fix(server): add a github bearer token to the request if the site of interest is from GitHub (#5)

* fix(server): add a github bearer token to the request if the site of interest is from GitHub

* test(server): add test to make sure the github sites handling works as expected

Author: danvergara

pkg/server/handlers.go

@@ -4,11 +4,15 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"os"
 	"slices"
+	"strings"
 )
 
 // proxyHandler adds headers to overcome the CORS errors for the Jumble Nostr client.
 func proxyHandler() func(w http.ResponseWriter, r *http.Request) {
+	// Get token from environment variable
+	githubToken := os.Getenv("JUMBLE_PROXY_GITHUB_TOKEN")
 	return func(w http.ResponseWriter, r *http.Request) {
 		// add the paraters to fix CORS issues.
 		w.Header().Set("Access-Control-Allow-Origin", "*")
@@ -25,6 +29,17 @@ func proxyHandler() func(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
+		// Check if the target URL is GitHub.
+		if isGitHubURL(site) {
+			// Set GitHub-specific headers in the proxy.
+			req.Header.Set("Authorization", "Bearer "+githubToken)
+			req.Header.Set("User-Agent", "Mozilla/5.0 (compatible; JumbleProxy/0.1)")
+			req.Header.Set(
+				"Accept",
+				"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
+			)
+		}
+
 		// Copy headers from original request.
 		for header, values := range r.Header {
 			for _, value := range values {
@@ -60,3 +75,9 @@ func proxyHandler() func(w http.ResponseWriter, r *http.Request) {
 		w.Write(body)
 	}
 }
+
+func isGitHubURL(url string) bool {
+	return strings.Contains(strings.ToLower(url), "github.com") ||
+		strings.Contains(strings.ToLower(url), "api.github.com") ||
+		strings.Contains(strings.ToLower(url), "gist.github.com")
+}

pkg/server/server_test.go

@@ -7,6 +7,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"net/url"
+	"os"
 	"testing"
 
 	"github.com/danvergara/jumble-proxy-server/pkg/config"
@@ -72,3 +73,128 @@ func TestServer(t *testing.T) {
 			htmlContent, string(body))
 	}
 }
+
+func TestProxyHandlerGitHub(t *testing.T) {
+	// Set up GitHub token for testing.
+	originalToken := os.Getenv("JUMBLE_PROXY_GITHUB_TOKEN")
+	os.Setenv("JUMBLE_PROXY_GITHUB_TOKEN", "test-github-token")
+	defer func() {
+		if originalToken == "" {
+			os.Unsetenv("JUMBLE_PROXY_GITHUB_TOKEN")
+		} else {
+			os.Setenv("JUMBLE_PROXY_GITHUB_TOKEN", originalToken)
+		}
+	}()
+
+	// Create a mock GitHub server.
+	mockGitHubServer := httptest.NewServer(
+		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			// Verify GitHub-specific headers were added by the proxy.
+			if auth := r.Header.Get("Authorization"); auth != "Bearer test-github-token" {
+				t.Errorf("Expected Authorization header 'Bearer test-github-token', got '%s'", auth)
+			}
+			if userAgent := r.Header.Get("User-Agent"); userAgent != "Mozilla/5.0 (compatible; JumbleProxy/0.1)" {
+				t.Errorf(
+					"Expected User-Agent 'Mozilla/5.0 (compatible; JumbleProxy/0.1)', got '%s'",
+					userAgent,
+				)
+			}
+			if accept := r.Header.Get("Accept"); accept != "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" {
+				t.Errorf("Expected specific Accept header, got '%s'", accept)
+			}
+
+			// Send back a mock GitHub response.
+			w.Header().Set("Content-Type", "application/json")
+			w.Header().Set("X-GitHub-Media-Type", "github.v3")
+			w.WriteHeader(http.StatusOK)
+			w.Write([]byte(`{"message": "Hello from GitHub!"}`))
+		}),
+	)
+	defer mockGitHubServer.Close()
+
+	// Test cases for different GitHub URL formats.
+	testCases := []struct {
+		name string
+		url  string
+	}{
+		{"github.com", mockGitHubServer.URL + "/github.com/user/repo"},
+		{"api.github.com", mockGitHubServer.URL + "/api.github.com/repos/user/repo"},
+		{"gist.github.com", mockGitHubServer.URL + "/gist.github.com/user/gist-id"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			// Create a request to the proxy handler.
+			req := httptest.NewRequest("GET", "/sites/"+url.QueryEscape(tc.url), nil)
+			req.SetPathValue("site", tc.url)
+
+			// Create a response recorder.
+			w := httptest.NewRecorder()
+
+			// Call the proxy handler.
+			handler := proxyHandler()
+			handler(w, req)
+
+			// Check response status.
+			if w.Code != http.StatusOK {
+				t.Errorf("Expected status 200, got %d", w.Code)
+			}
+
+			// Validate CORS headers.
+			expectedHeaders := map[string]string{
+				"Access-Control-Allow-Origin":  "*",
+				"Access-Control-Allow-Methods": "GET",
+				"Access-Control-Allow-Headers": "Content-Type, Authorization",
+			}
+
+			for header, expectedValue := range expectedHeaders {
+				if actualValue := w.Header().Get(header); actualValue != expectedValue {
+					t.Errorf(
+						"Expected %s header '%s', got '%s'",
+						header,
+						expectedValue,
+						actualValue,
+					)
+				}
+			}
+
+			// Validate that GitHub response headers are proxied.
+			if contentType := w.Header().Get("Content-Type"); contentType != "application/json" {
+				t.Errorf("Expected Content-Type 'application/json', got '%s'", contentType)
+			}
+
+			if githubHeader := w.Header().Get("X-GitHub-Media-Type"); githubHeader != "github.v3" {
+				t.Errorf("Expected X-GitHub-Media-Type 'github.v3', got '%s'", githubHeader)
+			}
+
+			// Validate response body.
+			expectedBody := `{"message": "Hello from GitHub!"}`
+			if actualBody := w.Body.String(); actualBody != expectedBody {
+				t.Errorf("Expected body '%s', got '%s'", expectedBody, actualBody)
+			}
+		})
+	}
+}
+
+func TestIsGitHubURL(t *testing.T) {
+	testCases := []struct {
+		url      string
+		expected bool
+	}{
+		{"https://github.com/user/repo", true},
+		{"https://api.github.com/repos/user/repo", true},
+		{"https://gist.github.com/user/gist-id", true},
+		{"https://GITHUB.COM/user/repo", true}, // case insensitive
+		{"https://example.com", false},
+		{"https://gitlab.com/user/repo", false},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.url, func(t *testing.T) {
+			result := isGitHubURL(tc.url)
+			if result != tc.expected {
+				t.Errorf("isGitHubURL(%s) = %v, expected %v", tc.url, result, tc.expected)
+			}
+		})
+	}
+}