push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BREAKING CHANGE(IRouteSecurity): Consolidate duplicated IRouteSecurity interfaces by unifying property names

Browse Source
This commit is contained in:
Philipp Kunz
2025-05-15 09:34:01 +00:00
parent 1067177d82
commit 35d7dfcedf
12 changed files with 206 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

303
readme.plan.md
View File

@ -1,201 +1,146 @@
# SmartProxy Codebase Cleanup Plan
# SmartProxy Interface Consolidation Plan
## Overview
This document outlines a comprehensive plan to clean up the SmartProxy codebase by removing deprecated and unused code, consolidating functionality, and reducing complexity. The goal is to make the codebase more maintainable, easier to understand, and better positioned for future enhancements.
This document outlines a plan to consolidate duplicate and inconsistent interfaces in the SmartProxy codebase, specifically the `IRouteSecurity` interface which is defined twice with different properties. This inconsistency caused issues with security checks for port forwarding. The goal is to unify these interfaces, use consistent property naming, and improve code maintainability.
## Phase 1: Remove Deprecated Code
## Problem Description
### 1.1 Delete Legacy Migration Utilities ✅
We currently have two separate `IRouteSecurity` interfaces defined in `ts/proxies/smart-proxy/models/route-types.ts`:
The route migration utilities were created to assist in transitioning from the legacy domain-based configuration to the new route-based configuration system. As this migration is now complete, these utilities can be safely removed.
1. **First definition** (lines 116-122) - Used in IRouteAction:
```typescript
export interface IRouteSecurity {
allowedIps?: string[];
blockedIps?: string[];
maxConnections?: number;
authentication?: IRouteAuthentication;
}
```
- **Action:** ✅ Remove `/ts/proxies/smart-proxy/utils/route-migration-utils.ts`
- **Impact:** Low - This file is explicitly marked as temporary and for migration purposes only
- **Dependencies:** ✅ Update any imports of these utilities (check forwarding-types.ts)
2. **Second definition** (lines 253-272) - Used directly in IRouteConfig:
```typescript
export interface IRouteSecurity {
rateLimit?: IRouteRateLimit;
basicAuth?: {...};
jwtAuth?: {...};
ipAllowList?: string[];
ipBlockList?: string[];
}
```
### 1.2 Clean Up References to Deleted Files ✅
This duplication with inconsistent naming (`allowedIps` vs `ipAllowList` and `blockedIps` vs `ipBlockList`) caused routing issues when IP security checks were used, as we had to implement a workaround to check both property names.
Several files are marked for deletion in the git status but are still referenced in the codebase.
## Implementation Plan
- **Action:** ✅ Remove references to deleted route-helpers files:
- ✅ Update `/ts/proxies/smart-proxy/utils/index.ts` to remove `export * from './route-helpers.js';`
- ✅ Update `/ts/forwarding/config/forwarding-types.ts` to remove imports and re-exports of route helper functions
- **Impact:** Medium - May break code that still relies on these helpers
- **Dependencies:** ✅ Ensure route-patterns.js provides equivalent functionality (moved helper functions from route-helpers.js to route-patterns.ts)
### Phase 1: Interface Consolidation
### 1.3 Remove Deprecated Forwarding Types and Helpers ✅
1. **Create a unified interface definition:**
- Create one comprehensive `IRouteSecurity` interface that includes all properties
- Use consistent property naming (standardize on `ipAllowList` and `ipBlockList`)
- Add proper documentation for each property
- Remove the duplicate interface definition
2. **Update references to use the unified interface:**
- Update all code that references the old interface properties
- Update all configurations to use the new property names
- Ensure implementation in `route-manager.ts` uses the correct property names
Legacy forwarding types and helper functions in forwarding-types.ts are marked as deprecated.
### Phase 2: Code and Documentation Updates
- **Action:**
- ✅ Clean up `/ts/forwarding/config/forwarding-types.ts`
- ✅ Remove deprecated helper functions: `httpOnly`, `tlsTerminateToHttp`, `tlsTerminateToHttps`, `httpsPassthrough`
- ✅ Remove deprecated interfaces: `IDeprecatedForwardConfig`
- **Impact:** Medium - May break code that still uses these helpers
- **Dependencies:** ✅ Ensure route patterns provide equivalent functionality
1. **Update type usages and documentation:**
- Update all code that creates or uses security configurations
- Update documentation to reflect the new interface structure
- Add examples of the correct property usage
- Document the breaking change in changelog.md
## Phase 2: Consolidate and Simplify Code
2. **Add tests:**
- Update existing tests to use the new property names
- Add test cases for all security configuration scenarios
- Verify that port range configurations with security settings work correctly
### 2.1 Streamline Interface Definitions ✅
There are several redundant interfaces that could be simplified.
