db-vendo-client/lib/request.js

import ProxyAgent from 'https-proxy-agent'
import {isIP} from 'net'
import {Agent as HttpsAgent} from 'https'
import roundRobin from '@derhuerst/round-robin-scheduler'
import {randomBytes} from 'crypto'
import createHash from 'create-hash'
import {Buffer} from 'node:buffer'
import {stringify} from 'qs'
import {Request, fetch} from 'cross-fetch'
import {parse as parseContentType} from 'content-type'
import {HafasError, byErrorCode} from './errors.js'

const proxyAddress = process.env.HTTPS_PROXY || process.env.HTTP_PROXY || null
const localAddresses = process.env.LOCAL_ADDRESS || null

if (proxyAddress && localAddresses) {
	console.error('Both env vars HTTPS_PROXY/HTTP_PROXY and LOCAL_ADDRESS are not supported.')
	process.exit(1)
}

const plainAgent = new HttpsAgent({
	keepAlive: true,
})
let getAgent = () => plainAgent

if (proxyAddress) {
	const agent = new ProxyAgent(proxyAddress, {
		keepAlive: true,
		keepAliveMsecs: 10 * 1000, // 10s
	})
	getAgent = () => agent
} else if (localAddresses) {
	const agents = process.env.LOCAL_ADDRESS.split(',')
	.map((addr) => {
		const family = isIP(addr)
		if (family === 0) throw new Error('invalid local address:' + addr)
		return new HttpsAgent({
			localAddress: addr, family,
			keepAlive: true,
		})
	})
	const pool = roundRobin(agents)
	getAgent = () => pool.get()
}

const id = randomBytes(3).toString('hex')
const randomizeUserAgent = (userAgent) => {
	let ua = userAgent
	for (
		let i = Math.round(5 + Math.random() * 5);
		i < ua.length;
		i += Math.round(5 + Math.random() * 5)
	) {
		ua = ua.slice(0, i) + id + ua.slice(i)
		i += id.length
	}
	return ua
}

const md5 = input => createHash('md5').update(input).digest()

const checkIfResponseIsOk = (_) => {
	const {
		body,
		errProps: baseErrProps,
	} = _

	const errProps = {
		...baseErrProps,
	}
	if (body.id) errProps.hafasResponseId = body.id

	// Because we want more accurate stack traces, we don't construct the error here,
	// but only return the constructor & error message.
	const getError = (_) => {
		// mutating here is ugly but pragmatic
		if (_.errTxt) errProps.hafasMessage = _.errTxt
		if (_.errTxtOut) errProps.hafasDescription = _.errTxtOut

		if (_.err in byErrorCode) return byErrorCode[_.err]
		return {
			Error: HafasError,
			message: body.errTxt || 'unknown error',
			props: {},
		}
	}

	if (body.err && body.err !== 'OK') {
		const {Error: HafasError, message, props} = getError(body)
		throw new HafasError(message, body.err, {...errProps, ...props})
	}
	if (!body.svcResL || !body.svcResL[0]) {
		throw new HafasError('invalid/unsupported response structure', null, errProps)
	}
	if (body.svcResL[0].err !== 'OK') {
		const {Error: HafasError, message, props} = getError(body.svcResL[0])
		throw new HafasError(message, body.svcResL[0].err, {...errProps, ...props})
	}
}

const request = async (ctx, userAgent, reqData) => {
	const {profile, opt} = ctx

	const rawReqBody = profile.transformReqBody(ctx, {
		// todo: is it `eng` actually?
		// RSAG has `deu` instead of `de`
		lang: opt.language || profile.defaultLanguage || 'en',
		svcReqL: [reqData],

		client: profile.client, // client identification
		ext: profile.ext, // ?
		ver: profile.ver, // HAFAS protocol version
		auth: profile.auth, // static authentication
	})

	const req = profile.transformReq(ctx, {
		agent: getAgent(),
		method: 'post',
		// todo: CORS? referrer policy?
		body: JSON.stringify(rawReqBody),
		headers: {
			'Content-Type': 'application/json',
			'Accept-Encoding': 'gzip, br, deflate',
			'Accept': 'application/json',
			'user-agent': profile.randomizeUserAgent
				? randomizeUserAgent(userAgent)
				: userAgent,
			'connection': 'keep-alive', // prevent excessive re-connecting
		},
		redirect: 'follow',
		query: {}
	})

