feat(app,module): fetch basic module

feat(jwt): handle nil keyset
feat(auth,local_handler): cookie configuration
2023-04-02 17:59:33 +02:00 · 2023-03-28 20:38:29 +02:00 · 2023-03-28 20:37:57 +02:00 · 2023-03-28 10:15:49 +02:00 · 2023-03-24 11:05:17 +01:00
27 changed files with 508 additions and 346 deletions
--- a/cmd/cli/command/app/run.go
+++ b/cmd/cli/command/app/run.go
@ -21,6 +21,7 @@ import (
 	authHTTP "forge.cadoles.com/arcad/edge/pkg/module/auth/http"
 	"forge.cadoles.com/arcad/edge/pkg/module/blob"
 	"forge.cadoles.com/arcad/edge/pkg/module/cast"
+	"forge.cadoles.com/arcad/edge/pkg/module/fetch"
 	"forge.cadoles.com/arcad/edge/pkg/module/net"
 	"forge.cadoles.com/arcad/edge/pkg/storage"
 	"forge.cadoles.com/arcad/edge/pkg/storage/sqlite"
@ -208,6 +209,7 @@ func getServerModules(bus bus.Bus, ds storage.DocumentStore, bs storage.BlobStor
 			},
 			manifest,
 		)),
+		fetch.ModuleFactory(bus),
 	}
 }

--- a/doc/apps/client-api/README.md
+++ b/doc/apps/client-api/README.md
@ -51,6 +51,10 @@ Edge.connect().then(() => {

 > `TODO`

+### `Edge.externalUrl(url: string): string`
+
+Retourne une URL "locale" permettant d'accéder à une ressource externe, en fonction de règles propres à l'application. Voir module [`fetch`](../server-api/fetch.md).
+
 ## Événements

 ### `"message"`
--- a/doc/apps/server-api/README.md
+++ b/doc/apps/server-api/README.md
@ -26,6 +26,7 @@ Listes des modules disponibles côté serveur.
 - [`cast`](./cast.md)
 - [`console`](./console.md)
 - [`context`](./context.md)
+- [`fetch`](./fetch.md)
 - [`net`](./net.md)
 - [`rpc`](./rpc.md)
 - [`store`](./store.md)
--- a/doc/apps/server-api/app.md
+++ b/doc/apps/server-api/app.md
@ -40,7 +40,7 @@ Retourne l'URL permettant d'accéder à l'application identifiée par `appId`.

 #### Valeur de retour

-URL associée à l'application ou `null`, ou `null` si aucune application n'a été trouvée correspondant à l'identifiant.
+URL associée à l'application, ou `null` si aucune application n'a été trouvée correspondant à l'identifiant.

