-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
copied basic browserid framework for wsapis; session_context
- Loading branch information
Showing
14 changed files
with
461 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
const path = require('path'), | ||
convict = require('convict'); | ||
|
||
var conf = module.exports = convict({ | ||
bind_to: { | ||
host: { | ||
doc: "The ip address the server should bind", | ||
format: 'string = "127.0.0.1"', | ||
env: 'IP_ADDRESS' | ||
}, | ||
port: { | ||
doc: "The port the server should bind", | ||
format: 'integer{1,65535} = 3000', | ||
env: 'PORT' | ||
} | ||
}, | ||
|
||
process_type: 'string', | ||
|
||
authentication_duration_ms: { | ||
doc: "How long a user may stay signed in", | ||
format: 'integer = 2419200000' | ||
}, | ||
|
||
var_path: { | ||
doc: "Path where deployment-specific resources live (keys, logs, etc.)", | ||
format: 'string = "var"', | ||
env: 'VAR_PATH' | ||
} | ||
}); | ||
|
||
conf.set('process_type', path.basename(process.argv[1], ".js")); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
/* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this | ||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
// various little utilities to make crafting boilerplate responses | ||
// simple | ||
|
||
function sendResponse(resp, content, reason, code) { | ||
if (content) { | ||
if (reason) content += ": " + reason; | ||
} else if (reason) { | ||
content = reason; | ||
} else { | ||
content = ""; | ||
} | ||
resp.send(content, {"Content-Type": "text/plain"}, code); | ||
} | ||
|
||
exports.notFound = function(resp, reason) { | ||
sendResponse(resp, "Not Found", reason, 404); | ||
}; | ||
|
||
exports.serverError = function(resp, reason) { | ||
sendResponse(resp, "Server Error", reason, 500); | ||
}; | ||
|
||
exports.serviceUnavailable = function(resp, reason) { | ||
sendResponse(resp, "Service Unavailable", reason, 503); | ||
}; | ||
|
||
exports.authRequired = function(resp, reason) { | ||
sendResponse(resp, "Authentication Required", reason, 401); | ||
}; | ||
|
||
exports.badRequest = function(resp, reason) { | ||
sendResponse(resp, "Bad Request", reason, 400); | ||
}; | ||
|
||
exports.forbidden = function(resp, reason) { | ||
sendResponse(resp, "Forbidden", reason, 403); | ||
}; | ||
|
||
exports.throttled = function(resp, reason) { | ||
sendResponse(resp, "Too Many Requests", reason, 429); | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
/** | ||
* Wrapper around winston for general server logging | ||
*/ | ||
|
||
const winston = require('winston'), | ||
configuration = require('./configuration'), | ||
path = require('path'), | ||
utils = require('./utils'), | ||
LOG_DIR = path.join(configuration.get('var_path'), 'log'), | ||
LOG_FILEPATH = path.join(LOG_DIR, configuration.get('process_type') + '.log'); | ||
|
||
// ensure log dir exists | ||
utils.mkdir_p(LOG_DIR); | ||
|
||
exports.logger = new(winston.Logger)({ | ||
transports: [new (winston.transports.File)({ | ||
timestamp: function() { return new Date().toISOString(); }, | ||
filename: LOG_FILEPATH, | ||
colorize: true, | ||
handleExceptions: true | ||
})] | ||
}); | ||
|
||
exports.enableConsoleLogging = function() { | ||
exports.logger.add( | ||
winston.transports.Console, | ||
{ | ||
colorize: true, | ||
handleExceptions: true | ||
} | ||
); | ||
}; | ||
|
||
if (process.env.LOG_TO_CONSOLE) { | ||
exports.enableConsoleLogging(); | ||
} | ||
|
||
exports.logger.exitOnError = false; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,118 @@ | ||
/* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this | ||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
