bitinflow/expose
1
0
Fork 0
mirror of https://github.com/bitinflow/expose.git synced 2026-03-14 14:05:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: bitinflow:tcp
Branches Tags
bitinflow:master bitinflow:fix-http-protocol bitinflow:1.0 bitinflow:custom-hostnames bitinflow:share-files bitinflow:tcp bitinflow:associate-sites-with-auth-tokens bitinflow:analysis-lKY3aQ
bitinflow:2.2.3 bitinflow:2.2.2
..
compare: bitinflow:fix-http-protocol
Branches Tags
bitinflow:master bitinflow:fix-http-protocol bitinflow:1.0 bitinflow:custom-hostnames bitinflow:share-files bitinflow:tcp bitinflow:associate-sites-with-auth-tokens bitinflow:analysis-lKY3aQ
bitinflow:2.2.3 bitinflow:2.2.2

18 Commits
tcp ... fix-http-p

Author SHA1 Message Date
René Preuß
763b45a77e Remove rewrite header 2021-01-01 20:13:08 +01:00
René Preuß
f137ea298b Fix prepare method to generate a valid dsn 2021-01-01 20:07:18 +01:00
René Preuß
2f457352c5 Undo test rename 2021-01-01 17:28:10 +01:00
René Preuß
c5cdd8c352 Fix style ci 2021-01-01 16:55:52 +01:00
René Preuß
6f72d719bf Fix http/s protocol headers 
Improve request ids
 2021-01-01 16:06:59 +01:00
Siebe Vanden Eynden
f6d04777e1 Allow custom config file path (#145) 
* allow custom config file path

* Update configuration.md
 2020-12-04 22:45:29 +01:00
Tii
bded9f754e Added command line options for server-host and server-port (#147) 
* Added server options

* Restored box.json

* Reverted build and versioning...

* Please the style gods
 2020-12-04 22:44:25 +01:00
Tii
c92d4b258c Removed fixed IP address for DNS (#148) 2020-12-04 22:39:57 +01:00
Marcel Pociot
eb8d1f4f91 Merge pull request #154 from beyondcode/analysis-5ZodwW 
Apply fixes from StyleCI
 2020-11-01 20:34:40 +01:00
Marcel Pociot
da39fb8ad8 Apply fixes from StyleCI 2020-11-01 19:34:33 +00:00
Marcel Pociot
5b7a80bb0c Merge branch 'master' of github.com:beyondcode/phunnel 2020-11-01 20:34:21 +01:00
Marcel Pociot
f5c009eadd Merge pull request #153 from beyondcode/analysis-7ao7E3 
Apply fixes from StyleCI
 2020-11-01 17:47:36 +01:00
Marcel Pociot
7459c0189b Apply fixes from StyleCI 2020-11-01 16:47:29 +00:00
Merkhad Luigton
8b8426cd3b make expose directly executable in the docker container (#149) 2020-11-01 17:47:21 +01:00
Marcel Pociot
880259657f Rewrite location header 2020-10-25 23:40:45 +01:00
Marcel Pociot
538c7da446 Better memory management for binary responses. Fixes #140 2020-10-17 21:07:29 +02:00
Marcel Pociot
26de32d375 Allow users to reserve subdomains (#131) 2020-09-09 21:57:42 +02:00
Marcel Pociot
2f57fa1952 Add ability to expose TCP connections (#123) 2020-09-08 16:27:39 +02:00
26 changed files with 910 additions and 197 deletions
Expand all files Collapse all files

1
Dockerfile
View File

@@ -21,3 +21,4 @@ ENV password=password
ENV exposeConfigPath=/src/config/expose.php ENV exposeConfigPath=/src/config/expose.php
CMD sed -i "s|username|${username}|g" ${exposeConfigPath} && sed -i "s|password|${password}|g" ${exposeConfigPath} && php expose serve ${domain} --port ${port} --validateAuthTokens CMD sed -i "s|username|${username}|g" ${exposeConfigPath} && sed -i "s|password|${password}|g" ${exposeConfigPath} && php expose serve ${domain} --port ${port} --validateAuthTokens
ENTRYPOINT ["/src/expose"]

25
app/Client/Client.php
View File

@@ -45,13 +45,13 @@ class Client
$sharedUrl = $this->prepareSharedUrl($sharedUrl); $sharedUrl = $this->prepareSharedUrl($sharedUrl);
foreach ($subdomains as $subdomain) { foreach ($subdomains as $subdomain) {
$this->connectToServer($sharedUrl, $subdomain, config('expose.auth_token')); $this->connectToServer($sharedUrl, $subdomain, $this->configuration->auth());
} }
} }
public function sharePort(int $port) public function sharePort(int $port)
{ {
$this->connectToServerAndShareTcp($port, config('expose.auth_token')); $this->connectToServerAndShareTcp($port, $this->configuration->auth());
} }
protected function prepareSharedUrl(string $sharedUrl): string protected function prepareSharedUrl(string $sharedUrl): string
@@ -60,16 +60,11 @@ class Client
return $sharedUrl; return $sharedUrl;
} }
$url = Arr::get($parsedUrl, 'host', Arr::get($parsedUrl, 'path')); $host = Arr::get($parsedUrl, 'host', Arr::get($parsedUrl, 'path', 'localhost'));
$scheme = Arr::get($parsedUrl, 'scheme', 'http');
$port = Arr::get($parsedUrl, 'port', $scheme === 'https' ? 443 : 80);
if (Arr::get($parsedUrl, 'scheme') === 'https') { return sprintf('%s://%s:%s', $scheme, $host, $port);
$url .= ':443';
}
if (! is_null($port = Arr::get($parsedUrl, 'port'))) {
$url .= ":{$port}";
}
return $url;
} }
public function connectToServer(string $sharedUrl, $subdomain, $authToken = ''): PromiseInterface public function connectToServer(string $sharedUrl, $subdomain, $authToken = ''): PromiseInterface
@@ -197,6 +192,14 @@ class Client
protected function attachCommonConnectionListeners(ControlConnection $connection, Deferred $deferred) protected function attachCommonConnectionListeners(ControlConnection $connection, Deferred $deferred)
{ {
$connection->on('info', function ($data) {
$this->logger->info($data->message);
});
$connection->on('error', function ($data) {
$this->logger->error($data->message);
});
$connection->on('authenticationFailed', function ($data) use ($deferred) { $connection->on('authenticationFailed', function ($data) use ($deferred) {
$this->logger->error($data->message); $this->logger->error($data->message);

