New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Workaround csrf redirects #667
Changes from 5 commits
95acf55
38b0b3c
4a95039
c0c894b
18fc01d
ba0085c
9abe319
8685cd3
63377e2
a0b63b3
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
# How to remote debug an application on SAP Cloud Platform | ||
|
||
## TLDR; | ||
|
||
Change your app to start to start in debug mode, ssh tunnel your local port 9229 to the remote port of 9229 of your application and start a remote debugging session from your IDE. | ||
|
||
## Steps | ||
|
||
### Deploy your application with debug mode | ||
|
||
* Replace the start script to run in debug mode. E. g. instead of `node start.js` use `node --inspect start.js` for node and instead of `ts-node start.ts` use `node -r ts-node/register --inspect start.ts`. | ||
**Note:** Don't use `--inspect-brk`, this will make the start timeout on SAP Cloud Platform. | ||
|
||
Deploy your application as usual, run: | ||
```shell | ||
cf deploy | ||
``` | ||
|
||
### Open an ssh tunnel to your application | ||
Open an ssh tunnel to your backend application to connect your local debugger with the node inspector running on port 9229. Replace *<your-app-name>* with your application name and run: | ||
```shell | ||
$ cf ssh <your-app-name> -L 9229:127.0.0.1:9229 -T -N | ||
``` | ||
### Attach a local debugger | ||
Now you can attach your local debugger. For this you will have to launch a debugger that attaches to the remote session. In VSCode this is a launch configuration you can use, when you replace *<path-to-your-application>* with the relative path to your application directory: | ||
```json | ||
{ | ||
"version": "0.2.0", | ||
"configurations": [ | ||
{ | ||
"type": "node", | ||
"request": "attach", | ||
"name": "Attach to Remote", | ||
"address": "127.0.0.1", | ||
"port": 9229, | ||
"localRoot": "${workspaceFolder}/<path-to-your-application>", | ||
"remoteRoot": "/home/vcap/app", | ||
"skipFiles": [ | ||
"<node_internals>/**" | ||
] | ||
} | ||
] | ||
} | ||
``` | ||
|
||
Start the debugger and happy debugging! |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
import { createLogger, errorWithCause } from '@sap-cloud-sdk/util'; | ||
import { AxiosError } from 'axios'; | ||
import { HttpRequestConfig, executeHttpRequest } from '../http-client'; | ||
import { Destination, DestinationNameAndJwt } from '../scp-cf'; | ||
import { filterNullishValues, getHeader, getHeaderValue } from './header-util'; | ||
|
@@ -49,12 +50,30 @@ function makeCsrfRequest<T extends HttpRequestConfig>( | |
.then(response => response.headers) | ||
.catch(error => { | ||
if (!error.response) { | ||
// TODO: remove once https://github.com/axios/axios/issues/3369 is fixed | ||
const retry = axiosWorkaround(error, requestConfig, destination); | ||
if (retry) { | ||
return retry; | ||
} | ||
throw errorWithCause('The error response is undefined.', error); | ||
} | ||
return error.response.headers; | ||
}); | ||
} | ||
|
||
function axiosWorkaround<T extends HttpRequestConfig>( | ||
error: AxiosError, | ||
axiosConfig: Partial<T>, | ||
destination: Destination | DestinationNameAndJwt | ||
) { | ||
if (error.request._isRedirect) { | ||
marikaner marked this conversation as resolved.
Show resolved
Hide resolved
|
||
return makeCsrfRequest(destination, { | ||
...axiosConfig, | ||
url: error.request._options.path | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is there a API to get the path? Accessing There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Perhaps a check with good logs statement in case the path is not present. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. will do There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I added a log statement. I don't think that there is another api for the request, but for extra safety I added a check that the path exists.
marikaner marked this conversation as resolved.
Show resolved
Hide resolved
|
||
}); | ||
} | ||
} | ||
|
||
function validateCsrfTokenResponse(responseHeaders: Record<string, any>) { | ||
if (!responseHeaders['x-csrf-token']) { | ||
logger.warn( | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this got in by accident?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes