diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 0000000000000000000000000000000000000000..a2e7f3ae24920567d2acba932cb5f5ffa8888c8a
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,2 @@
+train-1:
+ * beginning of time, everything is new.
diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md
new file mode 100644
index 0000000000000000000000000000000000000000..54a350162cdea99ed069928217df0c21cf9814b7
--- /dev/null
+++ b/DEPLOYMENT.md
@@ -0,0 +1,278 @@
+## How to deploy BrowserID
+
+This describes how to take the code here, put it on a server, and build
+a service like browserid.org.
+
+So what are we deploying, anyway?
+
+ * *the browserid server* - a node.js server which implements a web services api, stores a record of users, the email addresses they've verified, a bcrypted password, outstanding verification tokens, etc
+ * *the verifier* - a stateless node.js server which does cryptographic verification of assertions. This thing is hosted on browserid.org as a convenience, but people using browserid can choose to relocated it if they want to their own servers.
+ * *the browserid.org website* - the templates, css, and javascript that make up the visible part of browserid.org
+ * *the javascript/HTML dialog & include library* - this is include.js and the code that it includes, the bit that someone using browserid will include.
+
+## Overview
+
+Software in use
+
+This document assumes we're deploying on an **Ubuntu 10.04.1 LTS** box,
+and using the following software:
+
+ * **nginx** - frontend web server that handles static content and
+ serves as a reverse proxy for node.js servers running on local host
+ config: `/etc/nginx/conf/nginx.conf`
+
+ * **node.js** - all non-static servers run with node. modules are installed
+ using npm in `/home/http/node_modules`
+
+ * **monit** - provides monitoring and automatic restarting of node.js servers
+ when they go down (by accident or upon code publishing)
+ config files are: `/etc/monitrc`, and `/etc/monit.d/*`. Also see the
+ helper script that starts node servers: `/etc/monit.d/start_node_server`
+
+ * **gitolite** - installed under the git user to provide multi-user ssh based
+ git access. post-update hook handles updating code and restarting servers.
+ see that here: `/home/git/.gitolite/hooks/common/post-update`
+
+### Permissions conventions
+
+Permissions conventions:
+ * *nginx* runs as user 'www-data'
+ * *node.js* servers run as user 'www-data'
+ * when git pushing, all publishing and restarting runs as user 'git'
+
+## Setup
+
+### 1. gitolite!
+
+*This step is optional*. gitlite turns a normal unix machine into a
+"git server". All that gitolite does is provide some utilities and
+the infrastructure required to make it possible for multiple users to
+authenticate to a particular user on the box using ssh keys for the
+purposes of updating code. While requiring a bit of setup, in practice
+this is a fabulously lightweight way to make the releases process sing.
+
+Let's get started:
+
+ 1. create a "git" user: `sudo adduser git`
+ 2. install git if required: `sudo apt-get install git-core`
+ 3. become user git: `sudo su -s /bin/bash git`
+ 4. hop into your home directory: `cd`
+ 5. [This.](http://sitaramc.github.com/gitolite/doc/1-INSTALL.html#_non_root_method)
+ 6. add a browserid repo. [This.](http://sitaramc.github.com/gitolite/doc/2-admin.html#_adding_users_and_repos).
+
+At this point you've morphed your servers into git servers. Go ahead and
+add a remote to your local copy of the browserid repo and push to it:
+`git remote add shortaliasforthenewvm git@myserver:browserid.git && git push --all shortaliasforthenewvm`
+
+Now you have a clone of your browserid repository that's trivial to update.
+You can use ssh keys with passphrases and ssh-agent if you are less of an
+optimist.
+
+### 2. install node.js!
+
+At present we're running node.js 0.4.10. Lastest along the 4 line should
+work:
+
+ 1. install dev libs and tools to build node: g++ & libssl-dev
+ 2. `./configure && make && sudo make install`
+ 3. now install npm: `git clone https://github.com/isaacs/npm.git && cd npm && sudo make install`
+ 4. intstall uglify-js, required to create production resources:
+ `npm install -g uglify-js`
+
+### 3. Install software prerequisites
+
+Subsequent steps use different software which you might need to install.