12
app/Client/Configuration.php
View File

@@ -36,4 +36,16 @@ class Configuration
{ {
return intval($this->port); return intval($this->port);
} }
public function getUrl(string $subdomain): string
{
$httpProtocol = $this->port() === 443 ? 'https' : 'http';
$host = $this->host();
if ($httpProtocol !== 'https') {
$host .= ":{$this->port()}";
}
return "{$subdomain}.{$host}";
}
} }

37
app/Client/Http/HttpClient.php
View File

@@ -2,6 +2,7 @@
namespace App\Client\Http; namespace App\Client\Http;
use App\Client\Configuration;
use App\Client\Http\Modifiers\CheckBasicAuthentication; use App\Client\Http\Modifiers\CheckBasicAuthentication;
use App\Logger\RequestLogger; use App\Logger\RequestLogger;
use Clue\React\Buzz\Browser; use Clue\React\Buzz\Browser;
@@ -10,10 +11,12 @@ use function GuzzleHttp\Psr7\str;
use Laminas\Http\Request; use Laminas\Http\Request;
use Psr\Http\Message\RequestInterface; use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\UriInterface;
use Ratchet\Client\WebSocket; use Ratchet\Client\WebSocket;
use Ratchet\RFC6455\Messaging\Frame; use Ratchet\RFC6455\Messaging\Frame;
use React\EventLoop\LoopInterface; use React\EventLoop\LoopInterface;
use React\Socket\Connector; use React\Socket\Connector;
use React\Stream\ReadableStreamInterface;
class HttpClient class HttpClient
{ {
@@ -26,19 +29,26 @@ class HttpClient
/** @var Request */ /** @var Request */
protected $request; protected $request;
protected $connectionData;
/** @var array */ /** @var array */
protected $modifiers = [ protected $modifiers = [
CheckBasicAuthentication::class, CheckBasicAuthentication::class,
]; ];
/** @var Configuration */
protected $configuration;
public function __construct(LoopInterface $loop, RequestLogger $logger) public function __construct(LoopInterface $loop, RequestLogger $logger, Configuration $configuration)
{ {
$this->loop = $loop; $this->loop = $loop;
$this->logger = $logger; $this->logger = $logger;
$this->configuration = $configuration;
} }
public function performRequest(string $requestData, WebSocket $proxyConnection = null, string $requestId = null) public function performRequest(string $requestData, WebSocket $proxyConnection = null, $connectionData = null)
{ {
$this->connectionData = $connectionData;
$this->request = $this->parseRequest($requestData); $this->request = $this->parseRequest($requestData);
$this->logger->logRequest($requestData, $this->request); $this->logger->logRequest($requestData, $this->request);
@@ -66,7 +76,6 @@ class HttpClient
protected function createConnector(): Connector protected function createConnector(): Connector
{ {
return new Connector($this->loop, [ return new Connector($this->loop, [
'dns' => '127.0.0.1',
'tls' => [ 'tls' => [
'verify_peer' => false, 'verify_peer' => false,
'verify_peer_name' => false, 'verify_peer_name' => false,
@@ -77,12 +86,9 @@ class HttpClient
protected function sendRequestToApplication(RequestInterface $request, $proxyConnection = null) protected function sendRequestToApplication(RequestInterface $request, $proxyConnection = null)
{ {
(new Browser($this->loop, $this->createConnector())) (new Browser($this->loop, $this->createConnector()))
->withOptions([ ->withFollowRedirects(false)
'followRedirects' => false, ->withRejectErrorResponse(false)
'obeySuccessCode' => false, ->requestStreaming($request->getMethod(), $this->getExposeUri($request), $request->getHeaders(), $request->getBody())
'streaming' => true,
])
->send($request)
->then(function (ResponseInterface $response) use ($proxyConnection) { ->then(function (ResponseInterface $response) use ($proxyConnection) {
if (! isset($response->buffer)) { if (! isset($response->buffer)) {
$response->buffer = str($response); $response->buffer = str($response);
@@ -90,7 +96,7 @@ class HttpClient
$this->sendChunkToServer($response->buffer, $proxyConnection); $this->sendChunkToServer($response->buffer, $proxyConnection);
/* @var $body \React\Stream\ReadableStreamInterface */ /* @var $body ReadableStreamInterface */
$body = $response->getBody(); $body = $response->getBody();
$this->logResponse(str($response)); $this->logResponse(str($response));
@@ -126,4 +132,15 @@ class HttpClient
{ {
return Request::fromString($data); return Request::fromString($data);
} }
private function getExposeUri(RequestInterface $request): UriInterface
{
$exposeProto = $request->getHeader('x-expose-proto')[0];
$exposeHost = explode(':', $request->getHeader('x-expose-host')[0]);
return $request->getUri()
->withScheme($exposeProto)
->withHost($exposeHost[0])
->withPort($exposeHost[1]);
}
} }

6
app/Client/ProxyManager.php
View File

@@ -32,7 +32,7 @@ class ProxyManager
], $this->loop) ], $this->loop)
->then(function (WebSocket $proxyConnection) use ($clientId, $connectionData) { ->then(function (WebSocket $proxyConnection) use ($clientId, $connectionData) {
$proxyConnection->on('message', function ($message) use ($proxyConnection, $connectionData) { $proxyConnection->on('message', function ($message) use ($proxyConnection, $connectionData) {
$this->performRequest($proxyConnection, $connectionData->request_id, (string) $message); $this->performRequest($proxyConnection, (string) $message, $connectionData);
}); });
$proxyConnection->send(json_encode([ $proxyConnection->send(json_encode([
@@ -76,8 +76,8 @@ class ProxyManager
}); });
} }
protected function performRequest(WebSocket $proxyConnection, $requestId, string $requestData) protected function performRequest(WebSocket $proxyConnection, string $requestData, $connectionData)
{ {
app(HttpClient::class)->performRequest((string) $requestData, $proxyConnection, $requestId); app(HttpClient::class)->performRequest((string) $requestData, $proxyConnection, $connectionData);
} }
} }

