db-vendo-client/lib/request.js

'use strict'

const DEV = process.env.NODE_ENV === 'dev'
const DEBUG = /(^|,)hafas-client(,|$)/.test(process.env.DEBUG || '')

const ProxyAgent = require('https-proxy-agent')
const {isIP} = require('net')
const {Agent: HttpsAgent} = require('https')
const roundRobin = require('@derhuerst/round-robin-scheduler')
const {randomBytes} = require('crypto')
const createHash = require('create-hash')
const pick = require('lodash/pick')
const captureStackTrace = DEV ? require('capture-stack-trace') : () => {}
const {stringify} = require('qs')
const Promise = require('pinkie-promise')
const {fetch} = require('fetch-ponyfill')({Promise})
const {parse: parseContentType} = require('content-type')
const {addErrorInfo} = require('./errors')

const proxyAddress = process.env.HTTPS_PROXY || process.env.HTTP_PROXY || null
const localAddresses = process.env.LOCAL_ADDRESS || null

if (proxyAddress && localAddresses) {
	console.error('Both env vars HTTPS_PROXY/HTTP_PROXY and LOCAL_ADDRESS are not supported.')
	process.exit(1)
}

const plainAgent = new HttpsAgent({
	keepAlive: true,
})
let getAgent = () => plainAgent

if (proxyAddress) {
	// todo: this doesn't honor `keepAlive: true`
	// related:
	// - https://github.com/TooTallNate/node-https-proxy-agent/pull/112
	// - https://github.com/TooTallNate/node-agent-base/issues/5
	const agent = new ProxyAgent(proxyAddress)
	getAgent = () => agent
} else if (localAddresses) {
	const agents = process.env.LOCAL_ADDRESS.split(',')
	.map((addr) => {
		const family = isIP(addr)
		if (family === 0) throw new Error('invalid local address:' + addr)
		return new HttpsAgent({
			localAddress: addr, family,
			keepAlive: true,
		})
	})
	const pool = roundRobin(agents)
	getAgent = () => pool.get()
}

const id = randomBytes(3).toString('hex')
const randomizeUserAgent = (userAgent) => {
	let ua = userAgent
	for (
		let i = Math.round(5 + Math.random() * 5);
		i < ua.length;
		i += Math.round(5 + Math.random() * 5)
	) {
		ua = ua.slice(0, i) + id + ua.slice(i)
		i += id.length
	}
	return ua
}

const md5 = input => createHash('md5').update(input).digest()

// todo [breaking]: remove userAgent parameter
const request = (ctx, userAgent, reqData) => {
	const {profile, opt} = ctx

	const body = profile.transformReqBody(ctx, {
		// todo: is it `eng` actually?
		// RSAG has `deu` instead of `de`
		lang: opt.language || profile.defaultLanguage || 'en',
		svcReqL: [reqData]
	})
	Object.assign(body, pick(profile, [
		'client', // client identification
		'ext', // ?
		'ver', // HAFAS protocol version
		'auth', // static authentication
	]))

	const req = profile.transformReq(ctx, {
		agent: getAgent(),
		method: 'post',
		// todo: CORS? referrer policy?
		body: JSON.stringify(body),
		headers: {
			'Content-Type': 'application/json',
			'Accept-Encoding': 'gzip, br, deflate',
			'Accept': 'application/json',
			'user-agent': randomizeUserAgent(userAgent),
			'connection': 'keep-alive', // prevent excessive re-connecting
		},
		redirect: 'follow',
		query: {}
	})
	if (DEBUG) console.error(req.body)

	if (profile.addChecksum || profile.addMicMac) {
		if (!Buffer.isBuffer(profile.salt) && 'string' !== typeof profile.salt) {
			throw new TypeError('profile.salt must be a Buffer or a string.')
		}
		// Buffer.from(buf, 'hex') just returns buf
		const salt = Buffer.from(profile.salt, 'hex')

		if (profile.addChecksum) {
			const checksum = md5(Buffer.concat([
				Buffer.from(req.body, 'utf8'),
				salt,
			]))
			req.query.checksum = checksum.toString('hex')
		}
		if (profile.addMicMac) {
			const mic = md5(Buffer.from(req.body, 'utf8'))
			req.query.mic = mic.toString('hex')

			const micAsHex = Buffer.from(mic.toString('hex'), 'utf8')
			const mac = md5(Buffer.concat([micAsHex, salt]))
			req.query.mac = mac.toString('hex')
		}
	}

	const url = profile.endpoint + '?' + stringify(req.query)

