From 84abc603a1e1531fe080746fcb38796f75ea5b7d Mon Sep 17 00:00:00 2001
From: AJ ONeal <aj@daplie.com>
Date: Sun, 26 Mar 2017 01:37:26 -0600
Subject: [PATCH] add simple tunnel usage

---
 README.md      | 14 ++++++++
 bin/stunnel.js | 98 ++++++++++++++++++++++++++++++++++----------------
 package.json   |  1 +
 3 files changed, 83 insertions(+), 30 deletions(-)

diff --git a/README.md b/README.md
index cdfb7b7..84fcd44 100644
--- a/README.md
+++ b/README.md
@@ -37,10 +37,24 @@ npm install -g stunnel
 
 How to use `stunnel.js` with your own instance of `stunneld.js`:
 
+```bash
+stunnel.js \
+  --locals <<external domain name>> \
+  --stunneld wss://<<tunnel domain>>:<<tunnel port>> \
+  --secret <<128-bit hex key>>
+```
+
 ```bash
 stunnel.js --locals john.example.com --stunneld wss://tunnel.example.com:443 --secret abc123
 ```
 
+```bash
+stunnel.js \
+  --locals <<protocol>>:<<external domain name>>:<<local port>> \
+  --stunneld wss://<<tunnel domain>>:<<tunnel port>> \
+  --secret <<128-bit hex key>>
+```
+
 ```bash
 stunnel.js \
   --locals http:john.example.com:3000,https:john.example.com \
diff --git a/bin/stunnel.js b/bin/stunnel.js
index 5e8e5dd..6a01a03 100755
--- a/bin/stunnel.js
+++ b/bin/stunnel.js
@@ -73,46 +73,84 @@ program
   .option('--stunneld <URL>', 'the domain (or ip address) at which you are running stunneld.js (the proxy)') // --proxy
   .option('--secret <STRING>', 'the same secret used by stunneld (used for JWT authentication)')
   .option('--token <STRING>', 'a pre-generated token for use with stunneld (instead of generating one with --secret)')
+  .option('--agree-tos', 'agree to the Daplie Terms of Service (requires user validation)')
+  .option('--email <EMAIL>', 'email address (or cloud address) for user validation')
+  .option('--oauth3-url <URL>', 'Cloud Authentication to use (default: https://oauth3.org)')
   .parse(process.argv)
   ;
 
-program.stunneld = program.stunneld || 'wss://tunnel.daplie.com';
+function connectTunnel() {
+  program.net = {
+    createConnection: function (info, cb) {
+      // data is the hello packet / first chunk
+      // info = { data, servername, port, host, remoteFamily, remoteAddress, remotePort }
+      var net = require('net');
+      // socket = { write, push, end, events: [ 'readable', 'data', 'error', 'end' ] };
+      var socket = net.createConnection({ port: info.port, host: info.host }, cb);
+      return socket;
+    }
+  };
 
-var jwt = require('jsonwebtoken');
-var domainsMap = {};
-var tokenData = {
-  domains: null
-};
-var location = url.parse(program.stunneld);
+  program.locals.forEach(function (proxy) {
+    console.log('[local proxy]', proxy.protocol + '://' + proxy.hostname + ':' + proxy.port);
+  });
 
-if (!location.protocol || /\./.test(location.protocol)) {
-  program.stunneld = 'wss://' + program.stunneld;
-  location = url.parse(program.stunneld);
+  stunnel.connect(program);
 }
-program.stunneld = location.protocol + '//' + location.hostname + (location.port ? ':' + location.port : '');
 
+function rawTunnel() {
+  program.stunneld = program.stunneld || 'wss://tunnel.daplie.com';
+
+  if (!(program.secret || program.token)) {
+    console.error("You must use --secret or --token with --stunneld");
+    process.exit(1);
+    return;
+  }
+
+  var jwt = require('jsonwebtoken');
+  var tokenData = {
+    domains: null
+  };
+  var location = url.parse(program.stunneld);
+
+  if (!location.protocol || /\./.test(location.protocol)) {
+    program.stunneld = 'wss://' + program.stunneld;
+    location = url.parse(program.stunneld);
+  }
+  program.stunneld = location.protocol + '//' + location.hostname + (location.port ? ':' + location.port : '');
+
+  tokenData.domains = Object.keys(domainsMap);
+
+  program.token = program.token || jwt.sign(tokenData, program.secret);
+
+  connectTunnel();
+}
+
+function daplieTunnel() {
+  //var OAUTH3 = require('oauth3.js');
+  var Oauth3Cli = require('oauth3.js/bin/oauth3.js');
+  require('oauth3.js/oauth3.tunnel.js');
+  return Oauth3Cli.login({
+    email: program.email
+  , providerUri: program.oauth3Url
+  }).then(function (oauth3) {
+    return oauth3.api('tunnel.token', { data: { device: 'test.local', domains: [] } }).then(function (results) {
+      console.log('tunnel.token results');
+      console.log(results);
+    });
+  });
+}
+
+var domainsMap = {};
 program.locals.forEach(function (proxy) {
   domainsMap[proxy.hostname] = true;
 });
-tokenData.domains = Object.keys(domainsMap);
 
-program.token = program.token || jwt.sign(tokenData, program.secret || 'shhhhh');
-
-program.net = {
-  createConnection: function (info, cb) {
-    // data is the hello packet / first chunk
-    // info = { data, servername, port, host, remoteFamily, remoteAddress, remotePort }
-    var net = require('net');
-    // socket = { write, push, end, events: [ 'readable', 'data', 'error', 'end' ] };
-    var socket = net.createConnection({ port: info.port, host: info.host }, cb);
-    return socket;
-  }
-};
-
-program.locals.forEach(function (proxy) {
-  console.log('[local proxy]', proxy.protocol + '://' + proxy.hostname + ':' + proxy.port);
-});
-
-stunnel.connect(program);
+if (!(program.secret || program.token) && !program.stunneld) {
+  daplieTunnel();
+}
+else {
+  rawTunnel();
+}
 
 }());
diff --git a/package.json b/package.json
index cda4f21..4e4bfc9 100644
--- a/package.json
+++ b/package.json
@@ -47,6 +47,7 @@
   "homepage": "https://github.com/Daplie/node-tunnel-client#readme",
   "dependencies": {
     "commander": "^2.9.0",
+    "oauth3.js": "git+https://git.daplie.com:OAuth3/oauth3.js.git#v1",
     "jsonwebtoken": "^7.1.9",
     "sni": "^1.0.0",
     "tunnel-packer": "^1.1.0",