 ## Objets

--- a/doc/apps/server-api/fetch.md
+++ b/doc/apps/server-api/fetch.md
@ -0,0 +1,33 @@
+# Module `fetch`
+
+Ce module permet l'accès à des ressources distantes (sur Internet) depuis votre application.
+
+## Fonctions de rappel
+
+Pour permettre aux utilisateurs d'accéder à des ressources distantes, vous devez déclarer la fonction `onClientFetch(ctx: Context, url: string, remoteAddr: string)` dans le fichier `server/main.js` de votre application.
+
+### `onClientFetch(ctx: Context, url: string, remoteAddr: string)`
+
+#### Usage
+
+**Côté client**
+```js
+// Création d'une URL "locale" permettant d'accéder à la ressource distante
+var url = Edge.externalUrl("http://example.com")
+
+// Vous pouvez utiliser l'URL comme attribut `src` d'une balise <img> par exemple
+// ou effectuer une requête fetch() avec celle ci.
+fetch(url).then(res => res.text()).then(content => console.log(content));
+```
+
+**Côté serveur**
+```js
+function onClientFetch(ctx, url, remoteAddr) {
+    // Autoriser la récupération de l'URL demandée ou non
+    // Dans cet exemple, seule l'URL externe 'http://example.com' est autorisée
+    // Les autres URLs recevront une erreur HTTP 403 - Forbidden
+    var authorized = url === "http://example.com"
+
+    return { allow: authorized };
+}
+```
--- a/misc/client-sdk-testsuite/src/public/index.html
+++ b/misc/client-sdk-testsuite/src/public/index.html
@ -26,6 +26,7 @@
    <script src="/test/rpc-module.js"></script>
    <script src="/test/file-module.js"></script>
    <script src="/test/app-module.js"></script>
+    <script src="/test/fetch-module.js"></script>
    <script class="mocha-exec">
      mocha.run();
    </script>
--- a/misc/client-sdk-testsuite/src/public/test/fetch-module.js
+++ b/misc/client-sdk-testsuite/src/public/test/fetch-module.js
@ -0,0 +1,33 @@
+describe('Fetch Module', function () {
+
+    before(() => {
+        return Edge.connect();
+    });
+
+    after(() => {
+        Edge.disconnect();
+    });
+
+    it('should fetch an authorized external url', function () {
+        var externalUrl = Edge.externalUrl("http://example.com");
+
+        return fetch(externalUrl)
+            .then(res => {
+                chai.assert.equal(res.status, 200)
+                return res.text()
+            })
+            .then(content => {
+                chai.assert.include(content, '<h1>Example Domain</h1>')
+            })
+    });
+
+    it('should not fetch an unauthorized external url', function () {
+        var externalUrl = Edge.externalUrl("https://google.com");
+
+        return fetch(externalUrl)
+            .then(res => {
+                chai.assert.equal(res.status, 403)
+            })
+    });
+
+});
--- a/misc/client-sdk-testsuite/src/server/main.js
+++ b/misc/client-sdk-testsuite/src/server/main.js
@ -97,4 +97,8 @@ function getApp(ctx, params) {
 function getAppUrl(ctx, params) {
  var appId = params.appId;
  return app.getUrl(ctx, appId);
+}
+
+function onClientFetch(ctx, url, remoteAddr) {
+  return { allow: url === 'http://example.com' };
 }
--- a/pkg/http/fetch.go
+++ b/pkg/http/fetch.go
@ -0,0 +1,112 @@
+package http
+
+import (
+	"io"
+	"net/http"
+	"net/url"
+
+	"forge.cadoles.com/arcad/edge/pkg/module"
+	"forge.cadoles.com/arcad/edge/pkg/module/fetch"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func (h *Handler) handleAppFetch(w http.ResponseWriter, r *http.Request) {
+	h.mutex.RLock()
+	defer h.mutex.RUnlock()
+
+	ctx := r.Context()
+
+	ctx = module.WithContext(ctx, map[module.ContextKey]any{
+		ContextKeyOriginRequest: r,
+	})
+
+	rawURL := r.URL.Query().Get("url")
+
+	url, err := url.Parse(rawURL)
+	if err != nil {
+		jsonError(w, http.StatusBadRequest, errorCodeBadRequest)
+
+		return
+	}
+
+	requestMsg := fetch.NewMessageFetchRequest(ctx, r.RemoteAddr, url)
+
+	reply, err := h.bus.Request(ctx, requestMsg)
+	if err != nil {
+		logger.Error(ctx, "could not retrieve fetch request reply", logger.E(errors.WithStack(err)))
+		jsonError(w, http.StatusInternalServerError, errorCodeInternalError)
+
+		return
+	}
+
+	logger.Debug(ctx, "fetch reply", logger.F("reply", reply))
+
+	responseMsg, ok := reply.(*fetch.MessageFetchResponse)
+	if !ok {
+		logger.Error(
+			ctx, "unexpected fetch response message",
+			logger.F("message", reply),
+		)
+		jsonError(w, http.StatusInternalServerError, errorCodeInternalError)
+
+		return
+	}
+
+	if !responseMsg.Allow {
+		jsonError(w, http.StatusForbidden, errorCodeForbidden)
+
+		return
+	}
+
+	proxyReq, err := http.NewRequest(http.MethodGet, url.String(), nil)
+	if err != nil {
+		logger.Error(
+			ctx, "could not create proxy request",
+			logger.E(errors.WithStack(err)),
+		)
+		jsonError(w, http.StatusInternalServerError, errorCodeInternalError)
+
+		return
+	}
+
+	for header, values := range r.Header {
+		for _, value := range values {
+			proxyReq.Header.Add(header, value)
+		}
+	}
+
+	proxyReq.Header.Add("X-Forwarded-From", r.RemoteAddr)
+
+	res, err := h.httpClient.Do(proxyReq)
+	if err != nil {
+		logger.Error(
+			ctx, "could not execute proxy request",
+			logger.E(errors.WithStack(err)),
+		)
+		jsonError(w, http.StatusInternalServerError, errorCodeInternalError)
+
+		return
+	}
+
+	defer func() {
+		if err := res.Body.Close(); err != nil {
+			logger.Error(
+				ctx, "could not close response body",
+				logger.E(errors.WithStack(err)),
+			)
+		}
+	}()
+
+	for header, values := range res.Header {
+		for _, value := range values {
+			w.Header().Add(header, value)
+		}
+	}
+
+	w.WriteHeader(res.StatusCode)
+
+	if _, err := io.Copy(w, res.Body); err != nil {
+		panic(errors.WithStack(err))
+	}
+}
--- a/pkg/http/handler.go
+++ b/pkg/http/handler.go
@ -31,6 +31,8 @@ type Handler struct {
 	server                *app.Server
 	serverModuleFactories []app.ServerModuleFactory