	// Async stack traces are not supported everywhere yet, so we create our own.
	const err = new Error()
	err.isHafasError = true // todo: rename to `isHafasClientError`
	err.request = req.body // todo: commit as bugfix
	err.url = url
	captureStackTrace(err)

	return fetch(url, req)
	.then((res) => {
		err.statusCode = res.status
		if (!res.ok) {
			err.message = res.statusText
			throw err
		}

		let cType = res.headers.get('content-type')
		if (cType) {
			const {type} = parseContentType(cType)
			if (type !== 'application/json') {
				const err = new Error('invalid response content-type: ' + cType)
				err.response = res
				throw err
			}
		}
		return res.json()
	})
	.then((b) => {
		if (DEBUG) console.error(JSON.stringify(b))

		if (b.err && b.err !== 'OK') {
			addErrorInfo(err, b.err, b.errTxt, b.id)
			throw err
		}
		if (!b.svcResL || !b.svcResL[0]) {
			err.message = 'invalid response'
			throw err
		}
		if (b.svcResL[0].err !== 'OK') {
			addErrorInfo(err, b.svcResL[0].err, b.svcResL[0].errTxt, b.id)
			throw err
		}

		const res = b.svcResL[0].res
		return {
			res,
			common: profile.parseCommon({...ctx, res})
		}
	})
}

module.exports = request
move out request handling 2017-11-11 22:49:04 +01:00			`'use strict'`

fix test output :green_heart: 2018-09-03 15:45:31 +02:00			`const DEV = process.env.NODE_ENV === 'dev'`
lib/request: fix DEBUG env var switch 🐛 2021-02-17 18:33:18 +01:00			`const DEBUG = /(^\|,)hafas-client(,\|$)/.test(process.env.DEBUG \|\| '')`
debug hook logging request & response 2018-09-03 15:31:20 +02:00
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const ProxyAgent = require('https-proxy-agent')`
			`const {isIP} = require('net')`
			`const {Agent: HttpsAgent} = require('https')`
			`const roundRobin = require('@derhuerst/round-robin-scheduler')`
client ID: install-unique -> process-unique 2019-08-04 14:32:44 +02:00			`const {randomBytes} = require('crypto')`
crypto.createHash -> create-hash, 2.7.3 closes #52 2018-05-21 12:15:40 +02:00			`const createHash = require('create-hash')`
lib/request: add profile.(auth\|client\|ext\|ver) to request 2021-01-14 20:31:14 +01:00			`const pick = require('lodash/pick')`
fix test output :green_heart: 2018-09-03 15:45:31 +02:00			`const captureStackTrace = DEV ? require('capture-stack-trace') : () => {}`
parseLocation: L param as fallback ID 2019-02-05 19:07:19 +01:00			`const {stringify} = require('qs')`
move out request handling 2017-11-11 22:49:04 +01:00			`const Promise = require('pinkie-promise')`
			`const {fetch} = require('fetch-ponyfill')({Promise})`
lib/request: validate response content-type 🐛 2021-04-18 18:42:03 +02:00			`const {parse: parseContentType} = require('content-type')`
refreshJourney: actually throw the error :bug:, add code 2020-04-13 17:06:50 +02:00			`const {addErrorInfo} = require('./errors')`
move out request handling 2017-11-11 22:49:04 +01:00
support HTTP proxies 2020-09-21 13:18:31 +02:00			`const proxyAddress = process.env.HTTPS_PROXY \|\| process.env.HTTP_PROXY \|\| null`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const localAddresses = process.env.LOCAL_ADDRESS \|\| null`