+
+ * **curl** - used to iniate http requests from the cmd line (to kick the browserid server)
+ * **java** - used to minify css
+ * **libsqlite3-dev** - database libraries
+
+### 4. Set up post-update hook
+
+*This step is optional* - if you want to manually update code you
+ probably skipped step #1, you can skip this one as well. All you need
+to do is check out the code from github and run node.
+
+Given we've now got a simple way to push updates to the server, and
+we've got npm and node running, let's get the software running! The task
+here is as a `post-update` hook (triggered by pushing changes to the server)
+to have the server update its code and restart the server.
+
+To get this done, we'll create a "post-update hook" which will live on your
+server under the git user's directory:
+
+First, [do this] to add a blank executable post-update hook.
+
+ [do this]: http://sitaramc.github.com/gitolite/doc/2-admin.html#_using_hooks
+
+Now, here's a full sample script that you can start with in that
+post update hook, annotated to help you follow along:
+
+<pre>
+ #!/bin/bash
+
+ # only run these commands if it's the browserid repo bein' pushed
+ if [ "x$GL_REPO" == 'xbrowserid' ] ; then
+ # create a temporary directory where we'll stage new code
+ NEWCODE=`mktemp -d`
+ echo "staging code to $NEWCODE"
+ mkdir -p $NEWCODE
+ git archive --format=tar dev | tar -x -C $NEWCODE
+
+ echo "generating production resources"
+ cd $NEWCODE/browserid && ./compress.sh && cd -
+
+ # stop the servers
+ curl -o --url http://localhost:62700/code_update > /dev/null 2>&1
+ curl -o --url http://localhost:62800/code_update > /dev/null 2>&1
+
+ # now move code into place, and keep a backup of the last code
+ # that was in production in .old
+ echo "moving updated code into place"
+ rm -rf /home/browserid/code.old
+ mv /home/browserid/code{,.old}
+ mv $NEWCODE /home/browserid/code
+ ln -s /home/browserid/var_browserid /home/browserid/code/browserid/var
+ ln -s /home/browserid/var_verifier /home/browserid/code/verifier/var
+
+ echo "fixing permissions"
+ find /home/browserid/code -exec chgrp www-data {} \; > /dev/null 2>&1
+ find /home/browserid/code -type d -exec chmod 0775 {} \; > /dev/null 2>&1
+ find /home/browserid/code -type f -exec chmod ga+r {} \; > /dev/null 2>&1
+ find /home/browserid/code -type f -perm /u+x -exec chmod g+x {} \; > /dev/null 2>&1
+
+ echo "updating dependencies"
+ ln -s /home/browserid/node_modules /home/browserid/code/node_modules
+ cd /home/browserid/code && npm install && cd -
+ fi
+</pre>
+
+### 5. get node servers running
+
+At this point, pushing code to gitolite will cause /home/browserid/code to be updated. Now
+we need to get the servers running! Manually we can verify that the servers will run.
+For the browser id server:
+
+ cd /home/browserid/code/browserid && sudo -u www-data ./run.js
+
+And for the verifier:
+
+ cd /home/browserid/code/verifier && sudo -u www-data ./run.js
+
+Now let's set up [monit] to restart the node.js servers:
+
+ 1. install monit: `sudo apt-get install monit`
+ 2. enable monit by editing `/etc/default/monit`
+ 3. configure monit. make `/etc/monit/monitrc` look like this:
+
+<pre>
+set daemon 10
+set logfile /var/log/monit.log
+include /etc/monit.d/*
+</pre>
+
+ 4. Add a little utility script (`chmod +x`) to run the node servers at `/etc/monit/start_node_server`:
+
+<pre>
+#!/bin/bash
+/usr/local/bin/node $1 > $(dirname $1)/error.log 2>&1 &
+</pre>
+
+ 5. create a file to run the verifier at `/etc/monit.d/verifier`:
+
+<pre>
+check host verifier with address 127.0.0.1
+ start program = "/etc/monit/start_node_server /home/browserid/code/verifier/run.js"
+ as uid "www-data" and gid "www-data"
+ stop program = "/usr/bin/pkill -f '/usr/local/bin/node /home/browserid/code/verifier/run.js'"
+ if failed port 62800 protocol HTTP
+ request /ping.txt
+ with timeout 10 seconds
+ then restart
+</pre>
+
+ 5. create a file to run the browserid server at `/etc/monit.d/browserid`:
+
+<pre>
+check host browserid.org with address 127.0.0.1
+ start program = "/etc/monit/start_node_server /home/browserid/code/browserid/run.js"
+ as uid "www-data" and gid "www-data"
+ stop program = "/usr/bin/pkill -f '/usr/local/bin/node /home/browserid/code/browserid/run.js'"
+ if failed port 62700 protocol HTTP
+ request /ping.txt
+ with timeout 10 seconds
+ then restart
+</pre>
+
+ 6. verify servers are running! check `/var/log/monit.log`, curl ports 62700 and 62800, and verify servers are restarted at 10s if you kill em!