- **Action:** ✅
- ✅ Remove legacy type checking functions (`isLegacyOptions`, `isRoutedOptions`) in `/ts/proxies/smart-proxy/models/interfaces.ts`
- ✅ Update `ISmartProxyOptions` interface to remove obsolete properties
- ✅ Remove backward compatibility aliases like `IRoutedSmartProxyOptions`
- **Impact:** Medium - May break code that relies on these interfaces
- **Dependencies:** ✅ Update any code that references these interfaces
### 2.2 Consolidate Route Utilities
The route utilities are spread across multiple files with some overlapping functionality.
- **Action:**
- Consolidate route utilities into a single coherent structure
- Move common functions from route-utils.ts, route-patterns.ts into a single location
- Ensure consistent naming conventions for route utility functions
- **Impact:** Medium - Requires careful refactoring
- **Dependencies:** Update all references to these utilities
### 2.3 Clean Up Legacy Connection Handling ✅
The route-connection-handler.ts file contains legacy code and parameters kept for backward compatibility.
- **Action:** ✅
- ✅ Remove unused parameters and legacy comments from `setupDirectConnection` method
- ✅ Simplify connection handling logic by removing special cases for legacy configurations
- **Impact:** Medium - Requires careful testing to ensure no regressions
- **Dependencies:** ✅ Test with all current route configurations
## Phase 3: Code Modernization
### 3.1 Standardize on 'preserve' Port Handling ✅
Previously implemented changes to use `port: 'preserve'` instead of `preservePort: true` should be consistently applied.
- **Action:** ✅
- ✅ Ensure all code paths handle the 'preserve' value for port
- ✅ Remove any remaining references to preservePort in code and documentation
- **Impact:** Low - Already implemented in most places
- **Dependencies:** None
### 3.2 Normalize IPv6-Mapped IPv4 Addresses ✅
Implement consistent handling of IPv6-mapped IPv4 addresses throughout the codebase.
- **Action:** ✅
- ✅ Ensure any IP address comparisons consistently handle IPv6-mapped IPv4 addresses
- ✅ Standardize on a single approach to IP normalization
- **Impact:** Low - Already partially implemented
- **Dependencies:** None
### 3.3 Improve Type Safety ✅
Enhance type safety throughout the codebase to catch errors at compile time.
- **Action:** ✅
- ✅ Add stronger types where appropriate
- ✅ Remove any `any` types that could be replaced with more specific types
- ✅ Add explicit return types to functions
- **Impact:** Medium - May uncover existing issues
- **Dependencies:** None
## Phase 4: Documentation and Tests
### 4.1 Update API Documentation ✅
Ensure documentation is current and accurately reflects the cleaned-up API.
- **Action:** ✅
- ✅ Update comments and JSDoc throughout the codebase
- ✅ Ensure porthandling.md and other documentation reflect current implementation
- ✅ Remove references to deprecated functionality
- **Impact:** Low
- **Dependencies:** None
### 4.2 Add or Update Tests ✅
Ensure test coverage for the cleaned-up codebase.
