {
outSocket.close();
}
});
inSocket.on('ping', (data) => {
if (isOpen(outSocket))
outSocket.ping(data, undefined, onPipeFailed('ping'));
});
inSocket.on('pong', (data) => {
if (isOpen(outSocket))
outSocket.pong(data, undefined, onPipeFailed('pong'));
});
// If either socket has an general error (connection failure, but also could be invalid WS
// frames) then we kill the raw connection upstream to simulate a generic connection error:
inSocket.on('error', (err) => {
console.log(`Error in proxied WebSocket:`, err);
const rawOutSocket = outSocket;
if (err.message.match(INVALID_STATUS_REGEX)) {
const status = parseInt(INVALID_STATUS_REGEX.exec(err.message)[1]);
// Simulate errors elsewhere by messing with ws internals. This may break things,
// that's effectively on purpose: we're simulating the client going wrong:
const buf = Buffer.allocUnsafe(2);
buf.writeUInt16BE(status); // status comes from readUInt16BE, so always fits
const sender = rawOutSocket._sender;
sender.sendFrame(sender.constructor.frame(buf, {
fin: true,
rsv1: false,
opcode: 0x08,
mask: true,
readOnly: false
}), () => {
rawOutSocket._socket.destroy();
});
}
else {
// Unknown error, just kill the connection with no explanation
rawOutSocket._socket.destroy();
}
});
}
async function mirrorRejection(socket, rejectionResponse) {
if (socket.writable) {
const { statusCode, statusMessage, rawHeaders } = rejectionResponse;
socket.write(rawResponse(statusCode || 500, statusMessage || 'Unknown error', (0, header_utils_1.pairFlatRawHeaders)(rawHeaders)));
const body = await (0, buffer_utils_1.streamToBuffer)(rejectionResponse);
if (socket.writable)
socket.write(body);
}
socket.destroy();
}
const rawResponse = (statusCode, statusMessage, headers = []) => `HTTP/1.1 ${statusCode} ${statusMessage}\r\n` +
_.map(headers, ([key, value]) => `${key}: ${value}`).join('\r\n') +
'\r\n\r\n';
class PassThroughWebSocketHandler extends websocket_handler_definitions_1.PassThroughWebSocketHandlerDefinition {
initializeWsServer() {
if (this.wsServer)
return;
this.wsServer = new WebSocket.Server({ noServer: true });
this.wsServer.on('connection', (ws) => {
pipeWebSocket(ws, ws.upstreamWebSocket);
pipeWebSocket(ws.upstreamWebSocket, ws);
});
}
async trustedCACertificates() {
if (!this.extraCACertificates.length)
return undefined;
if (!this._trustedCACertificates) {
this._trustedCACertificates = Promise.all(tls.rootCertificates
.concat(this.extraCACertificates.map(certObject => {
if ('cert' in certObject) {
return certObject.cert.toString('utf8');
}
else {
return fs.readFile(certObject.certPath, 'utf8');
}
})));
}
return this._trustedCACertificates;
}
lookup() {
if (!this.lookupOptions)
return undefined;
if (!this._cacheableLookupInstance) {
this._cacheableLookupInstance = new cacheable_lookup_1.default({
maxTtl: this.lookupOptions.maxTtl,
errorTtl: this.lookupOptions.errorTtl,
// As little caching of "use the fallback server" as possible:
fallbackDuration: 0
});
if (this.lookupOptions.servers) {
this._cacheableLookupInstance.servers = this.lookupOptions.servers;
}
}
return this._cacheableLookupInstance.lookup;
}
async handle(req, socket, head) {
this.initializeWsServer();
let { protocol, hostname, port, path } = url.parse(req.url);
const rawHeaders = req.rawHeaders;
const reqMessage = req;
const isH2Downstream = (0, request_utils_1.isHttp2)(req);
const hostHeaderName = isH2Downstream ? ':authority' : 'host';
if ((0, socket_util_1.isLocalhostAddress)(hostname) && req.remoteIpAddress && !(0, socket_util_1.isLocalhostAddress)(req.remoteIpAddress)) {
// If we're proxying localhost traffic from another remote machine, then we should really be proxying
// back to that machine, not back to ourselves! Best example is docker containers: if we capture & inspect
// their localhost traffic, it should still be sent back into that docker container.
hostname = req.remoteIpAddress;
// We don't update the host header - from the POV of the target, it's still localhost traffic.