	if (profile.addChecksum || profile.addMicMac) {
		if (!Buffer.isBuffer(profile.salt) && 'string' !== typeof profile.salt) {
			throw new TypeError('profile.salt must be a Buffer or a string.')
		}
		// Buffer.from(buf, 'hex') just returns buf
		const salt = Buffer.from(profile.salt, 'hex')

		if (profile.addChecksum) {
			const checksum = md5(Buffer.concat([
				Buffer.from(req.body, 'utf8'),
				salt,
			]))
			req.query.checksum = checksum.toString('hex')
		}
		if (profile.addMicMac) {
			const mic = md5(Buffer.from(req.body, 'utf8'))
			req.query.mic = mic.toString('hex')

			const micAsHex = Buffer.from(mic.toString('hex'), 'utf8')
			const mac = md5(Buffer.concat([micAsHex, salt]))
			req.query.mac = mac.toString('hex')
		}
	}

	const reqId = randomBytes(3).toString('hex')
	const url = profile.endpoint + '?' + stringify(req.query)
	const fetchReq = new Request(url, req)
	profile.logRequest(ctx, fetchReq, reqId)

	const res = await fetch(url, req)

	const errProps = {
		request: fetchReq,
		response: res,
		url,
	}

	if (!res.ok) {
		// todo [breaking]: make this a FetchError or a HafasClientError?
		const err = new Error(res.statusText)
		Object.assign(err, errProps)
		throw err
	}

	let cType = res.headers.get('content-type')
	if (cType) {
		const {type} = parseContentType(cType)
		if (type !== 'application/json') {
			throw new HafasError('invalid/unsupported response content-type: ' + cType, null, errProps)
		}
	}

	const body = await res.text()
	profile.logResponse(ctx, res, body, reqId)

	const b = JSON.parse(body)
	checkIfResponseIsOk({
		body: b,
		errProps,
	})

	const svcRes = b.svcResL[0].res
	return {
		res: svcRes,
		common: profile.parseCommon({...ctx, res: svcRes}),
	}
}

export {
	checkIfResponseIsOk,
	request,
}
convert to ESM 💥📝 2022-05-07 16:17:37 +02:00			`import ProxyAgent from 'https-proxy-agent'`
			`import {isIP} from 'net'`
			`import {Agent as HttpsAgent} from 'https'`
			`import roundRobin from '@derhuerst/round-robin-scheduler'`
			`import {randomBytes} from 'crypto'`
			`import createHash from 'create-hash'`
request: import Buffer 🐛 related: #281 2023-01-06 14:07:30 +01:00			`import {Buffer} from 'node:buffer'`
convert to ESM 💥📝 2022-05-07 16:17:37 +02:00			`import {stringify} from 'qs'`
			`import {Request, fetch} from 'cross-fetch'`
			`import {parse as parseContentType} from 'content-type'`
			`import {HafasError, byErrorCode} from './errors.js'`
move out request handling 2017-11-11 22:49:04 +01:00
support HTTP proxies 2020-09-21 13:18:31 +02:00			`const proxyAddress = process.env.HTTPS_PROXY \|\| process.env.HTTP_PROXY \|\| null`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`const localAddresses = process.env.LOCAL_ADDRESS \|\| null`

			`if (proxyAddress && localAddresses) {`
			`console.error('Both env vars HTTPS_PROXY/HTTP_PROXY and LOCAL_ADDRESS are not supported.')`
			`process.exit(1)`
			`}`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00
			`const plainAgent = new HttpsAgent({`
			`keepAlive: true,`
			`})`
			`let getAgent = () => plainAgent`

configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`if (proxyAddress) {`
https-proxy-agent@7 2023-07-07 19:33:06 +02:00			`const agent = new ProxyAgent(proxyAddress, {`
			`keepAlive: true,`
request: with $HTTP(S)_PROXY, keep connections alive for 10s 2023-07-25 16:08:51 +02:00			`keepAliveMsecs: 10 * 1000, // 10s`
https-proxy-agent@7 2023-07-07 19:33:06 +02:00			`})`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`getAgent = () => agent`
			`} else if (localAddresses) {`
			`const agents = process.env.LOCAL_ADDRESS.split(',')`
			`.map((addr) => {`
			`const family = isIP(addr)`
			`if (family === 0) throw new Error('invalid local address:' + addr)`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			`return new HttpsAgent({`
			`localAddress: addr, family,`
			`keepAlive: true,`
			`})`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`})`
			`const pool = roundRobin(agents)`
			`getAgent = () => pool.get()`
			`}`
support HTTP proxies 2020-09-21 13:18:31 +02:00
request: tweak user-agent randomisation see also https://github.com/deg0nz/MMM-PublicTransportBerlin/pull/67 2022-01-13 13:55:17 +01:00			`const id = randomBytes(3).toString('hex')`
better User-Agent randomization :bug: 2018-08-08 18:40:35 +02:00			`const randomizeUserAgent = (userAgent) => {`
request: tweak user-agent randomisation see also https://github.com/deg0nz/MMM-PublicTransportBerlin/pull/67 2022-01-13 13:55:17 +01:00			`let ua = userAgent`
			`for (`
			`let i = Math.round(5 + Math.random() * 5);`
			`i < ua.length;`
			`i += Math.round(5 + Math.random() * 5)`
			`) {`
			`ua = ua.slice(0, i) + id + ua.slice(i)`
			`i += id.length`
			`}`
			`return ua`
better User-Agent randomization :bug: 2018-08-08 18:40:35 +02:00			`}`

