node-red/packages/node_modules/@node-red/editor-api/lib/editor/comms.js

/**
 * Copyright JS Foundation and other contributors, http://js.foundation
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 **/

var ws = require("ws");

var log = require("@node-red/util").log; // TODO: separate module
var Tokens;
var Users;
var Permissions;

var server;
var settings;
var runtimeAPI;

var wsServer;
var activeConnections = [];

var anonymousUser;

var retained = {};

var heartbeatTimer;
var lastSentTime;

function init(_server,_settings,_runtimeAPI) {
    server = _server;
    settings = _settings;
    runtimeAPI = _runtimeAPI;
    Tokens = require("../auth/tokens");
    Tokens.onSessionExpiry(handleSessionExpiry);
    Users = require("../auth/users");
    Permissions = require("../auth/permissions");

}
function handleSessionExpiry(session) {
    activeConnections.forEach(connection => {
        if (connection.token === session.accessToken) {
            connection.ws.send(JSON.stringify({auth:"fail"}));
            connection.ws.close();
        }
    })
}
function generateSession(length) {
    var c = "ABCDEFGHIJKLMNOPQRSTUZWXYZabcdefghijklmnopqrstuvwxyz1234567890";
    var token = [];
    for (var i=0;i<length;i++) {
        token.push(c[Math.floor(Math.random()*c.length)]);
    }
    return token.join("");
}

function CommsConnection(ws) {
    this.session = generateSession(32);
    this.ws = ws;
    this.stack = [];
    this.user = null;
    this.lastSentTime = 0;
    var self = this;

    log.audit({event: "comms.open"});
    log.trace("comms.open "+self.session);
    var pendingAuth = (settings.adminAuth != null);

    if (!pendingAuth) {
        addActiveConnection(self);
    }
    ws.on('close',function() {
        log.audit({event: "comms.close",user:self.user, session: self.session});
        log.trace("comms.close "+self.session);
        removeActiveConnection(self);
    });
    ws.on('message', function(data,flags) {
        var msg = null;
        try {
            msg = JSON.parse(data);
        } catch(err) {
            log.trace("comms received malformed message : "+err.toString());
            return;
        }
        if (!pendingAuth) {
            if (msg.subscribe) {
                self.subscribe(msg.subscribe);
                // handleRemoteSubscription(ws,msg.subscribe);
            }
        } else {
            var completeConnection = function(userScope,session,sendAck) {
                try {
                    if (!userScope || !Permissions.hasPermission(userScope,"status.read")) {
                        ws.send(JSON.stringify({auth:"fail"}));
                        ws.close();
                    } else {
                        pendingAuth = false;
                        addActiveConnection(self);
                        self.token = msg.auth;
                        if (sendAck) {
                            ws.send(JSON.stringify({auth:"ok"}));
                        }
                    }
                } catch(err) {
                    console.log(err.stack);
                    // Just in case the socket closes before we attempt
                    // to send anything.
                }
            }
            if (msg.auth) {
                Tokens.get(msg.auth).then(function(client) {
                    if (client) {
                        Users.get(client.user).then(function(user) {
                            if (user) {
                                self.user = user;
                                log.audit({event: "comms.auth",user:self.user});
                                completeConnection(client.scope,msg.auth,true);
                            } else {
                                log.audit({event: "comms.auth.fail"});
                                completeConnection(null,null,false);
                            }
                        });
                    } else {
                        log.audit({event: "comms.auth.fail"});
                        completeConnection(null,null,false);
                    }
                });
            } else {
                if (anonymousUser) {
                    log.audit({event: "comms.auth",user:anonymousUser});
                    self.user = anonymousUser;
                    completeConnection(anonymousUser.permissions,null,false);
                    //TODO: duplicated code - pull non-auth message handling out
                    if (msg.subscribe) {
                        self.subscribe(msg.subscribe);
                    }
                } else {
                    log.audit({event: "comms.auth.fail"});
                    completeConnection(null,null,false);
                }
            }
        }
    });
    ws.on('error', function(err) {
        log.warn(log._("comms.error",{message:err.toString()}));
    });
}

