SAP
diff --git a/‎index.js
Lines changed: 1 addition & 0 deletions b/‎index.js
Lines changed: 1 addition & 0 deletions
diff --git a/‎lib/middleware/MiddlewareManager.js
Lines changed: 61 additions & 5 deletions b/‎lib/middleware/MiddlewareManager.js
Lines changed: 61 additions & 5 deletions
diff --git a/‎lib/middleware/cdn.js
Lines changed: 99 additions & 0 deletions b/‎lib/middleware/cdn.js
Lines changed: 99 additions & 0 deletions
diff --git a/‎lib/middleware/middlewareRepository.js
Lines changed: 4 additions & 1 deletion b/‎lib/middleware/middlewareRepository.js
Lines changed: 4 additions & 1 deletion
diff --git a/‎lib/middleware/proxy.js
Lines changed: 55 additions & 0 deletions b/‎lib/middleware/proxy.js
Lines changed: 55 additions & 0 deletions
@@ -5,6 +5,7 @@
 module.exports = {
 	server: require("./lib/server"),
 	sslUtil: require("./lib/sslUtil"),
+	proxyConfiguration: require("./lib/proxyConfiguration"),
 	middlewareRepository: require("./lib/middleware/middlewareRepository"),
 
 	// Legacy middleware export. Still private.
 
@@ -1,12 +1,15 @@
 const middlewareRepository = require("./middlewareRepository");
+const proxyConfiguration = require("../proxyConfiguration");
+
 /**
  *
  *
  * @memberof module:@ui5/server.middleware
  */
 class MiddlewareManager {
 	constructor({tree, resources, options = {
-		sendSAPTargetCSP: false
+		sendSAPTargetCSP: false,
+		useProxy: false
 	}}) {
 		if (!tree || !resources || !resources.all || !resources.rootProject || !resources.dependencies) {
 			throw new Error("[MiddlewareManager]: One or more mandatory parameters not provided");
@@ -64,6 +67,13 @@ class MiddlewareManager {
 	}
 
 	async addStandardMiddleware() {
+		const useProxy = this.options.useProxy;
+
+		let proxyConfig;
+		if (useProxy) {
+			proxyConfig = await proxyConfiguration.getConfigurationForProject(this.tree);
+		}
+
 		await this.addMiddleware("csp", {
 			wrapperCallback: (cspModule) => {
 				const oCspConfig = {
@@ -105,6 +115,21 @@ class MiddlewareManager {
 		});
 		await this.addMiddleware("compression");
 		await this.addMiddleware("cors");
+
+		if (useProxy) {
+			await this.addMiddleware("proxyRewrite", {
+				wrapperCallback: (proxyRewriteModule) => {
+					return ({resources}) => {
+						return proxyRewriteModule({
+							resources,
+							configuration: proxyConfig,
+							cdnUrl: this.options.cdnUrl
+						});
+					};
+				}
+			});
+		}
+
 		await this.addMiddleware("discovery", {
 			mountPath: "/discovery"
 		});
@@ -121,13 +146,44 @@ class MiddlewareManager {
 				};
 			}
 		});
-		await this.addMiddleware("connectUi5Proxy", {
-			mountPath: "/proxy"
-		});
+
+		if (this.options.cdnUrl) {
+			await this.addMiddleware("cdn", {
+				wrapperCallback: (cdn) => {
+					return ({resources}) => {
+						return cdn({
+							resources,
+							cdnUrl: this.options.cdnUrl
+						});
+					};
+				}
+			});
+		}
+
+		if (useProxy) {
+			await this.addMiddleware("proxy", {
+				wrapperCallback: (proxyModule) => {
+					return ({resources}) => {
+						return proxyModule({
+							resources,
+							configuration: proxyConfig
+						});
+					};
+				}
+			});
+		} else {
+			await this.addMiddleware("connectUi5Proxy", {
+				mountPath: "/proxy"
+			});
+		}
+
 		// Handle anything but read operations *before* the serveIndex middleware
 		//	as it will reject them with a 405 (Method not allowed) instead of 404 like our old tooling
 		await this.addMiddleware("nonReadRequests");
-		await this.addMiddleware("serveIndex");
+		if (!useProxy) {
+			// Don't do directory listing when using a proxy. High potential for confusion
+			await this.addMiddleware("serveIndex");
+		}
 	}
 
