fix(strcuture): refactor responsibilities

2025-05-19 17:28:05 +00:00
parent 8fb67922a5
commit 465148d553
62 changed files with 1414 additions and 2066 deletions
--- a/ts/proxies/http-proxy/models/http-types.ts
+++ b/ts/proxies/http-proxy/models/http-types.ts
@@ -0,0 +1,165 @@
+import * as plugins from '../../../plugins.js';
+
+/**
+ * HTTP-specific event types
+ */
+export enum HttpEvents {
+  REQUEST_RECEIVED = 'request-received',
+  REQUEST_FORWARDED = 'request-forwarded',
+  REQUEST_HANDLED = 'request-handled',
+  REQUEST_ERROR = 'request-error',
+}
+
+/**
+ * HTTP status codes as an enum for better type safety
+ */
+export enum HttpStatus {
+  OK = 200,
+  MOVED_PERMANENTLY = 301,
+  FOUND = 302,
+  TEMPORARY_REDIRECT = 307,
+  PERMANENT_REDIRECT = 308,
+  BAD_REQUEST = 400,
+  UNAUTHORIZED = 401,
+  FORBIDDEN = 403,
+  NOT_FOUND = 404,
+  METHOD_NOT_ALLOWED = 405,
+  REQUEST_TIMEOUT = 408,
+  TOO_MANY_REQUESTS = 429,
+  INTERNAL_SERVER_ERROR = 500,
+  NOT_IMPLEMENTED = 501,
+  BAD_GATEWAY = 502,
+  SERVICE_UNAVAILABLE = 503,
+  GATEWAY_TIMEOUT = 504,
+}
+
+/**
+ * Base error class for HTTP-related errors
+ */
+export class HttpError extends Error {
+  constructor(message: string, public readonly statusCode: HttpStatus = HttpStatus.INTERNAL_SERVER_ERROR) {
+    super(message);
+    this.name = 'HttpError';
+  }
+}
+
+/**
+ * Error related to certificate operations
+ */
+export class CertificateError extends HttpError {
+  constructor(
+    message: string,
+    public readonly domain: string,
+    public readonly isRenewal: boolean = false
+  ) {
+    super(`${message} for domain ${domain}${isRenewal ? ' (renewal)' : ''}`, HttpStatus.INTERNAL_SERVER_ERROR);
+    this.name = 'CertificateError';
+  }
+}
+
+/**
+ * Error related to server operations
+ */
+export class ServerError extends HttpError {
+  constructor(message: string, public readonly code?: string, statusCode: HttpStatus = HttpStatus.INTERNAL_SERVER_ERROR) {
+    super(message, statusCode);
+    this.name = 'ServerError';
+  }
+}
+
+/**
+ * Error for bad requests
+ */
+export class BadRequestError extends HttpError {
+  constructor(message: string) {
+    super(message, HttpStatus.BAD_REQUEST);
+    this.name = 'BadRequestError';
+  }
+}
+
+/**
+ * Error for not found resources
+ */
+export class NotFoundError extends HttpError {
+  constructor(message: string = 'Resource not found') {
+    super(message, HttpStatus.NOT_FOUND);
+    this.name = 'NotFoundError';
+  }
+}
+
+/**
+ * Redirect configuration for HTTP requests
+ */
+export interface IRedirectConfig {
+  source: string;           // Source path or pattern
+  destination: string;      // Destination URL  
+  type: HttpStatus;         // Redirect status code
+  preserveQuery?: boolean;  // Whether to preserve query parameters
+}
+
+/**
+ * HTTP router configuration
+ */
+export interface IRouterConfig {
+  routes: Array<{
+    path: string;
+    method?: string;
+    handler: (req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse) => void | Promise<void>;
+  }>;
+  notFoundHandler?: (req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse) => void;
+  errorHandler?: (error: Error, req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse) => void;
+}
+
+/**
+ * HTTP request method types
+ */
+export type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH' | 'HEAD' | 'OPTIONS' | 'CONNECT' | 'TRACE';
+
+/**
+ * Helper function to get HTTP status text
+ */
+export function getStatusText(status: HttpStatus): string {
+  const statusTexts: Record<HttpStatus, string> = {
+    [HttpStatus.OK]: 'OK',
+    [HttpStatus.MOVED_PERMANENTLY]: 'Moved Permanently',
+    [HttpStatus.FOUND]: 'Found',