CommsConnection.prototype.send = function(topic,data) {
    var self = this;
    if (topic && data) {
        this.stack.push({topic:topic,data:data});
    }
    if (!this._xmitTimer) {
        this._xmitTimer = setTimeout(function() {
            try {
                self.ws.send(JSON.stringify(self.stack));
                self.lastSentTime = Date.now();
            } catch(err) {
                removeActiveConnection(self);
                log.warn(log._("comms.error-send",{message:err.toString()}));
            }
            delete self._xmitTimer;
            self.stack = [];
        },50);
    }
}

CommsConnection.prototype.subscribe = function(topic) {
    runtimeAPI.comms.subscribe({
        user: this.user,
        client: this,
        topic: topic
    })
}

function start() {
    if (!settings.disableEditor) {
        Users.default().then(function(_anonymousUser) {
            anonymousUser = _anonymousUser;
            var webSocketKeepAliveTime = settings.webSocketKeepAliveTime || 15000;
            var path = settings.httpAdminRoot || "/";
            path = (path.slice(0,1) != "/" ? "/":"") + path + (path.slice(-1) == "/" ? "":"/") + "comms";
            wsServer = new ws.Server({
                server:server,
                path:path,
                // Disable the deflate option due to this issue
                //  https://github.com/websockets/ws/pull/632
                // that is fixed in the 1.x release of the ws module
                // that we cannot currently pickup as it drops node 0.10 support
                //perMessageDeflate: false
            });

            wsServer.on('connection',function(ws) {
                var commsConnection = new CommsConnection(ws);
            });


            wsServer.on('error', function(err) {
                log.warn(log._("comms.error-server",{message:err.toString()}));
            });

            lastSentTime = Date.now();

            heartbeatTimer = setInterval(function() {
                var now = Date.now();
                if (now-lastSentTime > webSocketKeepAliveTime) {
                    activeConnections.forEach(connection => connection.send("hb",lastSentTime));
                }
            }, webSocketKeepAliveTime);
        });
    }
}

function stop() {
    if (heartbeatTimer) {
        clearInterval(heartbeatTimer);
        heartbeatTimer = null;
    }
    if (wsServer) {
        wsServer.close();
        wsServer = null;
    }
}

function addActiveConnection(connection) {
    activeConnections.push(connection);
    runtimeAPI.comms.addConnection({client: connection});
}
function removeActiveConnection(connection) {
    for (var i=0;i<activeConnections.length;i++) {
        if (activeConnections[i] === connection) {
            activeConnections.splice(i,1);
            runtimeAPI.comms.removeConnection({client:connection})
            break;
        }
    }
}

module.exports = {
    init:init,
    start:start,
    stop:stop
}
Add comms module 2014-05-07 21:47:25 +02:00			`/**`
Update copyright header for JS Foundation 2017-01-11 16:24:33 +01:00			`* Copyright JS Foundation and other contributors, http://js.foundation`
Add comms module 2014-05-07 21:47:25 +02:00			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`**/`

			`var ws = require("ws");`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00
WIP: move all the code 2018-08-04 23:23:06 +02:00			`var log = require("@node-red/util").log; // TODO: separate module`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`var Tokens;`
			`var Users;`
			`var Permissions;`
Add comms module 2014-05-07 21:47:25 +02:00
			`var server;`
			`var settings;`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`var runtimeAPI;`
Add comms module 2014-05-07 21:47:25 +02:00
			`var wsServer;`
			`var activeConnections = [];`

Fixup all the tests 2018-04-24 16:01:49 +02:00			`var anonymousUser;`

Add node status updates 2014-05-08 15:15:54 +02:00			`var retained = {};`

Add comms module 2014-05-07 21:47:25 +02:00			`var heartbeatTimer;`
			`var lastSentTime;`

Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`function init(_server,_settings,_runtimeAPI) {`
			`server = _server;`
			`settings = _settings;`
			`runtimeAPI = _runtimeAPI;`
			`Tokens = require("../auth/tokens");`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`Tokens.onSessionExpiry(handleSessionExpiry);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`Users = require("../auth/users");`
			`Permissions = require("../auth/permissions");`

Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`}`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`function handleSessionExpiry(session) {`
			`activeConnections.forEach(connection => {`
			`if (connection.token === session.accessToken) {`
			`connection.ws.send(JSON.stringify({auth:"fail"}));`
			`connection.ws.close();`
			`}`
			`})`
			`}`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`function generateSession(length) {`
			`var c = "ABCDEFGHIJKLMNOPQRSTUZWXYZabcdefghijklmnopqrstuvwxyz1234567890";`
			`var token = [];`
			`for (var i=0;i<length;i++) {`
			`token.push(c[Math.floor(Math.random()*c.length)]);`
			`}`
			`return token.join("");`
Add notification when runtime stopped due to missing types Part of #832 2016-12-05 14:24:24 +01:00			`}`
Move comms from runtime to api component 2015-11-12 10:03:03 +01:00
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`function CommsConnection(ws) {`
			`this.session = generateSession(32);`
			`this.ws = ws;`
			`this.stack = [];`
			`this.user = null;`
			`this.lastSentTime = 0;`
			`var self = this;`

			`log.audit({event: "comms.open"});`
			`log.trace("comms.open "+self.session);`
			`var pendingAuth = (settings.adminAuth != null);`
Add notification when runtime stopped due to missing types Part of #832 2016-12-05 14:24:24 +01:00
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`if (!pendingAuth) {`
			`addActiveConnection(self);`
			`}`
			`ws.on('close',function() {`
			`log.audit({event: "comms.close",user:self.user, session: self.session});`
			`log.trace("comms.close "+self.session);`
			`removeActiveConnection(self);`
			`});`
			`ws.on('message', function(data,flags) {`
			`var msg = null;`
			`try {`
			`msg = JSON.parse(data);`
			`} catch(err) {`
			`log.trace("comms received malformed message : "+err.toString());`
			`return;`
			`}`
			`if (!pendingAuth) {`
			`if (msg.subscribe) {`
			`self.subscribe(msg.subscribe);`
			`// handleRemoteSubscription(ws,msg.subscribe);`
			`}`
			`} else {`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`var completeConnection = function(userScope,session,sendAck) {`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`try {`
			`if (!userScope \|\| !Permissions.hasPermission(userScope,"status.read")) {`
			`ws.send(JSON.stringify({auth:"fail"}));`
			`ws.close();`
			`} else {`
			`pendingAuth = false;`
			`addActiveConnection(self);`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`self.token = msg.auth;`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`if (sendAck) {`
			`ws.send(JSON.stringify({auth:"ok"}));`
			`}`
			`}`
			`} catch(err) {`
			`console.log(err.stack);`
			`// Just in case the socket closes before we attempt`
			`// to send anything.`
			`}`
			`}`
			`if (msg.auth) {`
			`Tokens.get(msg.auth).then(function(client) {`
			`if (client) {`
			`Users.get(client.user).then(function(user) {`
			`if (user) {`
			`self.user = user;`
			`log.audit({event: "comms.auth",user:self.user});`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`completeConnection(client.scope,msg.auth,true);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`} else {`
			`log.audit({event: "comms.auth.fail"});`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`completeConnection(null,null,false);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`}`
			`});`
			`} else {`
			`log.audit({event: "comms.auth.fail"});`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`completeConnection(null,null,false);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`}`
			`});`
			`} else {`
			`if (anonymousUser) {`
			`log.audit({event: "comms.auth",user:anonymousUser});`
			`self.user = anonymousUser;`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`completeConnection(anonymousUser.permissions,null,false);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`//TODO: duplicated code - pull non-auth message handling out`
			`if (msg.subscribe) {`
			`self.subscribe(msg.subscribe);`
			`}`
			`} else {`
			`log.audit({event: "comms.auth.fail"});`
Actively expire login sesssions and notify user 2018-12-11 12:32:12 +01:00			`completeConnection(null,null,false);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`}`
			`}`
			`}`
			`});`
			`ws.on('error', function(err) {`
			`log.warn(log._("comms.error",{message:err.toString()}));`
			`});`
			`}`

			`CommsConnection.prototype.send = function(topic,data) {`
			`var self = this;`
			`if (topic && data) {`
			`this.stack.push({topic:topic,data:data});`
			`}`
			`if (!this._xmitTimer) {`
			`this._xmitTimer = setTimeout(function() {`
			`try {`
			`self.ws.send(JSON.stringify(self.stack));`
			`self.lastSentTime = Date.now();`
			`} catch(err) {`
			`removeActiveConnection(self);`
			`log.warn(log._("comms.error-send",{message:err.toString()}));`
			`}`
			`delete self._xmitTimer;`
			`self.stack = [];`
			`},50);`
			`}`
			`}`