}
if (this.forwarding) {
const { targetHost, updateHostHeader } = this.forwarding;
let wsUrl;
if (!targetHost.includes('/')) {
// We're forwarding to a bare hostname, just overwrite that bit:
[hostname, port] = targetHost.split(':');
}
else {
// Forwarding to a full URL; override the host & protocol, but never the path.
({ protocol, hostname, port } = url.parse(targetHost));
}
// Connect directly to the forwarding target URL
wsUrl = `${protocol}//${hostname}${port ? ':' + port : ''}${path}`;
// Optionally update the host header too:
let hostHeader = (0, header_utils_1.findRawHeader)(rawHeaders, hostHeaderName);
if (!hostHeader) {
// Should never happen really, but just in case:
hostHeader = [hostHeaderName, hostname];
rawHeaders.unshift(hostHeader);
}
;
if (updateHostHeader === undefined || updateHostHeader === true) {
// If updateHostHeader is true, or just not specified, match the new target
hostHeader[1] = hostname + (port ? `:${port}` : '');
}
else if (updateHostHeader) {
// If it's an explicit custom value, use that directly.
hostHeader[1] = updateHostHeader;
} // Otherwise: falsey means don't touch it.
await this.connectUpstream(wsUrl, reqMessage, rawHeaders, socket, head);
}
else if (!hostname) { // No hostname in URL means transparent proxy, so use Host header
const hostHeader = req.headers[hostHeaderName];
[hostname, port] = hostHeader.split(':');
// __lastHopEncrypted is set in http-combo-server, for requests that have explicitly
// CONNECTed upstream (which may then up/downgrade from the current encryption).
if (socket.__lastHopEncrypted !== undefined) {
protocol = socket.__lastHopEncrypted ? 'wss' : 'ws';
}
else {
protocol = reqMessage.connection.encrypted ? 'wss' : 'ws';
}
const wsUrl = `${protocol}://${hostname}${port ? ':' + port : ''}${path}`;
await this.connectUpstream(wsUrl, reqMessage, rawHeaders, socket, head);
}
else {
// Connect directly according to the specified URL
const wsUrl = `${protocol.replace('http', 'ws')}//${hostname}${port ? ':' + port : ''}${path}`;
await this.connectUpstream(wsUrl, reqMessage, rawHeaders, socket, head);
}
}
async connectUpstream(wsUrl, req, rawHeaders, incomingSocket, head) {
const parsedUrl = url.parse(wsUrl);
const checkServerCertificate = (0, passthrough_handling_1.shouldUseStrictHttps)(parsedUrl.hostname, parsedUrl.port, this.ignoreHostHttpsErrors);
const trustedCerts = await this.trustedCACertificates();
const caConfig = trustedCerts
? { ca: trustedCerts }
: {};
const effectivePort = !!parsedUrl.port
? parseInt(parsedUrl.port, 10)
: parsedUrl.protocol == 'wss:' ? 443 : 80;
const proxySettingSource = (0, rule_parameters_1.assertParamDereferenced)(this.proxyConfig);
const agent = await (0, http_agents_1.getAgent)({
protocol: parsedUrl.protocol,
hostname: parsedUrl.hostname,
port: effectivePort,
proxySettingSource,
tryHttp2: false,
keepAlive: false // Not a thing for websockets: they take over the whole connection
});
// We have to flatten the headers, as WS doesn't support raw headers - it builds its own
// header object internally.