+
+### 6. set up nginx!
+
+At this point we've got automatic server restart, simple git based code publishing, and all of the software prerequisites installed on the box. The final bit of work is to set up nginx in such a way that it will properly proxy requests to the external interface to the proper node server:
+
+ 1. remove any other webservers that come with your vm (like apache)
+ 2. install nginx: `sudo apt-get install nginx`
+ 3. configure nginx, make `/etc/nginx/nginx.conf` look like this:
+
+<pre>
+user www-data;
+worker_processes 1;
+
+error_log /var/log/nginx/error.log;
+pid /var/run/nginx.pid;
+
+events {
+ worker_connections 1024;
+ # multi_accept on;
+}
+
+http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+ access_log /var/log/nginx/access.log;
+ sendfile on;
+
+ keepalive_timeout 65;
+ tcp_nodelay on;
+
+ gzip on;
+ gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+ gzip_proxied any;
+ gzip_types text/html application/json application/javascript text/css application/x-font-ttf application/atom+xml;
+
+ include /etc/nginx/conf.d/*.conf;
+ include /etc/nginx/sites-enabled/*;
+}
+</pre>
+
+ 4. and how about configuring the webserver:
+
+<pre>
+server {
+ listen 80 default;
+ server_name browserid.org;
+
+ # disallow external server restart.
+ location = /code_update {
+ internal;
+ }
+
+ # pass /verify invocations to the verifier
+ location /verify {
+ proxy_pass http://127.0.0.1:62800;
+ proxy_set_header X-Real-IP $remote_addr;
+ }
+
+ # pass everything else the browserid server
+ location / {
+ proxy_pass http://127.0.0.1:62700;
+ proxy_set_header X-Real-IP $remote_addr;
+ }
+}
+</pre>
+
+ 5. restart your webserver and you're all done: `sudo /etc/init.d/nginx restart
+
+easy, right?
+
+
diff --git a/README.md b/README.md
index b2d950e1d12153d138969f5cda4c5c39b29380e2..e84edefb0d776fd66d4553e07bd87f77352498a3 100644
--- a/README.md
+++ b/README.md
@@ -1,27 +1,41 @@
-This is an exploration of the distributed identity system
-[described here](https://wiki.mozilla.org/Labs/Identity/VerifiedEmailProtocol).
+Here lives the [BrowserID] implementation. BrowserID is an implementation of the
+[verified email protocol].
-## Required software:
+ [BrowserID]:https://browserid.org
+ [verified email protocol]:https://wiki.mozilla.org/Labs/Identity/VerifiedEmailProtocol
-All of the servers here are based on node.js, and some number of 3rd party node modules are required to make them go. ([npm](http://npmjs.org/) is a good way to get these libraries)
+This repository contains several distinct things related to BrowserID:
-* node.js (>= 0.4.5): http://nodejs.org/
-* Several node.js 3rd party libraries - check `package.json` for details
+ * **the browserid server** - a node.js server which implements a web services api, stores a record of users, the email addresses they've verified, a bcrypted password, outstanding verification tokens, etc
+ * **the verifier** - a stateless node.js server which does cryptographic verification of assertions. This thing is hosted on browserid.org as a convenience, but people using browserid can choose to relocated it if they want to their own servers.
