Komodo / komodo-gw-komodo-httpgex

1

const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER';

1

const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER';

2

3

const config = require('komodo-sdk/config');

3

const config = require('komodo-sdk/config');

4

const logger = require('tektrans-logger');

4

const logger = require('tektrans-logger');

5

6

const { DEBUG_CALLBACK_APIKEY } = process.env;

6

const DEBUG_CALLBACK_APIKEY = process.env.DEBUG_CALLBACK_APIKEY

7

|| (config.partner && config.partner.callback && config.partner.callback.debug_apikey);

7

8

const sendInvalidApikeyResponse = (xid, res) => {

9

const sendInvalidApikeyResponse = (xid, res) => {

9

res.status(403).json({

10

res.status(403).json({

10

status: 'NOT-OK',

11

status: 'NOT-OK',

11

error: 'Invalid APIKEY',

12

error: 'Invalid APIKEY',

12

ts: new Date(),

13

ts: new Date(),

13

xid,

14

xid,

14

});

15

});

15

};

16

};

16

17

if (!config.partner.callback.apikey) {

18

if (!config.partner.callback.apikey) {

18

logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`);

19

logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`);

19

}

20

}

20

21

module.exports = (req, res, next) => {

22

module.exports = (req, res, next) => {

22

const { xid } = res.locals;

23

const { xid } = res.locals;

23

const apikeyFromRequest = req.params.apikey;

24

const apikeyFromRequest = req.params.apikey;

24

25

if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) {

26

if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) {

26

if (DEBUG_CALLBACK_APIKEY) {

27

if (DEBUG_CALLBACK_APIKEY) {

27

logger.verbose(`${MODULE_NAME} 8BE57EB4: Skip APIKEY checker on no config`, {

28

logger.verbose(`${MODULE_NAME} 8BE57EB4: Skip APIKEY checker on no config`, {

28

xid,

29

xid,

29

});

30

});

30

}

31

}

31

next();

32

next();

32

return;

33

return;

33

}

34

}

34

35

if (DEBUG_CALLBACK_APIKEY) {

36

if (DEBUG_CALLBACK_APIKEY) {

36

logger.verbose(`${MODULE_NAME} 1A634029: Checking for apikey validity`, {

37

logger.verbose(`${MODULE_NAME} 1A634029: Checking for apikey validity`, {

37

xid,

38

xid,

38

apikeyFromRequest,

39

apikeyFromRequest,

39

});

40

});

40

}

41

}

41

42

if (

43

if (

43

typeof config.partner.callback.apikey === 'object'

44

typeof config.partner.callback.apikey === 'object'

44

&& Array.isArray(config.partner.callback.apikey)

45

&& Array.isArray(config.partner.callback.apikey)

45

&& config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0

46

&& config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0

46

) {

47

) {

47

if (DEBUG_CALLBACK_APIKEY) {

48

if (DEBUG_CALLBACK_APIKEY) {

48

logger.verbose(`${MODULE_NAME} 4BC7B45D: Apikey match with one of array element`, {

49

logger.verbose(`${MODULE_NAME} 4BC7B45D: Apikey match with one of array element`, {

49

xid,

50

xid,

50

apikeyFromRequest,

51

apikeyFromRequest,

51

});

52

});

52

}

53

}

53

54

next();

55

next();

55

return;

56

return;

56

}

57

}

57

58

if (

59

if (

59

typeof config.partner.callback.apikey === 'string'

60

typeof config.partner.callback.apikey === 'string'

60

&& config.partner.callback.apikey === apikeyFromRequest

61

&& config.partner.callback.apikey === apikeyFromRequest

61

) {

62

) {

62

if (DEBUG_CALLBACK_APIKEY) {

63

if (DEBUG_CALLBACK_APIKEY) {

63

logger.verbose(`${MODULE_NAME} FC80DC85: Apikey match with string config`, {

64

logger.verbose(`${MODULE_NAME} FC80DC85: Apikey match with string config`, {

64

xid,

65

xid,

65

apikeyFromRequest,

66

apikeyFromRequest,

66

});