+    [HttpStatus.TEMPORARY_REDIRECT]: 'Temporary Redirect',
+    [HttpStatus.PERMANENT_REDIRECT]: 'Permanent Redirect',
+    [HttpStatus.BAD_REQUEST]: 'Bad Request',
+    [HttpStatus.UNAUTHORIZED]: 'Unauthorized',
+    [HttpStatus.FORBIDDEN]: 'Forbidden',
+    [HttpStatus.NOT_FOUND]: 'Not Found',
+    [HttpStatus.METHOD_NOT_ALLOWED]: 'Method Not Allowed',
+    [HttpStatus.REQUEST_TIMEOUT]: 'Request Timeout',
+    [HttpStatus.TOO_MANY_REQUESTS]: 'Too Many Requests',
+    [HttpStatus.INTERNAL_SERVER_ERROR]: 'Internal Server Error',
+    [HttpStatus.NOT_IMPLEMENTED]: 'Not Implemented',
+    [HttpStatus.BAD_GATEWAY]: 'Bad Gateway',
+    [HttpStatus.SERVICE_UNAVAILABLE]: 'Service Unavailable',
+    [HttpStatus.GATEWAY_TIMEOUT]: 'Gateway Timeout',
+  };
+  return statusTexts[status] || 'Unknown';
+}
+
+// Legacy interfaces for backward compatibility
+export interface IDomainOptions {
+  domainName: string;
+  sslRedirect: boolean;
+  acmeMaintenance: boolean;
+  forward?: { ip: string; port: number };
+  acmeForward?: { ip: string; port: number };
+}
+
+export interface IDomainCertificate {
+  options: IDomainOptions;
+  certObtained: boolean;
+  obtainingInProgress: boolean;
+  certificate?: string;
+  privateKey?: string;
+  expiryDate?: Date;
+  lastRenewalAttempt?: Date;
+}
+
+// Backward compatibility exports
+export { HttpError as Port80HandlerError };
+export { CertificateError as CertError };
--- a/ts/proxies/http-proxy/models/index.ts
+++ b/ts/proxies/http-proxy/models/index.ts
@@ -0,0 +1,5 @@
+/**
+ * HttpProxy models
+ */
+export * from './types.js';
+export * from './http-types.js';
--- a/ts/proxies/http-proxy/models/types.ts
+++ b/ts/proxies/http-proxy/models/types.ts
@@ -0,0 +1,445 @@
+import * as plugins from '../../../plugins.js';
+// Certificate types removed - define IAcmeOptions locally
+export interface IAcmeOptions {
+  enabled: boolean;
+  email?: string;
+  accountEmail?: string;
+  port?: number;
+  certificateStore?: string;
+  environment?: 'production' | 'staging';
+  useProduction?: boolean;
+  renewThresholdDays?: number;
+  autoRenew?: boolean;
+  skipConfiguredCerts?: boolean;
+}
+import type { IRouteConfig } from '../../smart-proxy/models/route-types.js';
+import type { IRouteContext } from '../../../core/models/route-context.js';
+
+/**
+ * Configuration options for HttpProxy
+ */
+export interface IHttpProxyOptions {
+  port: number;
+  maxConnections?: number;
+  keepAliveTimeout?: number;
+  headersTimeout?: number;
+  logLevel?: 'error' | 'warn' | 'info' | 'debug';
+  cors?: {
+    allowOrigin?: string;
+    allowMethods?: string;
+    allowHeaders?: string;
+    maxAge?: number;
+  };
+
+  // Settings for SmartProxy integration
+  connectionPoolSize?: number; // Maximum connections to maintain in the pool to each backend
+  portProxyIntegration?: boolean; // Flag to indicate this proxy is used by SmartProxy
+  useExternalPort80Handler?: boolean; // @deprecated - use SmartCertManager instead
+  // Protocol to use when proxying to backends: HTTP/1.x or HTTP/2
+  backendProtocol?: 'http1' | 'http2';
+
+  // Function cache options
+  functionCacheSize?: number; // Maximum number of cached function results (default: 1000)
+  functionCacheTtl?: number; // Time to live for cached function results in ms (default: 5000)
+
+  // ACME certificate management options
+  acme?: IAcmeOptions;
+
+  // Direct route configurations
+  routes?: IRouteConfig[];
+}
+
+/**
+ * Interface for a certificate entry in the cache
+ */
+export interface ICertificateEntry {
+  key: string;
+  cert: string;
+  expires?: Date;
+}
+
+/**
+ * @deprecated Use IRouteConfig instead. This interface will be removed in a future release.