+ * **sample and test code** - to test the above
+ * **the browserid.org website** - the templates, css, and javascript that make up the visible part of browserid.org
+ * **the javascript/HTML dialog & include library** - this is include.js and the code that it includes, the bit that someone using browserid will include.
+
+## Dependencies
+
+Here's the software you'll need installed:
+* node.js (>= 0.4.5): http://nodejs.org/
+* npm: http://npmjs.org/
+* sqlite (3) development libraries: http://www.sqlite.org/
+* Several node.js 3rd party libraries - see `package.json` for details
## Getting started:
1. install node
2. run `npm install` to installed 3rd party libraries into `node_modules`
3. run the top level *run.js* script: `node ./run.js`
-4. visit the demo application ('rp') in your web browser (url output on the console at runtime)â
+4. visit the demo application ('rp') in your web browser (url output on the console at runtime)
## Testing
-We should start using this:
+Unit tests are under `browserid/tests/`, and you should run them often. Like before committing code.
+
+## Development model
+
+**branching & release model** - You'll notice some funky branching conventions, like the default branch is named `dev` rather than `master` as you might expect. We're using gitflow: the approach is described in a [blog post](http://lloyd.io/applying-gitflow).
- https://github.com/LearnBoost/tobi
+**contributions** - please issue pull requests targeted at the `dev` branch
-for integration testing
-and straight Vows for unit testing
diff --git a/browserid/app.js b/browserid/app.js
index e595f6f39c3d2bb001cb7f2d688961ebbdb196a1..25523e33ad380498ed5e1c5ff37b820766c5cba7 100644
--- a/browserid/app.js
+++ b/browserid/app.js
@@ -15,14 +15,15 @@ webfinger = require('./lib/webfinger.js'),
sessions = require('cookie-sessions'),
express = require('express'),
secrets = require('./lib/secrets.js'),
-db = require('./lib/db.js')
+db = require('./lib/db.js'),
+environment = require('../libs/environment.js'),
+substitution = require('../libs/substitute.js');
// open the databse
db.open();
// looks unused, see run.js
// const STATIC_DIR = path.join(path.dirname(__dirname), "static");
-
const COOKIE_SECRET = secrets.hydrateSecret('cookie_secret', VAR_DIR);
const COOKIE_KEY = 'browserid_state';
@@ -36,7 +37,9 @@ function internal_redirector(new_url) {
function router(app) {
app.set("views", __dirname + '/views');
- app.set('view options', { production: exports.production });
+ app.set('view options', {
+ production: app.enabled('use_minified_resources')
+ });
// this should probably be an internal redirect
// as soon as relative paths are figured out.
@@ -44,7 +47,7 @@ function router(app) {
res.render('dialog.ejs', {
title: 'A Better Way to Sign In',
layout: false,
- production: exports.production
+ production: app.enabled('use_minified_resources')
});
});
@@ -112,7 +115,6 @@ function router(app) {
};
exports.varDir = VAR_DIR;
-exports.production = true;
exports.setup = function(server) {
server.use(express.cookieParser());
@@ -175,6 +177,13 @@ exports.setup = function(server) {
next();
});
+
+ // configure environment variables based on the deployment target ('NODE_ENV');
+ environment.configure(server);
+
+ // add middleware to re-write urls if needed
+ environment.performSubstitution(server);
+
// add the actual URL handlers other than static
router(server);
}
diff --git a/browserid/compress.sh b/browserid/compress.sh
index cd2a23af7bb588093d37f06b337594a820bb5c28..07a35765a41f12c3635f705ed1de7da0f38a17f3 100755
--- a/browserid/compress.sh
+++ b/browserid/compress.sh
@@ -7,7 +7,7 @@ if [ ! -x "$UGLIFY" ]; then
fi
JAVA=`which java 2> /dev/null`
-if [ ! -x "$UGLIFY" ]; then
+if [ ! -x "$JAVA" ]; then
echo "java not found in your path. can't create production resources. disaster."