crypto.createHash -> create-hash, 2.7.3 closes #52 2018-05-21 12:15:40 +02:00			`const md5 = input => createHash('md5').update(input).digest()`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00
convert to ESM 💥📝 2022-05-07 16:17:37 +02:00			`const checkIfResponseIsOk = (_) => {`
			`const {`
			`body,`
			`errProps: baseErrProps,`
			`} = _`

			`const errProps = {`
			`...baseErrProps,`
			`}`
			`if (body.id) errProps.hafasResponseId = body.id`

			`// Because we want more accurate stack traces, we don't construct the error here,`
			`// but only return the constructor & error message.`
			`const getError = (_) => {`
			`// mutating here is ugly but pragmatic`
			`if (_.errTxt) errProps.hafasMessage = _.errTxt`
			`if (_.errTxtOut) errProps.hafasDescription = _.errTxtOut`

			`if (_.err in byErrorCode) return byErrorCode[_.err]`
			`return {`
			`Error: HafasError,`
			`message: body.errTxt \|\| 'unknown error',`
			`props: {},`
			`}`
			`}`

			`if (body.err && body.err !== 'OK') {`
			`const {Error: HafasError, message, props} = getError(body)`
			`throw new HafasError(message, body.err, {...errProps, ...props})`
			`}`
			`if (!body.svcResL \|\| !body.svcResL[0]) {`
			`throw new HafasError('invalid/unsupported response structure', null, errProps)`
			`}`
			`if (body.svcResL[0].err !== 'OK') {`
			`const {Error: HafasError, message, props} = getError(body.svcResL[0])`
			`throw new HafasError(message, body.svcResL[0].err, {...errProps, ...props})`
			`}`
			`}`

lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const request = async (ctx, userAgent, reqData) => {`
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const {profile, opt} = ctx`

lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const rawReqBody = profile.transformReqBody(ctx, {`
add todos also remove dead code 2020-03-18 21:35:43 +01:00			// todo: is it `eng` actually?
			// RSAG has `deu` instead of `de`
lib/request: use profile.defaultLanguage 2021-04-18 18:41:27 +02:00			`lang: opt.language \|\| profile.defaultLanguage \|\| 'en',`
request: pass whole req body into transformReqBody 🐛✅ 2022-01-04 15:32:16 +01:00			`svcReqL: [reqData],`

			`client: profile.client, // client identification`
			`ext: profile.ext, // ?`
			`ver: profile.ver, // HAFAS protocol version`
			`auth: profile.auth, // static authentication`
language option with default 'en' 2018-07-09 12:40:38 +02:00			`})`
debug hook logging request & response 2018-09-03 15:31:20 +02:00
lib/request, index: use ctx object :boom: 2019-10-20 01:47:09 +02:00			`const req = profile.transformReq(ctx, {`
configure iface address used via LOCAL_ADDRESS env var 2021-02-07 22:17:02 +01:00			`agent: getAgent(),`
move out request handling 2017-11-11 22:49:04 +01:00			`method: 'post',`
			`// todo: CORS? referrer policy?`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`body: JSON.stringify(rawReqBody),`
move out request handling 2017-11-11 22:49:04 +01:00			`headers: {`
			`'Content-Type': 'application/json',`
follow HTTP redirects, accept br encoding 2019-06-24 18:26:11 +02:00			`'Accept-Encoding': 'gzip, br, deflate',`
send Accept: application/json :bug: 2018-06-07 12:04:21 +02:00			`'Accept': 'application/json',`
add profile.randomizeUserAgent flag 📝 2021-12-29 17:01:14 +01:00			`'user-agent': profile.randomizeUserAgent`
			`? randomizeUserAgent(userAgent)`
			`: userAgent,`
use HTTP keep-alive ⚡️ 1000 locations() requests against DB endpoint, before: min max sum mean stddev 215ms 4351ms 329s 329ms 341ms after: min max sum mean stddev 160ms 579ms 194s 194ms 37ms 2021-12-09 18:53:18 +01:00			`'connection': 'keep-alive', // prevent excessive re-connecting`
move out request handling 2017-11-11 22:49:04 +01:00			`},`
follow HTTP redirects, accept br encoding 2019-06-24 18:26:11 +02:00			`redirect: 'follow',`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`query: {}`
move out request handling 2017-11-11 22:49:04 +01:00			`})`

mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`if (profile.addChecksum \|\| profile.addMicMac) {`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`if (!Buffer.isBuffer(profile.salt) && 'string' !== typeof profile.salt) {`
			`throw new TypeError('profile.salt must be a Buffer or a string.')`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`}`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`// Buffer.from(buf, 'hex') just returns buf`
			`const salt = Buffer.from(profile.salt, 'hex')`

mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`if (profile.addChecksum) {`
			`const checksum = md5(Buffer.concat([`
			`Buffer.from(req.body, 'utf8'),`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`salt,`
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`]))`
			`req.query.checksum = checksum.toString('hex')`
			`}`
			`if (profile.addMicMac) {`
			`const mic = md5(Buffer.from(req.body, 'utf8'))`
			`req.query.mic = mic.toString('hex')`

mic & mac part 2, VBB salt Many thanks to @alexander-albers! 2018-01-19 15:47:41 +01:00			`const micAsHex = Buffer.from(mic.toString('hex'), 'utf8')`
lib/request: allow string profile.salt 2021-01-14 20:30:48 +01:00			`const mac = md5(Buffer.concat([micAsHex, salt]))`
mic & mac calculation thanks to @alexander-albers! see https://github.com/schildbach/public-transport-enabler/issues/187#issuecomment-357436079 2018-01-15 00:45:40 +01:00			`req.query.mac = mac.toString('hex')`
			`}`
move checksum calculation to lib/request 2018-01-15 00:45:05 +01:00			`}`

profile.log{Request,Response}: pass in random request ID 📝 2022-10-07 01:29:36 +02:00			`const reqId = randomBytes(3).toString('hex')`
2.3.1 into new-vbb-protocol 2018-03-02 23:57:29 +01:00			`const url = profile.endpoint + '?' + stringify(req.query)`
add profile.log{Request,Response}() hooks 📝 2022-10-06 14:22:46 +02:00			`const fetchReq = new Request(url, req)`
profile.log{Request,Response}: pass in random request ID 📝 2022-10-07 01:29:36 +02:00			`profile.logRequest(ctx, fetchReq, reqId)`
move out request handling 2017-11-11 22:49:04 +01:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const res = await fetch(url, req)`

			`const errProps = {`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`request: fetchReq,`
			`response: res,`
			`url,`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`}`

			`if (!res.ok) {`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`// todo [breaking]: make this a FetchError or a HafasClientError?`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const err = new Error(res.statusText)`
			`Object.assign(err, errProps)`
			`throw err`
			`}`

			`let cType = res.headers.get('content-type')`
			`if (cType) {`
			`const {type} = parseContentType(cType)`
			`if (type !== 'application/json') {`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`throw new HafasError('invalid/unsupported response content-type: ' + cType, null, errProps)`
move out request handling 2017-11-11 22:49:04 +01:00			`}`
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`}`
lib/request: validate response content-type 🐛 2021-04-18 18:42:03 +02:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const body = await res.text()`
			`profile.logResponse(ctx, res, body, reqId)`

			`const b = JSON.parse(body)`
rework error handling 💥✅📝 2022-05-03 23:21:44 +02:00			`checkIfResponseIsOk({`
			`body: b,`
			`errProps,`
			`})`
debug hook logging request & response 2018-09-03 15:31:20 +02:00
lib/request: use async/await, simplify error handling 2022-05-03 17:51:52 +02:00			`const svcRes = b.svcResL[0].res`
			`return {`
			`res: svcRes,`
			`common: profile.parseCommon({...ctx, res: svcRes}),`
			`}`
move out request handling 2017-11-11 22:49:04 +01:00			`}`

convert to ESM 💥📝 2022-05-07 16:17:37 +02:00			`export {`
			`checkIfResponseIsOk,`
			`request,`
			`}`