db-vendo-client/lib/request.js

'use strict'

const ProxyAgent = require('https-proxy-agent')
const {isIP} = require('net')
const {Agent: HttpsAgent} = require('https')
const roundRobin = require('@derhuerst/round-robin-scheduler')
const {randomBytes} = require('crypto')
const createHash = require('create-hash')
const {stringify} = require('qs')
const {Request, fetch} = require('cross-fetch')
const {parse: parseContentType} = require('content-type')
const {HafasError} = require('./errors')
const checkIfResponseIsOk = require('./check-if-res-is-ok')

const proxyAddress = process.env.HTTPS_PROXY || process.env.HTTP_PROXY || null
const localAddresses = process.env.LOCAL_ADDRESS || null

if (proxyAddress && localAddresses) {
	console.error('Both env vars HTTPS_PROXY/HTTP_PROXY and LOCAL_ADDRESS are not supported.')
	process.exit(1)
}

const plainAgent = new HttpsAgent({
	keepAlive: true,
})
let getAgent = () => plainAgent

if (proxyAddress) {
	// todo: this doesn't honor `keepAlive: true`
	// related:
	// - https://github.com/TooTallNate/node-https-proxy-agent/pull/112
	// - https://github.com/TooTallNate/node-agent-base/issues/5
	const agent = new ProxyAgent(proxyAddress)
	getAgent = () => agent
} else if (localAddresses) {
	const agents = process.env.LOCAL_ADDRESS.split(',')
	.map((addr) => {
		const family = isIP(addr)
		if (family === 0) throw new Error('invalid local address:' + addr)
		return new HttpsAgent({
			localAddress: addr, family,
			keepAlive: true,
		})
	})
	const pool = roundRobin(agents)
	getAgent = () => pool.get()
}

const id = randomBytes(3).toString('hex')
const randomizeUserAgent = (userAgent) => {
	let ua = userAgent
	for (
		let i = Math.round(5 + Math.random() * 5);
		i < ua.length;
		i += Math.round(5 + Math.random() * 5)
	) {
		ua = ua.slice(0, i) + id + ua.slice(i)
		i += id.length
	}
	return ua
}

const md5 = input => createHash('md5').update(input).digest()

const request = async (ctx, userAgent, reqData) => {
	const {profile, opt} = ctx

	const rawReqBody = profile.transformReqBody(ctx, {
		// todo: is it `eng` actually?
		// RSAG has `deu` instead of `de`
		lang: opt.language || profile.defaultLanguage || 'en',
		svcReqL: [reqData],

		client: profile.client, // client identification
		ext: profile.ext, // ?
		ver: profile.ver, // HAFAS protocol version
		auth: profile.auth, // static authentication
	})

	const req = profile.transformReq(ctx, {
		agent: getAgent(),
		method: 'post',
		// todo: CORS? referrer policy?
		body: JSON.stringify(rawReqBody),
		headers: {
			'Content-Type': 'application/json',
			'Accept-Encoding': 'gzip, br, deflate',
			'Accept': 'application/json',
			'user-agent': profile.randomizeUserAgent
				? randomizeUserAgent(userAgent)
				: userAgent,
			'connection': 'keep-alive', // prevent excessive re-connecting
		},
		redirect: 'follow',
		query: {}
	})

	if (profile.addChecksum || profile.addMicMac) {
		if (!Buffer.isBuffer(profile.salt) && 'string' !== typeof profile.salt) {
			throw new TypeError('profile.salt must be a Buffer or a string.')
		}
		// Buffer.from(buf, 'hex') just returns buf
		const salt = Buffer.from(profile.salt, 'hex')

		if (profile.addChecksum) {
			const checksum = md5(Buffer.concat([
				Buffer.from(req.body, 'utf8'),
				salt,
			]))
			req.query.checksum = checksum.toString('hex')
		}
		if (profile.addMicMac) {
			const mic = md5(Buffer.from(req.body, 'utf8'))
			req.query.mic = mic.toString('hex')

			const micAsHex = Buffer.from(mic.toString('hex'), 'utf8')
			const mac = md5(Buffer.concat([micAsHex, salt]))
			req.query.mac = mac.toString('hex')
		}
	}

	const reqId = randomBytes(3).toString('hex')
	const url = profile.endpoint + '?' + stringify(req.query)
	const fetchReq = new Request(url, req)
	profile.logRequest(ctx, fetchReq, reqId)

	const res = await fetch(url, req)

	const errProps = {
		request: fetchReq,
		response: res,
		url,
	}

	if (!res.ok) {
		// todo [breaking]: make this a FetchError or a HafasClientError?
		const err = new Error(res.statusText)
		Object.assign(err, errProps)
		throw err
	}

