From 20c7bc977c269543c05f5a6a68a8503a9a52ed96 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 13 Apr 2017 16:50:48 -0600 Subject: [PATCH] tunneling tunnels --- lib/app.js | 70 +++++++++++++++++++++---- packages/apis/com.daplie.caddy/index.js | 8 ++- 2 files changed, 68 insertions(+), 10 deletions(-) diff --git a/lib/app.js b/lib/app.js index 307b9af..9cf038d 100644 --- a/lib/app.js +++ b/lib/app.js @@ -15,9 +15,12 @@ module.exports = function (opts) { //var server; var serveInit; var app; + var tun; + var request; + /* function _reloadWrite(data, enc, cb) { - /*jshint validthis: true */ + // /*jshint validthis: true */ /* if (this.headersSent) { this.__write(data, enc, cb); return; @@ -35,6 +38,7 @@ module.exports = function (opts) { this.__write(this.__my_livereload); this.__write(data, enc, cb); } + */ function createServeInit() { @@ -49,6 +53,7 @@ module.exports = function (opts) { var ownersPath = path.join(__dirname, '..', 'var', 'owners.json'); var scmp = require('scmp'); + request = request || PromiseA.promisify(require('request')); return require('../packages/apis/com.daplie.caddy').create({ PromiseA: PromiseA @@ -100,10 +105,38 @@ module.exports = function (opts) { } } , recase: require('recase').create({}) - , request: PromiseA.promisify(require('request')) + , request: request , options: opts , api: { - tunnel: function (deps, session) { + // TODO move loopback to oauth3.api('tunnel:loopback') + loopback: function (deps, session, opts2) { + var crypto = require('crypto'); + var token = crypto.randomBytes(16).toString('hex'); + var keyAuthorization = crypto.randomBytes(16).toString('hex'); + var nonce = crypto.randomBytes(16).toString('hex'); + + // TODO set token and keyAuthorization to /.well-known/cloud-challenge/:token + return request({ + method: 'POST' + , url: 'https://oauth3.org/api/org.oauth3.tunnel/loopback' + , json: { + address: opts2.address + , port: opts2.port + , token: token + , keyAuthorization: keyAuthorization + , servername: opts2.servername + , nonce: nonce + , scheme: 'https' + , iat: Date.now() + } + }).then(function (result) { + // TODO this will always fail at the moment + console.log('loopback result:'); + return result; + }); + } + , tunnel: function (deps, session) { + // TODO save session to config and turn tunnel on var OAUTH3 = deps.OAUTH3; var url = require('url'); var providerUri = session.token.aud; @@ -115,6 +148,7 @@ module.exports = function (opts) { //var crypto = require('crypto'); //var id = crypto.createHash('sha256').update(session.token.sub).digest('hex'); return oauth3.setProvider(providerUri).then(function () { + /* return oauth3.api('domains.list').then(function (domains) { var domainsMap = {}; domains.forEach(function (d) { @@ -126,14 +160,15 @@ module.exports = function (opts) { } domainsMap[d.name] = true; }); + */ //console.log('domains matching hostname', Object.keys(domainsMap)); //console.log('device', deps.options.device); return oauth3.api('tunnel.token', { data: { // filter to all domains that are on this device - domains: Object.keys(domainsMap) - , device: { + //domains: Object.keys(domainsMap) + device: { hostname: deps.options.device.hostname , id: deps.options.device.uid || deps.options.device.id } @@ -142,17 +177,34 @@ module.exports = function (opts) { console.log('got a token from the tunnel server?'); console.log(result); if (!result.tunnelUrl) { - result.tunnelUrl = ('wss://' + (new Buffer(results.jwt.split('.')[1], 'base64').toString('ascii')).aud + '/'); + result.tunnelUrl = ('wss://' + (new Buffer(result.jwt.split('.')[1], 'base64').toString('ascii')).aud + '/'); } - var opts = { - token: results.jwt - , stunneld: results.tunnelUrl + var opts3 = { + token: result.jwt + , stunneld: result.tunnelUrl // we'll provide faux networking and pipe as we please , services: { https: { '*': 443 }, http: { '*': 80 }, smtp: { '*': 25}, smtps: { '*': 587 /*also 465/starttls*/ } /*, ssh: { '*': 22 }*/ } , net: opts.net }; + + if (tun) { + if (tun.append) { + tun.append(result.jwt); + } + else if (tun.end) { + tun.end(); + tun = null; + } + } + + if (!tun) { + tun = stunnel.connect(opts3); + opts.tun = true; + } }); + /* }); + */ }); //, { token: token, refresh: refresh }); } diff --git a/packages/apis/com.daplie.caddy/index.js b/packages/apis/com.daplie.caddy/index.js index 1507b0d..40ecc1b 100644 --- a/packages/apis/com.daplie.caddy/index.js +++ b/packages/apis/com.daplie.caddy/index.js @@ -124,7 +124,13 @@ module.exports.create = function (deps) { return deps.storage.owners.get(req.userId).then(function (session) { session.token.id = req.userId; - return api.tunnel(deps, session); + return api.tunnel(deps, session).then(function () { + res.setHeader('Content-Type', 'application/json;'); + res.end(JSON.stringify({ success: true })); + }, function (err) { + res.setHeader('Content-Type', 'application/json;'); + res.end(JSON.stringify({ error: { message: err.message, code: err.code, uri: err.uri } })); + }); }); }); });