Support using https requests with an http proxy

package.json

@@ -21,11 +21,13 @@
   "dependencies": {
     "@eclipse-che/api": "^7.0.0-beta-4.0",
     "axios": "0.19.0",
+    "tunnel": "0.0.6",
     "websocket": "1.0.23"
   },
   "devDependencies": {
     "@types/jest": "22.1.3",
     "@types/node": "9.4.6",
+    "@types/tunnel": "0.0.1",
     "jest": "22.4.2",
     "rimraf": "2.6.2",
     "ts-loader": "4.1.0",

src/index.ts

@@ -8,22 +8,24 @@
  * SPDX-License-Identifier: EPL-2.0
  **********************************************************************/
 
-import axios, {AxiosInstance, AxiosStatic} from 'axios';
-import {IRemoteAPI, RemoteAPI} from './rest/remote-api';
-import {Resources} from './rest/resources';
-import {IWorkspaceMasterApi, WorkspaceMasterApi} from './json-rpc/workspace-master-api';
-import {WebSocketClient} from './json-rpc/web-socket-client';
+import axios, { AxiosInstance, AxiosRequestConfig } from 'axios';
+import { IRemoteAPI, RemoteAPI } from './rest/remote-api';
+import { Resources } from './rest/resources';
 import * as fs from 'fs';
 import * as https from 'https';
+import * as url from 'url';
+import * as tunnel from 'tunnel';
+import { UrlWithStringQuery } from 'url';
 
 export * from './rest/remote-api';
 export * from './json-rpc/workspace-master-api';
 
-export  interface IRestAPIConfig {
+export interface IRestAPIConfig {
     baseUrl?: string;
     headers?: any;
     // path to self signed certificate
     ssCrtPath?: string;
+    loggingEnabled?: boolean;
 }
 
 export default class WorkspaceClient {
@@ -44,23 +46,118 @@ export default class WorkspaceClient {
         return new RemoteAPI(resources);
     }
 
-    public static getJsonRpcApi(entryPoint: string): IWorkspaceMasterApi {
-        const transport = new WebSocketClient();
-        return new WorkspaceMasterApi(transport, entryPoint);
-    }
-
     private static createAxiosInstance(config: IRestAPIConfig): AxiosInstance {
-        if (config.ssCrtPath && this.isItNode() && fs.existsSync(config.ssCrtPath)) {
-            const agent = new https.Agent({
-                ca: fs.readFileSync(config.ssCrtPath)
-            });
-            return axios.create({httpsAgent: agent});
+        if (!this.isItNode()) {
+            this.addLogInterceptorsIfEnabled(axios, config);
+            return axios;
         }
 
+        const certificateAuthority = this.getCertificateAuthority(config);
+        const proxyUrl = process.env.http_proxy;
+        if (proxyUrl && proxyUrl !== '' && config.baseUrl) {
+            const parsedBaseUrl = url.parse(config.baseUrl);
+            if (parsedBaseUrl.hostname && this.shouldProxy(parsedBaseUrl.hostname)) {
+                const axiosRequestConfig: AxiosRequestConfig | undefined = {
+                    proxy: false,
+                };
+                const parsedProxyUrl = url.parse(proxyUrl);
+                const mainProxyOptions = this.getMainProxyOptions(parsedProxyUrl);
+                const httpsProxyOptions = this.getHttpsProxyOptions(mainProxyOptions, parsedBaseUrl.hostname, certificateAuthority);
+                const httpOverHttpsAgent = tunnel.httpOverHttps({ proxy: httpsProxyOptions });
+                const httpsOverHttpsAgent = tunnel.httpsOverHttps(httpsProxyOptions);
+                const urlIsHttps = (parsedBaseUrl.protocol || 'http:').startsWith('https:');
+                const proxyIsHttps = (parsedProxyUrl.protocol || 'http:').startsWith('https:');
+                if (urlIsHttps) {
+                    if (proxyIsHttps) {
+                        axiosRequestConfig.httpsAgent = httpsOverHttpsAgent;
+                    } else {
+                        axiosRequestConfig.httpsAgent = tunnel.httpsOverHttp({
+                            proxy: mainProxyOptions,
+                            ca: certificateAuthority ? [certificateAuthority] : undefined
+                        });
+                    }
+                } else {
+                    axiosRequestConfig.httpAgent = proxyIsHttps ? httpsOverHttpsAgent : httpOverHttpsAgent;
+                }
+                const axiosInstance = axios.create(axiosRequestConfig);
+                this.addLogInterceptorsIfEnabled(axiosInstance, config);
+                return axiosInstance;
+            }
+        }
+        if (certificateAuthority) {
+            const axiosInstance = axios.create({
+                httpsAgent: new https.Agent({
+                    ca: certificateAuthority
+                })
+            });
+            this.addLogInterceptorsIfEnabled(axiosInstance, config);
+            return axiosInstance;
+        }
+        this.addLogInterceptorsIfEnabled(axios, config);
         return axios;
     }
 