+	httpClient *http.Client
+
 	mutex sync.RWMutex
 }

@ -91,6 +93,7 @@ func NewHandler(funcs ...HandlerOptionFunc) *Handler {
 		sockjsOpts:            opts.SockJS,
 		router:                router,
 		serverModuleFactories: opts.ServerModuleFactories,
+		httpClient:            opts.HTTPClient,
 		bus:                   opts.Bus,
 	}

@ -103,6 +106,8 @@ func NewHandler(funcs ...HandlerOptionFunc) *Handler {
 		r.Route("/api/v1", func(r chi.Router) {
 			r.Post("/upload", handler.handleAppUpload)
 			r.Get("/download/{bucket}/{blobID}", handler.handleAppDownload)
+
+			r.Get("/fetch", handler.handleAppFetch)
 		})

 		r.HandleFunc("/sock/*", handler.handleSockJS)
--- a/pkg/http/options.go
+++ b/pkg/http/options.go
@ -1,6 +1,7 @@
 package http

 import (
+	"net/http"
 	"time"

 	"forge.cadoles.com/arcad/edge/pkg/app"
@ -14,6 +15,7 @@ type HandlerOptions struct {
 	SockJS                sockjs.Options
 	ServerModuleFactories []app.ServerModuleFactory
 	UploadMaxFileSize     int64
+	HTTPClient            *http.Client
 }

 func defaultHandlerOptions() *HandlerOptions {
@ -27,6 +29,9 @@ func defaultHandlerOptions() *HandlerOptions {
 		SockJS:                sockjsOptions,
 		ServerModuleFactories: make([]app.ServerModuleFactory, 0),
 		UploadMaxFileSize:     10 << (10 * 2), // 10Mb
+		HTTPClient: &http.Client{
+			Timeout: time.Second * 30,
+		},
 	}
 }

@ -55,3 +60,9 @@ func WithUploadMaxFileSize(size int64) HandlerOptionFunc {
 		opts.UploadMaxFileSize = size
 	}
 }
+
+func WithHTTPClient(client *http.Client) HandlerOptionFunc {
+	return func(opts *HandlerOptions) {
+		opts.HTTPClient = client
+	}
+}
--- a/pkg/module/auth/http/local_handler.go
+++ b/pkg/module/auth/http/local_handler.go
@ -30,10 +30,12 @@ func init() {
 }

 type LocalHandler struct {
-	router   chi.Router
-	algo     jwa.KeyAlgorithm
-	key      jwk.Key
-	accounts map[string]LocalAccount
+	router         chi.Router
+	algo           jwa.KeyAlgorithm
+	key            jwk.Key
+	cookieDomain   string
+	cookieDuration time.Duration
+	accounts       map[string]LocalAccount
 }

 func (h *LocalHandler) initRouter(prefix string) {
@ -119,7 +121,9 @@ func (h *LocalHandler) handleForm(w http.ResponseWriter, r *http.Request) {
 	cookie := http.Cookie{
 		Name:     auth.CookieName,
 		Value:    string(token),
+		Domain:   h.cookieDomain,
 		HttpOnly: false,
+		Expires:  time.Now().Add(h.cookieDuration),
 		Path:     "/",
 	}

@ -134,6 +138,7 @@ func (h *LocalHandler) handleLogout(w http.ResponseWriter, r *http.Request) {
 		Value:    "",
 		HttpOnly: false,
 		Expires:  time.Unix(0, 0),
+		Domain:   h.cookieDomain,
 		Path:     "/",
 	})

@ -165,9 +170,11 @@ func NewLocalHandler(algo jwa.KeyAlgorithm, key jwk.Key, funcs ...LocalHandlerOp
 	}

 	handler := &LocalHandler{
-		algo:     algo,
-		key:      key,
-		accounts: toAccountsMap(opts.Accounts),
+		algo:           algo,
+		key:            key,
+		accounts:       toAccountsMap(opts.Accounts),
+		cookieDomain:   opts.CookieDomain,
+		cookieDuration: opts.CookieDuration,
 	}

 	handler.initRouter(opts.RoutePrefix)
--- a/pkg/module/auth/http/options.go
+++ b/pkg/module/auth/http/options.go
@ -1,16 +1,22 @@
 package http

