1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 | import { Context } from "../IContext";
|
13 | import { RequestMethod } from "../RequestMethod";
|
14 | import { Middleware } from "./IMiddleware";
|
15 | import { MiddlewareControl } from "./MiddlewareControl";
|
16 | import { cloneRequestWithNewUrl } from "./MiddlewareUtil";
|
17 | import { RedirectHandlerOptions } from "./options/RedirectHandlerOptions";
|
18 | import { FeatureUsageFlag, TelemetryHandlerOptions } from "./options/TelemetryHandlerOptions";
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 |
|
26 | export class RedirectHandler implements Middleware {
|
27 | |
28 |
|
29 |
|
30 |
|
31 |
|
32 | private static REDIRECT_STATUS_CODES: number[] = [
|
33 | 301,
|
34 | 302,
|
35 | 303,
|
36 | 307,
|
37 | 308,
|
38 | ];
|
39 |
|
40 | |
41 |
|
42 |
|
43 |
|
44 |
|
45 | private static STATUS_CODE_SEE_OTHER = 303;
|
46 |
|
47 | |
48 |
|
49 |
|
50 |
|
51 |
|
52 | private static LOCATION_HEADER = "Location";
|
53 |
|
54 | |
55 |
|
56 |
|
57 |
|
58 |
|
59 | private static AUTHORIZATION_HEADER = "Authorization";
|
60 |
|
61 | |
62 |
|
63 |
|
64 |
|
65 |
|
66 | private static MANUAL_REDIRECT: RequestRedirect = "manual";
|
67 |
|
68 | |
69 |
|
70 |
|
71 |
|
72 | private options: RedirectHandlerOptions;
|
73 |
|
74 | |
75 |
|
76 |
|
77 |
|
78 | private nextMiddleware: Middleware;
|
79 |
|
80 | |
81 |
|
82 |
|
83 |
|
84 |
|
85 |
|
86 |
|
87 |
|
88 | public constructor(options: RedirectHandlerOptions = new RedirectHandlerOptions()) {
|
89 | this.options = options;
|
90 | }
|
91 |
|
92 | |
93 |
|
94 |
|
95 |
|
96 |
|
97 |
|
98 | private isRedirect(response: Response): boolean {
|
99 | return RedirectHandler.REDIRECT_STATUS_CODES.indexOf(response.status) !== -1;
|
100 | }
|
101 |
|
102 | |
103 |
|
104 |
|
105 |
|
106 |
|
107 |
|
108 | private hasLocationHeader(response: Response): boolean {
|
109 | return response.headers.has(RedirectHandler.LOCATION_HEADER);
|
110 | }
|
111 |
|
112 | |
113 |
|
114 |
|
115 |
|
116 |
|
117 |
|
118 | private getLocationHeader(response: Response): string {
|
119 | return response.headers.get(RedirectHandler.LOCATION_HEADER);
|
120 | }
|
121 |
|
122 | |
123 |
|
124 |
|
125 |
|
126 |
|
127 |
|
128 | private isRelativeURL(url: string): boolean {
|
129 | return url.indexOf("://") === -1;
|
130 | }
|
131 |
|
132 | |
133 |
|
134 |
|
135 |
|
136 |
|
137 |
|
138 |
|
139 | private shouldDropAuthorizationHeader(requestUrl: string, redirectUrl: string): boolean {
|
140 | const schemeHostRegex = /^[A-Za-z].+?:\/\/.+?(?=\/|$)/;
|
141 | const requestMatches: string[] = schemeHostRegex.exec(requestUrl);
|
142 | let requestAuthority: string;
|
143 | let redirectAuthority: string;
|
144 | if (requestMatches !== null) {
|
145 | requestAuthority = requestMatches[0];
|
146 | }
|
147 | const redirectMatches: string[] = schemeHostRegex.exec(redirectUrl);
|
148 | if (redirectMatches !== null) {
|
149 | redirectAuthority = redirectMatches[0];
|
150 | }
|
151 | return typeof requestAuthority !== "undefined" && typeof redirectAuthority !== "undefined" && requestAuthority !== redirectAuthority;
|
152 | }
|
153 |
|
154 | |
155 |
|
156 |
|
157 |
|
158 |
|
159 |
|
160 |
|
161 |
|
162 | private async updateRequestUrl(redirectUrl: string, context: Context): Promise<void> {
|
163 | context.request = typeof context.request === "string" ? redirectUrl : await cloneRequestWithNewUrl(redirectUrl, context.request as Request);
|
164 | }
|
165 |
|
166 | |
167 |
|
168 |
|
169 |
|
170 |
|
171 |
|
172 | private getOptions(context: Context): RedirectHandlerOptions {
|
173 | let options: RedirectHandlerOptions;
|
174 | if (context.middlewareControl instanceof MiddlewareControl) {
|
175 | options = context.middlewareControl.getMiddlewareOptions(RedirectHandlerOptions) as RedirectHandlerOptions;
|
176 | }
|
177 | if (typeof options === "undefined") {
|
178 | options = Object.assign(new RedirectHandlerOptions(), this.options);
|
179 | }
|
180 | return options;
|
181 | }
|
182 |
|
183 | |
184 |
|
185 |
|
186 |
|
187 |
|
188 |
|
189 |
|
190 |
|
191 |
|
192 | private async executeWithRedirect(context: Context, redirectCount: number, options: RedirectHandlerOptions): Promise<void> {
|
193 | await this.nextMiddleware.execute(context);
|
194 | const response = context.response;
|
195 | if (redirectCount < options.maxRedirects && this.isRedirect(response) && this.hasLocationHeader(response) && options.shouldRedirect(response)) {
|
196 | ++redirectCount;
|
197 | if (response.status === RedirectHandler.STATUS_CODE_SEE_OTHER) {
|
198 | context.options.method = RequestMethod.GET;
|
199 | delete context.options.body;
|
200 | } else {
|
201 | const redirectUrl: string = this.getLocationHeader(response);
|
202 | if (!this.isRelativeURL(redirectUrl) && this.shouldDropAuthorizationHeader(response.url, redirectUrl)) {
|
203 | delete context.options.headers[RedirectHandler.AUTHORIZATION_HEADER];
|
204 | }
|
205 | await this.updateRequestUrl(redirectUrl, context);
|
206 | }
|
207 | await this.executeWithRedirect(context, redirectCount, options);
|
208 | } else {
|
209 | return;
|
210 | }
|
211 | }
|
212 |
|
213 | |
214 |
|
215 |
|
216 |
|
217 |
|
218 |
|
219 |
|
220 | public async execute(context: Context): Promise<void> {
|
221 | const redirectCount = 0;
|
222 | const options = this.getOptions(context);
|
223 | context.options.redirect = RedirectHandler.MANUAL_REDIRECT;
|
224 | TelemetryHandlerOptions.updateFeatureUsageFlag(context, FeatureUsageFlag.REDIRECT_HANDLER_ENABLED);
|
225 | return await this.executeWithRedirect(context, redirectCount, options);
|
226 | }
|
227 |
|
228 | |
229 |
|
230 |
|
231 |
|
232 |
|
233 |
|
234 | public setNext(next: Middleware): void {
|
235 | this.nextMiddleware = next;
|
236 | }
|
237 | }
|