     private static isItNode() {
-        return (typeof process !== 'undefined') && (typeof process.versions.node !== 'undefined')
+        return (typeof process !== 'undefined') && (typeof process.versions.node !== 'undefined');
+    }
+
+    private static addLogInterceptorsIfEnabled(axiosInstance: AxiosInstance, config: IRestAPIConfig) {
+        if (!config.loggingEnabled) {
+            return;
+        }
+        axiosInstance.interceptors.request.use(request => {
+            console.log('Starting Request', request);
+            return request;
+        });
+
+        axiosInstance.interceptors.response.use(response => {
+            console.log('Response:', response);
+            return response;
+        });
+    }
+
+    private static getCertificateAuthority(config: IRestAPIConfig): Buffer | undefined {
+        let certificateAuthority: Buffer | undefined;
+        if (config.ssCrtPath && fs.existsSync(config.ssCrtPath)) {
+            certificateAuthority = fs.readFileSync(config.ssCrtPath);
+        }
+        return certificateAuthority;
+    }
+
+    private static getMainProxyOptions(parsedProxyUrl: UrlWithStringQuery): tunnel.ProxyOptions {
+        const port = Number(parsedProxyUrl.port);
+        return {
+            host: parsedProxyUrl.hostname!,
+            port: ( parsedProxyUrl.port !== '' && !isNaN(port)) ? port : 3128,
+            proxyAuth: (parsedProxyUrl.auth && parsedProxyUrl.auth !== '') ? parsedProxyUrl.auth : undefined
+        };
+    }
+
+    private static getHttpsProxyOptions(mainProxyOptions: tunnel.ProxyOptions, servername: string | undefined, certificateAuthority: Buffer | undefined): tunnel.HttpsProxyOptions {
+        return {
+            host: mainProxyOptions.host,
+            port: mainProxyOptions.port,
+            proxyAuth: mainProxyOptions.proxyAuth,
+            servername,
+            ca: certificateAuthority ? [certificateAuthority] : undefined
+        };
+    }
+
+    private static shouldProxy(hostname: string): boolean {
+        const noProxyEnv = process.env.no_proxy || process.env.NO_PROXY;
+        const noProxy: string[] = noProxyEnv ? noProxyEnv.split(',').map(s => s.trim()) : [];
+        return !noProxy.some(rule => {
+            if (!rule) {
+                return false;
+            }
+            if (rule === '*') {
+                return true;
+            }
+            if (rule[0] === '.' &&
+                hostname.substr(hostname.length - rule.length) === rule) {
+                return true;
+            }
+            return hostname === rule;
+        });
     }
 }

webpack.config.js

@@ -51,6 +51,8 @@ var client = {
     target: 'web',
     node: {
         fs: 'empty',
+        net: 'empty',
+        tls: 'empty'
     },
     output: {
         filename: 'client.js',

yarn.lock

@@ -46,11 +46,23 @@
   resolved "https://registry.yarnpkg.com/@types/jest/-/jest-22.1.3.tgz#25da391935e6fac537551456f077ce03144ec168"
   integrity sha512-qpbOiPE3iqeqnicgOVg6MBgtFMxe0Qd5PHtHp4Y7YGBWnNIgv7Mr2lx7ILEN6d7K+Fub9FW1S3Q2NKvbc+b+AA==
 
+"@types/node@*":
+  version "13.9.2"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-13.9.2.tgz#ace1880c03594cc3e80206d96847157d8e7fa349"
+  integrity sha512-bnoqK579sAYrQbp73wwglccjJ4sfRdKU7WNEZ5FW4K2U6Kc0/eZ5kvXG0JKsEKFB50zrFmfFt52/cvBbZa7eXg==
+
 "@types/[email protected]":
   version "9.4.6"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-9.4.6.tgz#d8176d864ee48753d053783e4e463aec86b8d82e"
   integrity sha512-CTUtLb6WqCCgp6P59QintjHWqzf4VL1uPA27bipLAPxFqrtK1gEYllePzTICGqQ8rYsCbpnsNypXjjDzGAAjEQ==
 
+"@types/[email protected]":
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/@types/tunnel/-/tunnel-0.0.1.tgz#0d72774768b73df26f25df9184273a42da72b19c"
+  integrity sha512-AOqu6bQu5MSWwYvehMXLukFHnupHrpZ8nvgae5Ggie9UwzDR1CCwoXgSSWNZJuyOlCdfdsWMA5F2LlmvyoTv8A==
+  dependencies:
+    "@types/node" "*"
+
 abab@^2.0.0:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.2.tgz#a2fba1b122c69a85caa02d10f9270c7219709a9d"
@@ -6271,6 +6283,11 @@ tunnel-agent@^0.6.0:
   dependencies:
     safe-buffer "^5.0.1"
 
+[email protected]:
+  version "0.0.6"
+  resolved "https://registry.yarnpkg.com/tunnel/-/tunnel-0.0.6.tgz#72f1314b34a5b192db012324df2cc587ca47f92c"
+  integrity sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==
+
 tweetnacl@^0.14.3, tweetnacl@~0.14.0:
   version "0.14.5"
   resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64"