bitinflow/expose
1
0
Fork 0
mirror of https://github.com/bitinflow/expose.git synced 2026-03-14 14:05:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: bitinflow:tcp
Branches Tags
bitinflow:master bitinflow:fix-http-protocol bitinflow:1.0 bitinflow:custom-hostnames bitinflow:share-files bitinflow:tcp bitinflow:associate-sites-with-auth-tokens bitinflow:analysis-lKY3aQ
bitinflow:2.2.3 bitinflow:2.2.2
..
compare: bitinflow:share-files
Branches Tags
bitinflow:master bitinflow:fix-http-protocol bitinflow:1.0 bitinflow:custom-hostnames bitinflow:share-files bitinflow:tcp bitinflow:associate-sites-with-auth-tokens bitinflow:analysis-lKY3aQ
bitinflow:2.2.3 bitinflow:2.2.2

9 Commits
tcp ... share-file

Author SHA1 Message Date
Marcel Pociot
548c29772a Merge branch 'share-files' of github.com:beyondcode/phunnel into share-files 2020-11-01 20:34:06 +01:00
Marcel Pociot
844a3cd15a Rename page title 2020-11-01 20:33:56 +01:00
Marcel Pociot
e773dfa689 Merge pull request #151 from beyondcode/analysis-64ov5W 
Apply fixes from StyleCI
 2020-11-01 17:44:14 +01:00
Marcel Pociot
c56f05c030 Apply fixes from StyleCI 2020-11-01 16:44:06 +00:00
Marcel Pociot
ce945e1326 Add fileserver support 2020-11-01 17:43:42 +01:00
Marcel Pociot
880259657f Rewrite location header 2020-10-25 23:40:45 +01:00
Marcel Pociot
538c7da446 Better memory management for binary responses. Fixes #140 2020-10-17 21:07:29 +02:00
Marcel Pociot
26de32d375 Allow users to reserve subdomains (#131) 2020-09-09 21:57:42 +02:00
Marcel Pociot
2f57fa1952 Add ability to expose TCP connections (#123) 2020-09-08 16:27:39 +02:00
29 changed files with 1335 additions and 175 deletions
Expand all files Collapse all files

8
app/Client/Client.php
View File

@@ -197,6 +197,14 @@ class Client
protected function attachCommonConnectionListeners(ControlConnection $connection, Deferred $deferred) protected function attachCommonConnectionListeners(ControlConnection $connection, Deferred $deferred)
{ {
$connection->on('info', function ($data) {
$this->logger->info($data->message);
});
$connection->on('error', function ($data) {
$this->logger->error($data->message);
});
$connection->on('authenticationFailed', function ($data) use ($deferred) { $connection->on('authenticationFailed', function ($data) use ($deferred) {
$this->logger->error($data->message); $this->logger->error($data->message);

12
app/Client/Configuration.php
View File

@@ -36,4 +36,16 @@ class Configuration
{ {
return intval($this->port); return intval($this->port);
} }
public function getUrl(string $subdomain): string
{
$httpProtocol = $this->port() === 443 ? 'https' : 'http';
$host = $this->host();
if ($httpProtocol !== 'https') {
$host .= ":{$this->port()}";
}
return "{$subdomain}.{$host}";
}
} }

37
app/Client/Factory.php
View File

@@ -2,6 +2,7 @@
namespace App\Client; namespace App\Client;
use App\Client\Fileserver\Fileserver;
use App\Client\Http\Controllers\AttachDataToLogController; use App\Client\Http\Controllers\AttachDataToLogController;
use App\Client\Http\Controllers\ClearLogsController; use App\Client\Http\Controllers\ClearLogsController;
use App\Client\Http\Controllers\CreateTunnelController; use App\Client\Http\Controllers\CreateTunnelController;
@@ -33,6 +34,9 @@ class Factory
/** @var App */ /** @var App */
protected $app; protected $app;
/** @var Fileserver */
protected $fileserver;
/** @var RouteGenerator */ /** @var RouteGenerator */
protected $router; protected $router;
@@ -116,6 +120,15 @@ class Factory
return $this; return $this;
} }
public function shareFolder(string $folder, string $name, $subdomain = null)
{
$host = $this->createFileServer($folder, $name);
$this->share($host, $subdomain);
return $this;
}
protected function addRoutes() protected function addRoutes()
{ {
$this->router->get('/', DashboardController::class); $this->router->get('/', DashboardController::class);
@@ -134,18 +147,18 @@ class Factory
} }
} }
protected function detectNextFreeDashboardPort($port = 4040): int protected function detectNextAvailablePort($startPort = 4040): int
{ {
while (is_resource(@fsockopen('127.0.0.1', $port))) { while (is_resource(@fsockopen('127.0.0.1', $startPort))) {
$port++; $startPort++;
} }
return $port; return $startPort;
} }
public function createHttpServer() public function createHttpServer()
{ {
$dashboardPort = $this->detectNextFreeDashboardPort(); $dashboardPort = $this->detectNextAvailablePort();
config()->set('expose.dashboard_port', $dashboardPort); config()->set('expose.dashboard_port', $dashboardPort);
@@ -156,11 +169,25 @@ class Factory
return $this; return $this;
} }
public function createFileServer(string $folder, string $name)
{
$port = $this->detectNextAvailablePort(8090);
$this->fileserver = new Fileserver($folder, $name, $port, '0.0.0.0', $this->loop);
return "127.0.0.1:{$port}";
}
public function getApp(): App public function getApp(): App
{ {
return $this->app; return $this->app;
} }
public function getFileserver(): Fileserver
{
return $this->fileserver;
}
public function run() public function run()
{ {
$this->loop->run(); $this->loop->run();

