gui: Use electron-proxy-agent & electron-fetch (#878)

(to support corporate proxies)

Author: aenario

gui/main.js

@@ -8,6 +8,8 @@ const notify = require('electron-main-notification')
 const debounce = require('lodash.debounce')
 const path = require('path')
 
+const setupProxy = require('./src/main/proxy')
+
 const autoLaunch = require('./src/main/autolaunch')
 const lastFiles = require('./src/main/lastfiles')
 const tray = require('./src/main/tray')
@@ -221,35 +223,38 @@ if (shouldExit) {
 }
 
 app.on('ready', () => {
-  log.info('Loading CLI...')
-  desktop = new Desktop(process.env.COZY_DESKTOP_DIR)
-  i18n.init(app)
-  tray.init(app, toggleWindow)
-  lastFiles.init(desktop)
-  log.trace('Setting up tray WM...')
-  trayWindow = new TrayWM(app, desktop)
-  log.trace('Setting up help WM...')
-  helpWindow = new HelpWM(app, desktop)
-  log.trace('Setting up onboarding WM...')
-  onboardingWindow = new OnboardingWM(app, desktop)
-  onboardingWindow.onOnboardingDone(() => {
-    onboardingWindow.hide()
-    trayWindow.show().then(() => startSync())
-  })
-  log.trace('Setting up updater WM...')
-  updaterWindow = new UpdaterWM(app, desktop)
-  updaterWindow.onUpToDate(() => {
-    updaterWindow.hide()
-    showWindowStartApp()
-  })
-  updaterWindow.checkForUpdates()
+  const {session} = require('electron')
+  setupProxy(app, session, () => {
+    log.info('Loading CLI...')
+    desktop = new Desktop(process.env.COZY_DESKTOP_DIR)
+    i18n.init(app)
+    tray.init(app, toggleWindow)
+    lastFiles.init(desktop)
+    log.trace('Setting up tray WM...')
+    trayWindow = new TrayWM(app, desktop)
+    log.trace('Setting up help WM...')
+    helpWindow = new HelpWM(app, desktop)
+    log.trace('Setting up onboarding WM...')
+    onboardingWindow = new OnboardingWM(app, desktop)
+    onboardingWindow.onOnboardingDone(() => {
+      onboardingWindow.hide()
+      trayWindow.show().then(() => startSync())
+    })
+    log.trace('Setting up updater WM...')
+    updaterWindow = new UpdaterWM(app, desktop)
+    updaterWindow.onUpToDate(() => {
+      updaterWindow.hide()
+      showWindowStartApp()
+    })
+    updaterWindow.checkForUpdates()
 
-  // Os X wants all application to have a menu
-  Menu.setApplicationMenu(buildAppMenu(app))
+    // Os X wants all application to have a menu
+    Menu.setApplicationMenu(buildAppMenu(app))
 
-  // On OS X it's common to re-create a window in the app when the
-  // dock icon is clicked and there are no other windows open.
-  app.on('activate', showWindow)
+    // On OS X it's common to re-create a window in the app when the
+    // dock icon is clicked and there are no other windows open.
+    app.on('activate', showWindow)
+  })
 })
 
 // Don't quit the app when all windows are closed, keep the tray icon

gui/package.json

@@ -61,12 +61,15 @@
     "auto-launch-patched": "5.0.2",
     "babel-polyfill": "^6.23.0",
     "cozy-desktop": "file:../cli/",
+    "electron-fetch": "^1.1.0",
     "electron-main-notification": "1.0.1",
     "electron-positioner": "^3.0.0",
+    "electron-proxy-agent": "^1.0.2",
     "electron-updater": "1.15.0",
     "lnk": "^1.1.0",
     "lodash.debounce": "4.0.8",
-    "node-uuid": "^1.4.8"
+    "node-uuid": "^1.4.8",
+    "yargs": "^10.0.3"
   },
   "devDependencies": {
     "chokidar-cli": "^1.2.0",

gui/src/main/onboarding.window.js

@@ -75,7 +75,13 @@ module.exports = class OnboardingWM extends WindowManager {
         },
         (err) => {
           log.error(err)
-          event.sender.send('registration-error', translate('Address No cozy instance at this address!'))
+          if (err.code.match(/PROXY/)) {
+            session.defaultSession.resolveProxy(cozyUrl, (p) => {
+              event.sender.send('registration-error', translate('Address Proxy issue') + p)
+            })
+          } else {
+            event.sender.send('registration-error', translate('Address No cozy instance at this address!'))
+          }
         }
       )
   }