exit 1
fi
diff --git a/browserid/run.js b/browserid/run.js
index 94f0583debcecda53aa6332d0d9b2ea0652be6c2..ed8b03dbe38bb9cde7f09640deb67fa27ce96a6c 100755
--- a/browserid/run.js
+++ b/browserid/run.js
@@ -42,3 +42,4 @@ exports.stopServer = function(cb) {
// when directly invoked from the command line, we'll start the server
if (amMain) exports.runServer();
+
diff --git a/browserid/static/dialog/controllers/dialog_controller.js b/browserid/static/dialog/controllers/dialog_controller.js
index 35c684299c2acf5a966be36473775ba832312e37..39d9ffc2b72b4d8f56fc55bc3b4e01d9c1d47235 100644
--- a/browserid/static/dialog/controllers/dialog_controller.js
+++ b/browserid/static/dialog/controllers/dialog_controller.js
@@ -103,6 +103,10 @@ $.Controller("Dialog", {}, {
var issuer = storedID.issuer;
var audience = this.remoteOrigin.replace(/^(http|https):\/\//, '');
var assertion = CryptoStubs.createAssertion(audience, email, privkey, issuer);
+ // Clear onerror before the call to onsuccess - the code to onsuccess
+ // calls window.close, which would trigger the onerror callback if we
+ // tried this afterwards.
+ this.onerror = null;
this.onsuccess(assertion);
},
@@ -219,6 +223,14 @@ $.Controller("Dialog", {}, {
this.onerror = onerror;
this.remoteOrigin = origin_url.replace(/^.*:\/\//, "");
this.doStart();
+ var me=this;
+ $(window).bind("unload", function() {
+ // In the success case, me.onerror will have been cleared before unload
+ // is triggered.
+ if (me.onerror) {
+ me.onerror("canceled");
+ }
+ });
},
doStart: function() {
@@ -550,3 +562,5 @@ $.Controller("Dialog", {}, {
}
});
+
+
diff --git a/browserid/tests/forgotten-email-test.js b/browserid/tests/forgotten-email-test.js
index 1a7d015476b3ec4076256c9fe4f3ace339a597f5..2fe7cffc5a8dcde8d685f3260a5cfc45192c134c 100755
--- a/browserid/tests/forgotten-email-test.js
+++ b/browserid/tests/forgotten-email-test.js
@@ -1,13 +1,16 @@
#!/usr/bin/env node
const assert = require('assert'),
- vows = require('vows'),
- start_stop = require('./lib/start-stop.js'),
- wsapi = require('./lib/wsapi.js'),
- interceptor = require('./lib/email-interceptor.js');
+vows = require('vows'),
+start_stop = require('./lib/start-stop.js'),
+wsapi = require('./lib/wsapi.js'),
+interceptor = require('./lib/email-interceptor.js');
var suite = vows.describe('forgotten-email');
+// disable vows (often flakey?) async error behavior
+suite.options.error = false;
+
start_stop.addStartupBatches(suite);
// ever time a new token is sent out, let's update the global
diff --git a/libs/environment.js b/libs/environment.js
new file mode 100644
index 0000000000000000000000000000000000000000..3bbfec25b87dd6eaf9bcc64e853f24d1ea3a82e6
--- /dev/null
+++ b/libs/environment.js
@@ -0,0 +1,85 @@
+/*
+ * An abstraction which contains various pre-set deployment
+ * environments and adjusts runtime configuration appropriate for
+ * the current environmnet (specified via the NODE_ENV env var)..