135
app/Client/Fileserver/ConnectionHandler.php Normal file
View File

@@ -0,0 +1,135 @@
<?php
namespace App\Client\Fileserver;
use App\Http\Controllers\Concerns\LoadsViews;
use App\Http\QueryParameters;
use GuzzleHttp\Psr7\ServerRequest;
use Illuminate\Http\Request;
use Psr\Http\Message\ServerRequestInterface;
use React\EventLoop\LoopInterface;
use React\Http\Response;
use React\Stream\ReadableResourceStream;
use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory;
use Symfony\Component\Finder\Finder;
use Symfony\Component\Finder\Iterator\FilenameFilterIterator;
class ConnectionHandler
{
use LoadsViews;
/** @var string */
protected $rootFolder;
/** @var string */
protected $name;
/** @var LoopInterface */
protected $loop;
public function __construct(string $rootFolder, string $name, LoopInterface $loop)
{
$this->rootFolder = $rootFolder;
$this->name = $name;
$this->loop = $loop;
}
public function handle(ServerRequestInterface $request)
{
$request = $this->createLaravelRequest($request);
$targetPath = realpath($this->rootFolder.DIRECTORY_SEPARATOR.$request->path());
if (! $this->isValidTarget($targetPath)) {
return new Response(404);
}
if (is_dir($targetPath)) {
// Directory listing
$directoryContent = Finder::create()
->depth(0)
->sort(function ($a, $b) {
return strcmp(strtolower($a->getRealpath()), strtolower($b->getRealpath()));
})
->in($targetPath);
if ($this->name !== '') {
$directoryContent->name($this->name);
}
$parentPath = explode('/', $request->path());
array_pop($parentPath);
$parentPath = implode('/', $parentPath);
return new Response(
200,
['Content-Type' => 'text/html'],
$this->getView(null, 'client.fileserver', [
'currentPath' => $request->path(),
'parentPath' => $parentPath,
'directory' => $targetPath,
'directoryContent' => $directoryContent,
])
);
}
if (is_file($targetPath)) {
return new Response(
200,
['Content-Type' => mime_content_type($targetPath)],
new ReadableResourceStream(fopen($targetPath, 'r'), $this->loop)
);
}
}
protected function isValidTarget(string $targetPath): bool
{
if (! file_exists($targetPath)) {
return false;
}
if ($this->name !== '') {
$filter = new class(basename($targetPath), [$this->name]) extends FilenameFilterIterator {
protected $filename;
public function __construct(string $filename, array $matchPatterns)
{
$this->filename = $filename;
foreach ($matchPatterns as $pattern) {
$this->matchRegexps[] = $this->toRegex($pattern);
}
}
public function accept()
{
return $this->isAccepted($this->filename);
}
};
return $filter->accept();
}
return true;
}
protected function createLaravelRequest(ServerRequestInterface $request): Request
{
try {
parse_str($request->getBody(), $bodyParameters);
} catch (\Throwable $e) {
$bodyParameters = [];
}
$serverRequest = (new ServerRequest(
$request->getMethod(),
$request->getUri(),
$request->getHeaders(),
$request->getBody(),
$request->getProtocolVersion(),
))
->withQueryParams(QueryParameters::create($request)->all())
->withParsedBody($bodyParameters);
return Request::createFromBase((new HttpFoundationFactory)->createRequest($serverRequest));
}
}

30
app/Client/Fileserver/Fileserver.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Client\Fileserver;
use Psr\Http\Message\ServerRequestInterface;
use React\EventLoop\LoopInterface;
use React\Http\Server;
use React\Socket\Server as SocketServer;
class Fileserver
{
/** @var SocketServer */
protected $socket;
public function __construct($rootFolder, $name, $port, $address, LoopInterface $loop)
{
$server = new Server(function (ServerRequestInterface $request) use ($rootFolder, $name, $loop) {
return (new ConnectionHandler($rootFolder, $name, $loop))->handle($request);
});
$this->socket = new SocketServer("{$address}:{$port}", $loop);
$server->listen($this->socket);
}
public function getSocket(): SocketServer
{
return $this->socket;
}
}

35
app/Client/Http/HttpClient.php
View File

@@ -2,6 +2,7 @@
namespace App\Client\Http; namespace App\Client\Http;
use App\Client\Configuration;
use App\Client\Http\Modifiers\CheckBasicAuthentication; use App\Client\Http\Modifiers\CheckBasicAuthentication;
use App\Logger\RequestLogger; use App\Logger\RequestLogger;
use Clue\React\Buzz\Browser; use Clue\React\Buzz\Browser;
@@ -26,19 +27,26 @@ class HttpClient
/** @var Request */ /** @var Request */
protected $request; protected $request;
protected $connectionData;
/** @var array */ /** @var array */
protected $modifiers = [ protected $modifiers = [
CheckBasicAuthentication::class, CheckBasicAuthentication::class,
]; ];
/** @var Configuration */
protected $configuration;
public function __construct(LoopInterface $loop, RequestLogger $logger) public function __construct(LoopInterface $loop, RequestLogger $logger, Configuration $configuration)
{ {
$this->loop = $loop; $this->loop = $loop;
$this->logger = $logger; $this->logger = $logger;
$this->configuration = $configuration;
} }
public function performRequest(string $requestData, WebSocket $proxyConnection = null, string $requestId = null) public function performRequest(string $requestData, WebSocket $proxyConnection = null, $connectionData = null)
{ {
$this->connectionData = $connectionData;
$this->request = $this->parseRequest($requestData); $this->request = $this->parseRequest($requestData);
$this->logger->logRequest($requestData, $this->request); $this->logger->logRequest($requestData, $this->request);
@@ -85,6 +93,8 @@ class HttpClient
->send($request) ->send($request)
->then(function (ResponseInterface $response) use ($proxyConnection) { ->then(function (ResponseInterface $response) use ($proxyConnection) {
if (! isset($response->buffer)) { if (! isset($response->buffer)) {
$response = $this->rewriteResponseHeaders($response);
$response->buffer = str($response); $response->buffer = str($response);
} }
@@ -126,4 +136,25 @@ class HttpClient
{ {
return Request::fromString($data); return Request::fromString($data);
} }
protected function rewriteResponseHeaders(ResponseInterface $response)
{
if (! $response->hasHeader('Location')) {
return $response;
}
$location = $response->getHeaderLine('Location');
if (! strstr($location, $this->connectionData->host)) {
return $response;
}
$location = str_replace(
$this->connectionData->host,
$this->configuration->getUrl($this->connectionData->subdomain),
$location
);
return $response->withHeader('Location', $location);
}
} }

6
app/Client/ProxyManager.php
View File

@@ -32,7 +32,7 @@ class ProxyManager
], $this->loop) ], $this->loop)
->then(function (WebSocket $proxyConnection) use ($clientId, $connectionData) { ->then(function (WebSocket $proxyConnection) use ($clientId, $connectionData) {
$proxyConnection->on('message', function ($message) use ($proxyConnection, $connectionData) { $proxyConnection->on('message', function ($message) use ($proxyConnection, $connectionData) {
$this->performRequest($proxyConnection, $connectionData->request_id, (string) $message); $this->performRequest($proxyConnection, (string) $message, $connectionData);
}); });
$proxyConnection->send(json_encode([ $proxyConnection->send(json_encode([
@@ -76,8 +76,8 @@ class ProxyManager
}); });
} }
protected function performRequest(WebSocket $proxyConnection, $requestId, string $requestData) protected function performRequest(WebSocket $proxyConnection, string $requestData, $connectionData)
{ {
app(HttpClient::class)->performRequest((string) $requestData, $proxyConnection, $requestId); app(HttpClient::class)->performRequest((string) $requestData, $proxyConnection, $connectionData);
} }
} }