+import "time"
+
 type LocalHandlerOptions struct {
-	RoutePrefix string
-	Accounts    []LocalAccount
+	RoutePrefix    string
+	Accounts       []LocalAccount
+	CookieDomain   string
+	CookieDuration time.Duration
 }

 type LocalHandlerOptionFunc func(*LocalHandlerOptions)

 func defaultLocalHandlerOptions() *LocalHandlerOptions {
 	return &LocalHandlerOptions{
-		RoutePrefix: "",
-		Accounts:    make([]LocalAccount, 0),
+		RoutePrefix:    "",
+		Accounts:       make([]LocalAccount, 0),
+		CookieDomain:   "",
+		CookieDuration: 24 * time.Hour,
 	}
 }

@ -25,3 +31,10 @@ func WithRoutePrefix(prefix string) LocalHandlerOptionFunc {
 		opts.RoutePrefix = prefix
 	}
 }
+
+func WithCookieOptions(domain string, duration time.Duration) LocalHandlerOptionFunc {
+	return func(opts *LocalHandlerOptions) {
+		opts.CookieDomain = domain
+		opts.CookieDuration = duration
+	}
+}
--- a/pkg/module/auth/jwt.go
+++ b/pkg/module/auth/jwt.go
@ -61,6 +61,10 @@ func FindToken(r *http.Request, getKeySet GetKeySetFunc) (jwt.Token, error) {
 		return nil, errors.WithStack(err)
 	}