12
app/Commands/ShareCommand.php
View File

@@ -10,7 +10,7 @@ use Symfony\Component\Console\Output\ConsoleOutput;
class ShareCommand extends Command class ShareCommand extends Command
{ {
protected $signature = 'share {host} {--subdomain=} {--auth=}'; protected $signature = 'share {host} {--subdomain=} {--auth=} {--server-host=} {--server-port=}';
protected $description = 'Share a local url with a remote expose server'; protected $description = 'Share a local url with a remote expose server';
@@ -27,11 +27,15 @@ class ShareCommand extends Command
{ {
$this->configureConnectionLogger(); $this->configureConnectionLogger();
$serverHost = $this->option('server-host') ?? config('expose.host', 'localhost');
$serverPort = $this->option('server-port') ?? config('expose.port', 8080);
$auth = $this->option('auth') ?? config('expose.auth_token', '');
(new Factory()) (new Factory())
->setLoop(app(LoopInterface::class)) ->setLoop(app(LoopInterface::class))
->setHost(config('expose.host', 'localhost')) ->setHost($serverHost)
->setPort(config('expose.port', 8080)) ->setPort($serverPort)
->setAuth($this->option('auth')) ->setAuth($auth)
->createClient() ->createClient()
->share($this->argument('host'), explode(',', $this->option('subdomain'))) ->share($this->argument('host'), explode(',', $this->option('subdomain')))
->createHttpServer() ->createHttpServer()

2
app/Commands/ShareCurrentWorkingDirectoryCommand.php
View File

@@ -4,7 +4,7 @@ namespace App\Commands;
class ShareCurrentWorkingDirectoryCommand extends ShareCommand class ShareCurrentWorkingDirectoryCommand extends ShareCommand
{ {
protected $signature = 'share-cwd {host?} {--subdomain=} {--auth=}'; protected $signature = 'share-cwd {host?} {--subdomain=} {--auth=} {--server-host=} {--server-port=}';
public function handle() public function handle()
{ {

22
app/Contracts/SubdomainRepository.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace App\Contracts;
use React\Promise\PromiseInterface;
interface SubdomainRepository
{
public function getSubdomains(): PromiseInterface;
public function getSubdomainById($id): PromiseInterface;
public function getSubdomainByName(string $name): PromiseInterface;
public function getSubdomainsByUserId($id): PromiseInterface;
public function getSubdomainsByUserIdAndName($id, $name): PromiseInterface;
public function deleteSubdomainForUserId($userId, $subdomainId): PromiseInterface;
public function storeSubdomain(array $data): PromiseInterface;
}

123
app/Logger/LoggedRequest.php
View File

@@ -19,11 +19,8 @@ class LoggedRequest implements \JsonSerializable
/** @var Request */ /** @var Request */
protected $parsedRequest; protected $parsedRequest;
/** @var string */ /** @var LoggedResponse */
protected $rawResponse; protected $response;
/** @var Response */
protected $parsedResponse;
/** @var string */ /** @var string */
protected $id; protected $id;
@@ -71,22 +68,8 @@ class LoggedRequest implements \JsonSerializable
], ],
]; ];
if ($this->parsedResponse) { if ($this->response) {
$logBody = $this->shouldReturnBody(); $data['response'] = $this->response->toArray();
try {
$body = $logBody ? $this->parsedResponse->getBody() : '';
} catch (\Exception $e) {
$body = '';
}
$data['response'] = [
'raw' => $logBody ? $this->rawResponse : 'SKIPPED BY CONFIG OR BINARY RESPONSE',
'status' => $this->parsedResponse->getStatusCode(),
'headers' => $this->parsedResponse->getHeaders()->toArray(),
'reason' => $this->parsedResponse->getReasonPhrase(),
'body' => $logBody ? $body : 'SKIPPED BY CONFIG OR BINARY RESPONSE',
];
} }
return $data; return $data;
@@ -107,96 +90,6 @@ class LoggedRequest implements \JsonSerializable
return preg_match('~[^\x20-\x7E\t\r\n]~', $string) > 0; return preg_match('~[^\x20-\x7E\t\r\n]~', $string) > 0;
} }
protected function shouldReturnBody(): bool
{
if ($this->skipByStatus()) {
return false;
}
if ($this->skipByContentType()) {
return false;
}
if ($this->skipByExtension()) {
return false;
}
if ($this->skipBySize()) {
return false;
}
$header = $this->parsedResponse->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
$patterns = [
'application/json',
'text/*',
'*javascript*',
];
return Str::is($patterns, $contentType);
}
protected function skipByStatus(): bool
{
if (empty(config()->get('expose.skip_body_log.status'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.status'), $this->parsedResponse->getStatusCode());
}
protected function skipByContentType(): bool
{
if (empty(config()->get('expose.skip_body_log.content_type'))) {
return false;
}
$header = $this->parsedResponse->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
return Str::is(config()->get('expose.skip_body_log.content_type'), $contentType);
}
protected function skipByExtension(): bool
{
if (empty(config()->get('expose.skip_body_log.extension'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.extension'), $this->parsedRequest->getUri()->getPath());
}
protected function skipBySize(): bool
{
$configSize = $this->getConfigSize(config()->get('expose.skip_body_log.size', '1MB'));
$contentLength = $this->parsedResponse->getHeaders()->get('Content-Length');
if (! $contentLength) {
return false;
}
$contentSize = $contentLength->getFieldValue() ?? 0;
return $contentSize > $configSize;
}
protected function getConfigSize(string $size): int
{
$units = ['B', 'KB', 'MB', 'GB'];
$number = substr($size, 0, -2);
$suffix = strtoupper(substr($size, -2));
// B or no suffix
if (is_numeric(substr($suffix, 0, 1))) {
return preg_replace('/[^\d]/', '', $size);
}
// if we have an error in the input, default to GB
$exponent = array_flip($units)[$suffix] ?? 5;
return $number * (1024 ** $exponent);
}
public function getRequest() public function getRequest()
{ {
return $this->parsedRequest; return $this->parsedRequest;
@@ -204,9 +97,7 @@ class LoggedRequest implements \JsonSerializable
public function setResponse(string $rawResponse, Response $response) public function setResponse(string $rawResponse, Response $response)
{ {
$this->parsedResponse = $response; $this->response = new LoggedResponse($rawResponse, $response, $this->getRequest());
$this->rawResponse = $rawResponse;
if (is_null($this->stopTime)) { if (is_null($this->stopTime)) {
$this->stopTime = now(); $this->stopTime = now();
@@ -223,9 +114,9 @@ class LoggedRequest implements \JsonSerializable
return $this->rawRequest; return $this->rawRequest;
} }
public function getResponse(): ?Response public function getResponse(): ?LoggedResponse
{ {
return $this->parsedResponse; return $this->response;
} }
public function getPostData() public function getPostData()