48
app/Commands/ShareFilesCommand.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
namespace App\Commands;
use App\Client\Factory;
use App\Logger\CliRequestLogger;
use LaravelZero\Framework\Commands\Command;
use React\EventLoop\LoopInterface;
use Symfony\Component\Console\Output\ConsoleOutput;
class ShareFilesCommand extends Command
{
protected $signature = 'share-files {folder=.} {--name=} {--subdomain=} {--auth=}';
protected $description = 'Share a local folder with a remote expose server';
protected function configureConnectionLogger()
{
app()->bind(CliRequestLogger::class, function () {
return new CliRequestLogger(new ConsoleOutput());
});
return $this;
}
public function handle()
{
if (! is_dir($this->argument('folder'))) {
throw new \InvalidArgumentException('The folder '.$this->argument('folder').' does not exist.');
}
$this->configureConnectionLogger();
(new Factory())
->setLoop(app(LoopInterface::class))
->setHost(config('expose.host', 'localhost'))
->setPort(config('expose.port', 8080))
->setAuth($this->option('auth'))
->createClient()
->shareFolder(
$this->argument('folder'),
$this->option('name') ?? '',
explode(',', $this->option('subdomain'))
)
->createHttpServer()
->run();
}
}

22
app/Contracts/SubdomainRepository.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace App\Contracts;
use React\Promise\PromiseInterface;
interface SubdomainRepository
{
public function getSubdomains(): PromiseInterface;
public function getSubdomainById($id): PromiseInterface;
public function getSubdomainByName(string $name): PromiseInterface;
public function getSubdomainsByUserId($id): PromiseInterface;
public function getSubdomainsByUserIdAndName($id, $name): PromiseInterface;
public function deleteSubdomainForUserId($userId, $subdomainId): PromiseInterface;
public function storeSubdomain(array $data): PromiseInterface;
}

9
app/Http/Controllers/Concerns/LoadsViews.php
View File

@@ -9,7 +9,7 @@ use Twig\Loader\ArrayLoader;
trait LoadsViews trait LoadsViews
{ {
protected function getView(ConnectionInterface $connection, string $view, array $data = []) protected function getView(?ConnectionInterface $connection, string $view, array $data = [])
{ {
$templatePath = implode(DIRECTORY_SEPARATOR, explode('.', $view)); $templatePath = implode(DIRECTORY_SEPARATOR, explode('.', $view));
@@ -23,7 +23,10 @@ trait LoadsViews
$data = array_merge($data, [ $data = array_merge($data, [
'request' => $connection->laravelRequest ?? null, 'request' => $connection->laravelRequest ?? null,
]); ]);
try {
return stream_for($twig->render('template', $data)); return stream_for($twig->render('template', $data));
} catch (\Throwable $e) {
var_dump($e->getMessage());
}
} }
} }

123
app/Logger/LoggedRequest.php
View File

@@ -19,11 +19,8 @@ class LoggedRequest implements \JsonSerializable
/** @var Request */ /** @var Request */
protected $parsedRequest; protected $parsedRequest;
/** @var string */ /** @var LoggedResponse */
protected $rawResponse; protected $response;
/** @var Response */
protected $parsedResponse;
/** @var string */ /** @var string */
protected $id; protected $id;
@@ -71,22 +68,8 @@ class LoggedRequest implements \JsonSerializable
], ],
]; ];
if ($this->parsedResponse) { if ($this->response) {
$logBody = $this->shouldReturnBody(); $data['response'] = $this->response->toArray();
try {
$body = $logBody ? $this->parsedResponse->getBody() : '';
} catch (\Exception $e) {
$body = '';
}
$data['response'] = [
'raw' => $logBody ? $this->rawResponse : 'SKIPPED BY CONFIG OR BINARY RESPONSE',
'status' => $this->parsedResponse->getStatusCode(),
'headers' => $this->parsedResponse->getHeaders()->toArray(),
'reason' => $this->parsedResponse->getReasonPhrase(),
'body' => $logBody ? $body : 'SKIPPED BY CONFIG OR BINARY RESPONSE',
];
} }
return $data; return $data;
@@ -107,96 +90,6 @@ class LoggedRequest implements \JsonSerializable
return preg_match('~[^\x20-\x7E\t\r\n]~', $string) > 0; return preg_match('~[^\x20-\x7E\t\r\n]~', $string) > 0;
} }
protected function shouldReturnBody(): bool
{
if ($this->skipByStatus()) {
return false;
}
if ($this->skipByContentType()) {
return false;
}
if ($this->skipByExtension()) {
return false;
}
if ($this->skipBySize()) {
return false;
}
$header = $this->parsedResponse->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
$patterns = [
'application/json',
'text/*',
'*javascript*',
];
return Str::is($patterns, $contentType);
}
protected function skipByStatus(): bool
{
if (empty(config()->get('expose.skip_body_log.status'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.status'), $this->parsedResponse->getStatusCode());
}
protected function skipByContentType(): bool
{
if (empty(config()->get('expose.skip_body_log.content_type'))) {
return false;
}
$header = $this->parsedResponse->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
return Str::is(config()->get('expose.skip_body_log.content_type'), $contentType);
}
protected function skipByExtension(): bool
{
if (empty(config()->get('expose.skip_body_log.extension'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.extension'), $this->parsedRequest->getUri()->getPath());
}
protected function skipBySize(): bool
{
$configSize = $this->getConfigSize(config()->get('expose.skip_body_log.size', '1MB'));
$contentLength = $this->parsedResponse->getHeaders()->get('Content-Length');
if (! $contentLength) {
return false;
}
$contentSize = $contentLength->getFieldValue() ?? 0;
return $contentSize > $configSize;
}
protected function getConfigSize(string $size): int
{
$units = ['B', 'KB', 'MB', 'GB'];
$number = substr($size, 0, -2);
$suffix = strtoupper(substr($size, -2));
// B or no suffix
if (is_numeric(substr($suffix, 0, 1))) {
return preg_replace('/[^\d]/', '', $size);
}
// if we have an error in the input, default to GB
$exponent = array_flip($units)[$suffix] ?? 5;
return $number * (1024 ** $exponent);
}
public function getRequest() public function getRequest()
{ {
return $this->parsedRequest; return $this->parsedRequest;
@@ -204,9 +97,7 @@ class LoggedRequest implements \JsonSerializable
public function setResponse(string $rawResponse, Response $response) public function setResponse(string $rawResponse, Response $response)
{ {
$this->parsedResponse = $response; $this->response = new LoggedResponse($rawResponse, $response, $this->getRequest());
$this->rawResponse = $rawResponse;
if (is_null($this->stopTime)) { if (is_null($this->stopTime)) {
$this->stopTime = now(); $this->stopTime = now();
@@ -223,9 +114,9 @@ class LoggedRequest implements \JsonSerializable
return $this->rawRequest; return $this->rawRequest;
} }
public function getResponse(): ?Response public function getResponse(): ?LoggedResponse
{ {
return $this->parsedResponse; return $this->response;
} }
public function getPostData() public function getPostData()