			`CommsConnection.prototype.subscribe = function(topic) {`
			`runtimeAPI.comms.subscribe({`
			`user: this.user,`
			`client: this,`
			`topic: topic`
			`})`
Add comms module 2014-05-07 21:47:25 +02:00			`}`

Add permissions and user menu 2014-12-10 15:16:07 +01:00			`function start() {`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`if (!settings.disableEditor) {`
Fixup all the tests 2018-04-24 16:01:49 +02:00			`Users.default().then(function(_anonymousUser) {`
			`anonymousUser = _anonymousUser;`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`var webSocketKeepAliveTime = settings.webSocketKeepAliveTime \|\| 15000;`
			`var path = settings.httpAdminRoot \|\| "/";`
Improve core test coverage 2015-03-21 18:42:06 +01:00			`path = (path.slice(0,1) != "/" ? "/":"") + path + (path.slice(-1) == "/" ? "":"/") + "comms";`
Disable perMessageDeflate on WS servers Workaround for this issue: https://github.com/websockets/ws/pull/632 as it has been fixed in the 1.x release that drops support for node 0.10... 2016-02-10 22:43:37 +01:00			`wsServer = new ws.Server({`
			`server:server,`
			`path:path,`
			`// Disable the deflate option due to this issue`
			`// https://github.com/websockets/ws/pull/632`
			`// that is fixed in the 1.x release of the ws module`
			`// that we cannot currently pickup as it drops node 0.10 support`
Debug to status option (#1499) * Let debug optionally target the status line (32 chars only) * Add batching of messages to debug ws comms * let Debug handle simple case of NaN would also close #1530 * Fixup debug tests for batch comms (no new tests yet) * mixup comms/api test to match new batch mode (no new tests) * Add test for NaN being sent OK. * redo original fix to padding / labels for new debug options * fix debug test (re-add fix from #1444) * Fix up merge issues in debug tests 2018-01-13 17:14:03 +01:00			`//perMessageDeflate: false`
Disable perMessageDeflate on WS servers Workaround for this issue: https://github.com/websockets/ws/pull/632 as it has been fixed in the 1.x release that drops support for node 0.10... 2016-02-10 22:43:37 +01:00			`});`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`wsServer.on('connection',function(ws) {`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`var commsConnection = new CommsConnection(ws);`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`});`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Split comms across api and runtime 2018-04-23 12:21:02 +02:00
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`wsServer.on('error', function(err) {`
Extract all core runtime messages 2015-05-08 15:21:01 +02:00			`log.warn(log._("comms.error-server",{message:err.toString()}));`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`});`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`lastSentTime = Date.now();`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`heartbeatTimer = setInterval(function() {`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`var now = Date.now();`
			`if (now-lastSentTime > webSocketKeepAliveTime) {`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`activeConnections.forEach(connection => connection.send("hb",lastSentTime));`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}, webSocketKeepAliveTime);`
Add node status updates 2014-05-08 15:15:54 +02:00			`});`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
Add comms module 2014-05-07 21:47:25 +02:00			`}`

Add comms.stop to tidy up keepalive timer 2014-08-01 22:55:05 +02:00			`function stop() {`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`if (heartbeatTimer) {`
			`clearInterval(heartbeatTimer);`
Improve core test coverage 2015-03-21 18:42:06 +01:00			`heartbeatTimer = null;`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
			`if (wsServer) {`
			`wsServer.close();`
Improve core test coverage 2015-03-21 18:42:06 +01:00			`wsServer = null;`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
Add comms.stop to tidy up keepalive timer 2014-08-01 22:55:05 +02:00			`}`

Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`function addActiveConnection(connection) {`
			`activeConnections.push(connection);`
			`runtimeAPI.comms.addConnection({client: connection});`
Add comms module 2014-05-07 21:47:25 +02:00			`}`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`function removeActiveConnection(connection) {`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`for (var i=0;i<activeConnections.length;i++) {`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`if (activeConnections[i] === connection) {`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`activeConnections.splice(i,1);`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`runtimeAPI.comms.removeConnection({client:connection})`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`break;`
			`}`
			`}`
			`}`
Add comms module 2014-05-07 21:47:25 +02:00
			`module.exports = {`
			`init:init,`
			`start:start,`
Split comms across api and runtime 2018-04-23 12:21:02 +02:00			`stop:stop`
Add comms module 2014-05-07 21:47:25 +02:00			`}`