160
app/Logger/LoggedResponse.php Normal file
View File

@@ -0,0 +1,160 @@
<?php
namespace App\Logger;
use Illuminate\Support\Str;
use Laminas\Http\Request;
use Laminas\Http\Response;
class LoggedResponse
{
/** @var string */
protected $rawResponse;
/** @var Response */
protected $response;
/** @var Request */
protected $request;
protected $reasonPhrase;
protected $body;
protected $statusCode;
protected $headers;
public function __construct(string $rawResponse, Response $response, Request $request)
{
$this->rawResponse = $rawResponse;
$this->response = $response;
$this->request = $request;
if (! $this->shouldReturnBody()) {
$this->rawResponse = 'SKIPPED BY CONFIG OR BINARY RESPONSE';
$this->body = 'SKIPPED BY CONFIG OR BINARY RESPONSE';
} else {
try {
$this->body = $response->getBody();
} catch (\Exception $e) {
$this->body = '';
}
}
$this->statusCode = $response->getStatusCode();
$this->reasonPhrase = $response->getReasonPhrase();
$this->headers = $response->getHeaders()->toArray();
$this->response = null;
$this->request = null;
}
protected function shouldReturnBody(): bool
{
if ($this->skipByStatus()) {
return false;
}
if ($this->skipByContentType()) {
return false;
}
if ($this->skipByExtension()) {
return false;
}
if ($this->skipBySize()) {
return false;
}
$header = $this->response->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
$patterns = [
'application/json',
'text/*',
'*javascript*',
];
return Str::is($patterns, $contentType);
}
protected function skipByStatus(): bool
{
if (empty(config()->get('expose.skip_body_log.status'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.status'), $this->response->getStatusCode());
}
protected function skipByContentType(): bool
{
if (empty(config()->get('expose.skip_body_log.content_type'))) {
return false;
}
$header = $this->response->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
return Str::is(config()->get('expose.skip_body_log.content_type'), $contentType);
}
protected function skipByExtension(): bool
{
if (empty(config()->get('expose.skip_body_log.extension'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.extension'), $this->request->getUri()->getPath());
}
protected function skipBySize(): bool
{
$configSize = $this->getConfigSize(config()->get('expose.skip_body_log.size', '1MB'));
$contentLength = $this->response->getHeaders()->get('Content-Length');
if (! $contentLength) {
return false;
}
$contentSize = $contentLength->getFieldValue() ?? 0;
return $contentSize > $configSize;
}
protected function getConfigSize(string $size): int
{
$units = ['B', 'KB', 'MB', 'GB'];
$number = substr($size, 0, -2);
$suffix = strtoupper(substr($size, -2));
// B or no suffix
if (is_numeric(substr($suffix, 0, 1))) {
return preg_replace('/[^\d]/', '', $size);
}
// if we have an error in the input, default to GB
$exponent = array_flip($units)[$suffix] ?? 5;
return $number * (1024 ** $exponent);
}
public function getStatusCode()
{
return $this->statusCode;
}
public function getReasonPhrase()
{
return $this->reasonPhrase;
}
public function toArray()
{
return [
'raw' => $this->rawResponse,
'status' => $this->statusCode,
'headers' => $this->headers,
'reason' => $this->reasonPhrase,
'body' => $this->body,
];
}
}

8
app/Providers/AppServiceProvider.php
View File

@@ -37,6 +37,14 @@ class AppServiceProvider extends ServiceProvider
{ {
$builtInConfig = config('expose'); $builtInConfig = config('expose');
$keyServerVariable = 'EXPOSE_CONFIG_FILE';
if (array_key_exists($keyServerVariable, $_SERVER) && is_string($_SERVER[$keyServerVariable]) && file_exists($_SERVER[$keyServerVariable])) {
$localConfig = require $_SERVER[$keyServerVariable];
config()->set('expose', array_merge($builtInConfig, $localConfig));
return;
}
$localConfigFile = getcwd().DIRECTORY_SEPARATOR.'.expose.php'; $localConfigFile = getcwd().DIRECTORY_SEPARATOR.'.expose.php';
if (file_exists($localConfigFile)) { if (file_exists($localConfigFile)) {

6
app/Server/Connections/ConnectionManager.php
View File

@@ -45,15 +45,13 @@ class ConnectionManager implements ConnectionManagerContract
public function storeConnection(string $host, ?string $subdomain, ConnectionInterface $connection): ControlConnection public function storeConnection(string $host, ?string $subdomain, ConnectionInterface $connection): ControlConnection
{ {
$clientId = (string) uniqid(); $connection->client_id = sha1(uniqid('', true));
$connection->client_id = $clientId;
$storedConnection = new ControlConnection( $storedConnection = new ControlConnection(
$connection, $connection,
$host, $host,
$subdomain ?? $this->subdomainGenerator->generateSubdomain(), $subdomain ?? $this->subdomainGenerator->generateSubdomain(),
$clientId, $connection->client_id,
$this->getAuthTokenFromConnection($connection) $this->getAuthTokenFromConnection($connection)
); );