160
app/Logger/LoggedResponse.php Normal file
View File

@@ -0,0 +1,160 @@
<?php
namespace App\Logger;
use Illuminate\Support\Str;
use Laminas\Http\Request;
use Laminas\Http\Response;
class LoggedResponse
{
/** @var string */
protected $rawResponse;
/** @var Response */
protected $response;
/** @var Request */
protected $request;
protected $reasonPhrase;
protected $body;
protected $statusCode;
protected $headers;
public function __construct(string $rawResponse, Response $response, Request $request)
{
$this->rawResponse = $rawResponse;
$this->response = $response;
$this->request = $request;
if (! $this->shouldReturnBody()) {
$this->rawResponse = 'SKIPPED BY CONFIG OR BINARY RESPONSE';
$this->body = 'SKIPPED BY CONFIG OR BINARY RESPONSE';
} else {
try {
$this->body = $response->getBody();
} catch (\Exception $e) {
$this->body = '';
}
}
$this->statusCode = $response->getStatusCode();
$this->reasonPhrase = $response->getReasonPhrase();
$this->headers = $response->getHeaders()->toArray();
$this->response = null;
$this->request = null;
}
protected function shouldReturnBody(): bool
{
if ($this->skipByStatus()) {
return false;
}
if ($this->skipByContentType()) {
return false;
}
if ($this->skipByExtension()) {
return false;
}
if ($this->skipBySize()) {
return false;
}
$header = $this->response->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
$patterns = [
'application/json',
'text/*',
'*javascript*',
];
return Str::is($patterns, $contentType);
}
protected function skipByStatus(): bool
{
if (empty(config()->get('expose.skip_body_log.status'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.status'), $this->response->getStatusCode());
}
protected function skipByContentType(): bool
{
if (empty(config()->get('expose.skip_body_log.content_type'))) {
return false;
}
$header = $this->response->getHeaders()->get('Content-Type');
$contentType = $header ? $header->getMediaType() : '';
return Str::is(config()->get('expose.skip_body_log.content_type'), $contentType);
}
protected function skipByExtension(): bool
{
if (empty(config()->get('expose.skip_body_log.extension'))) {
return false;
}
return Str::is(config()->get('expose.skip_body_log.extension'), $this->request->getUri()->getPath());
}
protected function skipBySize(): bool
{
$configSize = $this->getConfigSize(config()->get('expose.skip_body_log.size', '1MB'));
$contentLength = $this->response->getHeaders()->get('Content-Length');
if (! $contentLength) {
return false;
}
$contentSize = $contentLength->getFieldValue() ?? 0;
return $contentSize > $configSize;
}
protected function getConfigSize(string $size): int
{
$units = ['B', 'KB', 'MB', 'GB'];
$number = substr($size, 0, -2);
$suffix = strtoupper(substr($size, -2));
// B or no suffix
if (is_numeric(substr($suffix, 0, 1))) {
return preg_replace('/[^\d]/', '', $size);
}
// if we have an error in the input, default to GB
$exponent = array_flip($units)[$suffix] ?? 5;
return $number * (1024 ** $exponent);
}
public function getStatusCode()
{
return $this->statusCode;
}
public function getReasonPhrase()
{
return $this->reasonPhrase;
}
public function toArray()
{
return [
'raw' => $this->rawResponse,
'status' => $this->statusCode,
'headers' => $this->headers,
'reason' => $this->reasonPhrase,
'body' => $this->body,
];
}
}

2
app/Server/Connections/ControlConnection.php
View File

@@ -43,6 +43,8 @@ class ControlConnection
$this->socket->send(json_encode([ $this->socket->send(json_encode([
'event' => 'createProxy', 'event' => 'createProxy',
'data' => [ 'data' => [
'host' => $this->host,
'subdomain' => $this->subdomain,
'request_id' => $requestId, 'request_id' => $requestId,
'client_id' => $this->client_id, 'client_id' => $this->client_id,
], ],

15
app/Server/Factory.php
View File

@@ -4,10 +4,12 @@ namespace App\Server;
use App\Contracts\ConnectionManager as ConnectionManagerContract; use App\Contracts\ConnectionManager as ConnectionManagerContract;
use App\Contracts\SubdomainGenerator; use App\Contracts\SubdomainGenerator;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use App\Http\RouteGenerator; use App\Http\RouteGenerator;
use App\Http\Server as HttpServer; use App\Http\Server as HttpServer;
use App\Server\Connections\ConnectionManager; use App\Server\Connections\ConnectionManager;
use App\Server\Http\Controllers\Admin\DeleteSubdomainController;
use App\Server\Http\Controllers\Admin\DeleteUsersController; use App\Server\Http\Controllers\Admin\DeleteUsersController;
use App\Server\Http\Controllers\Admin\DisconnectSiteController; use App\Server\Http\Controllers\Admin\DisconnectSiteController;
use App\Server\Http\Controllers\Admin\DisconnectTcpConnectionController; use App\Server\Http\Controllers\Admin\DisconnectTcpConnectionController;
@@ -22,6 +24,7 @@ use App\Server\Http\Controllers\Admin\ListUsersController;
use App\Server\Http\Controllers\Admin\RedirectToUsersController; use App\Server\Http\Controllers\Admin\RedirectToUsersController;
use App\Server\Http\Controllers\Admin\ShowSettingsController; use App\Server\Http\Controllers\Admin\ShowSettingsController;
use App\Server\Http\Controllers\Admin\StoreSettingsController; use App\Server\Http\Controllers\Admin\StoreSettingsController;
use App\Server\Http\Controllers\Admin\StoreSubdomainController;
use App\Server\Http\Controllers\Admin\StoreUsersController; use App\Server\Http\Controllers\Admin\StoreUsersController;
use App\Server\Http\Controllers\ControlMessageController; use App\Server\Http\Controllers\ControlMessageController;
use App\Server\Http\Controllers\TunnelMessageController; use App\Server\Http\Controllers\TunnelMessageController;
@@ -130,6 +133,8 @@ class Factory
$this->router->get('/api/users', GetUsersController::class, $adminCondition); $this->router->get('/api/users', GetUsersController::class, $adminCondition);
$this->router->post('/api/users', StoreUsersController::class, $adminCondition); $this->router->post('/api/users', StoreUsersController::class, $adminCondition);
$this->router->get('/api/users/{id}', GetUserDetailsController::class, $adminCondition); $this->router->get('/api/users/{id}', GetUserDetailsController::class, $adminCondition);
$this->router->post('/api/subdomains', StoreSubdomainController::class, $adminCondition);
$this->router->delete('/api/subdomains/{subdomain}', DeleteSubdomainController::class, $adminCondition);
$this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition); $this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition);
$this->router->get('/api/sites', GetSitesController::class, $adminCondition); $this->router->get('/api/sites', GetSitesController::class, $adminCondition);
$this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition); $this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition);
@@ -171,6 +176,7 @@ class Factory
$this->bindConfiguration() $this->bindConfiguration()
->bindSubdomainGenerator() ->bindSubdomainGenerator()
->bindUserRepository() ->bindUserRepository()
->bindSubdomainRepository()
->bindDatabase() ->bindDatabase()
->ensureDatabaseIsInitialized() ->ensureDatabaseIsInitialized()
->bindConnectionManager() ->bindConnectionManager()
@@ -207,6 +213,15 @@ class Factory
return $this; return $this;
} }
protected function bindSubdomainRepository()
{
app()->singleton(SubdomainRepository::class, function () {
return app(config('expose.admin.subdomain_repository'));
});
return $this;
}
protected function bindDatabase() protected function bindDatabase()
{ {
app()->singleton(DatabaseInterface::class, function () { app()->singleton(DatabaseInterface::class, function () {