			`if (proxyAddress && localAddresses) {`
			`console.error('Both env vars HTTPS_PROXY/HTTP_PROXY and LOCAL_ADDRESS are not supported.')`
			`process.exit(1)`
			`}`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00
			`const plainAgent = new HttpsAgent({`
			`keepAlive: true,`
			`})`
			`let getAgent = () => plainAgent`

configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`if (proxyAddress) {`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			// todo: this doesn't honor `keepAlive: true`
			`// related:`
			`// - https://github.com/TooTallNate/node-https-proxy-agent/pull/112`
			`// - https://github.com/TooTallNate/node-agent-base/issues/5`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const agent = new ProxyAgent(proxyAddress)`
			`getAgent = () => agent`
			`} else if (localAddresses) {`
			`const agents = process.env.LOCAL_ADDRESS.split(',')`
			`.map((addr) => {`
			`const family = isIP(addr)`
			`if (family === 0) throw new Error('invalid local address:' + addr)`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			`return new HttpsAgent({`
			`localAddress: addr, family,`
			`keepAlive: true,`
			`})`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`})`
			`const pool = roundRobin(agents)`
			`getAgent = () => pool.get()`
			`}`
support HTTP proxies 2020-09-21 13:18:31 +02:00
request: tweak user-agent randomisation see also https://github.com/deg0nz/MMM-PublicTransportBerlin/pull/67 2022-01-13 13:55:17 +01:00			`const id = randomBytes(3).toString('hex')`
better User-Agent randomization :bug: 2018-08-08 18:40:35 +02:00			`const randomizeUserAgent = (userAgent) => {`
request: tweak user-agent randomisation see also https://github.com/deg0nz/MMM-PublicTransportBerlin/pull/67 2022-01-13 13:55:17 +01:00			`let ua = userAgent`
			`for (`
			`let i = Math.round(5 + Math.random() * 5);`
			`i < ua.length;`
			`i += Math.round(5 + Math.random() * 5)`
			`) {`
			`ua = ua.slice(0, i) + id + ua.slice(i)`
			`i += id.length`
			`}`
			`return ua`
better User-Agent randomization :bug: 2018-08-08 18:40:35 +02:00			`}`

crypto.createHash -> create-hash, 2.7.3 closes #52 2018-05-21 12:15:40 +02:00			`const md5 = input => createHash('md5').update(input).digest()`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00
add todos; readme: link to kpublictransport 📝 2021-12-08 14:12:22 +01:00			`// todo [breaking]: remove userAgent parameter`
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const request = (ctx, userAgent, reqData) => {`
			`const {profile, opt} = ctx`

			`const body = profile.transformReqBody(ctx, {`
add todos also remove dead code 2020-03-18 21:35:43 +01:00			// todo: is it `eng` actually?
			// RSAG has `deu` instead of `de`
lib/request: use profile.defaultLanguage 2021-04-18 18:41:27 +02:00			`lang: opt.language \|\| profile.defaultLanguage \|\| 'en',`
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`svcReqL: [reqData]`
language option with default 'en' 2018-07-09 12:40:38 +02:00			`})`
lib/request: add profile.(auth\|client\|ext\|ver) to request 2021-01-14 20:31:14 +01:00			`Object.assign(body, pick(profile, [`
			`'client', // client identification`
			`'ext', // ?`
			`'ver', // HAFAS protocol version`
			`'auth', // static authentication`
			`]))`
debug hook logging request & response 2018-09-03 15:31:20 +02:00
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const req = profile.transformReq(ctx, {`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`agent: getAgent(),`
move out request handling 2017-11-11 22:49:04 +01:00			`method: 'post',`
			`// todo: CORS? referrer policy?`
			`body: JSON.stringify(body),`
			`headers: {`
			`'Content-Type': 'application/json',`
follow HTTP redirects, accept br encoding 2019-06-24 18:26:11 +02:00			`'Accept-Encoding': 'gzip, br, deflate',`
send Accept: application/json :bug: 2018-06-07 12:04:21 +02:00			`'Accept': 'application/json',`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			`'user-agent': randomizeUserAgent(userAgent),`
			`'connection': 'keep-alive', // prevent excessive re-connecting`
move out request handling 2017-11-11 22:49:04 +01:00			`},`
follow HTTP redirects, accept br encoding 2019-06-24 18:26:11 +02:00			`redirect: 'follow',`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`query: {}`
move out request handling 2017-11-11 22:49:04 +01:00			`})`
fix request debug-logging 🐛 2021-12-09 18:58:31 +01:00			`if (DEBUG) console.error(req.body)`
move out request handling 2017-11-11 22:49:04 +01:00
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`if (profile.addChecksum \|\| profile.addMicMac) {`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`if (!Buffer.isBuffer(profile.salt) && 'string' !== typeof profile.salt) {`
			`throw new TypeError('profile.salt must be a Buffer or a string.')`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`}`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`// Buffer.from(buf, 'hex') just returns buf`
			`const salt = Buffer.from(profile.salt, 'hex')`

mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`if (profile.addChecksum) {`
			`const checksum = md5(Buffer.concat([`
			`Buffer.from(req.body, 'utf8'),`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`salt,`
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`]))`
			`req.query.checksum = checksum.toString('hex')`
			`}`
			`if (profile.addMicMac) {`
			`const mic = md5(Buffer.from(req.body, 'utf8'))`
			`req.query.mic = mic.toString('hex')`

mic & mac part 2, VBB salt Many thanks to @alexander-albers! 2018-01-19 15:47:41 +01:00			`const micAsHex = Buffer.from(mic.toString('hex'), 'utf8')`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`const mac = md5(Buffer.concat([micAsHex, salt]))`
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`req.query.mac = mac.toString('hex')`
			`}`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`}`

2.3.1 into new-vbb-protocol 2018-03-02 23:57:29 +01:00			`const url = profile.endpoint + '?' + stringify(req.query)`
move out request handling 2017-11-11 22:49:04 +01:00
nicer async stack traces 2018-01-23 01:24:37 +01:00			`// Async stack traces are not supported everywhere yet, so we create our own.`
			`const err = new Error()`
parse & expose error codes 2018-12-16 23:47:36 +01:00			err.isHafasError = true // todo: rename to `isHafasClientError`
lib/request: use transformed req body :bug: 2019-10-20 02:24:07 +02:00			`err.request = req.body // todo: commit as bugfix`
2.3.1 into new-vbb-protocol 2018-03-02 23:57:29 +01:00			`err.url = url`
nicer async stack traces 2018-01-23 01:24:37 +01:00			`captureStackTrace(err)`

move out request handling 2017-11-11 22:49:04 +01:00			`return fetch(url, req)`
			`.then((res) => {`
nicer async stack traces 2018-01-23 01:24:37 +01:00			`err.statusCode = res.status`
move out request handling 2017-11-11 22:49:04 +01:00			`if (!res.ok) {`
nicer async stack traces 2018-01-23 01:24:37 +01:00			`err.message = res.statusText`
			`throw err`
move out request handling 2017-11-11 22:49:04 +01:00			`}`
lib/request: validate response content-type 🐛 2021-04-18 18:42:03 +02:00
			`let cType = res.headers.get('content-type')`
			`if (cType) {`
			`const {type} = parseContentType(cType)`
			`if (type !== 'application/json') {`
			`const err = new Error('invalid response content-type: ' + cType)`
			`err.response = res`
			`throw err`
			`}`
			`}`
move out request handling 2017-11-11 22:49:04 +01:00			`return res.json()`
			`})`
			`.then((b) => {`
debug hook logging request & response 2018-09-03 15:31:20 +02:00			`if (DEBUG) console.error(JSON.stringify(b))`

fix error parsing :bug: 2018-12-06 11:31:38 +01:00			`if (b.err && b.err !== 'OK') {`
request: add response ID to error objects 2020-02-04 18:42:11 +01:00			`addErrorInfo(err, b.err, b.errTxt, b.id)`
nicer async stack traces 2018-01-23 01:24:37 +01:00			`throw err`
			`}`
			`if (!b.svcResL \|\| !b.svcResL[0]) {`
			`err.message = 'invalid response'`
			`throw err`
			`}`
move out request handling 2017-11-11 22:49:04 +01:00			`if (b.svcResL[0].err !== 'OK') {`
request: add response ID to error objects 2020-02-04 18:42:11 +01:00			`addErrorInfo(err, b.svcResL[0].err, b.svcResL[0].errTxt, b.id)`
nicer async stack traces 2018-01-23 01:24:37 +01:00			`throw err`
move out request handling 2017-11-11 22:49:04 +01:00			`}`

lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const res = b.svcResL[0].res`
			`return {`
			`res,`
			`common: profile.parseCommon({...ctx, res})`
			`}`
move out request handling 2017-11-11 22:49:04 +01:00			`})`
			`}`

			`module.exports = request`