+ *
+ * IMPORTANT: This is a legacy interface maintained only for backward compatibility.
+ * New code should use IRouteConfig for all configuration purposes.
+ *
+ * @see IRouteConfig for the modern, recommended configuration format
+ */
+export interface IReverseProxyConfig {
+  /** Target hostnames/IPs to proxy requests to */
+  destinationIps: string[];
+
+  /** Target ports to proxy requests to */
+  destinationPorts: number[];
+
+  /** Hostname to match for routing */
+  hostName: string;
+
+  /** SSL private key for this host (PEM format) */
+  privateKey: string;
+
+  /** SSL public key/certificate for this host (PEM format) */
+  publicKey: string;
+
+  /** Basic authentication configuration */
+  authentication?: {
+    type: 'Basic';
+    user: string;
+    pass: string;
+  };
+
+  /** Whether to rewrite the Host header to match the target */
+  rewriteHostHeader?: boolean;
+
+  /**
+   * Protocol to use when proxying to this backend: 'http1' or 'http2'.
+   * Overrides the global backendProtocol option if set.
+   */
+  backendProtocol?: 'http1' | 'http2';
+}
+
+/**
+ * Convert a legacy IReverseProxyConfig to the modern IRouteConfig format
+ *
+ * @deprecated This function is maintained for backward compatibility.
+ * New code should create IRouteConfig objects directly.
+ *
+ * @param legacyConfig The legacy configuration to convert
+ * @param proxyPort The port the proxy listens on
+ * @returns A modern route configuration equivalent to the legacy config
+ */
+export function convertLegacyConfigToRouteConfig(
+  legacyConfig: IReverseProxyConfig,
+  proxyPort: number
+): IRouteConfig {
+  // Create basic route configuration
+  const routeConfig: IRouteConfig = {
+    // Match properties
+    match: {
+      ports: proxyPort,
+      domains: legacyConfig.hostName
+    },
+
+    // Action properties
+    action: {
+      type: 'forward',
+      target: {
+        host: legacyConfig.destinationIps,
+        port: legacyConfig.destinationPorts[0]
+      },
+
+      // TLS mode is always 'terminate' for legacy configs
+      tls: {
+        mode: 'terminate',
+        certificate: {
+          key: legacyConfig.privateKey,
+          cert: legacyConfig.publicKey
+        }
+      },
+
+      // Advanced options
+      advanced: {
+        // Rewrite host header if specified
+        headers: legacyConfig.rewriteHostHeader ? { 'host': '{domain}' } : {}
+      }
+    },
+
+    // Metadata
+    name: `Legacy Config - ${legacyConfig.hostName}`,
+    priority: 0, // Default priority
+    enabled: true
+  };
+
+  // Add authentication if present
+  if (legacyConfig.authentication) {
+    routeConfig.action.security = {
+      authentication: {
+        type: 'basic',
+        credentials: [{
+          username: legacyConfig.authentication.user,
+          password: legacyConfig.authentication.pass
+        }]
+      }
+    };
+  }
+
+  // Add backend protocol if specified
+  if (legacyConfig.backendProtocol) {
+    if (!routeConfig.action.options) {
+      routeConfig.action.options = {};
+    }
+    routeConfig.action.options.backendProtocol = legacyConfig.backendProtocol;
+  }
+
+  return routeConfig;
+}
+
+/**
+ * Route manager for NetworkProxy
+ * Handles route matching and configuration
+ */
+export class RouteManager {
+  private routes: IRouteConfig[] = [];
+  private logger: ILogger;