44
app/Server/Http/Controllers/Admin/DeleteSubdomainController.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
class DeleteSubdomainController extends AdminController
{
protected $keepConnectionOpen = true;
/** @var SubdomainRepository */
protected $subdomainRepository;
/** @var UserRepository */
protected $userRepository;
public function __construct(UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{
$this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$this->userRepository->getUserByToken($request->get('auth_token', ''))
->then(function ($user) use ($request, $httpConnection) {
if (is_null($user)) {
$httpConnection->send(respond_json(['error' => 'The user does not exist'], 404));
$httpConnection->close();
return;
}
$this->subdomainRepository->deleteSubdomainForUserId($user['id'], $request->get('subdomain'))
->then(function ($deleted) use ($httpConnection) {
$httpConnection->send(respond_json(['deleted' => $deleted], 200));
$httpConnection->close();
});
});
}
}

23
app/Server/Http/Controllers/Admin/GetUserDetailsController.php
View File

@@ -2,6 +2,7 @@
namespace App\Server\Http\Controllers\Admin; namespace App\Server\Http\Controllers\Admin;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Ratchet\ConnectionInterface; use Ratchet\ConnectionInterface;
@@ -13,21 +14,31 @@ class GetUserDetailsController extends AdminController
/** @var UserRepository */ /** @var UserRepository */
protected $userRepository; protected $userRepository;
public function __construct(UserRepository $userRepository) /** @var SubdomainRepository */
protected $subdomainRepository;
public function __construct(UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{ {
$this->userRepository = $userRepository; $this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
} }
public function handle(Request $request, ConnectionInterface $httpConnection) public function handle(Request $request, ConnectionInterface $httpConnection)
{ {
$this->userRepository $this->userRepository
->getUserById($request->get('id')) ->getUserById($request->get('id'))
->then(function ($user) use ($httpConnection) { ->then(function ($user) use ($httpConnection, $request) {
$httpConnection->send( $this->subdomainRepository->getSubdomainsByUserId($request->get('id'))
respond_json(['user' => $user]) ->then(function ($subdomains) use ($httpConnection, $user) {
); $httpConnection->send(
respond_json([
'user' => $user,
'subdomains' => $subdomains,
])
);
$httpConnection->close(); $httpConnection->close();
});
}); });
} }
} }

77
app/Server/Http/Controllers/Admin/StoreSubdomainController.php Normal file
View File

@@ -0,0 +1,77 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Ratchet\ConnectionInterface;
class StoreSubdomainController extends AdminController
{
protected $keepConnectionOpen = true;
/** @var SubdomainRepository */
protected $subdomainRepository;
/** @var UserRepository */
protected $userRepository;
public function __construct(UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{
$this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$validator = Validator::make($request->all(), [
'subdomain' => 'required',
], [
'required' => 'The :attribute field is required.',
]);
if ($validator->fails()) {
$httpConnection->send(respond_json(['errors' => $validator->getMessageBag()], 401));
$httpConnection->close();
return;
}
$this->userRepository->getUserByToken($request->get('auth_token', ''))
->then(function ($user) use ($httpConnection, $request) {
if (is_null($user)) {
$httpConnection->send(respond_json(['error' => 'The user does not exist'], 404));
$httpConnection->close();
return;
}
if ($user['can_specify_subdomains'] === 0) {
$httpConnection->send(respond_json(['error' => 'The user is not allowed to reserve subdomains.'], 401));
$httpConnection->close();
return;
}
$insertData = [
'user_id' => $user['id'],
'subdomain' => $request->get('subdomain'),
];
$this->subdomainRepository
->storeSubdomain($insertData)
->then(function ($subdomain) use ($httpConnection) {
if (is_null($subdomain)) {
$httpConnection->send(respond_json(['error' => 'The subdomain is already taken.'], 422));
$httpConnection->close();
return;
}
$httpConnection->send(respond_json(['subdomain' => $subdomain], 200));
$httpConnection->close();
});
});
}
}

101
app/Server/Http/Controllers/ControlMessageController.php
View File

@@ -3,6 +3,7 @@
namespace App\Server\Http\Controllers; namespace App\Server\Http\Controllers;
use App\Contracts\ConnectionManager; use App\Contracts\ConnectionManager;
use App\Contracts\SubdomainRepository;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use App\Http\QueryParameters; use App\Http\QueryParameters;
use App\Server\Exceptions\NoFreePortAvailable; use App\Server\Exceptions\NoFreePortAvailable;
@@ -20,10 +21,14 @@ class ControlMessageController implements MessageComponentInterface
/** @var UserRepository */ /** @var UserRepository */
protected $userRepository; protected $userRepository;
public function __construct(ConnectionManager $connectionManager, UserRepository $userRepository) /** @var SubdomainRepository */
protected $subdomainRepository;
public function __construct(ConnectionManager $connectionManager, UserRepository $userRepository, SubdomainRepository $subdomainRepository)
{ {
$this->connectionManager = $connectionManager; $this->connectionManager = $connectionManager;
$this->userRepository = $userRepository; $this->userRepository = $userRepository;
$this->subdomainRepository = $subdomainRepository;
} }
/** /**
@@ -100,22 +105,26 @@ class ControlMessageController implements MessageComponentInterface
protected function handleHttpConnection(ConnectionInterface $connection, $data, $user = null) protected function handleHttpConnection(ConnectionInterface $connection, $data, $user = null)
{ {
if (! $this->hasValidSubdomain($connection, $data->subdomain, $user)) { $this->hasValidSubdomain($connection, $data->subdomain, $user)->then(function ($subdomain) use ($data, $connection) {
return; if ($subdomain === false) {
} return;
}
$connectionInfo = $this->connectionManager->storeConnection($data->host, $data->subdomain, $connection); $data->subdomain = $subdomain;
$this->connectionManager->limitConnectionLength($connectionInfo, config('expose.admin.maximum_connection_length')); $connectionInfo = $this->connectionManager->storeConnection($data->host, $data->subdomain, $connection);
$connection->send(json_encode([ $this->connectionManager->limitConnectionLength($connectionInfo, config('expose.admin.maximum_connection_length'));
'event' => 'authenticated',
'data' => [ $connection->send(json_encode([
'message' => config('expose.admin.messages.message_of_the_day'), 'event' => 'authenticated',
'subdomain' => $connectionInfo->subdomain, 'data' => [
'client_id' => $connectionInfo->client_id, 'message' => config('expose.admin.messages.message_of_the_day'),
], 'subdomain' => $connectionInfo->subdomain,
])); 'client_id' => $connectionInfo->client_id,
],
]));
});
} }
protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null) protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null)
@@ -203,39 +212,65 @@ class ControlMessageController implements MessageComponentInterface
return $deferred->promise(); return $deferred->promise();
} }
protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain, ?array $user): bool protected function hasValidSubdomain(ConnectionInterface $connection, ?string $subdomain, ?array $user): PromiseInterface
{ {
/**
* Check if the user can specify a custom subdomain in the first place.
*/
if (! is_null($user) && $user['can_specify_subdomains'] === 0 && ! is_null($subdomain)) { if (! is_null($user) && $user['can_specify_subdomains'] === 0 && ! is_null($subdomain)) {
$connection->send(json_encode([ $connection->send(json_encode([
'event' => 'subdomainTaken', 'event' => 'info',
'data' => [ 'data' => [
'message' => config('expose.admin.messages.custom_subdomain_unauthorized'), 'message' => config('expose.admin.messages.custom_subdomain_unauthorized').PHP_EOL,
], ],
])); ]));
$connection->close();
return false; return \React\Promise\resolve(null);
} }
/**
* Check if the given subdomain is reserved for a different user.
*/
if (! is_null($subdomain)) { if (! is_null($subdomain)) {
$controlConnection = $this->connectionManager->findControlConnectionForSubdomain($subdomain); return $this->subdomainRepository->getSubdomainByName($subdomain)
if (! is_null($controlConnection) || $subdomain === config('expose.admin.subdomain')) { ->then(function ($foundSubdomain) use ($connection, $subdomain, $user) {
$message = config('expose.admin.messages.subdomain_taken'); if (! is_null($foundSubdomain) && ! is_null($user) && $foundSubdomain['user_id'] !== $user['id']) {
$message = str_replace(':subdomain', $subdomain, $message); $message = config('expose.admin.messages.subdomain_reserved');
$message = str_replace(':subdomain', $subdomain, $message);
$connection->send(json_encode([ $connection->send(json_encode([
'event' => 'subdomainTaken', 'event' => 'subdomainTaken',
'data' => [ 'data' => [
'message' => $message, 'message' => $message,
], ],
])); ]));
$connection->close(); $connection->close();
return false; return \React\Promise\resolve(false);
} }
$controlConnection = $this->connectionManager->findControlConnectionForSubdomain($subdomain);
if (! is_null($controlConnection) || $subdomain === config('expose.admin.subdomain')) {
$message = config('expose.admin.messages.subdomain_taken');
$message = str_replace(':subdomain', $subdomain, $message);
$connection->send(json_encode([
'event' => 'subdomainTaken',
'data' => [
'message' => $message,
],
]));
$connection->close();
return \React\Promise\resolve(false);
}
return \React\Promise\resolve($subdomain);
});
} }
return true; return \React\Promise\resolve($subdomain);
} }
protected function canShareTcpPorts(ConnectionInterface $connection, $data, $user) protected function canShareTcpPorts(ConnectionInterface $connection, $data, $user)

