mirror of
https://git.tuxpa.in/a/code-server.git
synced 2025-01-08 09:38:44 +00:00
498becd11f
There's no need to specially construct the path.
189 lines
5.9 KiB
TypeScript
189 lines
5.9 KiB
TypeScript
import { logger } from "@coder/logger"
|
|
import * as http from "http"
|
|
import proxy from "http-proxy"
|
|
import * as net from "net"
|
|
import * as querystring from "querystring"
|
|
import { HttpCode, HttpError } from "../../common/http"
|
|
import { HttpProvider, HttpProviderOptions, HttpProxyProvider, HttpResponse, Route } from "../http"
|
|
|
|
interface Request extends http.IncomingMessage {
|
|
base?: string
|
|
}
|
|
|
|
/**
|
|
* Proxy HTTP provider.
|
|
*/
|
|
export class ProxyHttpProvider extends HttpProvider implements HttpProxyProvider {
|
|
/**
|
|
* Proxy domains are stored here without the leading `*.`
|
|
*/
|
|
public readonly proxyDomains: string[]
|
|
private readonly proxy = proxy.createProxyServer({})
|
|
|
|
/**
|
|
* Domains can be provided in the form `coder.com` or `*.coder.com`. Either
|
|
* way, `<number>.coder.com` will be proxied to `number`.
|
|
*/
|
|
public constructor(options: HttpProviderOptions, proxyDomains: string[] = []) {
|
|
super(options)
|
|
this.proxyDomains = proxyDomains.map((d) => d.replace(/^\*\./, "")).filter((d, i, arr) => arr.indexOf(d) === i)
|
|
this.proxy.on("error", (error) => logger.warn(error.message))
|
|
// Intercept the response to rewrite absolute redirects against the base path.
|
|
this.proxy.on("proxyRes", (response, request: Request) => {
|
|
if (response.headers.location && response.headers.location.startsWith("/") && request.base) {
|
|
response.headers.location = request.base + response.headers.location
|
|
}
|
|
})
|
|
}
|
|
|
|
public async handleRequest(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
response: http.ServerResponse,
|
|
): Promise<HttpResponse> {
|
|
if (!this.authenticated(request)) {
|
|
if (this.isRoot(route)) {
|
|
return { redirect: "/login", query: { to: route.fullPath } }
|
|
}
|
|
throw new HttpError("Unauthorized", HttpCode.Unauthorized)
|
|
}
|
|
|
|
// Ensure there is a trailing slash so relative paths work correctly.
|
|
if (this.isRoot(route) && !route.fullPath.endsWith("/")) {
|
|
return {
|
|
redirect: `${route.fullPath}/`,
|
|
}
|
|
}
|
|
|
|
const port = route.base.replace(/^\//, "")
|
|
const base = `${this.options.base}/${port}`
|
|
const payload = this.doProxy(route, request, response, port, base)
|
|
if (payload) {
|
|
return payload
|
|
}
|
|
|
|
throw new HttpError("Not found", HttpCode.NotFound)
|
|
}
|
|
|
|
public async handleWebSocket(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
socket: net.Socket,
|
|
head: Buffer,
|
|
): Promise<void> {
|
|
this.ensureAuthenticated(request)
|
|
const port = route.base.replace(/^\//, "")
|
|
const base = `${this.options.base}/${port}`
|
|
this.doProxy(route, request, { socket, head }, port, base)
|
|
}
|
|
|
|
public getCookieDomain(host: string): string {
|
|
let current: string | undefined
|
|
this.proxyDomains.forEach((domain) => {
|
|
if (host.endsWith(domain) && (!current || domain.length < current.length)) {
|
|
current = domain
|
|
}
|
|
})
|
|
// Setting the domain to localhost doesn't seem to work for subdomains (for
|
|
// example dev.localhost).
|
|
return current && current !== "localhost" ? current : host
|
|
}
|
|
|
|
public maybeProxyRequest(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
response: http.ServerResponse,
|
|
): HttpResponse | undefined {
|
|
const port = this.getPort(request)
|
|
return port ? this.doProxy(route, request, response, port) : undefined
|
|
}
|
|
|
|
public maybeProxyWebSocket(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
socket: net.Socket,
|
|
head: Buffer,
|
|
): HttpResponse | undefined {
|
|
const port = this.getPort(request)
|
|
return port ? this.doProxy(route, request, { socket, head }, port) : undefined
|
|
}
|
|
|
|
private getPort(request: http.IncomingMessage): string | undefined {
|
|
// No proxy until we're authenticated. This will cause the login page to
|
|
// show as well as let our assets keep loading normally.
|
|
if (!this.authenticated(request)) {
|
|
return undefined
|
|
}
|
|
|
|
// Split into parts.
|
|
const host = request.headers.host || ""
|
|
const idx = host.indexOf(":")
|
|
const domain = idx !== -1 ? host.substring(0, idx) : host
|
|
const parts = domain.split(".")
|
|
|
|
// There must be an exact match.
|
|
const port = parts.shift()
|
|
const proxyDomain = parts.join(".")
|
|
if (!port || !this.proxyDomains.includes(proxyDomain)) {
|
|
return undefined
|
|
}
|
|
|
|
return port
|
|
}
|
|
|
|
private doProxy(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
response: http.ServerResponse,
|
|
portStr: string,
|
|
base?: string,
|
|
): HttpResponse
|
|
private doProxy(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
response: { socket: net.Socket; head: Buffer },
|
|
portStr: string,
|
|
base?: string,
|
|
): HttpResponse
|
|
private doProxy(
|
|
route: Route,
|
|
request: http.IncomingMessage,
|
|
response: http.ServerResponse | { socket: net.Socket; head: Buffer },
|
|
portStr: string,
|
|
base?: string,
|
|
): HttpResponse {
|
|
const port = parseInt(portStr, 10)
|
|
if (isNaN(port)) {
|
|
return {
|
|
code: HttpCode.BadRequest,
|
|
content: `"${portStr}" is not a valid number`,
|
|
}
|
|
}
|
|
|
|
// REVIEW: Absolute redirects need to be based on the subpath but I'm not
|
|
// sure how best to get this information to the `proxyRes` event handler.
|
|
// For now I'm sticking it on the request object which is passed through to
|
|
// the event.
|
|
;(request as Request).base = base
|
|
|
|
const isHttp = response instanceof http.ServerResponse
|
|
const path = base ? route.fullPath.replace(base, "") : route.fullPath
|
|
const options: proxy.ServerOptions = {
|
|
changeOrigin: true,
|
|
ignorePath: true,
|
|
target: `${isHttp ? "http" : "ws"}://127.0.0.1:${port}${path}${
|
|
Object.keys(route.query).length > 0 ? `?${querystring.stringify(route.query)}` : ""
|
|
}`,
|
|
ws: !isHttp,
|
|
}
|
|
|
|
if (response instanceof http.ServerResponse) {
|
|
this.proxy.web(request, response, options)
|
|
} else {
|
|
this.proxy.ws(request, response.socket, response.head, options)
|
|
}
|
|
|
|
return { handled: true }
|
|
}
|
|
}
|