+	if keySet == nil {
+		return nil, errors.New("no keyset")
+	}
+
 	token, err := jwt.Parse([]byte(rawToken),
 		jwt.WithKeySet(keySet, jws.WithRequireKid(false)),
 		jwt.WithValidate(true),
--- a/pkg/module/fetch/fetch_message.go
+++ b/pkg/module/fetch/fetch_message.go
@ -0,0 +1,49 @@
+package fetch
+
+import (
+	"context"
+	"net/url"
+
+	"forge.cadoles.com/arcad/edge/pkg/bus"
+	"github.com/oklog/ulid/v2"
+)
+
+const (
+	MessageNamespaceFetchRequest  bus.MessageNamespace = "fetchRequest"
+	MessageNamespaceFetchResponse bus.MessageNamespace = "fetchResponse"
+)
+
+type MessageFetchRequest struct {
+	Context    context.Context
+	RequestID  string
+	URL        *url.URL
+	RemoteAddr string
+}
+
+func (m *MessageFetchRequest) MessageNamespace() bus.MessageNamespace {
+	return MessageNamespaceFetchRequest
+}
+
+func NewMessageFetchRequest(ctx context.Context, remoteAddr string, url *url.URL) *MessageFetchRequest {
+	return &MessageFetchRequest{
+		Context:    ctx,
+		RequestID:  ulid.Make().String(),
+		RemoteAddr: remoteAddr,
+		URL:        url,
+	}
+}
+
+type MessageFetchResponse struct {
+	RequestID string
+	Allow     bool
+}
+
+func (m *MessageFetchResponse) MessageNamespace() bus.MessageNamespace {
+	return MessageNamespaceFetchResponse
+}
+
+func NewMessageFetchResponse(requestID string) *MessageFetchResponse {
+	return &MessageFetchResponse{
+		RequestID: requestID,
+	}
+}
--- a/pkg/module/fetch/module.go
+++ b/pkg/module/fetch/module.go
@ -0,0 +1,122 @@
+package fetch
+
+import (
+	"context"
+
+	"forge.cadoles.com/arcad/edge/pkg/app"
+	"forge.cadoles.com/arcad/edge/pkg/bus"
+	"github.com/dop251/goja"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+type Module struct {
+	server *app.Server
+	bus    bus.Bus
+}
+
+func (m *Module) Name() string {
+	return "fetch"
+}
+
+func (m *Module) Export(export *goja.Object) {
+	funcs := map[string]any{
+		"get": m.get,
+	}
+
+	for name, fn := range funcs {
+		if err := export.Set(name, fn); err != nil {
+			panic(errors.Wrapf(err, "could not set '%s' function", name))
+		}
+	}
+}
+
+func (m *Module) get(call goja.FunctionCall, rt *goja.Runtime) goja.Value {
+	// ctx := util.AssertContext(call.Argument(0), rt)
+
+	return nil
+}
+
+func (m *Module) handleMessages() {
+	ctx := context.Background()
+
+	err := m.bus.Reply(ctx, MessageNamespaceFetchRequest, func(msg bus.Message) (bus.Message, error) {
+		fetchRequest, ok := msg.(*MessageFetchRequest)
+		if !ok {
+			return nil, errors.Wrapf(bus.ErrUnexpectedMessage, "expected message fetch request, got '%T'", msg)
+		}
+
+		res, err := m.handleFetchRequest(fetchRequest)
+		if err != nil {
+			logger.Error(ctx, "could not handle fetch request", logger.E(errors.WithStack(err)))
+
+			return nil, errors.WithStack(err)
+		}
+
+		logger.Debug(ctx, "fetch request response", logger.F("response", res))
+
+		return res, nil
+	})
+	if err != nil {
+		panic(errors.WithStack(err))
+	}
+}
+
+func (m *Module) handleFetchRequest(req *MessageFetchRequest) (*MessageFetchResponse, error) {
+	res := NewMessageFetchResponse(req.RequestID)
+
+	ctx := logger.With(
+		req.Context,
+		logger.F("url", req.URL.String()),
+		logger.F("remoteAddr", req.RemoteAddr),
+		logger.F("requestID", req.RequestID),
+	)
+
+	rawResult, err := m.server.ExecFuncByName(ctx, "onClientFetch", ctx, req.URL.String(), req.RemoteAddr)
+	if err != nil {
+		if errors.Is(err, app.ErrFuncDoesNotExist) {
+			res.Allow = false
+
+			return res, nil
+		}
+
+		return nil, errors.WithStack(err)
+	}
+
+	result, ok := rawResult.Export().(map[string]interface{})
+	if !ok {
+		return nil, errors.Errorf(
+			"unexpected onClientFetch result: expected 'map[string]interface{}', got '%T'",
+			rawResult.Export(),
+		)
+	}
+
+	var allow bool
+
+	rawAllow, exists := result["allow"]
+	if !exists {
+		allow = false
+	} else {
+		allow, ok = rawAllow.(bool)
+		if !ok {
+			return nil, errors.Errorf("invalid 'allow' result property: got type '%T', expected type '%T'", rawAllow, false)
+		}
+	}
+
+	res.Allow = allow
+
+	return res, nil
+}
+
+func ModuleFactory(bus bus.Bus) app.ServerModuleFactory {
+	return func(server *app.Server) app.ServerModule {
+		mod := &Module{
+			bus:    bus,
+			server: server,
+		}
+
+		go mod.handleMessages()
+
+		return mod
+	}
+}
--- a/pkg/module/fetch/module_test.go
+++ b/pkg/module/fetch/module_test.go
@ -0,0 +1,78 @@
+package fetch
+
+import (
+	"context"
+	"io/ioutil"
+	"net/url"
+	"testing"
+
+	"cdr.dev/slog"
+	"forge.cadoles.com/arcad/edge/pkg/app"
+	"forge.cadoles.com/arcad/edge/pkg/bus/memory"
+	"forge.cadoles.com/arcad/edge/pkg/module"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func TestFetchModule(t *testing.T) {
+	t.Parallel()
+
+	logger.SetLevel(slog.LevelDebug)
+
+	bus := memory.NewBus()
+
+	server := app.NewServer(
+		module.ContextModuleFactory(),
+		module.ConsoleModuleFactory(),
+		ModuleFactory(bus),
+	)
+
+	data, err := ioutil.ReadFile("testdata/fetch.js")
+	if err != nil {
+		t.Fatalf("%+v", errors.WithStack(err))
