WIP

Author: addaleax

package-lock.json

@@ -49,7 +49,8 @@
     "proxy-agent": "^6.4.0",
     "agent-base": "^7.1.1",
     "ssh2": "^1.15.0",
-    "socksv5": "^0.0.6"
+    "socksv5": "^0.0.6",
+    "node-fetch": "^3.3.2"
   },
   "devDependencies": {
     "@mongodb-js/eslint-config-devtools": "0.9.10",
@@ -62,6 +63,7 @@
     "@types/sinon-chai": "^3.2.5",
     "chai": "^4.3.6",
     "depcheck": "^1.4.1",
+    "duplexpair": "^1.0.2",
     "eslint": "^7.25.0",
     "gen-esm-wrapper": "^1.1.0",
     "mocha": "^8.4.0",

packages/devtools-proxy-support/package.json

@@ -0,0 +1,243 @@
+import { createAgent } from './';
+import type { Agent, IncomingMessage } from 'http';
+import { get as httpGet } from 'http';
+import { get as httpsGet } from 'https';
+import { expect } from 'chai';
+import sinon from 'sinon';
+import { HTTPServerProxyTestSetup } from '../test/helpers';
+import socks5AuthNone from 'socksv5/lib/auth/None';
+import socks5AuthUserPassword from 'socksv5/lib/auth/UserPassword';
+
+describe('createAgent', function () {
+  let setup: HTTPServerProxyTestSetup;
+  let agents: Agent[];
+
+  const get = async (
+    url: string,
+    agent: Agent
+  ): Promise<IncomingMessage & { body: string }> => {
+    const getFn = new URL(url).protocol === 'https:' ? httpsGet : httpGet;
+    const options = {
+      agent,
+      ca: setup.tlsOptions.ca,
+      checkServerIdentity: () => undefined, // allow hostname mismatches
+    };
+    agents.push(agent);
+    const res = await new Promise<IncomingMessage>((resolve, reject) =>
+      getFn(url, options, resolve).once('error', reject)
+    );
+    let body = '';
+    res.setEncoding('utf8');
+    for await (const chunk of res) body += chunk;
+    return Object.assign(res, { body });
+  };
+
+  beforeEach(async function () {
+    agents = [];
+    setup = new HTTPServerProxyTestSetup();
+    await setup.listen();
+  });
+
+  afterEach(async function () {
+    await setup.teardown();
+    for (const agent of new Set(agents)) {
+      agent.destroy();
+    }
+  });
+
+  context('socks5', function () {
+    it('can connect to a socks5 proxy without auth', async function () {
+      setup.socks5ProxyServer.useAuth(socks5AuthNone());
+
+      const res = await get(
+        'http://example.com/hello',
+        createAgent({ proxy: `socks5://127.0.0.1:${setup.socks5ProxyPort}` })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+    });
+
+    it('can connect to a socks5 proxy with successful auth', async function () {
+      const authHandler = sinon.stub().yields(true);
+      setup.socks5ProxyServer.useAuth(socks5AuthUserPassword(authHandler));
+
+      const res = await get(
+        'http://example.com/hello',
+        createAgent({
+          proxy: `socks5://foo:[email protected]:${setup.socks5ProxyPort}`,
+        })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+      expect(authHandler).to.have.been.calledOnceWith('foo', 'bar');
+    });
+
+    it('fails to connect to a socks5 proxy with unsuccessful auth', async function () {
+      const authHandler = sinon.stub().yields(false);
+      setup.socks5ProxyServer.useAuth(socks5AuthUserPassword(authHandler));
+
+      try {
+        await get(
+          'http://example.com/hello',
+          createAgent({
+            proxy: `socks5://foo:[email protected]:${setup.socks5ProxyPort}`,
+          })
+        );
+        expect.fail('missed exception');
+      } catch (err: any) {
+        expect(err.message).to.equal('Socks5 Authentication failed');
+      }
+    });
+  });
+
+  context('http proxy', function () {
+    it('can connect to a socks5 proxy without auth', async function () {
+      const res = await get(
+        'http://example.com/hello',
+        createAgent({ proxy: `http://127.0.0.1:${setup.httpProxyPort}` })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+    });
+
+    it('can connect to a socks5 proxy with successful auth', async function () {
+      setup.authHandler = sinon.stub().returns(true);
+
+      const res = await get(
+        'http://example.com/hello',
+        createAgent({
+          proxy: `http://foo:[email protected]:${setup.httpProxyPort}`,
+        })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+      expect(setup.authHandler).to.have.been.calledOnceWith('foo', 'bar');
+    });
+
+    it('fails to connect to a socks5 proxy with unsuccessful auth', async function () {
+      setup.authHandler = sinon.stub().returns(false);
+
+      const res = await get(
+        'http://example.com/hello',
+        createAgent({
+          proxy: `http://foo:[email protected]:${setup.httpProxyPort}`,
+        })
+      );
+      expect(res.statusCode).to.equal(407);
+    });
+  });
+
+  context('https/connect proxy', function () {
+    it('can connect to a https proxy without auth', async function () {
+      const res = await get(
+        'https://example.com/hello',
+        createAgent({ proxy: `http://127.0.0.1:${setup.httpsProxyPort}` })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+    });
+
+    it('can connect to a socks5 proxy with successful auth', async function () {
+      setup.authHandler = sinon.stub().returns(true);
+
+      const res = await get(
+        'https://example.com/hello',
+        createAgent({
+          proxy: `http://foo:[email protected]:${setup.httpsProxyPort}`,
+        })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+      expect(setup.authHandler).to.have.been.calledOnceWith('foo', 'bar');
+    });
+
+    it('fails to connect to a socks5 proxy with unsuccessful auth', async function () {
+      setup.authHandler = sinon.stub().returns(false);
+
+      const res = await get(
+        'https://example.com/hello',
+        createAgent({
+          proxy: `http://foo:[email protected]:${setup.httpsProxyPort}`,
+        })
+      );
+      expect(res.statusCode).to.equal(407);
+    });
+  });
+
+  context('ssh proxy', function () {
+    it('can connect to a ssh proxy without auth', async function () {
+      const res = await get(
+        'https://example.com/hello',
+        createAgent({ proxy: `ssh://[email protected]:${setup.sshProxyPort}` })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+      expect(setup.sshTunnelInfos).to.deep.equal([
+        { destIP: 'example.com', destPort: 0, srcIP: '127.0.0.1', srcPort: 0 },
+      ]);
+    });
+
+    it('can connect to a ssh proxy with successful auth', async function () {
+      setup.authHandler = sinon.stub().returns(true);
+
+      const res = await get(
+        'https://example.com/hello',
+        createAgent({ proxy: `ssh://foo:[email protected]:${setup.sshProxyPort}` })
+      );
+      expect(res.body).to.equal('OK /hello');
+      expect(setup.getRequestedUrls()).to.deep.equal([
+        'http://example.com/hello',
+      ]);
+      expect(setup.authHandler).to.have.been.calledOnceWith('foo', 'bar');
+    });
+
+    it('fails to connect to a ssh proxy with unsuccessful auth', async function () {
+      setup.authHandler = sinon.stub().returns(false);
+
+      try {
+        await get(
+          'http://example.com/hello',
+          createAgent({
+            proxy: `ssh://foo:[email protected]:${setup.sshProxyPort}`,
+          })
+        );
+        expect.fail('missed exception');
+      } catch (err: any) {
+        expect(err.message).to.equal(
+          'All configured authentication methods failed'
+        );
+      }
+    });
+
+    it('fails to connect to a ssh proxy with unavailable tunneling', async function () {
+      setup.authHandler = sinon.stub().returns(true);
+      setup.canTunnel = false;
+
+      try {
+        await get(
+          'http://example.com/hello',
+          createAgent({
+            proxy: `ssh://foo:[email protected]:${setup.sshProxyPort}`,
+          })
+        );
+        expect.fail('missed exception');
+      } catch (err: any) {
+        expect(err.message).to.include('Channel open failure');
+      }
+    });
+  });
+});

