File Explorer

/proc/self/root/var/runtime/node_modules/@aws-sdk/node_modules/aws-crt/lib/browser
This explorer reads the filesystem of the server it runs on, so /workspace/user isn't present here. Browsing and the terminal still work against this server's own disk from /.
1 dir
22 files
ws.ts8.1 KB · 191 lines
1/*2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.3 * SPDX-License-Identifier: Apache-2.0.4 */5 6/**7 * Module for utilities related to websocket connection establishment8 *9 * @packageDocumentation10 * @module ws11 * @mergeTarget12 */13 14import { MqttConnectionConfig } from "./mqtt";15import * as mqtt5 from "./mqtt5";16import { AWSCredentials, AwsSigningConfig} from "./auth";17import { WebsocketOptionsBase } from "../common/auth";18import { CrtError } from "./error";19var websocket = require('@httptoolkit/websocket-stream')20import * as Crypto from "crypto-js";21import * as iot_shared from "../common/aws_iot_shared";22 23/**24 * Options for websocket based connections in browser25 *26 * @category MQTT27 */28export interface WebsocketOptions extends WebsocketOptionsBase {29    /** Additional headers to add */30    headers?: { [index: string]: string };31    /** Websocket protocol, used during Upgrade */32    protocol?: string;33}34 35/** @internal */36function zero_pad(n: number) {37    return (n > 9) ? n : '0' + n.toString();38}39 40/** @internal */41function canonical_time(time?: Date) {42    const now = time?? new Date();43    return `${now.getUTCFullYear()}${zero_pad(now.getUTCMonth() + 1)}${zero_pad(now.getUTCDate())}T` +44        `${zero_pad(now.getUTCHours())}${zero_pad(now.getUTCMinutes())}${zero_pad(now.getUTCSeconds())}Z`;45}46 47/** @internal */48function canonical_day(time: string = canonical_time()) {49    return time.substring(0, time.indexOf('T'));50}51 52/** @internal */53function make_signing_key(credentials: AWSCredentials, day: string, service_name: string) {54    if (credentials == null || credentials == undefined) {55        throw new CrtError("make_signing_key: credentials not defined");56    }57    const hash_opts = { asBytes: true };58    let hash = Crypto.HmacSHA256(day, 'AWS4' + credentials.aws_secret_key, hash_opts);59    hash = Crypto.HmacSHA256(credentials.aws_region || '', hash, hash_opts);60    hash = Crypto.HmacSHA256(service_name, hash, hash_opts);61    hash = Crypto.HmacSHA256('aws4_request', hash, hash_opts);62    return hash;63}64 65/** @internal */66function sign_url(method: string,67    url: URL,68    signing_config: AwsSigningConfig,69    time: string = canonical_time(),70    day: string = canonical_day(time),71    payload: string = '') {72 73    if (signing_config == null || signing_config == undefined) {74        throw new CrtError("sign_url: signing_config not defined");75    }76 77    // region should not have been put in credentials, but we have to live with it78    let region: string = signing_config.credentials.aws_region ?? signing_config.region;79 80    const signed_headers = 'host';81    const service = signing_config.service!;82    const canonical_headers = `host:${url.hostname.toLowerCase()}\n`;83    const payload_hash = Crypto.SHA256(payload, { asBytes: true });84    const canonical_params = url.search.replace(new RegExp('^\\?'), '');85    const canonical_request = `${method}\n${url.pathname}\n${canonical_params}\n${canonical_headers}\n${signed_headers}\n${payload_hash}`;86    const canonical_request_hash = Crypto.SHA256(canonical_request, { asBytes: true });87    const signature_raw = `AWS4-HMAC-SHA256\n${time}\n${day}/${region}/${service}/aws4_request\n${canonical_request_hash}`;88    const signing_key = make_signing_key(signing_config.credentials, day, service);89    const signature = Crypto.HmacSHA256(signature_raw, signing_key, { asBytes: true });90    let query_params = `${url.search}&X-Amz-Signature=${signature}`;91    if (signing_config.credentials.aws_sts_token) {92        query_params += `&X-Amz-Security-Token=${encodeURIComponent(signing_config.credentials.aws_sts_token)}`;93    }94    const signed_url = `${url.protocol}//${url.hostname}${url.pathname}${query_params}`;95    return signed_url;96}97 98/** @internal */99export function create_websocket_url(config: MqttConnectionConfig) {100    if (config == null || config == undefined) {101        throw new CrtError("create_websocket_url: config not defined");102    }103    const path = '/mqtt';104    const protocol = (config.websocket || {}).protocol || 'wss';105    if (protocol === 'wss') {106        const websocketoptions = config.websocket!;107        const credentials = config.credentials_provider?.getCredentials();108        const signing_config_value = websocketoptions.create_signing_config?.