+
+  constructor(logger: ILogger) {
+    this.logger = logger;
+  }
+
+  /**
+   * Update the routes configuration
+   */
+  public updateRoutes(routes: IRouteConfig[]): void {
+    // Sort routes by priority (higher first)
+    this.routes = [...routes].sort((a, b) => {
+      const priorityA = a.priority ?? 0;
+      const priorityB = b.priority ?? 0;
+      return priorityB - priorityA;
+    });
+
+    this.logger.info(`Updated RouteManager with ${this.routes.length} routes`);
+  }
+
+  /**
+   * Get all routes
+   */
+  public getRoutes(): IRouteConfig[] {
+    return [...this.routes];
+  }
+
+  /**
+   * Find the first matching route for a context
+   */
+  public findMatchingRoute(context: IRouteContext): IRouteConfig | null {
+    for (const route of this.routes) {
+      if (this.matchesRoute(route, context)) {
+        return route;
+      }
+    }
+    return null;
+  }
+
+  /**
+   * Check if a route matches the given context
+   */
+  private matchesRoute(route: IRouteConfig, context: IRouteContext): boolean {
+    // Skip disabled routes
+    if (route.enabled === false) {
+      return false;
+    }
+
+    // Check domain match if specified
+    if (route.match.domains && context.domain) {
+      const domains = Array.isArray(route.match.domains)
+        ? route.match.domains
+        : [route.match.domains];
+
+      if (!domains.some(domainPattern => this.matchDomain(domainPattern, context.domain!))) {
+        return false;
+      }
+    }
+
+    // Check path match if specified
+    if (route.match.path && context.path) {
+      if (!this.matchPath(route.match.path, context.path)) {
+        return false;
+      }
+    }
+
+    // Check client IP match if specified
+    if (route.match.clientIp && context.clientIp) {
+      if (!route.match.clientIp.some(ip => this.matchIp(ip, context.clientIp))) {
+        return false;
+      }
+    }
+
+    // Check TLS version match if specified
+    if (route.match.tlsVersion && context.tlsVersion) {
+      if (!route.match.tlsVersion.includes(context.tlsVersion)) {
+        return false;
+      }
+    }
+
+    // All criteria matched
+    return true;
+  }
+
+  /**
+   * Match a domain pattern against a domain
+   */
+  private matchDomain(pattern: string, domain: string): boolean {
+    if (pattern === domain) {
+      return true;
+    }
+
+    if (pattern.includes('*')) {
+      const regexPattern = pattern
+        .replace(/\./g, '\\.')
+        .replace(/\*/g, '.*');
+
+      const regex = new RegExp(`^${regexPattern}$`, 'i');
+      return regex.test(domain);
+    }
+
+    return false;
+  }
+
+  /**
+   * Match a path pattern against a path
+   */
+  private matchPath(pattern: string, path: string): boolean {
+    if (pattern === path) {
+      return true;
+    }
+
+    if (pattern.endsWith('*')) {
+      const prefix = pattern.slice(0, -1);
+      return path.startsWith(prefix);
+    }
+
+    return false;
+  }
+
+  /**
+   * Match an IP pattern against an IP
+   * Supports exact matches, wildcard patterns, and CIDR notation
+   */
+  private matchIp(pattern: string, ip: string): boolean {
+    // Exact match
+    if (pattern === ip) {
+      return true;
+    }
+
+    // Wildcard matching (e.g., 192.168.0.*)
+    if (pattern.includes('*')) {
+      const regexPattern = pattern
+        .replace(/\./g, '\\.')
