From 58e6b46b42a4aba837f9f96134c78762552e3251 Mon Sep 17 00:00:00 2001 From: Emi Matchu Date: Wed, 13 Mar 2024 13:00:27 -0700 Subject: [PATCH] Split NeoPass dev server into main/backing servers --- bin/neopass-server | 51 +++++++++++++++++++++++++++++++++++++++--- package.json | 2 ++ yarn.lock | 55 +++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 104 insertions(+), 4 deletions(-) diff --git a/bin/neopass-server b/bin/neopass-server index 98b5a651..dee0e1c9 100755 --- a/bin/neopass-server +++ b/bin/neopass-server @@ -1,8 +1,23 @@ #!/usr/bin/env node +/** + * A test NeoPass server! This is a very lean, hacky implementation, designed + * to just see the basic OAuth interactions Work At All. + * + * First, we have a "backing server", which is a `oauth2-mock-server` instance + * that's easy to spin up and have perform OAuth for us. We give it a hardcoded + * development-only key, and it just auto-grants permissions! + * + * We also have a "main server", which obeys the actual NeoPass API: the + * backing server isn't configurable with stuff like paths, so we use the main + * server to proxy from the paths in the NeoPass spec to the paths the backing + * server uses. + */ +const urlLib = require("node:url"); const { OAuth2Server } = require("oauth2-mock-server"); +const express = require("express"); -async function main() { +async function startBackingServer(port) { const server = new OAuth2Server(); await server.issuer.keys.add({ // A key we generated for the NeoPass test server. It's okay for its @@ -21,8 +36,38 @@ async function main() { n: "svVfGU4NGcfBCmQiIOW5uzg5SAN2CWSIQSstnhqZoCdjy5OoKpKVR8O9TbDvxixrvkFyAav90Q0Xse8iFTcjfCKuqINYiuYMXhCvfBlc_DVVOQca9pMpN03LaDofd5Ll4_BFTtt1nSPahwWU7xDM-Bkkh_TcS2qS4N2xbpEGi0q0ZkrJN4WyiDBC2k9WbK-YHr4Rj4JKypFVSeBIrjxVPmlPzgfqlLGGIB0l92SnJDXDMlkWcCCTyLgqSBM04nkxGDSykq_ei76qCdRd7b10wMBaoS9DeBThAyHpur2LoPdH3gxbcwoWExi-jPlNP1LdKVZD8b95OY3CRyMAAMGdKQ", }); - await server.start(8585, "localhost"); - console.log("Started NeoPass server at: ", server.issuer.url); + await server.start(port, "localhost"); + console.log(`Started NeoPass backing server at: ${server.issuer.url}`); +} + +async function startMainServer(port) { + const fetch = await import("node-fetch"); + + const app = express(); + app.use(express.raw()); + + app.get("/", (req, res) => res.end("NeoPass development server for DTI!")); + + app.get("/oauth2/auth", (req, res) => { + const query = urlLib.parse(req.url).query; + res.redirect(`http://localhost:8686/authorize?${query}`); + }); + + app.post("/oauth2/token", (req, res) => { + // For POST requests, the HTTP spec doesn't allow a redirect to a POST, + // so we proxy the request instead. + // TODO: Actually do that! For now we just log it. + console.log(req.body); + res.end("owo"); + }); + + await new Promise((resolve) => app.listen(port, resolve)); + console.log(`Started NeoPass main server at: http://localhost:${port}`); +} + +async function main() { + await startBackingServer(8686); + await startMainServer(8585); } main().catch((error) => { diff --git a/package.json b/package.json index d54c173e..3a8dd3e0 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,9 @@ "eslint-plugin-jsx-a11y": "^6.8.0", "eslint-plugin-react": "^7.33.2", "eslint-plugin-react-hooks": "^4.6.0", + "express": "^4.18.3", "husky": "^8.0.3", + "node-fetch": "^3.3.2", "oauth2-mock-server": "^7.1.1", "prettier": "^3.0.3", "typescript": "^5.2.2" diff --git a/yarn.lock b/yarn.lock index cc206d8c..65158f6b 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2363,6 +2363,13 @@ __metadata: languageName: node linkType: hard +"data-uri-to-buffer@npm:^4.0.0": + version: 4.0.1 + resolution: "data-uri-to-buffer@npm:4.0.1" + checksum: 20a6b93107597530d71d4cb285acee17f66bcdfc03fd81040921a81252f19db27588d87fc8fc69e1950c55cfb0bf8ae40d0e5e21d907230813eb5d5a7f9eb45b + languageName: node + linkType: hard + "debug@npm:2.6.9": version: 2.6.9 resolution: "debug@npm:2.6.9" @@ -2896,7 +2903,7 @@ __metadata: languageName: node linkType: hard -"express@npm:^4.18.2": +"express@npm:^4.18.2, express@npm:^4.18.3": version: 4.18.3 resolution: "express@npm:4.18.3" dependencies: @@ -2978,6 +2985,16 @@ __metadata: languageName: node linkType: hard +"fetch-blob@npm:^3.1.2, fetch-blob@npm:^3.1.4": + version: 3.2.0 + resolution: "fetch-blob@npm:3.2.0" + dependencies: + node-domexception: "npm:^1.0.0" + web-streams-polyfill: "npm:^3.0.3" + checksum: 60054bf47bfa10fb0ba6cb7742acec2f37c1f56344f79a70bb8b1c48d77675927c720ff3191fa546410a0442c998d27ab05e9144c32d530d8a52fbe68f843b69 + languageName: node + linkType: hard + "file-entry-cache@npm:^6.0.1": version: 6.0.1 resolution: "file-entry-cache@npm:6.0.1" @@ -3064,6 +3081,15 @@ __metadata: languageName: node linkType: hard +"formdata-polyfill@npm:^4.0.10": + version: 4.0.10 + resolution: "formdata-polyfill@npm:4.0.10" + dependencies: + fetch-blob: "npm:^3.1.2" + checksum: 5392ec484f9ce0d5e0d52fb5a78e7486637d516179b0eb84d81389d7eccf9ca2f663079da56f761355c0a65792810e3b345dc24db9a8bbbcf24ef3c8c88570c6 + languageName: node + linkType: hard + "forwarded@npm:0.2.0": version: 0.2.0 resolution: "forwarded@npm:0.2.0" @@ -3449,12 +3475,14 @@ __metadata: eslint-plugin-jsx-a11y: "npm:^6.8.0" eslint-plugin-react: "npm:^7.33.2" eslint-plugin-react-hooks: "npm:^4.6.0" + express: "npm:^4.18.3" framer-motion: "npm:^4.1.11" graphql: "npm:^15.5.0" graphql-tag: "npm:^2.12.6" husky: "npm:^8.0.3" immer: "npm:^9.0.6" lru-cache: "npm:^6.0.0" + node-fetch: "npm:^3.3.2" oauth2-mock-server: "npm:^7.1.1" prettier: "npm:^3.0.3" react: "npm:^18.2.0" @@ -4038,6 +4066,24 @@ __metadata: languageName: node linkType: hard +"node-domexception@npm:^1.0.0": + version: 1.0.0 + resolution: "node-domexception@npm:1.0.0" + checksum: 5e5d63cda29856402df9472335af4bb13875e1927ad3be861dc5ebde38917aecbf9ae337923777af52a48c426b70148815e890a5d72760f1b4d758cc671b1a2b + languageName: node + linkType: hard + +"node-fetch@npm:^3.3.2": + version: 3.3.2 + resolution: "node-fetch@npm:3.3.2" + dependencies: + data-uri-to-buffer: "npm:^4.0.0" + fetch-blob: "npm:^3.1.4" + formdata-polyfill: "npm:^4.0.10" + checksum: f3d5e56190562221398c9f5750198b34cf6113aa304e34ee97c94fd300ec578b25b2c2906edba922050fce983338fde0d5d34fcb0fc3336ade5bd0e429ad7538 + languageName: node + linkType: hard + "oauth2-mock-server@npm:^7.1.1": version: 7.1.1 resolution: "oauth2-mock-server@npm:7.1.1" @@ -5256,6 +5302,13 @@ __metadata: languageName: node linkType: hard +"web-streams-polyfill@npm:^3.0.3": + version: 3.3.3 + resolution: "web-streams-polyfill@npm:3.3.3" + checksum: 64e855c47f6c8330b5436147db1c75cb7e7474d924166800e8e2aab5eb6c76aac4981a84261dd2982b3e754490900b99791c80ae1407a9fa0dcff74f82ea3a7f + languageName: node + linkType: hard + "which-boxed-primitive@npm:^1.0.2": version: 1.0.2 resolution: "which-boxed-primitive@npm:1.0.2"