+ *
+ * usage is
+ * exports.configure(app);
+ */
+
+const substitution = require('./substitute.js');
+
+if (undefined === process.env['NODE_ENV']) {
+ process.env['NODE_ENV'] = 'local';
+}
+
+exports.configure = function(app) {
+ if (!app) throw "configure requires express app as argument";
+
+ var known = false;
+
+ app.enable('use_minified_resources');
+
+ app.configure('production', function() {
+ app.set('hostname', 'browserid.org');
+ app.set('port', '443');
+ app.set('scheme', 'https');
+ known = true;
+ });
+
+ app.configure('development', function() {
+ app.set('hostname', 'dev.diresworb.org');
+ app.set('port', '443');
+ app.set('scheme', 'https');
+ known = true;
+ });
+
+ app.configure('beta', function() {
+ app.set('hostname', 'diresworb.org');
+ app.set('port', '443');
+ app.set('scheme', 'https');
+ known = true;
+ });
+
+ app.configure('local', function() {
+ app.set('hostname', '127.0.0.1');
+ app.set('port', '10001');
+ app.set('scheme', 'http');
+ app.disable('use_minified_resources');
+ known = true;
+ });
+
+ if (!known) throw "unknown environment: " + process.env('NODE_ENV');
+
+ function getPortForURL() {
+ if (app.set('scheme') === 'https' && app.set('port') === '443') return "";
+ if (app.set('scheme') === 'http' && app.set('port') === '80') return "";
+ return ":" + app.set('port');
+ }
+
+ app.set('URL',
+ app.set('scheme') +
+ '://' +
+ app.set('hostname') +
+ getPortForURL());
+};
+
+/*
+ * Install middleware that will perform textual replacement on served output
+ * to re-write urls as needed for this particular environment.
+ *
+ * Note, for a 'local' environment, no re-write is needed because this is
+ * handled at a higher level. For a 'production' env no rewrite is necc cause
+ * all source files are written for that environment.
+ */
+exports.performSubstitution = function(app) {
+ if (process.env['NODE_ENV'] !== 'production' &&
+ process.env['NODE_ENV'] !== 'local') {
+ app.use(substitution.substitute({
+ 'https://browserid.org': app.set('URL'),
+ 'browserid.org:443': app.set('hostname') + ':' + app.set('port'),
+ 'browserid.org': app.set('hostname')
+ }));
+ }
+};
+
diff --git a/libs/substitute.js b/libs/substitute.js
new file mode 100644
index 0000000000000000000000000000000000000000..ab04aeec1e4f2ff6a1bb9912b044435cb9583dd2
--- /dev/null
+++ b/libs/substitute.js
@@ -0,0 +1,71 @@
+// return a function that is substitution middleware, capable
+// of being installed to perform textual replacement on
+// all server output
+exports.substitute = function(subs) {
+ // given a buffer, find and replace all subs
+ function subHostNames(data) {
+ for (var i in subs) {
+ data = data.toString().replace(new RegExp(i, 'g'), subs[i]);
+ }
+
+ return data;
+ }
+
+ return function(req, resp, next) {
+ // cache the *real* functions
+ var realWrite = resp.write;
+ var realEnd = resp.end;
+ var realWriteHead = resp.writeHead;
+ var realSend = resp.send;
+
+ var buf = undefined;
+ var enc = undefined;
+ var contentType = undefined;
+
+ resp.writeHead = function (sc, reason, hdrs) {
+ var h = undefined;
+ if (typeof hdrs === 'object') h = hdrs;
+ else if (typeof reason === 'object') h = reason;
+ for (var k in h) {
+ if (k.toLowerCase() === 'content-type') {
+ contentType = h[k];
+ break;
+ }
+ }
+ if (!contentType) contentType = resp.getHeader('content-type');
+ if (!contentType) contentType = "application/unknown";
+ realWriteHead.call(resp, sc, reason, hdrs);
+ };
+
+ resp.write = function (chunk, encoding) {
+ if (buf) buf += chunk;
+ else buf = chunk;
+ enc = encoding;
+ };
+
+ resp.send = function(stuff) {
+ buf = stuff;
+ realSend.call(resp,stuff);
+ };
+
+ resp.end = function() {
+ if (!contentType) contentType = resp.getHeader('content-type');
+ if (contentType && (contentType === "application/javascript" ||
+ contentType.substr(0,4) === 'text'))
+ {
+ if (buf) {
+ if (Buffer.isBuffer(buf)) buf = buf.toString('utf8');
+ var l = Buffer.byteLength(buf);
+ buf = subHostNames(buf);
+ if (l != Buffer.byteLength(buf)) resp.setHeader('Content-Length', Buffer.byteLength(buf));
+ }
+ }
+ if (buf && buf.length) {
+ realWrite.call(resp, buf, enc);
+ }
+ realEnd.call(resp);
+ }
+
+ next();
+ };
+};
diff --git a/run.js b/run.js