67

});

67

}

68

}

68

next();

69

next();

69

return;

70

return;

70

}

71

}

71

72

logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, {

73

logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, {

73

xid,

74

xid,

74

remoteIp: req.ip,

75

remoteIp: req.ip,

75

url: req.url,

76

url: req.url,

76

apikeyFromRequest,

77

apikeyFromRequest,

77

});

78

});

78

79

sendInvalidApikeyResponse(xid, res);

80

sendInvalidApikeyResponse(xid, res);

80

};

81

};

81

82

 {
   "handler_name": "KOMODO-GW-HTTPGETX",
   "pull_interval_ms": 1000,
   "partner": {
     "url": "http://PLEASE_CHANGE_ME:25614",
     "terminal_name": "PLEASE_CHANGE_ME",
     "password": "PLEASE_CHANGE_ME",
     "dump_request": true,
     "callback": {
       "port": 14000,
       "url": "http://PLEASE_CHANGE_ME:14000",
       "apikey": [
         "PLEASE_CHANGE_ME"
       ],
       "trust_proxy": ["loopback"],
-      "dump_request": true
+      "dump_request": true,
+      "debug_apikey": false
     }
   },
   "control_panel": {
     "listen_port": 16101,
     "url": "http://localhost:16101/"
   },
   "apiserver": {
     "port": 16102,
     "apikey": "PLEASE_CHANGE_ME",
     "url": "http://localhost:16102/apikey/PLEASE_CHANGE_ME"
   },
   "push_server": {
     "apikey": "PLEASE_CHANGE_ME",
     "advice": {
       "port": 16103,
       "url": "http://localhost:16103/apikey/PLEASE_CHANGE_ME/advice"
     }
   },
   "products": [
   ],
   "remote_products": {},
   "do_not_verbose_log_report": true
 }

 const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER';
 const config = require('komodo-sdk/config');
 const logger = require('tektrans-logger');
-const { DEBUG_CALLBACK_APIKEY } = process.env;
+const DEBUG_CALLBACK_APIKEY = process.env.DEBUG_CALLBACK_APIKEY
+    || (config.partner && config.partner.callback && config.partner.callback.debug_apikey);
 const sendInvalidApikeyResponse = (xid, res) => {
     res.status(403).json({
         status: 'NOT-OK',
         error: 'Invalid APIKEY',
         ts: new Date(),
         xid,
     });
 };
 if (!config.partner.callback.apikey) {
     logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`);
 }
 module.exports = (req, res, next) => {
     const { xid } = res.locals;
     const apikeyFromRequest = req.params.apikey;
     if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) {
         if (DEBUG_CALLBACK_APIKEY) {
             logger.verbose(`${MODULE_NAME} 8BE57EB4: Skip APIKEY checker on no config`, {
                 xid,
             });
         }
         next();
         return;
     }
     if (DEBUG_CALLBACK_APIKEY) {
         logger.verbose(`${MODULE_NAME} 1A634029: Checking for apikey validity`, {
             xid,
             apikeyFromRequest,
         });
     }
     if (
         typeof config.partner.callback.apikey === 'object'
         && Array.isArray(config.partner.callback.apikey)
         && config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0
     ) {
         if (DEBUG_CALLBACK_APIKEY) {
             logger.verbose(`${MODULE_NAME} 4BC7B45D: Apikey match with one of array element`, {
                 xid,
                 apikeyFromRequest,
             });
         }
         next();
         return;
     }
     if (
         typeof config.partner.callback.apikey === 'string'
         && config.partner.callback.apikey === apikeyFromRequest
     ) {
         if (DEBUG_CALLBACK_APIKEY) {
             logger.verbose(`${MODULE_NAME} FC80DC85: Apikey match with string config`, {
                 xid,
                 apikeyFromRequest,
             });
         }
         next();
         return;
     }
     logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, {
         xid,
         remoteIp: req.ip,
         url: req.url,
         apikeyFromRequest,
     });
     sendInvalidApikeyResponse(xid, res);
 };