2
app/Server/Http/Controllers/TunnelMessageController.php
View File

@@ -75,7 +75,7 @@ class TunnelMessageController extends Controller
$httpConnection = $this->connectionManager->storeHttpConnection($httpConnection, $requestId); $httpConnection = $this->connectionManager->storeHttpConnection($httpConnection, $requestId);
transform($this->passRequestThroughModifiers($request, $httpConnection), function (Request $request) use ($controlConnection , $requestId) { transform($this->passRequestThroughModifiers($request, $httpConnection), function (Request $request) use ($controlConnection, $requestId) {
$controlConnection->once('proxy_ready_'.$requestId, function (ConnectionInterface $proxy) use ($request) { $controlConnection->once('proxy_ready_'.$requestId, function (ConnectionInterface $proxy) use ($request) {
// Convert the Laravel request into a PSR7 request // Convert the Laravel request into a PSR7 request
$psr17Factory = new Psr17Factory(); $psr17Factory = new Psr17Factory();

132
app/Server/SubdomainRepository/DatabaseSubdomainRepository.php Normal file
View File

@@ -0,0 +1,132 @@
<?php
namespace App\Server\SubdomainRepository;
use App\Contracts\SubdomainRepository;
use Clue\React\SQLite\DatabaseInterface;
use Clue\React\SQLite\Result;
use React\Promise\Deferred;
use React\Promise\PromiseInterface;
class DatabaseSubdomainRepository implements SubdomainRepository
{
/** @var DatabaseInterface */
protected $database;
public function __construct(DatabaseInterface $database)
{
$this->database = $database;
}
public function getSubdomains(): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains ORDER by created_at DESC')
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function getSubdomainById($id): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE id = :id', ['id' => $id])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0] ?? null);
});
return $deferred->promise();
}
public function getSubdomainByName(string $name): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE subdomain = :name', ['name' => $name])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0] ?? null);
});
return $deferred->promise();
}
public function getSubdomainsByUserId($id): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE user_id = :user_id ORDER by created_at DESC', [
'user_id' => $id,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function storeSubdomain(array $data): PromiseInterface
{
$deferred = new Deferred();
$this->getSubdomainByName($data['subdomain'])
->then(function ($registeredSubdomain) use ($data, $deferred) {
if (! is_null($registeredSubdomain)) {
$deferred->resolve(null);
return;
}
$this->database->query("
INSERT INTO subdomains (user_id, subdomain, created_at)
VALUES (:user_id, :subdomain, DATETIME('now'))
", $data)
->then(function (Result $result) use ($deferred) {
$this->database->query('SELECT * FROM subdomains WHERE id = :id', ['id' => $result->insertId])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0]);
});
});
});
return $deferred->promise();
}
public function getSubdomainsByUserIdAndName($id, $name): PromiseInterface
{
$deferred = new Deferred();
$this->database
->query('SELECT * FROM subdomains WHERE user_id = :user_id AND subdomain = :name ORDER by created_at DESC', [
'user_id' => $id,
'name' => $name,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows);
});
return $deferred->promise();
}
public function deleteSubdomainForUserId($userId, $subdomainId): PromiseInterface
{
$deferred = new Deferred();
$this->database->query('DELETE FROM subdomains WHERE id = :id AND user_id = :user_id', [
'id' => $subdomainId,
'user_id' => $userId,
])
->then(function (Result $result) use ($deferred) {
$deferred->resolve($result);
});
return $deferred->promise();
}
}

4
config/expose.php
View File

@@ -232,6 +232,8 @@ return [
*/ */
'user_repository' => \App\Server\UserRepository\DatabaseUserRepository::class, 'user_repository' => \App\Server\UserRepository\DatabaseUserRepository::class,
'subdomain_repository' => \App\Server\SubdomainRepository\DatabaseSubdomainRepository::class,
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Messages | Messages
@@ -249,7 +251,7 @@ return [
'subdomain_taken' => 'The chosen subdomain :subdomain is already taken. Please choose a different subdomain.', 'subdomain_taken' => 'The chosen subdomain :subdomain is already taken. Please choose a different subdomain.',
'custom_subdomain_unauthorized' => 'You are not allowed to specify custom subdomains. Please upgrade to Expose Pro.', 'custom_subdomain_unauthorized' => 'You are not allowed to specify custom subdomains. Please upgrade to Expose Pro. Assigning a random subdomain instead.',
'no_free_tcp_port_available' => 'There are no free TCP ports available on this server. Please try again later.', 'no_free_tcp_port_available' => 'There are no free TCP ports available on this server. Please try again later.',
], ],