2
app/Server/Connections/ControlConnection.php
View File

@@ -43,6 +43,8 @@ class ControlConnection
$this->socket->send(json_encode([ $this->socket->send(json_encode([
'event' => 'createProxy', 'event' => 'createProxy',
'data' => [ 'data' => [
'host' => $this->host,
'subdomain' => $this->subdomain,
'request_id' => $requestId, 'request_id' => $requestId,
'client_id' => $this->client_id, 'client_id' => $this->client_id,
], ],

15
app/Server/Factory.php
View File

@@ -4,10 +4,12 @@ namespace App\Server;
use App\Contracts\ConnectionManager as ConnectionManagerContract; use App\Contracts\ConnectionManager as ConnectionManagerContract;
use App\Contracts\SubdomainGenerator; use App\Contracts\SubdomainGenerator;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use App\Http\RouteGenerator; use App\Http\RouteGenerator;
use App\Http\Server as HttpServer; use App\Http\Server as HttpServer;
use App\Server\Connections\ConnectionManager; use App\Server\Connections\ConnectionManager;
use App\Server\Http\Controllers\Admin\DeleteSubdomainController;
use App\Server\Http\Controllers\Admin\DeleteUsersController; use App\Server\Http\Controllers\Admin\DeleteUsersController;
use App\Server\Http\Controllers\Admin\DisconnectSiteController; use App\Server\Http\Controllers\Admin\DisconnectSiteController;
use App\Server\Http\Controllers\Admin\DisconnectTcpConnectionController; use App\Server\Http\Controllers\Admin\DisconnectTcpConnectionController;
@@ -22,6 +24,7 @@ use App\Server\Http\Controllers\Admin\ListUsersController;
use App\Server\Http\Controllers\Admin\RedirectToUsersController; use App\Server\Http\Controllers\Admin\RedirectToUsersController;
use App\Server\Http\Controllers\Admin\ShowSettingsController; use App\Server\Http\Controllers\Admin\ShowSettingsController;
use App\Server\Http\Controllers\Admin\StoreSettingsController; use App\Server\Http\Controllers\Admin\StoreSettingsController;
use App\Server\Http\Controllers\Admin\StoreSubdomainController;
use App\Server\Http\Controllers\Admin\StoreUsersController; use App\Server\Http\Controllers\Admin\StoreUsersController;
use App\Server\Http\Controllers\ControlMessageController; use App\Server\Http\Controllers\ControlMessageController;
use App\Server\Http\Controllers\TunnelMessageController; use App\Server\Http\Controllers\TunnelMessageController;
@@ -130,6 +133,8 @@ class Factory
$this->router->get('/api/users', GetUsersController::class, $adminCondition); $this->router->get('/api/users', GetUsersController::class, $adminCondition);
$this->router->post('/api/users', StoreUsersController::class, $adminCondition); $this->router->post('/api/users', StoreUsersController::class, $adminCondition);
$this->router->get('/api/users/{id}', GetUserDetailsController::class, $adminCondition); $this->router->get('/api/users/{id}', GetUserDetailsController::class, $adminCondition);
$this->router->post('/api/subdomains', StoreSubdomainController::class, $adminCondition);
$this->router->delete('/api/subdomains/{subdomain}', DeleteSubdomainController::class, $adminCondition);
$this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition); $this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition);
$this->router->get('/api/sites', GetSitesController::class, $adminCondition); $this->router->get('/api/sites', GetSitesController::class, $adminCondition);
$this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition); $this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition);
@@ -171,6 +176,7 @@ class Factory
$this->bindConfiguration() $this->bindConfiguration()
->bindSubdomainGenerator() ->bindSubdomainGenerator()
->bindUserRepository() ->bindUserRepository()
->bindSubdomainRepository()
->bindDatabase() ->bindDatabase()
->ensureDatabaseIsInitialized() ->ensureDatabaseIsInitialized()
->bindConnectionManager() ->bindConnectionManager()
@@ -207,6 +213,15 @@ class Factory
return $this; return $this;
} }
protected function bindSubdomainRepository()
{
app()->singleton(SubdomainRepository::class, function () {
return app(config('expose.admin.subdomain_repository'));
});
return $this;
}
protected function bindDatabase() protected function bindDatabase()
{ {
app()->singleton(DatabaseInterface::class, function () { app()->singleton(DatabaseInterface::class, function () {

44
app/Server/Http/Controllers/Admin/DeleteSubdomainController.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
class DeleteSubdomainController extends AdminController
{
protected $keepConnectionOpen = true;
/** @var SubdomainRepository */
protected $subdomainRepository;
/** @var UserRepository */
protected $userRepository;
public function __construct(UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{
$this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$this->userRepository->getUserByToken($request->get('auth_token', ''))
->then(function ($user) use ($request, $httpConnection) {
if (is_null($user)) {
$httpConnection->send(respond_json(['error' => 'The user does not exist'], 404));
$httpConnection->close();
return;
}
$this->subdomainRepository->deleteSubdomainForUserId($user['id'], $request->get('subdomain'))
->then(function ($deleted) use ($httpConnection) {
$httpConnection->send(respond_json(['deleted' => $deleted], 200));
$httpConnection->close();
});
});
}
}

17
app/Server/Http/Controllers/Admin/GetUserDetailsController.php
View File

@@ -2,6 +2,7 @@
namespace App\Server\Http\Controllers\Admin; namespace App\Server\Http\Controllers\Admin;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Ratchet\ConnectionInterface; use Ratchet\ConnectionInterface;
@@ -13,21 +14,31 @@ class GetUserDetailsController extends AdminController
/** @var UserRepository */ /** @var UserRepository */
protected $userRepository; protected $userRepository;
public function __construct(UserRepository $userRepository) /** @var SubdomainRepository */
protected $subdomainRepository;
public function __construct(UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{ {
$this->userRepository = $userRepository; $this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
} }
public function handle(Request $request, ConnectionInterface $httpConnection) public function handle(Request $request, ConnectionInterface $httpConnection)
{ {
$this->userRepository $this->userRepository
->getUserById($request->get('id')) ->getUserById($request->get('id'))
->then(function ($user) use ($httpConnection) { ->then(function ($user) use ($httpConnection, $request) {
$this->subdomainRepository->getSubdomainsByUserId($request->get('id'))
->then(function ($subdomains) use ($httpConnection, $user) {
$httpConnection->send( $httpConnection->send(
respond_json(['user' => $user]) respond_json([
'user' => $user,
'subdomains' => $subdomains,
])
); );
$httpConnection->close(); $httpConnection->close();
}); });
});
} }
} }