	let cType = res.headers.get('content-type')
	if (cType) {
		const {type} = parseContentType(cType)
		if (type !== 'application/json') {
			throw new HafasError('invalid/unsupported response content-type: ' + cType, null, errProps)
		}
	}

	const body = await res.text()
	profile.logResponse(ctx, res, body, reqId)

	const b = JSON.parse(body)
	checkIfResponseIsOk({
		body: b,
		errProps,
	})

	const svcRes = b.svcResL[0].res
	return {
		res: svcRes,
		common: profile.parseCommon({...ctx, res: svcRes}),
	}
}

module.exports = request
move out request handling 2017-11-11 22:49:04 +01:00			`'use strict'`

configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const ProxyAgent = require('https-proxy-agent')`
			`const {isIP} = require('net')`
			`const {Agent: HttpsAgent} = require('https')`
			`const roundRobin = require('@derhuerst/round-robin-scheduler')`
client ID: install-unique -> process-unique 2019-08-04 14:32:44 +02:00			`const {randomBytes} = require('crypto')`
crypto.createHash -> create-hash, 2.7.3 closes #52 2018-05-21 12:15:40 +02:00			`const createHash = require('create-hash')`
parseLocation: L param as fallback ID 2019-02-05 19:07:19 +01:00			`const {stringify} = require('qs')`
fetch-ponyfill & pinkie-promise -> cross-fetch 💥 cross-fetch requires `globalThis.Promise` to be present. 2022-10-24 16:58:54 +02:00			`const {Request, fetch} = require('cross-fetch')`
lib/request: validate response content-type 🐛 2021-04-18 18:42:03 +02:00			`const {parse: parseContentType} = require('content-type')`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`const {HafasError} = require('./errors')`
			`const checkIfResponseIsOk = require('./check-if-res-is-ok')`
move out request handling 2017-11-11 22:49:04 +01:00
support HTTP proxies 2020-09-21 13:18:31 +02:00			`const proxyAddress = process.env.HTTPS_PROXY \|\| process.env.HTTP_PROXY \|\| null`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const localAddresses = process.env.LOCAL_ADDRESS \|\| null`

			`if (proxyAddress && localAddresses) {`
			`console.error('Both env vars HTTPS_PROXY/HTTP_PROXY and LOCAL_ADDRESS are not supported.')`
			`process.exit(1)`
			`}`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00
			`const plainAgent = new HttpsAgent({`
			`keepAlive: true,`
			`})`
			`let getAgent = () => plainAgent`

configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`if (proxyAddress) {`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			// todo: this doesn't honor `keepAlive: true`
			`// related:`
			`// - https://github.com/TooTallNate/node-https-proxy-agent/pull/112`
			`// - https://github.com/TooTallNate/node-agent-base/issues/5`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const agent = new ProxyAgent(proxyAddress)`
			`getAgent = () => agent`
			`} else if (localAddresses) {`
			`const agents = process.env.LOCAL_ADDRESS.split(',')`
			`.map((addr) => {`
			`const family = isIP(addr)`
			`if (family === 0) throw new Error('invalid local address:' + addr)`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			`return new HttpsAgent({`
			`localAddress: addr, family,`
			`keepAlive: true,`
			`})`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`})`
			`const pool = roundRobin(agents)`
			`getAgent = () => pool.get()`
			`}`
support HTTP proxies 2020-09-21 13:18:31 +02:00
request: tweak user-agent randomisation see also https://github.com/deg0nz/MMM-PublicTransportBerlin/pull/67 2022-01-13 13:55:17 +01:00			`const id = randomBytes(3).toString('hex')`
better User-Agent randomization :bug: 2018-08-08 18:40:35 +02:00			`const randomizeUserAgent = (userAgent) => {`
request: tweak user-agent randomisation see also https://github.com/deg0nz/MMM-PublicTransportBerlin/pull/67 2022-01-13 13:55:17 +01:00			`let ua = userAgent`
			`for (`
			`let i = Math.round(5 + Math.random() * 5);`
			`i < ua.length;`
			`i += Math.round(5 + Math.random() * 5)`
			`) {`
			`ua = ua.slice(0, i) + id + ua.slice(i)`
			`i += id.length`
			`}`
			`return ua`
better User-Agent randomization :bug: 2018-08-08 18:40:35 +02:00			`}`

crypto.createHash -> create-hash, 2.7.3 closes #52 2018-05-21 12:15:40 +02:00			`const md5 = input => createHash('md5').update(input).digest()`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const request = async (ctx, userAgent, reqData) => {`
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const {profile, opt} = ctx`

lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const rawReqBody = profile.transformReqBody(ctx, {`
add todos also remove dead code 2020-03-18 21:35:43 +01:00			// todo: is it `eng` actually?
			// RSAG has `deu` instead of `de`
lib/request: use profile.defaultLanguage 2021-04-18 18:41:27 +02:00			`lang: opt.language \|\| profile.defaultLanguage \|\| 'en',`
request: pass whole req body into transformReqBody 🐛✅ 2022-01-04 15:32:16 +01:00			`svcReqL: [reqData],`