+        .replace(/\*/g, '.*');
+
+      const regex = new RegExp(`^${regexPattern}$`);
+      return regex.test(ip);
+    }
+
+    // CIDR matching (e.g., 192.168.0.0/24)
+    if (pattern.includes('/')) {
+      try {
+        const [subnet, bits] = pattern.split('/');
+        
+        // Convert IP addresses to numeric format for comparison
+        const ipBinary = this.ipToBinary(ip);
+        const subnetBinary = this.ipToBinary(subnet);
+        
+        if (!ipBinary || !subnetBinary) {
+          return false;
+        }
+        
+        // Get the subnet mask from CIDR notation
+        const mask = parseInt(bits, 10);
+        if (isNaN(mask) || mask < 0 || mask > 32) {
+          return false;
+        }
+        
+        // Check if the first 'mask' bits match between IP and subnet
+        return ipBinary.slice(0, mask) === subnetBinary.slice(0, mask);
+      } catch (error) {
+        // If we encounter any error during CIDR matching, return false
+        return false;
+      }
+    }
+
+    return false;
+  }
+  
+  /**
+   * Convert an IP address to its binary representation
+   * @param ip The IP address to convert
+   * @returns Binary string representation or null if invalid
+   */
+  private ipToBinary(ip: string): string | null {
+    // Handle IPv4 addresses only for now
+    const parts = ip.split('.');
+    
+    // Validate IP format
+    if (parts.length !== 4) {
+      return null;
+    }
+    
+    // Convert each octet to 8-bit binary and concatenate
+    try {
+      return parts
+        .map(part => {
+          const num = parseInt(part, 10);
+          if (isNaN(num) || num < 0 || num > 255) {
+            throw new Error('Invalid IP octet');
+          }
+          return num.toString(2).padStart(8, '0');
+        })
+        .join('');
+    } catch (error) {
+      return null;
+    }
+  }
+}
+
+/**
+ * Interface for connection tracking in the pool
+ */
+export interface IConnectionEntry {
+  socket: plugins.net.Socket;
+  lastUsed: number;
+  isIdle: boolean;
+}
+
+/**
+ * WebSocket with heartbeat interface
+ */
+export interface IWebSocketWithHeartbeat extends plugins.wsDefault {
+  lastPong: number;
+  isAlive: boolean;
+}
+
+/**
+ * Logger interface for consistent logging across components
+ */
+export interface ILogger {
+  debug(message: string, data?: any): void;
+  info(message: string, data?: any): void;
+  warn(message: string, data?: any): void;
+  error(message: string, data?: any): void;
+}
+
+/**
+ * Creates a logger based on the specified log level
+ */
+export function createLogger(logLevel: string = 'info'): ILogger {
+  const logLevels = {
+    error: 0,
+    warn: 1,
+    info: 2,
+    debug: 3
+  };
+
+  return {
+    debug: (message: string, data?: any) => {
+      if (logLevels[logLevel] >= logLevels.debug) {
+        console.log(`[DEBUG] ${message}`, data || '');
+      }
+    },
+    info: (message: string, data?: any) => {
+      if (logLevels[logLevel] >= logLevels.info) {
+        console.log(`[INFO] ${message}`, data || '');
+      }
+    },
+    warn: (message: string, data?: any) => {
+      if (logLevels[logLevel] >= logLevels.warn) {
+        console.warn(`[WARN] ${message}`, data || '');
+      }
+    },
+    error: (message: string, data?: any) => {
+      if (logLevels[logLevel] >= logLevels.error) {
+        console.error(`[ERROR] ${message}`, data || '');
+      }
+    }
+  };
+}