77
app/Server/Http/Controllers/Admin/StoreSubdomainController.php Normal file
View File

@@ -0,0 +1,77 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Ratchet\ConnectionInterface;
class StoreSubdomainController extends AdminController
{
protected $keepConnectionOpen = true;
/** @var SubdomainRepository */
protected $subdomainRepository;
/** @var UserRepository */
protected $userRepository;
public function __construct(UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{
$this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$validator = Validator::make($request->all(), [
'subdomain' => 'required',
], [
'required' => 'The :attribute field is required.',
]);
if ($validator->fails()) {
$httpConnection->send(respond_json(['errors' => $validator->getMessageBag()], 401));
$httpConnection->close();
return;
}
$this->userRepository->getUserByToken($request->get('auth_token', ''))
->then(function ($user) use ($httpConnection, $request) {
if (is_null($user)) {
$httpConnection->send(respond_json(['error' => 'The user does not exist'], 404));
$httpConnection->close();
return;
}
if ($user['can_specify_subdomains'] === 0) {
$httpConnection->send(respond_json(['error' => 'The user is not allowed to reserve subdomains.'], 401));
$httpConnection->close();
return;
}
$insertData = [
'user_id' => $user['id'],
'subdomain' => $request->get('subdomain'),
];
$this->subdomainRepository
->storeSubdomain($insertData)
->then(function ($subdomain) use ($httpConnection) {
if (is_null($subdomain)) {
$httpConnection->send(respond_json(['error' => 'The subdomain is already taken.'], 422));
$httpConnection->close();
return;
}
$httpConnection->send(respond_json(['subdomain' => $subdomain], 200));
$httpConnection->close();
});
});
}
}

53
app/Server/Http/Controllers/ControlMessageController.php
View File

@@ -3,6 +3,7 @@
namespace App\Server\Http\Controllers; namespace App\Server\Http\Controllers;
use App\Contracts\ConnectionManager; use App\Contracts\ConnectionManager;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use App\Http\QueryParameters; use App\Http\QueryParameters;
use App\Server\Exceptions\NoFreePortAvailable; use App\Server\Exceptions\NoFreePortAvailable;
@@ -20,10 +21,14 @@ class ControlMessageController implements MessageComponentInterface
/** @var UserRepository */ /** @var UserRepository */
protected $userRepository; protected $userRepository;
public function __construct(ConnectionManager $connectionManager, UserRepository $userRepository) /** @var SubdomainRepository */
protected $subdomainRepository;
public function __construct(ConnectionManager $connectionManager, UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{ {
$this->connectionManager = $connectionManager; $this->connectionManager = $connectionManager;
$this->userRepository = $userRepository; $this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
} }
/** /**
@@ -100,10 +105,13 @@ class ControlMessageController implements MessageComponentInterface
protected function handleHttpConnection(ConnectionInterface $connection, $data, $user = null) protected function handleHttpConnection(ConnectionInterface $connection, $data, $user = null)
{ {
if (! $this->hasValidSubdomain($connection, $data->subdomain, $user)) { $this->hasValidSubdomain($connection, $data->subdomain, $user)->then(function ($subdomain) use ($data, $connection) {
if ($subdomain === false) {
return; return;
} }
$data->subdomain = $subdomain;
$connectionInfo = $this->connectionManager->storeConnection($data->host, $data->subdomain, $connection); $connectionInfo = $this->connectionManager->storeConnection($data->host, $data->subdomain, $connection);
$this->connectionManager->limitConnectionLength($connectionInfo, config('expose.admin.maximum_connection_length')); $this->connectionManager->limitConnectionLength($connectionInfo, config('expose.admin.maximum_connection_length'));
@@ -116,6 +124,7 @@ class ControlMessageController implements MessageComponentInterface
'client_id' => $connectionInfo->client_id, 'client_id' => $connectionInfo->client_id,
], ],
])); ]));
});
} }
protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null) protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null)
@@ -203,22 +212,45 @@ class ControlMessageController implements MessageComponentInterface
return $deferred->promise(); return $deferred->promise();
} }
protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain, ?array $user): bool protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain, ?array $user): PromiseInterface
{ {
/**
* Check if the user can specify a custom subdomain in the first place.
*/
if (! is_null($user) && $user['can_specify_subdomains'] === 0 && ! is_null($subdomain)) { if (! is_null($user) && $user['can_specify_subdomains'] === 0 && ! is_null($subdomain)) {
$connection->send(json_encode([
'event' => 'info',
'data' => [
'message' => config('expose.admin.messages.custom_subdomain_unauthorized').PHP_EOL,
],
]));
return \React\Promise\resolve(null);
}
/**
* Check if the given subdomain is reserved for a different user.
*/
if (! is_null($subdomain)) {
return $this->subdomainRepository->getSubdomainByName($subdomain)
->then(function ($foundSubdomain) use ($connection, $subdomain, $user) {
if (! is_null($foundSubdomain) && ! is_null($user) && $foundSubdomain['user_id'] !== $user['id']) {
$message = config('expose.admin.messages.subdomain_reserved');
$message = str_replace(':subdomain', $subdomain, $message);
$connection->send(json_encode([ $connection->send(json_encode([
'event' => 'subdomainTaken', 'event' => 'subdomainTaken',
'data' => [ 'data' => [
'message' => config('expose.admin.messages.custom_subdomain_unauthorized'), 'message' => $message,
], ],
])); ]));
$connection->close(); $connection->close();
return false; return \React\Promise\resolve(false);
} }
if (! is_null($subdomain)) {
$controlConnection = $this->connectionManager->findControlConnectionForSubdomain($subdomain); $controlConnection = $this->connectionManager->findControlConnectionForSubdomain($subdomain);
if (! is_null($controlConnection) || $subdomain === config('expose.admin.subdomain')) { if (! is_null($controlConnection) || $subdomain === config('expose.admin.subdomain')) {
$message = config('expose.admin.messages.subdomain_taken'); $message = config('expose.admin.messages.subdomain_taken');
$message = str_replace(':subdomain', $subdomain, $message); $message = str_replace(':subdomain', $subdomain, $message);
@@ -231,11 +263,14 @@ class ControlMessageController implements MessageComponentInterface
])); ]));
$connection->close(); $connection->close();
return false; return \React\Promise\resolve(false);
}
} }
return true; return \React\Promise\resolve($subdomain);
});
}
return \React\Promise\resolve($subdomain);
} }
protected function canShareTcpPorts(ConnectionInterface $connection, $data, $user) protected function canShareTcpPorts(ConnectionInterface $connection, $data, $user)