+	}
+
+	if err := server.Load("testdata/fetch.js", string(data)); err != nil {
+		t.Fatalf("%+v", errors.WithStack(err))
+	}
+
+	defer server.Stop()
+
+	if err := server.Start(); err != nil {
+		t.Fatalf("%+v", errors.WithStack(err))
+	}
+
+	ctx := context.Background()
+	remoteAddr := "127.0.0.1"
+	url, _ := url.Parse("http://example.com")
+
+	rawReply, err := bus.Request(ctx, NewMessageFetchRequest(ctx, remoteAddr, url))
+	if err != nil {
+		t.Fatalf("%+v", errors.WithStack(err))
+	}
+
+	reply, ok := rawReply.(*MessageFetchResponse)
+	if !ok {
+		t.Fatalf("unexpected reply type '%T'", rawReply)
+	}
+
+	if e, g := true, reply.Allow; e != g {
+		t.Errorf("reply.Allow: expected '%v', got '%v'", e, g)
+	}
+
+	url, _ = url.Parse("https://google.com")
+
+	rawReply, err = bus.Request(ctx, NewMessageFetchRequest(ctx, remoteAddr, url))
+	if err != nil {
+		t.Fatalf("%+v", errors.WithStack(err))
+	}
+
+	reply, ok = rawReply.(*MessageFetchResponse)
+	if !ok {
+		t.Fatalf("unexpected reply type '%T'", rawReply)
+	}
+
+	if e, g := false, reply.Allow; e != g {
+		t.Errorf("reply.Allow: expected '%v', got '%v'", e, g)
+	}
+}
--- a/pkg/module/fetch/testdata/fetch.js
+++ b/pkg/module/fetch/testdata/fetch.js
@ -0,0 +1,7 @@
+
+var ctx = context.new();
+
+function onClientFetch(ctx, url, remoteAddr) {
+    if (url === 'http://example.com') return { allow: true };
+    return { allow: false };
+}
--- a/pkg/proxy/host_filter.go
+++ b/pkg/proxy/host_filter.go
@ -1,29 +0,0 @@
-package proxy
-
-import (
-	"net/http"
-
-	"forge.cadoles.com/arcad/edge/pkg/proxy/wildcard"
-)
-
-func FilterHosts(allowedHostPatterns ...string) Middleware {
-	return func(h http.Handler) http.Handler {
-		fn := func(w http.ResponseWriter, r *http.Request) {
-			if matches := wildcard.MatchAny(r.Host, allowedHostPatterns...); !matches {
-				http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
-
-				return
-			}
-
-			h.ServeHTTP(w, r)
-		}
-
-		return http.HandlerFunc(fn)
-	}
-}
-
-func WithAllowedHosts(allowedHostPatterns ...string) OptionFunc {
-	return func(o *Options) {
-		o.Middlewares = append(o.Middlewares, FilterHosts(allowedHostPatterns...))
-	}
-}
--- a/pkg/proxy/host_rewrite.go
+++ b/pkg/proxy/host_rewrite.go
@ -1,65 +0,0 @@
-package proxy
-
-import (
-	"net/http"
-	"net/url"
-	"sort"
-
-	"forge.cadoles.com/arcad/edge/pkg/proxy/wildcard"
-	"gitlab.com/wpetit/goweb/logger"
-)
-
-func RewriteHosts(mappings map[string]*url.URL) Middleware {
-	patterns := make([]string, len(mappings))
-
-	for p := range mappings {
-		patterns = append(patterns, p)
-	}
-
-	sort.Strings(patterns)
-
-	return func(h http.Handler) http.Handler {
-		fn := func(w http.ResponseWriter, r *http.Request) {
-			ctx := r.Context()
-
-			var match *url.URL
-
-			for _, p := range patterns {
-				logger.Debug(ctx, "matching host to pattern", logger.F("host", r.Host), logger.F("pattern", p))
-
-				if matches := wildcard.Match(r.Host, p); !matches {
-					continue
-				}
-
-				match = mappings[p]
-				break
-			}
-
-			if match == nil {
-				h.ServeHTTP(w, r)
-
-				return
-			}
-
-			ctx = logger.With(ctx, logger.F("originalHost", r.Host))
-			r = r.WithContext(ctx)
-
-			originalURL := r.URL.String()
-
-			r.URL.Host = match.Host
-			r.URL.Scheme = match.Scheme
-
-			logger.Debug(ctx, "rewriting url", logger.F("from", originalURL), logger.F("to", r.URL.String()))
-
-			h.ServeHTTP(w, r)
-		}
-
-		return http.HandlerFunc(fn)
-	}
-}
-
-func WithRewriteHosts(mappings map[string]*url.URL) OptionFunc {
-	return func(o *Options) {
-		o.Middlewares = append(o.Middlewares, RewriteHosts(mappings))
-	}
-}
--- a/pkg/proxy/middleware.go
+++ b/pkg/proxy/middleware.go
@ -1,33 +0,0 @@
-package proxy
-
-import "net/http"
-
-type Middleware func(h http.Handler) http.Handler
-
-type ProxyResponseTransformer interface {
-	TransformResponse(*http.Response) error
-}
-
-type defaultProxyResponseTransformer struct{}
-
-// TransformResponse implements ProxyResponseTransformer
-func (*defaultProxyResponseTransformer) TransformResponse(*http.Response) error {
-	return nil
-}
-
-var _ ProxyResponseTransformer = &defaultProxyResponseTransformer{}
-
-type ProxyResponseMiddleware func(ProxyResponseTransformer) ProxyResponseTransformer
-
-type ProxyRequestTransformer interface {
-	TransformRequest(*http.Request)
-}
-
-type ProxyRequestMiddleware func(ProxyRequestTransformer) ProxyRequestTransformer
-
-type defaultProxyRequestTransformer struct{}
-
-// TransformRequest implements ProxyRequestTransformer
-func (*defaultProxyRequestTransformer) TransformRequest(*http.Request) {}
-
-var _ ProxyRequestTransformer = &defaultProxyRequestTransformer{}
--- a/pkg/proxy/options.go
+++ b/pkg/proxy/options.go
@ -1,29 +0,0 @@
-package proxy
-
-type Options struct {
-	Middlewares              []Middleware
-	ProxyRequestMiddlewares  []ProxyRequestMiddleware
-	ProxyResponseMiddlewares []ProxyResponseMiddleware
-}
-
-func defaultOptions() *Options {
-	return &Options{
