-
Notifications
You must be signed in to change notification settings - Fork 0
/
fetch.js
85 lines (81 loc) · 2.97 KB
/
fetch.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
/**
* This code is closed source and Confidential and Proprietary to
* Appcelerator, Inc. All Rights Reserved. This code MUST not be
* modified, copy or otherwise redistributed without expression
* written permission of Appcelerator. This file is licensed as
* part of the Appcelerator Platform and governed under the terms
* of the Appcelerator license agreement.
*/
// always load our bundled request-ssl, not one up the food chain.
var request = require('./node_modules/request-ssl'),
path = require('path'),
fs = require('fs'),
urlib = require('url'),
tmpdir = require('os').tmpdir(),
dir = path.join(tmpdir, 'appc-request-ssl');
/**
* this function will fetch the SSL fingerprints from the security server for all
* the necessary AppC authorized domains and will cache them locally. If will check
* for any new certs each time this method is called, however, will only pull down
* new ones if there are any changes from what we already have cached.
*/
function fetch(callback) {
if (!fs.existsSync(dir)) {
fs.mkdirSync(dir);
}
// attempt to read in the etag cached file if it exists
var etagFn = path.join(dir, '.etag'),
etag;
if (fs.existsSync(etagFn)) {
etag = fs.readFileSync(etagFn).toString().trim();
}
var server = process.env.APPC_SECURITY_SERVER || 'https://4503ef0cc4daae71d3bb898f66c72b886c9f6d61.cloudapp-enterprise.appcelerator.com';
var opts = {
method: 'get',
url: urlib.resolve(server,'/ssl-fingerprints'),
headers: {
'User-Agent': 'Appcelerator (appc-request-ssl)/'+require('./package.json').version,
'If-None-Match': etag || ''
},
gzip: true
};
// send the HTTP request
request(opts, function(err,resp,body){
if (err) {
return callback(new Error("Error fetching SSL certificates. "+err));
}
// not modified, no changes from what we have locally so we can just continue
if (resp.statusCode === 304) {
request.addFingerprintDirectory(dir);
return callback(null,null,dir);
}
// we received new fingerprints, we need to update our local cache
if (resp.statusCode === 200) {
if (!resp.headers.etag) {
return callback(new Error("Error fetching SSL certificates. The etag header was expected from the server and it was not returned. Please contact Appcelerator Support."));
}
// write out the etag
fs.writeFileSync(etagFn,resp.headers.etag);
// write out the contents
body = typeof(body)==='string' ? JSON.parse(body) : body;
// array of fingerprint entries where the keys are:
// domain - domain name for the fingerprint
// fingerprint - the fingerprint for the domain
for (var c=0;c<body.length;c++) {
var entry = body[c];
fs.writeFileSync(path.join(dir, entry.domain), entry.fingerprint);
}
request.addFingerprintDirectory(dir);
callback(null, body, dir);
}
else {
return callback(new Error("Unexpected error fetching SSL certificates ("+resp.statusCode+")"));
}
});
}
module.exports = fetch;
if (module.id === ".") {
fetch(function(err, result, dir){
console.log(arguments);
});
}