8
app/Server/Http/Controllers/TunnelMessageController.php
View File

@@ -113,9 +113,13 @@ class TunnelMessageController extends Controller
$host .= ":{$this->configuration->port()}"; $host .= ":{$this->configuration->port()}";
} }
$request->headers->set('Host', $controlConnection->host); $exposeUrl = parse_url($controlConnection->host);
$request->headers->set('Host', "{$controlConnection->subdomain}.{$host}");
$request->headers->set('X-Forwarded-Proto', $request->isSecure() ? 'https' : 'http'); $request->headers->set('X-Forwarded-Proto', $request->isSecure() ? 'https' : 'http');
$request->headers->set('X-Expose-Request-ID', uniqid()); $request->headers->set('X-Expose-Request-ID', sha1(uniqid('', true)));
$request->headers->set('X-Expose-Host', sprintf('%s:%s', $exposeUrl['host'], $exposeUrl['port']));
$request->headers->set('X-Expose-Proto', $exposeUrl['scheme']);
$request->headers->set('Upgrade-Insecure-Requests', 1); $request->headers->set('Upgrade-Insecure-Requests', 1);
$request->headers->set('X-Exposed-By', config('app.name').' '.config('app.version')); $request->headers->set('X-Exposed-By', config('app.name').' '.config('app.version'));
$request->headers->set('X-Original-Host', "{$controlConnection->subdomain}.{$host}"); $request->headers->set('X-Original-Host', "{$controlConnection->subdomain}.{$host}");

132
app/Server/SubdomainRepository/DatabaseSubdomainRepository.php Normal file
View File

@@ -0,0 +1,132 @@
<?php
namespace App\Server\SubdomainRepository;
use App\Contracts\SubdomainRepository;
use Clue\React\SQLite\DatabaseInterface;
use Clue\React\SQLite\Result;
use React\Promise\Deferred;
use React\Promise\PromiseInterface;
class DatabaseSubdomainRepository implements SubdomainRepository
{
/** @var DatabaseInterface */
protected $database;
public function __construct(DatabaseInterface $database)
{
$this->database = $database;
}
public function getSubdomains(): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains ORDER by created_at DESC')
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function getSubdomainById($id): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE id = :id', ['id' => $id])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0] ?? null);
});
return $deferred->promise();
}
public function getSubdomainByName(string $name): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE subdomain = :name', ['name' => $name])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0] ?? null);
});
return $deferred->promise();
}
public function getSubdomainsByUserId($id): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE user_id = :user_id ORDER by created_at DESC', [
'user_id' => $id,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function storeSubdomain(array $data): PromiseInterface
{
$deferred = new Deferred();
$this->getSubdomainByName($data['subdomain'])
->then(function ($registeredSubdomain) use ($data, $deferred) {
if (! is_null($registeredSubdomain)) {
$deferred->resolve(null);
return;
}
$this->database->query("
INSERT INTO subdomains (user_id, subdomain, created_at)
VALUES (:user_id, :subdomain, DATETIME('now'))
", $data)
->then(function (Result $result) use ($deferred) {
$this->database->query('SELECT * FROM subdomains WHERE id = :id', ['id' => $result->insertId])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0]);
});
});
});
return $deferred->promise();
}
public function getSubdomainsByUserIdAndName($id, $name): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE user_id = :user_id AND subdomain = :name ORDER by created_at DESC', [
'user_id' => $id,
'name' => $name,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function deleteSubdomainForUserId($userId, $subdomainId): PromiseInterface
{
$deferred = new Deferred();
$this->database->query('DELETE FROM subdomains WHERE id = :id AND user_id = :user_id', [
'id' => $subdomainId,
'user_id' => $userId,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result);
});
return $deferred->promise();
}
}

4
config/expose.php
View File

@@ -232,6 +232,8 @@ return [
*/ */
'user_repository' => \App\Server\UserRepository\DatabaseUserRepository::class, 'user_repository' => \App\Server\UserRepository\DatabaseUserRepository::class,
'subdomain_repository' => \App\Server\SubdomainRepository\DatabaseSubdomainRepository::class,
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Messages | Messages
@@ -249,7 +251,7 @@ return [
'subdomain_taken' => 'The chosen subdomain :subdomain is already taken. Please choose a different subdomain.', 'subdomain_taken' => 'The chosen subdomain :subdomain is already taken. Please choose a different subdomain.',
'custom_subdomain_unauthorized' => 'You are not allowed to specify custom subdomains. Please upgrade to Expose Pro.', 'custom_subdomain_unauthorized' => 'You are not allowed to specify custom subdomains. Please upgrade to Expose Pro. Assigning a random subdomain instead.',
'no_free_tcp_port_available' => 'There are no free TCP ports available on this server. Please try again later.', 'no_free_tcp_port_available' => 'There are no free TCP ports available on this server. Please try again later.',
], ],

7
database/migrations/04_create_subdomains_table.sql Normal file
View File

@@ -0,0 +1,7 @@
CREATE TABLE IF NOT EXISTS subdomains (
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER NOT NULL,
subdomain STRING NOT NULL,
created_at DATETIME,
updated_at DATETIME
)