-		Middlewares:              make([]Middleware, 0),
-		ProxyRequestMiddlewares:  make([]ProxyRequestMiddleware, 0),
-		ProxyResponseMiddlewares: make([]ProxyResponseMiddleware, 0),
-	}
-}
-
-type OptionFunc func(*Options)
-
-func WithProxyRequestMiddlewares(middlewares ...ProxyRequestMiddleware) OptionFunc {
-	return func(o *Options) {
-		o.ProxyRequestMiddlewares = middlewares
-	}
-}
-
-func WithproxyResponseMiddlewares(middlewares ...ProxyResponseMiddleware) OptionFunc {
-	return func(o *Options) {
-		o.ProxyResponseMiddlewares = middlewares
-	}
-}
--- a/pkg/proxy/proxy.go
+++ b/pkg/proxy/proxy.go
@ -1,131 +0,0 @@
-package proxy
-
-import (
-	"fmt"
-	"net/http"
-	"net/http/httputil"
-	"net/url"
-	"sync"
-
-	"github.com/pkg/errors"
-	"gitlab.com/wpetit/goweb/logger"
-)
-
-type Proxy struct {
-	reversers                sync.Map
-	handler                  http.Handler
-	proxyResponseTransformer ProxyResponseTransformer
-	proxyRequestTransformer  ProxyRequestTransformer
-}
-
-// ServeHTTP implements http.Handler
-func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	p.handler.ServeHTTP(w, r)
-}
-
-func (p *Proxy) proxyRequest(w http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-
-	var reverser *httputil.ReverseProxy
-
-	key := fmt.Sprintf("%s://%s", r.URL.Scheme, r.URL.Host)
-
-	createAndStore := func() {
-		target := &url.URL{
-			Scheme: r.URL.Scheme,
-			Host:   r.URL.Host,
-		}
-
-		reverser = httputil.NewSingleHostReverseProxy(target)
-
-		originalDirector := reverser.Director
-
-		if p.proxyRequestTransformer != nil {
-			reverser.Director = func(r *http.Request) {
-				originalURL := r.URL.String()
-				originalDirector(r)
-				p.proxyRequestTransformer.TransformRequest(r)
-				logger.Debug(ctx, "proxying request", logger.F("targetURL", r.URL.String()), logger.F("originalURL", originalURL))
-			}
-		}
-
-		if p.proxyResponseTransformer != nil {
-			reverser.ModifyResponse = func(r *http.Response) error {
-				if err := p.proxyResponseTransformer.TransformResponse(r); err != nil {
-					return errors.WithStack(err)
-				}
-
-				return nil
-			}
-		}
-
-		p.reversers.Store(key, reverser)
-	}
-
-	raw, exists := p.reversers.Load(key)
-	if !exists {
-		createAndStore()
-	}
-
-	reverser, ok := raw.(*httputil.ReverseProxy)
-	if !ok {
-		createAndStore()
-	}
-
-	reverser.ServeHTTP(w, r)
-}
-
-func New(funcs ...OptionFunc) *Proxy {
-	opts := defaultOptions()
-	for _, fn := range funcs {
-		fn(opts)
-	}
-
-	proxy := &Proxy{}
-
-	handler := http.HandlerFunc(proxy.proxyRequest)
-	proxy.handler = createMiddlewareChain(handler, opts.Middlewares)
-
-	proxy.proxyRequestTransformer = createProxyRequestChain(&defaultProxyRequestTransformer{}, opts.ProxyRequestMiddlewares)
-	proxy.proxyResponseTransformer = createProxyResponseChain(&defaultProxyResponseTransformer{}, opts.ProxyResponseMiddlewares)
-
-	return proxy
-}
-
-var _ http.Handler = &Proxy{}
-
-func createMiddlewareChain(handler http.Handler, middlewares []Middleware) http.Handler {
-	reverse(middlewares)
-
-	for _, m := range middlewares {
-		handler = m(handler)
-	}
-
-	return handler
-}
-
-func createProxyResponseChain(transformer ProxyResponseTransformer, middlewares []ProxyResponseMiddleware) ProxyResponseTransformer {
-	reverse(middlewares)
-
-	for _, m := range middlewares {
-		transformer = m(transformer)
-	}
-
-	return transformer
-}
-
-func createProxyRequestChain(transformer ProxyRequestTransformer, middlewares []ProxyRequestMiddleware) ProxyRequestTransformer {
-	reverse(middlewares)
-
-	for _, m := range middlewares {
-		transformer = m(transformer)
-	}
-
-	return transformer
-}
-
-func reverse[S ~[]E, E any](s S) {
-	for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 {
-		s[i], s[j] = s[j], s[i]
-	}
-}
--- a/pkg/proxy/wildcard/match.go
+++ b/pkg/proxy/wildcard/match.go
@ -1,44 +0,0 @@
-package wildcard
-
-const wildcard = '*'
-
-func Match(str, pattern string) bool {
-	if pattern == "" {
-		return str == pattern
-	}
-
-	if pattern == string(wildcard) {
-		return true
-	}
-
-	return deepMatchRune([]rune(str), []rune(pattern))
-}
-
-func MatchAny(str string, patterns ...string) bool {
-	for _, p := range patterns {
-		if matches := Match(str, p); matches {
-			return matches
-		}
-	}
-
-	return false
-}
-
-func deepMatchRune(str, pattern []rune) bool {
-	for len(pattern) > 0 {
-		switch pattern[0] {
-		default:
-			if len(str) == 0 || str[0] != pattern[0] {
-				return false
-			}
-		case wildcard:
-			return deepMatchRune(str, pattern[1:]) ||
-				(len(str) > 0 && deepMatchRune(str[1:], pattern))
-		}
-
-		str = str[1:]
-		pattern = pattern[1:]
-	}
-
-	return len(str) == 0 && len(pattern) == 0
-}
--- a/pkg/sdk/client/dist/client.js
+++ b/pkg/sdk/client/dist/client.js
@ -4084,6 +4084,9 @@ var Edge = (() => {
    blobUrl(bucket, blobId) {
      return `/edge/api/v1/download/${bucket}/${blobId}`;
    }
+    externalUrl(url) {
+      return `/edge/api/v1/fetch?url=${encodeURIComponent(url)}`;
+    }
  };