7
database/migrations/04_create_subdomains_table.sql Normal file
View File

@@ -0,0 +1,7 @@
CREATE TABLE IF NOT EXISTS subdomains (
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER NOT NULL,
subdomain STRING NOT NULL,
created_at DATETIME,
updated_at DATETIME
)

93
resources/views/client/fileserver.twig Normal file
View File

@@ -0,0 +1,93 @@
<html lang="en">
<head>
<title>Expose Fileserver</title>
<script src="https://cdn.jsdelivr.net/npm/vue@2.5.17/dist/vue.min.js"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@tailwindcss/ui@latest/dist/tailwind-ui.min.css">
<script src="https://cdn.jsdelivr.net/npm/clipboard@2/dist/clipboard.min.js"></script>
<link rel="stylesheet" href="//cdn.jsdelivr.net/gh/highlightjs/cdn-release@10.1.0/build/styles/github.min.css">
<script src="//cdn.jsdelivr.net/gh/highlightjs/cdn-release@10.1.0/build/highlight.min.js" async></script>
</head>
<body>
<div id="app" class="">
<div class="relative bg-indigo-600" style="marign-left: -1px">
<div class="max-w-screen-xl mx-auto py-3 px-3 sm:px-6 lg:px-8">
<div class="pr-16 sm:text-center sm:px-16">
<p class="font-medium text-white flex justify-center">
<span class="inline-block font-mono">{{ directory }}</span>
</p>
</div>
</div>
</div>
{% macro bytesToSize(bytes) %}
{% set kilobyte = 1024 %}
{% set megabyte = kilobyte * 1024 %}
{% set gigabyte = megabyte * 1024 %}
{% set terabyte = gigabyte * 1024 %}
{% if bytes < kilobyte %}
{{ bytes ~ ' B' }}
{% elseif bytes < megabyte %}
{{ (bytes / kilobyte)|number_format(2, '.') ~ ' KiB' }}
{% elseif bytes < gigabyte %}
{{ (bytes / megabyte)|number_format(2, '.') ~ ' MiB' }}
{% elseif bytes < terabyte %}
{{ (bytes / gigabyte)|number_format(2, '.') ~ ' GiB' }}
{% else %}
{{ (bytes / terabyte)|number_format(2, '.') ~ ' TiB' }}
{% endif %}
{% endmacro %}
<div class="flex flex-col px-6 py-4">
<div class="-my-2 overflow-x-auto sm:-mx-6 lg:-mx-8">
<div class="py-2 align-middle inline-block min-w-full sm:px-6 lg:px-8">
<div class="shadow overflow-hidden border-b border-gray-200 sm:rounded-lg">
<table class="min-w-full divide-y divide-gray-200">
<thead>
<tr>
<th class="px-6 py-3 bg-gray-50 text-left text-xs leading-4 font-medium text-gray-500 uppercase tracking-wider">
Name
</th>
<th class="px-6 py-3 bg-gray-50 text-left text-xs leading-4 font-medium text-gray-500 uppercase tracking-wider">
Date Modified
</th>
<th class="px-6 py-3 bg-gray-50 text-left text-xs leading-4 font-medium text-gray-500 uppercase tracking-wider">
Size
</th>
</tr>
</thead>
<tbody class="bg-white">
{% if currentPath != '/' %}
<tr class="border-b">
<td colspan="3" class="px-6 py-4 whitespace-no-wrap text-sm leading-5 font-mono text-gray-900">
<a href="/{{ parentPath }}" class="text-indigo-600 font-bold hover:text-indigo-900">Back</a>
</td>
</tr>
{% endif %}
{% for item in directoryContent %}
<tr class="{% if loop.index % 2 == 0 %} bg-gray-50 {% endif %}">
<td class="px-6 py-4 whitespace-no-wrap text-sm leading-5 font-mono text-gray-900">
{% if currentPath != '/' %}
<a href="/{{ currentPath }}/{{ item.getFilename() }}" class="text-indigo-600 hover:text-indigo-900">{{ item.filename }}</a>
{% else %}
<a href="/{{ item.getFilename() }}" class="text-indigo-600 hover:text-indigo-900">{{ item.filename }}</a>
{% endif %}
</td>
<td class="px-6 py-4 whitespace-no-wrap text-sm leading-5 text-gray-500">
{{ item.getMTime() | date("m/d/Y H:i:s") }}
</td>
<td class="px-6 py-4 whitespace-no-wrap text-sm leading-5 text-gray-500">
{% if item.isDir() %}
-
{% else %}
{{ _self.bytesToSize(item.getSize()) }}
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

5
tests/Feature/Client/DashboardTest.php
View File

@@ -2,6 +2,7 @@
namespace Tests\Feature\Client; namespace Tests\Feature\Client;
use App\Client\Configuration;
use App\Client\Factory; use App\Client\Factory;
use App\Client\Http\HttpClient; use App\Client\Http\HttpClient;
use App\Logger\LoggedRequest; use App\Logger\LoggedRequest;
@@ -129,6 +130,10 @@ class DashboardTest extends TestCase
protected function startDashboard() protected function startDashboard()
{ {
app()->singleton(Configuration::class, function ($app) {
return new Configuration('localhost', '8080', false);
});
$this->dashboardFactory = (new Factory()) $this->dashboardFactory = (new Factory())
->setLoop($this->loop) ->setLoop($this->loop)
->createHttpServer(); ->createHttpServer();