packages/devtools-proxy-support/src/agent.spec.ts

@@ -30,6 +30,9 @@ export type AgentWithInitialize = Agent & {
 export function createAgent(
   proxyOptions: DevtoolsProxyOptions
 ): AgentWithInitialize {
+  // This could be made a bit more flexible by creating an Agent using AgentBase
+  // that will dynamically choose between SSHAgent and ProxyAgent.
+  // Right now, this is a bit simpler in terms of lifetime management for SSHAgent.
   if (proxyOptions.proxy && new URL(proxyOptions.proxy).protocol === 'ssh:') {
     return new SSHAgent(proxyOptions);
   }
@@ -38,3 +41,19 @@ export function createAgent(
     getProxyForUrl,
   });
 }
+
+export function useOrCreateAgent(
+  proxyOptions: DevtoolsProxyOptions | AgentWithInitialize,
+  target?: string
+): AgentWithInitialize | undefined {
+  if ('createConnection' in proxyOptions) {
+    return proxyOptions as AgentWithInitialize;
+  } else {
+    if (
+      target !== undefined &&
+      !proxyForUrl(proxyOptions as DevtoolsProxyOptions)(target)
+    )
+      return undefined;
+    return createAgent(proxyOptions as DevtoolsProxyOptions);
+  }
+}

packages/devtools-proxy-support/src/agent.ts

@@ -0,0 +1,44 @@
+import { expect } from 'chai';
+import { createFetch } from './';
+import { HTTPServerProxyTestSetup } from '../test/helpers';
+
+describe('createFetch', function () {
+  it(`consistency check: plain "import('node-fetch') fails"`, async function () {
+    let failed = false;
+    try {
+      await import('node-fetch');
+    } catch (error) {
+      failed = true;
+      expect((error as Error).message).to.include('require() of ES Module');
+    }
+    expect(failed).to.equal(true);
+  });
+
+  context('HTTP calls', function () {
+    let setup: HTTPServerProxyTestSetup;
+
+    before(async function () {
+      setup = new HTTPServerProxyTestSetup();
+      await setup.listen();
+    });
+
+    after(async function () {
+      await setup.teardown();
+    });
+
+    it('provides a node-fetch-like HTTP functionality', async function () {
+      const response = await createFetch({})(
+        `http://127.0.0.1:${setup.httpServerPort}/test`
+      );
+      expect(await response.text()).to.equal('OK /test');
+    });
+
+    it.only('makes use of proxy support when instructed to do so', async function () {
+      const response = await createFetch({
+        proxy: `ssh://[email protected]:${setup.sshProxyPort}`,
+      })(`http://127.0.0.1:${setup.httpServerPort}/test`);
+      expect(await response.text()).to.equal('OK /test');
+      expect(setup.sshTunnelInfos).to.deep.equal([]);
+    });
+  });
+});