  // pkg/sdk/client/src/index.ts
--- a/pkg/sdk/client/dist/client.js.map
+++ b/pkg/sdk/client/dist/client.js.map
--- a/pkg/sdk/client/src/client.ts
+++ b/pkg/sdk/client/src/client.ts
@ -264,7 +264,11 @@ export class Client extends EventTarget {
    });
  }

-  blobUrl(bucket: string, blobId: string) {
+  blobUrl(bucket: string, blobId: string): string {
    return `/edge/api/v1/download/${bucket}/${blobId}`;
  }
+
+  externalUrl(url: string): string {
+    return `/edge/api/v1/fetch?url=${encodeURIComponent(url)}`
+  }
 }
Author	SHA1	Message	Date
William Petit	fbb27d6ea4	feat(app,module): fetch basic module	2023-04-02 17:59:33 +02:00
William Petit	d8ce2901d2	feat(jwt): handle nil keyset	2023-03-28 20:38:29 +02:00
William Petit	1996f4dc56	feat(auth,local_handler): cookie configuration	2023-03-28 20:37:57 +02:00
William Petit	e09de0b0a4	chore: move proxy package to arcad/emissary	2023-03-28 10:15:49 +02:00
wpetit	72765de20b	fix(doc): typo	2023-03-24 11:05:17 +01:00