index 5b5d870a7dee93a5c59862b2f81fa080b028a0f7..95046e55dfc7c6fa46cacc3c18a3110cc5b75e22 100755
--- a/run.js
+++ b/run.js
@@ -2,12 +2,14 @@
// a little node webserver designed to run the unit tests herein
-var sys = require("sys"),
- http = require("http"),
- url = require("url"),
- path = require("path"),
- fs = require("fs"),
- express = require("express");
+var sys = require("sys"),
+ http = require("http"),
+ url = require("url"),
+ path = require("path"),
+ fs = require("fs"),
+ express = require("express"),
+substitution = require('./libs/substitute.js'),
+ environment = require('./libs/environment.js');
var PRIMARY_HOST = "127.0.0.1";
@@ -18,155 +20,93 @@ var boundServers = [ ];
//
var nodemailer = require('nodemailer');
nodemailer.EmailMessage.prototype.send = function(callback) {
- this.prepareVariables();
- var headers = this.generateHeaders(),
- body = this.generateBody();
- console.log(headers);
- console.log(body);
+ this.prepareVariables();
+ var headers = this.generateHeaders(),
+ body = this.generateBody();
+ console.log(headers);
+ console.log(body);
};
-// given a buffer, find and replace all production hostnames
-// with development URLs
-function subHostNames(data) {
- for (var i = 0; i < boundServers.length; i++) {
- var o = boundServers[i]
- var a = o.server.address();
- var from = o.name;
- var to = "http://" + a.address + ":" + a.port;
- data = data.toString().replace(new RegExp(from, 'g'), to);
-
- // now do another replacement to catch bare hostnames sans http(s)
- // and explicit cases where port is appended
- var fromWithPort;
- if (from.substr(0,5) === 'https') {
+var subs = undefined;
+function substitutionMiddleware(req, resp, next) {
+ if (!subs) {
+ subs = { };
+ for (var i = 0; i < boundServers.length; i++) {
+ var o = boundServers[i]
+ var a = o.server.address();
+ var from = o.name;
+ var to = "http://" + a.address + ":" + a.port;
+ subs[from] = to;
+
+ // now do another replacement to catch bare hostnames sans http(s)
+ // and explicit cases where port is appended
+ var fromWithPort;
+ if (from.substr(0,5) === 'https') {
from = from.substr(8);
fromWithPort = from + ":443";
- } else {
+ } else {
from = from.substr(7);
fromWithPort = from + ":80";
+ }
+ to = to.substr(7);
+
+ if (o.subPath) to += o.subPath;
+
+ subs[fromWithPort] = to;
+ subs[from] = to;
}
- to = to.substr(7);
-
- if (o.subPath) to += o.subPath;
-
- data = data.replace(new RegExp(fromWithPort, 'g'), to);
- data = data.replace(new RegExp(from, 'g'), to);
}
-
- return data;
+ (substitution.substitute(subs))(req, resp, next);
}
-// Middleware that intercepts outbound textual responses and substitutes
-// in development hostnames
-function substitutionMiddleware(req, resp, next) {
- // cache the *real* functions
- var realWrite = resp.write;
- var realEnd = resp.end;
- var realWriteHead = resp.writeHead;
- var realSend = resp.send;
-
- var buf = undefined;
- var enc = undefined;
- var contentType = undefined;
-
- resp.writeHead = function (sc, reason, hdrs) {
- var h = undefined;
- if (typeof hdrs === 'object') h = hdrs;
- else if (typeof reason === 'object') h = reason;
- for (var k in h) {
- if (k.toLowerCase() === 'content-type') {
- contentType = h[k];
- break;
- }
- }
- if (!contentType) contentType = resp.getHeader('content-type');
- if (!contentType) contentType = "application/unknown";
- realWriteHead.call(resp, sc, reason, hdrs);
- };
-
- resp.write = function (chunk, encoding) {
- if (buf) buf += chunk;
- else buf = chunk;
- enc = encoding;
- };
-
- resp.send = function(stuff) {
- buf = stuff;
- realSend.call(resp,stuff);
- };
-
- resp.end = function() {
- if (!contentType) contentType = resp.getHeader('content-type');
- if (contentType && (contentType === "application/javascript" ||
- contentType.substr(0,4) === 'text'))
- {
- if (buf) {
- if (Buffer.isBuffer(buf)) buf = buf.toString('utf8');
- var l = Buffer.byteLength(buf);
- buf = subHostNames(buf);
- if (l != Buffer.byteLength(buf)) resp.setHeader('Content-Length', Buffer.byteLength(buf));
- }
- }
- if (buf && buf.length) {
- realWrite.call(resp, buf, enc);
- }
- realEnd.call(resp);
- }
+function createServer(obj) {
+ var app = express.createServer();
- next();
-};
+ // configure the server based on the environment (NODE_ENV).