6
docs/client/configuration.md
View File

@@ -17,6 +17,12 @@ The configuration file will be written to your home directory inside a `.expose`
`~/.expose/config.php` `~/.expose/config.php`
You can also provide a custom location of the config file by providing the full path as a server variable.
```bash
EXPOSE_CONFIG_FILE="~/my-custom-config.php" expose share
```
And the default content of the configuration file is this: And the default content of the configuration file is this:
```php ```php

5
tests/Feature/Client/DashboardTest.php
View File

@@ -2,6 +2,7 @@
namespace Tests\Feature\Client; namespace Tests\Feature\Client;
use App\Client\Configuration;
use App\Client\Factory; use App\Client\Factory;
use App\Client\Http\HttpClient; use App\Client\Http\HttpClient;
use App\Logger\LoggedRequest; use App\Logger\LoggedRequest;
@@ -129,6 +130,10 @@ class DashboardTest extends TestCase
protected function startDashboard() protected function startDashboard()
{ {
app()->singleton(Configuration::class, function ($app) {
return new Configuration('localhost', '8080', false);
});
$this->dashboardFactory = (new Factory()) $this->dashboardFactory = (new Factory())
->setLoop($this->loop) ->setLoop($this->loop)
->createHttpServer(); ->createHttpServer();

178
tests/Feature/Server/ApiTest.php
View File

@@ -5,6 +5,7 @@ namespace Tests\Feature\Server;
use App\Contracts\ConnectionManager; use App\Contracts\ConnectionManager;
use App\Server\Factory; use App\Server\Factory;
use Clue\React\Buzz\Browser; use Clue\React\Buzz\Browser;
use Clue\React\Buzz\Message\ResponseException;
use GuzzleHttp\Psr7\Response; use GuzzleHttp\Psr7\Response;
use Nyholm\Psr7\Request; use Nyholm\Psr7\Request;
use Ratchet\Server\IoConnection; use Ratchet\Server\IoConnection;
@@ -65,10 +66,10 @@ class ApiTest extends TestCase
} }
/** @test */ /** @test */
public function it_can_get_user_details() public function it_does_not_allow_subdomain_reservation_for_users_without_the_right_flag()
{ {
/** @var Response $response */ /** @var Response $response */
$this->await($this->browser->post('http://127.0.0.1:8080/api/users', [ $response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost', 'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'), 'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json', 'Content-Type' => 'application/json',
@@ -76,6 +77,72 @@ class ApiTest extends TestCase
'name' => 'Marcel', 'name' => 'Marcel',
]))); ])));
$user = json_decode($response->getBody()->getContents())->user;
$this->expectException(ResponseException::class);
$this->expectExceptionMessage('HTTP status code 401');
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
'subdomain' => 'reserved',
])));
}
/** @test */
public function it_allows_subdomain_reservation_for_users_with_the_right_flag()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
'subdomain' => 'reserved',
])));
$this->assertSame(200, $response->getStatusCode());
}
/** @test */
public function it_can_get_user_details()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
'subdomain' => 'reserved',
])));
/** @var Response $response */ /** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [ $response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [
'Host' => 'expose.localhost', 'Host' => 'expose.localhost',
@@ -85,10 +152,117 @@ class ApiTest extends TestCase
$body = json_decode($response->getBody()->getContents()); $body = json_decode($response->getBody()->getContents());
$user = $body->user; $user = $body->user;
$subdomains = $body->subdomains;
$this->assertSame('Marcel', $user->name); $this->assertSame('Marcel', $user->name);
$this->assertSame([], $user->sites); $this->assertSame([], $user->sites);
$this->assertSame([], $user->tcp_connections); $this->assertSame([], $user->tcp_connections);
$this->assertCount(1, $subdomains);
}
/** @test */
public function it_can_delete_subdomains()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$this->await($this->browser->delete('http://127.0.0.1:8080/api/subdomains/1', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
])));
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$subdomains = $body->subdomains;
$this->assertCount(0, $subdomains);
}
/** @test */
public function it_can_not_reserve_an_already_reserved_subdomain()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Sebastian',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->expectException(ResponseException::class);
$this->expectExceptionMessage('HTTP status code 422');
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/2', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$subdomains = $body->subdomains;
$this->assertCount(0, $subdomains);
} }
/** @test */ /** @test */

89
tests/Feature/Server/TunnelTest.php
View File

@@ -235,8 +235,6 @@ class TunnelTest extends TestCase
'can_specify_subdomains' => 0, 'can_specify_subdomains' => 0,
]))); ])));
$this->expectException(\UnexpectedValueException::class);
$user = json_decode($response->getBody()->getContents())->user; $user = json_decode($response->getBody()->getContents())->user;
$this->createTestHttpServer(); $this->createTestHttpServer();
@@ -248,7 +246,92 @@ class TunnelTest extends TestCase
$client = $this->createClient(); $client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'tunnel', $user->auth_token)); $response = $this->await($client->connectToServer('127.0.0.1:8085', 'tunnel', $user->auth_token));
$this->assertSame('tunnel', $response->subdomain); $this->assertNotSame('tunnel', $response->subdomain);
}
/** @test */
public function it_rejects_users_that_want_to_use_a_reserved_subdomain()
{
$this->app['config']['expose.admin.validate_auth_tokens'] = true;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Test-User',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->createTestHttpServer();
$this->expectException(\UnexpectedValueException::class);
/**
* We create an expose client that connects to our server and shares
* the created test HTTP server.
*/
$client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'reserved', $user->auth_token));
$this->assertSame('reserved', $response->subdomain);
}
/** @test */
public function it_allows_users_to_use_their_own_reserved_subdomains()
{
$this->app['config']['expose.admin.validate_auth_tokens'] = true;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$this->createTestHttpServer();
/**
* We create an expose client that connects to our server and shares
* the created test HTTP server.
*/
$client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'reserved', $user->auth_token));
$this->assertSame('reserved', $response->subdomain);
} }
/** @test */ /** @test */