111
tests/Feature/Client/FileserverTest.php Executable file
View File

@@ -0,0 +1,111 @@
<?php
namespace Tests\Feature\Client;
use App\Client\Configuration;
use App\Client\Factory;
use Clue\React\Buzz\Browser;
use Clue\React\Buzz\Message\ResponseException;
use Psr\Http\Message\ResponseInterface;
use Tests\Feature\TestCase;
class FileserverTest extends TestCase
{
/** @var Browser */
protected $browser;
/** @var Factory */
protected $clientFactory;
/** @var string */
protected $fileserverUrl;
public function setUp(): void
{
parent::setUp();
$this->browser = new Browser($this->loop);
}
public function tearDown(): void
{
parent::tearDown();
$this->clientFactory->getFileserver()->getSocket()->close();
}
/** @test */
public function accessing_the_fileserver_works()
{
$this->shareFolder(__DIR__);
/** @var ResponseInterface $response */
$response = $this->await($this->browser->get('http://'.$this->fileserverUrl));
$this->assertSame(200, $response->getStatusCode());
}
/** @test */
public function accessing_invalid_files_returns_404()
{
$this->shareFolder(__DIR__);
$this->expectException(ResponseException::class);
$this->expectExceptionMessage(404);
/** @var ResponseInterface $response */
$response = $this->await($this->browser->get('http://'.$this->fileserverUrl.'/invalid-file'));
$this->assertSame(404, $response->getStatusCode());
}
/** @test */
public function it_can_return_filtered_responses()
{
$this->shareFolder(__DIR__.'/../../fixtures', '*.md');
$this->expectException(ResponseException::class);
$this->expectExceptionMessage(404);
/** @var ResponseInterface $response */
$response = $this->await($this->browser->get('http://'.$this->fileserverUrl.'/test.txt'));
$this->assertSame(200, $response->getStatusCode());
$this->assertSame('test-file'.PHP_EOL, $response->getBody()->getContents());
}
/** @test */
public function it_can_return_file_responses()
{
$this->shareFolder(__DIR__.'/../../fixtures');
/** @var ResponseInterface $response */
$response = $this->await($this->browser->get('http://'.$this->fileserverUrl.'/test.txt'));
$this->assertSame(200, $response->getStatusCode());
$this->assertSame('test-file'.PHP_EOL, $response->getBody()->getContents());
}
/** @test */
public function it_can_return_file_responses_for_valid_filtered_files()
{
$this->shareFolder(__DIR__.'/../../fixtures', '*.txt');
/** @var ResponseInterface $response */
$response = $this->await($this->browser->get('http://'.$this->fileserverUrl.'/test.txt'));
$this->assertSame(200, $response->getStatusCode());
$this->assertSame('test-file'.PHP_EOL, $response->getBody()->getContents());
}
protected function shareFolder(string $folder, string $name = '')
{
app()->singleton(Configuration::class, function ($app) {
return new Configuration('localhost', '8080', false);
});
$factory = (new Factory())->setLoop($this->loop);
$this->fileserverUrl = $factory->createFileServer($folder, $name);
$this->clientFactory = $factory;
}
}

178
tests/Feature/Server/ApiTest.php
View File

@@ -5,6 +5,7 @@ namespace Tests\Feature\Server;
use App\Contracts\ConnectionManager; use App\Contracts\ConnectionManager;
use App\Server\Factory; use App\Server\Factory;
use Clue\React\Buzz\Browser; use Clue\React\Buzz\Browser;
use Clue\React\Buzz\Message\ResponseException;
use GuzzleHttp\Psr7\Response; use GuzzleHttp\Psr7\Response;
use Nyholm\Psr7\Request; use Nyholm\Psr7\Request;
use Ratchet\Server\IoConnection; use Ratchet\Server\IoConnection;
@@ -65,10 +66,10 @@ class ApiTest extends TestCase
} }
/** @test */ /** @test */
public function it_can_get_user_details() public function it_does_not_allow_subdomain_reservation_for_users_without_the_right_flag()
{ {
/** @var Response $response */ /** @var Response $response */
$this->await($this->browser->post('http://127.0.0.1:8080/api/users', [ $response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost', 'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'), 'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json', 'Content-Type' => 'application/json',
@@ -76,6 +77,72 @@ class ApiTest extends TestCase
'name' => 'Marcel', 'name' => 'Marcel',
]))); ])));
$user = json_decode($response->getBody()->getContents())->user;
$this->expectException(ResponseException::class);
$this->expectExceptionMessage('HTTP status code 401');
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
'subdomain' => 'reserved',
])));
}
/** @test */
public function it_allows_subdomain_reservation_for_users_with_the_right_flag()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
'subdomain' => 'reserved',
])));
$this->assertSame(200, $response->getStatusCode());
}
/** @test */
public function it_can_get_user_details()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
'subdomain' => 'reserved',
])));
/** @var Response $response */ /** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [ $response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [
'Host' => 'expose.localhost', 'Host' => 'expose.localhost',
@@ -85,10 +152,117 @@ class ApiTest extends TestCase
$body = json_decode($response->getBody()->getContents()); $body = json_decode($response->getBody()->getContents());
$user = $body->user; $user = $body->user;
$subdomains = $body->subdomains;
$this->assertSame('Marcel', $user->name); $this->assertSame('Marcel', $user->name);
$this->assertSame([], $user->sites); $this->assertSame([], $user->sites);
$this->assertSame([], $user->tcp_connections); $this->assertSame([], $user->tcp_connections);
$this->assertCount(1, $subdomains);
}
/** @test */
public function it_can_delete_subdomains()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$this->await($this->browser->delete('http://127.0.0.1:8080/api/subdomains/1', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'auth_token' => $user->auth_token,
])));
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$subdomains = $body->subdomains;
$this->assertCount(0, $subdomains);
}
/** @test */
public function it_can_not_reserve_an_already_reserved_subdomain()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Sebastian',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->expectException(ResponseException::class);
$this->expectExceptionMessage('HTTP status code 422');
$this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/2', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$subdomains = $body->subdomains;
$this->assertCount(0, $subdomains);
} }
/** @test */ /** @test */

89
tests/Feature/Server/TunnelTest.php
View File

@@ -235,8 +235,6 @@ class TunnelTest extends TestCase
'can_specify_subdomains' => 0, 'can_specify_subdomains' => 0,
]))); ])));
$this->expectException(\UnexpectedValueException::class);
$user = json_decode($response->getBody()->getContents())->user; $user = json_decode($response->getBody()->getContents())->user;
$this->createTestHttpServer(); $this->createTestHttpServer();
@@ -248,7 +246,92 @@ class TunnelTest extends TestCase
$client = $this->createClient(); $client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'tunnel', $user->auth_token)); $response = $this->await($client->connectToServer('127.0.0.1:8085', 'tunnel', $user->auth_token));
$this->assertSame('tunnel', $response->subdomain); $this->assertNotSame('tunnel', $response->subdomain);
}
/** @test */
public function it_rejects_users_that_want_to_use_a_reserved_subdomain()
{
$this->app['config']['expose.admin.validate_auth_tokens'] = true;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Test-User',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$this->createTestHttpServer();
$this->expectException(\UnexpectedValueException::class);
/**
* We create an expose client that connects to our server and shares
* the created test HTTP server.
*/
$client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'reserved', $user->auth_token));
$this->assertSame('reserved', $response->subdomain);
}
/** @test */
public function it_allows_users_to_use_their_own_reserved_subdomains()
{
$this->app['config']['expose.admin.validate_auth_tokens'] = true;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
'can_specify_subdomains' => 1,
])));
$user = json_decode($response->getBody()->getContents())->user;
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/subdomains', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'subdomain' => 'reserved',
'auth_token' => $user->auth_token,
])));
$this->createTestHttpServer();
/**
* We create an expose client that connects to our server and shares
* the created test HTTP server.
*/
$client = $this->createClient();
$response = $this->await($client->connectToServer('127.0.0.1:8085', 'reserved', $user->auth_token));
$this->assertSame('reserved', $response->subdomain);
} }
/** @test */ /** @test */

1
tests/fixtures/test.md vendored Normal file
View File

@@ -0,0 +1 @@
# Markdown

1
tests/fixtures/test.txt vendored Normal file
View File

@@ -0,0 +1 @@
test-file