- **Action:** ✅
- ✅ Update existing tests to remove references to deprecated functionality
- ✅ Add tests for edge cases in IP normalization
- ✅ Add tests for the updated route utility functions
- **Impact:** Medium
- **Dependencies:** None
## Implementation Sequence ✅
The changes were implemented in this order:
1.**Phase 1.1**: Remove Legacy Migration Utilities
2.**Phase 1.2**: Clean Up References to Deleted Files
3.**Phase 1.3**: Remove Deprecated Forwarding Types and Helpers
4.**Phase 2.1**: Streamline Interface Definitions
5.**Phase 3.1**: Standardize on 'preserve' Port Handling
6.**Phase 3.2**: Normalize IPv6-Mapped IPv4 Addresses
7. ⏸️ **Phase 2.2**: Consolidate Route Utilities (Postponed - Low priority)
8.**Phase 2.3**: Clean Up Legacy Connection Handling
9.**Phase 3.3**: Improve Type Safety
10.**Phase 4.1**: Update API Documentation
11.**Phase 4.2**: Add or Update Tests
## Detailed Implementation Steps
### 1. Remove Legacy Migration Utilities
```bash
# Delete the file
git rm ts/proxies/smart-proxy/utils/route-migration-utils.ts
# Remove the export from the index file
# Edit ts/proxies/smart-proxy/utils/index.ts to remove the export line
```
### 2. Clean Up References to Deleted Files
```bash
# Update forwarding-types.ts to remove imports from route-helpers.js
# Edit ts/forwarding/config/forwarding-types.ts
# Remove or update imports in index.ts
# Edit ts/proxies/smart-proxy/utils/index.ts
```
### 3. Remove Deprecated Forwarding Types
```bash
# Edit ts/forwarding/config/forwarding-types.ts to remove deprecated helpers and interfaces
```
### 4. Streamline Interface Definitions
```bash
# Edit ts/proxies/smart-proxy/models/interfaces.ts to remove legacy functions and aliases
```
### 5. Normalize IPv6-Mapped IPv4 Addresses
Ensure all IP matching functions consistently handle IPv6-mapped IPv4 addresses:
## Implementation Steps
```typescript
// In all IP matching functions:
const normalizeIp = (ip: string): string => {
return ip.startsWith('::ffff:') ? ip.substring(7) : ip;
};
// Step 1: Define the unified interface
export interface IRouteSecurity {
// Access control lists
ipAllowList?: string[]; // IP addresses that are allowed to connect
ipBlockList?: string[]; // IP addresses that are blocked from connecting
// Connection limits
maxConnections?: number; // Maximum concurrent connections
// Authentication
authentication?: IRouteAuthentication;
// Rate limiting
rateLimit?: IRouteRateLimit;
// Authentication methods
basicAuth?: {
enabled: boolean;
users: Array<{ username: string; password: string }>;
realm?: string;
excludePaths?: string[];
};
jwtAuth?: {
enabled: boolean;
secret: string;
algorithm?: string;
issuer?: string;
audience?: string;
expiresIn?: number;
excludePaths?: string[];
};
}
```
## Implementation Results ✅
Update `isClientIpAllowed` method to use only the new property names:
The cleanup implementation was successful, resulting in:
```typescript
private isClientIpAllowed(route: IRouteConfig, clientIp: string): boolean {
const security = route.action.security;
if (!security) {
return true; // No security settings means allowed
}
// Check blocked IPs first
if (security.ipBlockList && security.ipBlockList.length > 0) {
for (const pattern of security.ipBlockList) {
if (this.matchIpPattern(pattern, clientIp)) {
return false; // IP is blocked
}
}
}
// If there are allowed IPs, check them
if (security.ipAllowList && security.ipAllowList.length > 0) {
for (const pattern of security.ipAllowList) {
if (this.matchIpPattern(pattern, clientIp)) {
return true; // IP is allowed
}
}
return false; // IP not in allowed list
}
// No allowed IPs specified, so IP is allowed
return true;
}
```
- **Reduced Codebase Size**: Successfully removed multiple deprecated files and functions
- **Improved Maintainability**: Cleaner, more focused code without legacy compatibility layers
- **Reduced Complexity**: Eliminated special cases for legacy config formats
- **Better Developer Experience**: Standardized on consistent patterns for port handling
- **Future-Proofing**: Removed deprecated code that would complicate future upgrades
- **Type Safety**: Fixed multiple TypeScript errors and improved type checking
## Expected Benefits
All changes successfully compile and the build process passes with no errors. The codebase is now simpler, more maintainable, and better positioned for future enhancements.
- **Improved Consistency**: Single, unified interface with consistent property naming
- **Better Type Safety**: Eliminating confusing duplicate interface definitions
- **Reduced Errors**: Prevent misunderstandings about which property names to use
- **Forward Compatibility**: Clearer path for future security enhancements
- **Better Developer Experience**: Simplified interface with comprehensive documentation
## Testing Plan
1. Test with existing configurations using both old and new property names
2. Create specific test cases for port ranges with different security configurations
3. Verify that port forwarding with IP allow lists works correctly with the unified interface