+ environment.configure(app);
-function createServer(obj) {
- var app = express.createServer();
- app.use(express.logger());
+ app.use(express.logger());
- // this file is a *test* harness, to make it go, we'll insert a little handler that
- // substitutes output, changing production URLs to developement URLs.
- app.use(substitutionMiddleware);
+ // this file is a *test* harness, to make it go, we'll insert a little
+ // handler that substitutes output, changing production URLs to
+ // developement URLs.
+ app.use(substitutionMiddleware);
- // let the specific server interact directly with the express server to register their middleware,
- // routes, etc...
- if (obj.setup) obj.setup(app);
+ // let the specific server interact directly with the express server to
+ // register their middleware, routes, etc...
+ if (obj.setup) obj.setup(app);
- // now set up the static resource servin'
- var p = obj.path, ps = path.join(p, "static");
- try { if (fs.statSync(ps).isDirectory()) p = ps; } catch(e) { }
- app.use(express.static(p));
+ // now set up the static resource servin'
+ var p = obj.path, ps = path.join(p, "static");
+ try { if (fs.statSync(ps).isDirectory()) p = ps; } catch(e) { }
+ app.use(express.static(p));
- // and listen!
- app.listen(obj.port, PRIMARY_HOST);
- return app;
+ // and listen!
+ app.listen(obj.port, PRIMARY_HOST);
+ return app;
};
// start up webservers on ephemeral ports for each subdirectory here.
var dirs = [
- // the reference verification server. A version is hosted at
- // browserid.org and may be used, or the RP may perform their
- // own verification.
- {
- name: "https://browserid.org/verify",
- subPath: "/",
- path: path.join(__dirname, "verifier")
- },
- // An example relying party.
- {
- name: "http://rp.eyedee.me",
- path: path.join(__dirname, "rp")
- },
-
- // disabled primary for now since it's not in working
- // order.
- /* // A reference primary identity provider.
- {
- name: "https://eyedee.me",
- path: path.join(__dirname, "primary")
- }, */
-
- // BrowserID: the secondary + ip + more.
- {
- name: "https://browserid.org",
- path: path.join(__dirname, "browserid")
- }
+ // the reference verification server. A version is hosted at
+ // browserid.org and may be used, or the RP may perform their
+ // own verification.
+ {
+ name: "https://browserid.org/verify",
+ subPath: "/",
+ path: path.join(__dirname, "verifier")
+ },
+ // An example relying party.
+ {
+ name: "http://rp.eyedee.me",
+ path: path.join(__dirname, "rp")
+ },
+
+ // BrowserID: the secondary + ip + more.
+ {
+ name: "https://browserid.org",
+ path: path.join(__dirname, "browserid")
+ }
];
function formatLink(server, extraPath) {
@@ -189,11 +129,7 @@ dirs.forEach(function(dirObj) {
try {
var runJSExists = false;
try { runJSExists = fs.statSync(handlerPath).isFile() } catch(e) {};
- if (runJSExists) {
- var runJS = require(handlerPath);
- // set to development mode
- runJS.production = false;
- }
+ if (runJSExists) runJS = require(handlerPath);
} catch(e) {
console.log("Error loading " + handlerPath + ": " + e);
process.exit(1);