 	async addCustomMiddleware() {
 
@@ -0,0 +1,99 @@
+const log = require("@ui5/logger").getLogger("server:middleware:cdn");
+const http = require("http");
+const https = require("https");
+
+function createMiddleware({cdnUrl}) {
+	if (!cdnUrl) {
+		throw new Error(`Missing parameter "cdnUrl"`);
+	}
+	if (cdnUrl.endsWith("/")) {
+		throw new Error(`Parameter "cdnUrl" must not end with a slash`);
+	}
+
+	return function proxy(req, res, next) {
+		if (req.method !== "GET" && req.method !== "HEAD" && req.method !== "OPTIONS") {
+			// Cannot be fulfilled by CDN
+			next();
+			return;
+		}
+
+		log.verbose(`Requesting ${req.url} from CDN ${cdnUrl}...`);
+		log.verbose(`Orig. URL: ${req.originalUrl}`);
+
+		getResource({
+			cdnUrl,
+			resourcePath: req.url,
+			resolveOnOddStatusCode: true,
+			headers: req.headers
+		}).then(({data, headers, statusCode}) => {
+			if (statusCode !== 200) {
+				// odd status code
+				log.verbose(`CDN replied with status code ${statusCode} for request ${req.url}`);
+				next();
+				return;
+			}
+			if (headers) {
+				for (const headerKey in headers) {
+					if (headers.hasOwnProperty(headerKey)) {
+						res.setHeader(headerKey, headers[headerKey]);
+					}
+				}
+			}
+
+			res.setHeader("x-ui5-tooling-proxied-from-cdn", cdnUrl);
+			res.setHeader("x-ui5-tooling-proxied-as", req.url);
+
+			res.send(data);
+		}).catch((err) => {
+			log.error(`CDN request error: ${err.message}`);
+			next(err);
+		});
+	};
+}
+
+const cache = {};
+
+function getResource({cdnUrl, resourcePath, resolveOnOddStatusCode, headers}) {
+	return new Promise((resolve, reject) => {
+		const reqUrl = cdnUrl + resourcePath;
+		if (cache[reqUrl]) {
+			resolve(cache[reqUrl]);
+		}
+		if (!cdnUrl.startsWith("http")) {
+			throw new Error(`CDN URL must start with protocol "http" or "https": ${cdnUrl}`);
+		}
+		let client = http;
+		if (cdnUrl.startsWith("https")) {
+			client = https;
+		}
+		client.get(reqUrl, (cdnResponse) => {
+			const {statusCode} = cdnResponse;
+
+			const data = [];
+			cdnResponse.on("data", (chunk) => {
+				data.push(chunk);
+			});
+			cdnResponse.on("end", () => {
+				try {
+					const result = {
+						data: Buffer.concat(data),
+						statusCode,
+						headers: cdnResponse.headers
+					};
+					cache[reqUrl] = result;
+					if (Object.keys(cache).length % 10 === 0) {
+						log.verbose(`Cache size: ${Object.keys(cache).length} entries`);
+					}
+					resolve(result);
+				} catch (err) {
+					reject(err);
+				}
+			});
+		}).on("error", (err) => {
+			reject(err);
+		});
+	});
+}
+
+module.exports = createMiddleware;
+module.exports.getResource = getResource;
@@ -2,13 +2,16 @@ const middlewares = {
 	compression: "compression",
 	cors: "cors",
 	csp: "./csp",
+	cdn: "./cdn",
 	serveResources: "./serveResources",
 	serveIndex: "./serveIndex",
 	discovery: "./discovery",
 	versionInfo: "./versionInfo",
 	connectUi5Proxy: "./connectUi5Proxy",
 	serveThemes: "./serveThemes",
-	nonReadRequests: "./nonReadRequests"
+	nonReadRequests: "./nonReadRequests",
+	proxy: "./proxy",
+	proxyRewrite: "./proxyRewrite"
 };
 
 function getMiddleware(middlewareName) {
 
@@ -0,0 +1,55 @@
+const log = require("@ui5/logger").getLogger("server:middleware:proxy");
+const httpProxy = require("http-proxy");
+
+function createMiddleware({configuration}) {
+	let agent;
+
+	if (configuration.forwardProxy) {
+		let username = configuration.forwardProxy.username;
+		let password = configuration.forwardProxy.password;
+		if (!username) {
+			// TODO prompt user for credentials
+			username = "";
+		}
+		if (!password) {
+			// TODO prompt user for credentials
+			password = "";
+		}
+		const HttpsProxyAgent = require("https-proxy-agent");
+		agent = new HttpsProxyAgent({
+			host: configuration.forwardProxy.hostname,
+			port: configuration.forwardProxy.port,
+			secureProxy: configuration.forwardProxy.useSsl,
+			auth: username + ":" + password
+		});
+	}
+
+	const proxyServer = httpProxy.createProxyServer({
+		agent: agent,
+		secure: !configuration.insecure,
+		prependPath: false,
+		xfwd: true,
+		target: configuration.destination.origin,
+		changeOrigin: true
+	});
+
+	proxyServer.on("proxyRes", function(proxyRes, req, res) {
+		res.setHeader("x-ui5-tooling-proxied-from", configuration.destination.origin);
+	});
+
+	return function proxy(req, res, next) {
+		if (req.url !== req.originalUrl) {
+			log.verbose(`Proxying "${req.url}"`); // normalized URL - used for local resolution
+			log.verbose(`      as "${req.originalUrl}"`); // original URL - used for reverse proxy requests
+		} else {
+			log.verbose(`Proxying "${req.url}"`);
+		}
+		req.url = req.originalUrl; // Always use the original (non-rewritten) URL
+		proxyServer.web(req, res, (err) => {
+			log.error(`Proxy error: ${err.message}`);
+			next(err);
+		});
+	};
+}
+
+module.exports = createMiddleware;