()109                    ?? {110                    service: websocketoptions.service ?? "iotdevicegateway",111                    credentials: credentials,112                    date: new Date()113                };114        const signing_config = signing_config_value as AwsSigningConfig;115        const time = canonical_time(signing_config.date);116        const day = canonical_day(time);117        const query_params = `X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=${signing_config.credentials.aws_access_id}` +118            `%2F${day}%2F${signing_config.credentials.aws_region}%2F${signing_config.service}%2Faws4_request&X-Amz-Date=${time}&X-Amz-SignedHeaders=host`;119        const url = new URL(`wss://${config.host_name}:${config.port}${path}?${query_params}`);120        return sign_url('GET', url, signing_config, time, day);121    }122    else if (protocol === 'wss-custom-auth') {123        return `wss://${config.host_name}:${config.port}${path}`;124    }125    throw new URIError(`Invalid protocol requested: ${protocol}`);126}127 128/** @internal */129export function create_websocket_stream(config: MqttConnectionConfig) {130    const url = create_websocket_url(config);131    return websocket(url, ['mqttv3.1'], config.websocket);132}133 134 135/** @internal */136export function create_mqtt5_websocket_url(config: mqtt5.Mqtt5ClientConfig) {137    if (config == null || config == undefined) {138        throw new CrtError("create_mqtt5_websocket_url: config not defined");139    }140    const path = '/mqtt';141    const websocketConfig : mqtt5.Mqtt5WebsocketConfig = config.websocketOptions ?? { urlFactoryOptions: { urlFactory: mqtt5.Mqtt5WebsocketUrlFactoryType.Ws} };142    const urlFactory : mqtt5.Mqtt5WebsocketUrlFactoryType = websocketConfig.urlFactoryOptions.urlFactory;143 144    switch(urlFactory) {145        case mqtt5.Mqtt5WebsocketUrlFactoryType.Ws:146            return `ws://${config.hostName}:${config.port}${path}`;147            break;148 149        case mqtt5.Mqtt5WebsocketUrlFactoryType.Wss:150            return `wss://${config.hostName}:${config.port}${path}`;151            break;152 153        case mqtt5.Mqtt5WebsocketUrlFactoryType.Sigv4:154            const sigv4Options : mqtt5.Mqtt5WebsocketUrlFactorySigv4Options = websocketConfig.urlFactoryOptions as mqtt5.Mqtt5WebsocketUrlFactorySigv4Options;155            const credentials = sigv4Options.credentialsProvider.getCredentials();156            if (credentials === undefined) {157                throw new CrtError("Websockets with sigv4 requires valid AWS credentials");158            }159 160            let region : string = sigv4Options.region ?? iot_shared.extractRegionFromEndpoint(config.hostName);161 162            const signingConfig : AwsSigningConfig = {163                service: "iotdevicegateway",164                region: region,165                credentials: credentials,166                date: new Date()167            };168 169            const time = canonical_time(signingConfig.date);170            const day = canonical_day(time);171            const query_params = `X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=${signingConfig.credentials.aws_access_id}` +172                `%2F${day}%2F${region}%2F${signingConfig.service}%2Faws4_request&X-Amz-Date=${time}&X-Amz-SignedHeaders=host`;173            const url = new URL(`wss://${config.hostName}:${config.port}${path}?${query_params}`);174            return sign_url('GET', url, signingConfig, time, day);175 176        case mqtt5.Mqtt5WebsocketUrlFactoryType.Custom:177            const customOptions : mqtt5.Mqtt5WebsocketUrlFactoryCustomOptions = websocketConfig.urlFactoryOptions as mqtt5.Mqtt5WebsocketUrlFactoryCustomOptions;178            return customOptions.customUrlFactory();179    }180 181    throw new URIError(`Invalid url factory requested: ${urlFactory}`);182}183 184/** @internal */185export function create_mqtt5_websocket_stream(config: mqtt5.Mqtt5ClientConfig) {186    const url = create_mqtt5_websocket_url(config);187    let ws = websocket(url, ['mqtt'], config.websocketOptions?.wsOptions);188 189    return ws;190}191