			`client: profile.client, // client identification`
			`ext: profile.ext, // ?`
			`ver: profile.ver, // HAFAS protocol version`
			`auth: profile.auth, // static authentication`
language option with default 'en' 2018-07-09 12:40:38 +02:00			`})`
debug hook logging request & response 2018-09-03 15:31:20 +02:00
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const req = profile.transformReq(ctx, {`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`agent: getAgent(),`
move out request handling 2017-11-11 22:49:04 +01:00			`method: 'post',`
			`// todo: CORS? referrer policy?`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`body: JSON.stringify(rawReqBody),`
move out request handling 2017-11-11 22:49:04 +01:00			`headers: {`
			`'Content-Type': 'application/json',`
follow HTTP redirects, accept br encoding 2019-06-24 18:26:11 +02:00			`'Accept-Encoding': 'gzip, br, deflate',`
send Accept: application/json :bug: 2018-06-07 12:04:21 +02:00			`'Accept': 'application/json',`
add profile.randomizeUserAgent flag 📝 2021-12-29 17:01:14 +01:00			`'user-agent': profile.randomizeUserAgent`
			`? randomizeUserAgent(userAgent)`
			`: userAgent,`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			`'connection': 'keep-alive', // prevent excessive re-connecting`
move out request handling 2017-11-11 22:49:04 +01:00			`},`
follow HTTP redirects, accept br encoding 2019-06-24 18:26:11 +02:00			`redirect: 'follow',`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`query: {}`
move out request handling 2017-11-11 22:49:04 +01:00			`})`

mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`if (profile.addChecksum \|\| profile.addMicMac) {`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`if (!Buffer.isBuffer(profile.salt) && 'string' !== typeof profile.salt) {`
			`throw new TypeError('profile.salt must be a Buffer or a string.')`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`}`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`// Buffer.from(buf, 'hex') just returns buf`
			`const salt = Buffer.from(profile.salt, 'hex')`

mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`if (profile.addChecksum) {`
			`const checksum = md5(Buffer.concat([`
			`Buffer.from(req.body, 'utf8'),`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`salt,`
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`]))`
			`req.query.checksum = checksum.toString('hex')`
			`}`
			`if (profile.addMicMac) {`
			`const mic = md5(Buffer.from(req.body, 'utf8'))`
			`req.query.mic = mic.toString('hex')`

mic & mac part 2, VBB salt Many thanks to @alexander-albers! 2018-01-19 15:47:41 +01:00			`const micAsHex = Buffer.from(mic.toString('hex'), 'utf8')`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`const mac = md5(Buffer.concat([micAsHex, salt]))`
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`req.query.mac = mac.toString('hex')`
			`}`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`}`

profile.log{Request,Response}: pass in random request ID 📝 2022-10-07 01:29:36 +02:00			`const reqId = randomBytes(3).toString('hex')`
2.3.1 into new-vbb-protocol 2018-03-02 23:57:29 +01:00			`const url = profile.endpoint + '?' + stringify(req.query)`
add profile.log{Request,Response}() hooks 📝 2022-10-06 14:22:46 +02:00			`const fetchReq = new Request(url, req)`
profile.log{Request,Response}: pass in random request ID 📝 2022-10-07 01:29:36 +02:00			`profile.logRequest(ctx, fetchReq, reqId)`
move out request handling 2017-11-11 22:49:04 +01:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const res = await fetch(url, req)`

			`const errProps = {`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`request: fetchReq,`
			`response: res,`
			`url,`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`}`

			`if (!res.ok) {`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`// todo [breaking]: make this a FetchError or a HafasClientError?`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const err = new Error(res.statusText)`
			`Object.assign(err, errProps)`
			`throw err`
			`}`

			`let cType = res.headers.get('content-type')`
			`if (cType) {`
			`const {type} = parseContentType(cType)`
			`if (type !== 'application/json') {`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`throw new HafasError('invalid/unsupported response content-type: ' + cType, null, errProps)`
move out request handling 2017-11-11 22:49:04 +01:00			`}`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`}`
lib/request: validate response content-type 🐛 2021-04-18 18:42:03 +02:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const body = await res.text()`
			`profile.logResponse(ctx, res, body, reqId)`

			`const b = JSON.parse(body)`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`checkIfResponseIsOk({`
			`body: b,`
			`errProps,`
			`})`
debug hook logging request & response 2018-09-03 15:31:20 +02:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const svcRes = b.svcResL[0].res`
			`return {`
			`res: svcRes,`
			`common: profile.parseCommon({...ctx, res: svcRes}),`
			`}`
move out request handling 2017-11-11 22:49:04 +01:00			`}`

			`module.exports = request`