Skip to content

Commit

Permalink
Merge pull request #76 from snyk-labs/fix/replace-axios-for-proxy-sup…
Browse files Browse the repository at this point in the history
…port

fix: make proxy work via CONNECT method
  • Loading branch information
aarlaud authored Oct 5, 2023
2 parents ab4244e + 121316a commit 1d9c124
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 10 deletions.
3 changes: 3 additions & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -42,15 +42,18 @@
"global-agent": "3.0.0",
"leaky-bucket-queue": "0.0.2",
"lodash": "4.17.21",
"proxy-from-env": "^1.1.0",
"snyk-config": "^5.0.1",
"source-map-support": "^0.5.16",
"tslib": "^1.10.0",
"uuid": "^8.0.0"
},
"devDependencies": {
"@types/global-agent": "^2.1.1",
"@types/jest": "^25.1.1",
"@types/lodash": "4.14.186",
"@types/node": "^12.12.26",
"@types/proxy-from-env": "^1.0.2",
"@typescript-eslint/eslint-plugin": "^2.18.0",
"@typescript-eslint/parser": "^2.18.0",
"eslint": "^6.8.0",
Expand Down
51 changes: 41 additions & 10 deletions src/lib/request/request.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ import * as Error from '../customErrors/apiError';

// Fixes issue https://github.com/axios/axios/issues/3384
// where HTTPS over HTTP Proxy Fails with 500 handshakefailed on mcafee proxy
import 'global-agent/bootstrap';
import { bootstrap } from 'global-agent';
import { getProxyForUrl } from 'proxy-from-env';

const DEFAULT_API = 'https://snyk.io/api/v1';
const DEFAULT_REST_API = 'https://api.snyk.io/rest/';
Expand All @@ -16,6 +17,16 @@ interface SnykRequest {
useRESTApi?: boolean;
}

if (process.env.HTTP_PROXY || process.env.http_proxy) {
process.env.HTTP_PROXY = process.env.HTTP_PROXY || process.env.http_proxy;
}
if (process.env.HTTPS_PROXY || process.env.https_proxy) {
process.env.HTTPS_PROXY = process.env.HTTPS_PROXY || process.env.https_proxy;
}
if (process.env.NP_PROXY || process.env.no_proxy) {
process.env.NO_PROXY = process.env.NO_PROXY || process.env.no_proxy;
}

const getTopParentModuleName = (parent: NodeModule | null): string => {
if (parent == null) {
return '';
Expand All @@ -35,6 +46,12 @@ const makeSnykRequest = async (
apiUrlREST = DEFAULT_REST_API,
userAgentPrefix = '',
): Promise<AxiosResponse<any>> => {

Check warning on line 48 in src/lib/request/request.ts

View workflow job for this annotation

GitHub Actions / build-test

Unexpected any. Specify a different type
const proxyUri = getProxyForUrl(request.useRESTApi ? apiUrlREST : apiUrl);
if (proxyUri) {
bootstrap({
environmentVariableNamespace: '',
});
}
const topParentModuleName = getTopParentModuleName(module.parent as any);

Check warning on line 55 in src/lib/request/request.ts

View workflow job for this annotation

GitHub Actions / build-test

Unexpected any. Specify a different type
const userAgentPrefixChecked =
userAgentPrefix != '' && !userAgentPrefix.endsWith('/')
Expand All @@ -48,16 +65,30 @@ const makeSnykRequest = async (
Authorization: 'token ' + snykToken,
'User-Agent': `${topParentModuleName}${userAgentPrefixChecked}tech-services/snyk-request-manager/1.0`,
};
let apiClient;
if (proxyUri) {
apiClient = axios.create({
baseURL: request.useRESTApi ? apiUrlREST : apiUrl,
responseType: 'json',
headers: { ...requestHeaders, ...request.headers },
transitional: {
clarifyTimeoutError: true,
},
timeout: 30_000, // 5 mins same as Snyk APIs
proxy: false, // disables axios built-in proxy to let bootstrap work
});
} else {
apiClient = axios.create({
baseURL: request.useRESTApi ? apiUrlREST : apiUrl,
responseType: 'json',
headers: { ...requestHeaders, ...request.headers },
transitional: {
clarifyTimeoutError: true,
},
timeout: 30_000, // 5 mins same as Snyk APIs
});
}

const apiClient = axios.create({
baseURL: request.useRESTApi ? apiUrlREST : apiUrl,
responseType: 'json',
headers: { ...requestHeaders, ...request.headers },
transitional: {
clarifyTimeoutError: true,
},
timeout: 30_000, // 5 mins same as Snyk APIs
});
// sanitize error to avoid leaking sensitive data
apiClient.interceptors.response.use(undefined, async (error) => {
error.config.headers.Authorization = '****';
Expand Down

0 comments on commit 1d9c124

Please # to comment.