const headers = (0, header_utils_1.rawHeadersToObjectPreservingCase)(rawHeaders);
const upstreamWebSocket = new WebSocket(wsUrl, {
maxPayload: 0,
agent,
lookup: this.lookup(),
headers: _.omitBy(headers, (_v, headerName) => headerName.toLowerCase().startsWith('sec-websocket') ||
headerName.toLowerCase() === 'connection' ||
headerName.toLowerCase() === 'upgrade'),
// TLS options:
...passthrough_handling_1.UPSTREAM_TLS_OPTIONS,
rejectUnauthorized: checkServerCertificate,
...caConfig
});
upstreamWebSocket.once('open', () => {
this.wsServer.handleUpgrade(req, incomingSocket, head, (ws) => {
ws.upstreamWebSocket = upstreamWebSocket;
incomingSocket.emit('ws-upgrade', ws);
this.wsServer.emit('connection', ws);
});
});
// If the upstream says no, we say no too.
upstreamWebSocket.on('unexpected-response', (req, res) => {
console.log(`Unexpected websocket response from ${wsUrl}: ${res.statusCode}`);
mirrorRejection(incomingSocket, res);
});
// If there's some other error, we just kill the socket:
upstreamWebSocket.on('error', (e) => {
console.warn(e);
incomingSocket.end();
});
incomingSocket.on('error', () => upstreamWebSocket.close(1011)); // Internal error
}
/**
* @internal
*/
static deserialize(data, channel, ruleParams) {
// By default, we assume we just need to assign the right prototype
return _.create(this.prototype, {
...data,
extraCACertificates: data.extraCACertificates || [],
proxyConfig: (0, serialization_1.deserializeProxyConfig)(data.proxyConfig, channel, ruleParams),
ignoreHostHttpsErrors: data.ignoreHostCertificateErrors
});
}
}
exports.PassThroughWebSocketHandler = PassThroughWebSocketHandler;
class EchoWebSocketHandler extends websocket_handler_definitions_1.EchoWebSocketHandlerDefinition {
initializeWsServer() {
if (this.wsServer)
return;
this.wsServer = new WebSocket.Server({ noServer: true });
this.wsServer.on('connection', (ws) => {
pipeWebSocket(ws, ws);
});
}
async handle(req, socket, head) {
this.initializeWsServer();
this.wsServer.handleUpgrade(req, socket, head, (ws) => {
socket.emit('ws-upgrade', ws);
this.wsServer.emit('connection', ws);
});
}
}
exports.EchoWebSocketHandler = EchoWebSocketHandler;
class ListenWebSocketHandler extends websocket_handler_definitions_1.ListenWebSocketHandlerDefinition {
initializeWsServer() {
if (this.wsServer)
return;
this.wsServer = new WebSocket.Server({ noServer: true });
this.wsServer.on('connection', (ws) => {
// Accept but ignore the incoming websocket data
ws.resume();
});
}
async handle(req, socket, head) {
this.initializeWsServer();
this.wsServer.handleUpgrade(req, socket, head, (ws) => {
socket.emit('ws-upgrade', ws);
this.wsServer.emit('connection', ws);
});
}
}
exports.ListenWebSocketHandler = ListenWebSocketHandler;
class RejectWebSocketHandler extends websocket_handler_definitions_1.RejectWebSocketHandlerDefinition {
async handle(req, socket, head) {
socket.write(rawResponse(this.statusCode, this.statusMessage, (0, header_utils_1.objectHeadersToRaw)(this.headers)));
if (this.body)
socket.write(this.body);
socket.write('\r\n');
socket.destroy();
}
}
exports.RejectWebSocketHandler = RejectWebSocketHandler;
exports.WsHandlerLookup = {
'ws-passthrough': PassThroughWebSocketHandler,
'ws-echo': EchoWebSocketHandler,
'ws-listen': ListenWebSocketHandler,
'ws-reject': RejectWebSocketHandler,
'close-connection': request_handlers_1.CloseConnectionHandler,
'reset-connection': request_handlers_1.ResetConnectionHandler,
'timeout': request_handlers_1.TimeoutHandler
};
//# sourceMappingURL=websocket-handlers.js.map