gui/src/main/proxy.js

@@ -0,0 +1,107 @@
+/* eslint standard/no-callback-literal: 0 */
+
+const ElectronProxyAgent = require('electron-proxy-agent')
+const url = require('url')
+const http = require('http')
+const https = require('https')
+
+const log = require('cozy-desktop').default.logger({
+  component: 'GUI:proxy'
+})
+
+const config = require('yargs')
+  .env('COZY_DRIVE')
+  .conflicts('proxy-script', 'proxy-rules')
+  .describe('proxy-script', 'The URL associated with the PAC file.')
+  .describe('proxy-rules', 'Rules indicating which proxies to use.')
+  .describe('proxy-bypassrules', 'Rules indicating which URLs should bypass the proxy settings. ' +
+                                 'See https://github.com/electron/electron/blob/master/docs/api/session.md#sessetproxyconfig-callback')
+  .default('proxy-ntlm-domains', '*')
+  .describe('proxy-ntlm-domains', 'A comma-separated list of servers for which integrated authentication is enabled. ' +
+                                  'Dynamically sets whether to always send credentials for HTTP NTLM or Negotiate authentication.')
+  .describe('login-by-realm', 'comma-separated list of realm:user:password')
+  .help('help')
+  .parse()
+
+log.debug({config}, 'argv')
+
+const formatCertificate = (certif) => `Certificate(${certif.issuerName} ${certif.subjectName})`
+
+module.exports = (app, session, doneSetup) => {
+  const loginByRealm = {}
+  if (config['login-by-realm']) {
+    config['login-by-realm'].split(',').forEach((lbr) => {
+      const [realm, username, ...password] = lbr.split(':')
+      loginByRealm[realm] = [username, password.join(':')]
+    })
+  }
+
+  if (config['proxy-ntlm-domains']) {
+    session.defaultSession.allowNTLMCredentialsForDomains(config['proxy-ntlm-domains'])
+  }
+
+  session.defaultSession.setCertificateVerifyProc((request, callback) => {
+    const {hostname, certificate, verificationResult, errorCode} = request
+    if (verificationResult < 0) {
+      log.warn({hostname, certificate: formatCertificate(certificate), verificationResult, errorCode}, 'Certificate Verification Error')
+    } else {
+      log.debug({hostname, certificate: formatCertificate(certificate), verificationResult, errorCode}, 'Certificate Validated')
+    }
+    callback(-3) // use chrome validation
+  })
+
+  app.on('select-client-certificate', (event, webContents, url, list, callback) => {
+    log.debug({url}, 'select-client-certificate')
+    callback()
+  })
+
+  app.on('certificate-error', (event, webContents, url, error, certificate, callback) => {
+    log.warn({url, error, certificate: formatCertificate(certificate)}, 'App Certificate Error')
+    callback(false)
+  })
+
+  app.on('login', (event, webContents, request, authInfo, callback) => {
+    log.debug({request: request.method + ' ' + request.url, authInfo}, 'Login event')
+    const auth = loginByRealm[authInfo.realm]
+    if (auth) {
+      event.preventDefault()
+      callback(...auth)
+    } else {
+      callback()
+    }
+  })
+
+  const electronFetch = require('electron-fetch')
+  global.fetch = (url, opts = {}) => {
+    opts.session = session.defaultSession
+    return electronFetch(url, opts)
+  }
+  http.Agent.globalAgent = http.globalAgent = https.globalAgent = new ElectronProxyAgent(session.defaultSession)
+  const _httpRequest = http.request
+  http.request = function (options, cb) {
+    log.warn(options, 'USING RAW HTTP REQUEST')
+    options.agent = options.agent || http.globalAgent
+    options.headers = options.headers || {}
+    options.headers.host = options.hostname
+    return _httpRequest.call(http, options, cb)
+  }
+  const _httpsRequest = https.request
+  https.request = function (options, cb) {
+    log.warn(options, 'USING RAW HTTPS REQUEST')
+    if (typeof options === 'string') {
+      options = url.parse(options)
+    } else {
+      options = Object.assign({}, options)
+    }
+    options.agent = options.agent || https.globalAgent
+    return _httpsRequest.call(https, options, cb)
+  }
+
+  if (config['proxy-script'] || config['proxy-rules']) {
+    session.defaultSession.setProxy({
+      pacScript: config['proxy-script'],
+      proxyRules: config['proxy-rules'],
+      proxyBypassRules: config['proxy-bypassrules']
+    }, doneSetup)
+  } else doneSetup()
+}