const path = require('path'), | ||
fs = require('fs'), | ||
jwcrypto = require('jwcrypto'), | ||
Buffer = require('buffer').Buffer, | ||
crypto = require('crypto'); | ||
|
||
// make this async capable | ||
function bytesToChars(buf) { | ||
var str = ""; | ||
const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; | ||
|
||
// yes, we are biasing the output here a bit. | ||
// I'm ok with that. We can improve this over time. | ||
for (var i=0; i < buf.length; i++) { | ||
str += alphabet.charAt(buf[i] % alphabet.length); | ||
} | ||
|
||
return str; | ||
} | ||
|
||
exports.generate = function(chars, cb) { | ||
if (cb) { | ||
crypto.randomBytes(chars, function(ex, buf) { | ||
cb(bytesToChars(buf)); | ||
}); | ||
} else { | ||
return bytesToChars(crypto.randomBytes(chars)); | ||
} | ||
}; | ||
|
||
// we don't bother to make this async, cause it's not needed | ||
exports.weakGenerate = function(chars) { | ||
var str = ""; | ||
const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; | ||
|
||
for (var i=0; i < chars; i++) { | ||
str += alphabet.charAt(Math.floor(Math.random() * alphabet.length)); | ||
} | ||
|
||
return str; | ||
}; | ||
|
||
// functions to set defaults | ||
|
||
// default key name is 'root' | ||
function checkName(name) { | ||
return name ? name : 'root'; | ||
} | ||
|
||
// default directory is the var dir. | ||
function checkDir(dir) { | ||
return dir ? dir : require('./configuration').get('var_path'); | ||
} | ||
|
||
exports.hydrateSecret = function(name, dir) { | ||
dir = checkDir(dir); | ||
var p = path.join(dir, name + ".sekret"); | ||
var secret = undefined; | ||
|
||
try{ secret = fs.readFileSync(p).toString(); } catch(e) {}; | ||
|
||
if (secret === undefined) { | ||
secret = exports.generate(128); | ||
fs.writeFileSync(p, ''); | ||
fs.chmodSync(p, 0600); | ||
fs.writeFileSync(p, secret); | ||
} | ||
return secret; | ||
}; | ||
|
||
exports.loadSecretKey = function(name, dir) { | ||
name = checkName(name); | ||
dir = checkDir(dir); | ||
var p = path.join(dir, name + ".secretkey"); | ||
var secret = undefined; | ||
|
||
// may throw | ||
secret = fs.readFileSync(p).toString(); | ||
|
||
if (secret === undefined) { | ||
return null; | ||
} | ||
|
||
// parse it | ||
return jwcrypto.loadSecretKey(secret); | ||
}; | ||
|
||
function readAndParseCert(name, dir) { | ||
name = checkName(name); | ||
dir = checkDir(dir); | ||
var p = path.join(dir, name + ".cert"); | ||
var cert = undefined; | ||
|
||
// may throw | ||
cert = fs.readFileSync(p).toString(); | ||
|
||
if (cert === undefined) { | ||
return null; | ||
} | ||
|
||
// parse it | ||
// it should be a JSON structure with alg and serialized key | ||
// {alg: <ALG>, value: <SERIALIZED_KEY>} | ||
var payloadSegment = jwcrypto.extractComponents(cert).payloadSegment; | ||
return JSON.parse(new Buffer(payloadSegment, 'base64').toString()); | ||
} | ||
|
||
exports.publicKeyCreationDate = function(name, dir) { | ||
return new Date(readAndParseCert(name, dir).iat); | ||
}; | ||
|
||
exports.loadPublicKey = function(name, dir) { | ||
return jwcrypto.loadPublicKey(JSON.stringify(readAndParseCert(name, dir)['public-key'])); | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
const fs = require('fs'), | ||
path = require('path'); | ||
|
||
var existsSync; | ||
// existsSync moved from path to fs in 0.8.x | ||
if (typeof fs.existsSync === 'function') { | ||
existsSync = fs.existsSync; | ||
} else { | ||
existsSync = path.existsSync; | ||
} | ||
|
||
var mkdir_p = module.exports.mkdir_p = function mkdir_p(dir) { | ||
if (!existsSync(dir)) { | ||
mkdir_p(path.dirname(dir)); | ||
fs.mkdirSync(dir, "0755"); | ||
} | ||
}; |
Oops, something went wrong.