tunneling tunnels
This commit is contained in:
AJ ONeal
parent
c4e3cb3c07
commit
20c7bc977c
70
lib/app.js
70
lib/app.js
|
|
@ -15,9 +15,12 @@ module.exports = function (opts) {
|
|||
//var server;
|
||||
var serveInit;
|
||||
var app;
|
||||
var tun;
|
||||
var request;
|
||||
|
||||
/*
|
||||
function _reloadWrite(data, enc, cb) {
|
||||
/*jshint validthis: true */
|
||||
// /*jshint validthis: true */ /*
|
||||
if (this.headersSent) {
|
||||
this.__write(data, enc, cb);
|
||||
return;
|
||||
|
|
@ -35,6 +38,7 @@ module.exports = function (opts) {
|
|||
this.__write(this.__my_livereload);
|
||||
this.__write(data, enc, cb);
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
function createServeInit() {
|
||||
|
|
@ -49,6 +53,7 @@ module.exports = function (opts) {
|
|||
var ownersPath = path.join(__dirname, '..', 'var', 'owners.json');
|
||||
|
||||
var scmp = require('scmp');
|
||||
request = request || PromiseA.promisify(require('request'));
|
||||
|
||||
return require('../packages/apis/com.daplie.caddy').create({
|
||||
PromiseA: PromiseA
|
||||
|
|
@ -100,10 +105,38 @@ module.exports = function (opts) {
|
|||
}
|
||||
}
|
||||
, recase: require('recase').create({})
|
||||
, request: PromiseA.promisify(require('request'))
|
||||
, request: request
|
||||
, options: opts
|
||||
, api: {
|
||||
tunnel: function (deps, session) {
|
||||
// TODO move loopback to oauth3.api('tunnel:loopback')
|
||||
loopback: function (deps, session, opts2) {
|
||||
var crypto = require('crypto');
|
||||
var token = crypto.randomBytes(16).toString('hex');
|
||||
var keyAuthorization = crypto.randomBytes(16).toString('hex');
|
||||
var nonce = crypto.randomBytes(16).toString('hex');
|
||||
|
||||
// TODO set token and keyAuthorization to /.well-known/cloud-challenge/:token
|
||||
return request({
|
||||
method: 'POST'
|
||||
, url: 'https://oauth3.org/api/org.oauth3.tunnel/loopback'
|
||||
, json: {
|
||||
address: opts2.address
|
||||
, port: opts2.port
|
||||
, token: token
|
||||
, keyAuthorization: keyAuthorization
|
||||
, servername: opts2.servername
|
||||
, nonce: nonce
|
||||
, scheme: 'https'
|
||||
, iat: Date.now()
|
||||
}
|
||||
}).then(function (result) {
|
||||
// TODO this will always fail at the moment
|
||||
console.log('loopback result:');
|
||||
return result;
|
||||
});
|
||||
}
|
||||
, tunnel: function (deps, session) {
|
||||
// TODO save session to config and turn tunnel on
|
||||
var OAUTH3 = deps.OAUTH3;
|
||||
var url = require('url');
|
||||
var providerUri = session.token.aud;
|
||||
|
|
@ -115,6 +148,7 @@ module.exports = function (opts) {
|
|||
//var crypto = require('crypto');
|
||||
//var id = crypto.createHash('sha256').update(session.token.sub).digest('hex');
|
||||
return oauth3.setProvider(providerUri).then(function () {
|
||||
/*
|
||||
return oauth3.api('domains.list').then(function (domains) {
|
||||
var domainsMap = {};
|
||||
domains.forEach(function (d) {
|
||||
|
|
@ -126,14 +160,15 @@ module.exports = function (opts) {
|
|||
}
|
||||
domainsMap[d.name] = true;
|
||||
});
|
||||
*/
|
||||
|
||||
//console.log('domains matching hostname', Object.keys(domainsMap));
|
||||
//console.log('device', deps.options.device);
|
||||
return oauth3.api('tunnel.token', {
|
||||
data: {
|
||||
// filter to all domains that are on this device
|
||||
domains: Object.keys(domainsMap)
|
||||
, device: {
|
||||
//domains: Object.keys(domainsMap)
|
||||
device: {
|
||||
hostname: deps.options.device.hostname
|
||||
, id: deps.options.device.uid || deps.options.device.id
|
||||
}
|
||||
|
|
@ -142,17 +177,34 @@ module.exports = function (opts) {
|
|||
console.log('got a token from the tunnel server?');
|
||||
console.log(result);
|
||||
if (!result.tunnelUrl) {
|
||||
result.tunnelUrl = ('wss://' + (new Buffer(results.jwt.split('.')[1], 'base64').toString('ascii')).aud + '/');
|
||||
result.tunnelUrl = ('wss://' + (new Buffer(result.jwt.split('.')[1], 'base64').toString('ascii')).aud + '/');
|
||||
}
|
||||
var opts = {
|
||||
token: results.jwt
|
||||
, stunneld: results.tunnelUrl
|
||||
var opts3 = {
|
||||
token: result.jwt
|
||||
, stunneld: result.tunnelUrl
|
||||
// we'll provide faux networking and pipe as we please
|
||||
, services: { https: { '*': 443 }, http: { '*': 80 }, smtp: { '*': 25}, smtps: { '*': 587 /*also 465/starttls*/ } /*, ssh: { '*': 22 }*/ }
|
||||
, net: opts.net
|
||||
};
|
||||
|
||||
if (tun) {
|
||||
if (tun.append) {
|
||||
tun.append(result.jwt);
|
||||
}
|
||||
else if (tun.end) {
|
||||
tun.end();
|
||||
tun = null;
|
||||
}
|
||||
}
|
||||
|
||||
if (!tun) {
|
||||
tun = stunnel.connect(opts3);
|
||||
opts.tun = true;
|
||||
}
|
||||
});
|
||||
/*
|
||||
});
|
||||
*/
|
||||
});
|
||||
//, { token: token, refresh: refresh });
|
||||
}
|
||||
|
|
|
|||
|
|
@ -124,7 +124,13 @@ module.exports.create = function (deps) {
|
|||
|
||||
return deps.storage.owners.get(req.userId).then(function (session) {
|
||||
session.token.id = req.userId;
|
||||
return api.tunnel(deps, session);
|
||||
return api.tunnel(deps, session).then(function () {
|
||||
res.setHeader('Content-Type', 'application/json;');
|
||||
res.end(JSON.stringify({ success: true }));
|
||||
}, function (err) {
|
||||
res.setHeader('Content-Type', 'application/json;');
|
||||
res.end(JSON.stringify({ error: { message: err.message, code: err.code, uri: err.uri } }));
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue