feat(various): (#28)

* feat(various):
 - scenarios : allowList optional options
 - scenarios : XForwardedFor optional options
 - middleware : add logger option allowing to pass custom logger
 - middleware : bouncer return a counter to do export metrics
 - middleware : correctly pass commons options
 - middleware : re-export from crowdsec-client to don't need to install it on parent

* upgrade deps

* follow sonarqube comments

Author: thib3113

dev/raw/package.json

@@ -12,7 +12,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@types/node": "20.5.0",
+    "@types/node": "20.5.1",
     "crowdsec-client": "workspace:^",
     "crowdsec-client-scenarios": "workspace:^",
     "crowdsec-http-middleware": "workspace:^"

package.json

@@ -11,7 +11,7 @@
   "devDependencies": {
     "@tsconfig/node-lts": "18.12.3",
     "@types/jest": "29.5.3",
-    "@types/node": "20.5.0",
+    "@types/node": "20.5.1",
     "@typescript-eslint/parser": "6.4.0",
     "eslint": "8.47.0",
     "eslint-config-prettier": "9.0.0",

packages/crowdsec-client-scenarios/readme.md

@@ -41,18 +41,18 @@ and then read the documentation in the [wiki](https://github.com/thib3113/node-c
 
 # Usage
 
-This package, is planned to host scenarios used by [crowdsec-http-middleware](../crowdsec-http-middleware) and other middleware that extend it
+This package, is planned to host scenarios used by [crowdsec-http-middleware](https://www.npmjs.com/package/crowdsec-http-middleware) and other middleware that extend it
 
 # Scenarios
 
 in this part, we will use the variables `scenarios` and `scenariosOptions`, to illustrate the use in the middlewares
 
 ## Defaults scenarios
-the defaults scenarios are ([defined here](./src/index.ts#L8)) :
+the defaults scenarios are ([defined here](https://github.com/thib3113/node-crowdsec/blob/main/packages/crowdsec-client-scenarios/src/index.ts#L8)) :
 
 - [AllowListEnricher](#allowlist) : allow you to skip alerts on your local ips
 - [XForwardedForChecker](#xforwardedforchecker) : allow to extract visitor ip
-- [HTTPEnricher](#httpenricher) : enrich alerts with informations from the http request
+- [HTTPEnricher](#httpenricher) : enrich alerts with information from the http request
 
 ## Available scenarios
 The available scenarios are :

packages/crowdsec-client-scenarios/src/scenarios/AllowList/AllowListEnricher.ts

@@ -17,11 +17,11 @@ const debug = createDebugger('AllowListEnricher');
 export class AllowListEnricher extends EnricherScenario {
     static scenarioName = 'allow-list';
     private allowed: Array<AddressObject>;
-    constructor(options: IScenarioOptions) {
+    constructor(options?: IScenarioOptions) {
         debug('construct');
         super(options);
 
-        const currentOptions = options['allow-list'];
+        const currentOptions = options?.['allow-list'] ?? {};
 
         this.allowed = (currentOptions?.allowed ?? defaultAllowed).map((ip) => getIpObject(ip));
     }

packages/crowdsec-client-scenarios/src/scenarios/XForwardedFor/XForwardedForChecker.ts

@@ -16,7 +16,7 @@ export interface IXForwardedForOptions {
 
 declare module '../IScenarioOptions.js' {
     interface IScenarioOptions {
-        'x-forwarded-for': IXForwardedForOptions;
+        'x-forwarded-for'?: IXForwardedForOptions;
     }
 }
 

packages/crowdsec-http-middleware/src/CommonsMiddleware.ts

@@ -0,0 +1,37 @@
+import { logger, loggerOption } from './ICrowdSecHTTPMiddlewareOptions.js';
+import { createDebugger } from './utils.js';
+
+export class CommonsMiddleware {
+    protected logger: Required<logger>;
+
+    constructor(name: string, options?: loggerOption) {
+        this.logger = this.getLogger(name, options);
+    }
+
+    getLogger(name: string, options?: loggerOption, extendedName?: string): Required<logger> {
+        const defaultExtend = (extendName: string) => this.getLogger(name, options, extendName);
+        if (!options) {
+            const _debug = createDebugger(name);
+            const debug = extendedName ? _debug.extend(extendedName) : _debug;
+            return {
+                warn: (...args) => debug('warning : %s', ...args),
+                debug: debug,
+                info: debug,
+                error: (...args) => debug('error : %s', ...args),
+                extend: defaultExtend
+            };
+        }
+
+        if (typeof options === 'function') {
+            return {
+                extend: defaultExtend,
+                ...options(name)
+            };
+        }
+
+        return {
+            extend: defaultExtend,
+            ...options
+        };
+    }
+}

packages/crowdsec-http-middleware/src/CrowdSecHTTPBouncerMiddleware.ts

@@ -8,18 +8,23 @@ import {
     ICrowdSecClientOptions,
     ITLSAuthentication
 } from 'crowdsec-client';
-import { AddressObject, createDebugger } from './utils.js';
+import { AddressObject } from './utils.js';
 import { IpObjectsCacher } from './IpObjectsCacher.js';
 import { IncomingMessage, ServerResponse } from 'http';
+import { CommonsMiddleware } from './CommonsMiddleware.js';
 
 type decisionScope = 'ip' | 'range';
 type decisionType = Decision<decisionScope>;
 
-const debug = createDebugger('CrowdSecHTTPBouncerMiddleware');
-
-export class CrowdSecHTTPBouncerMiddleware {
+export class CrowdSecHTTPBouncerMiddleware extends CommonsMiddleware {
     private readonly clientOptions: ICrowdSecClientOptions;
     public readonly client: BouncerClient;
+
+    //TODO store this on updates
+    public get decisionsCount(): number {
+        return Object.keys(this.decisions || {}).reduce((previousValue, key) => previousValue + (this.decisions[key]?.length || 0), 0);
+    }
+
     private decisions: Record<string, Array<{ selector: AddressObject; decision: decisionType }>> = {};
     private options: ICrowdSecHTTPBouncerMiddlewareOptions;
     private ipObjectCache: IpObjectsCacher;
@@ -33,7 +38,9 @@ export class CrowdSecHTTPBouncerMiddleware {
     private _decisionStream?: DecisionsStream<decisionScope>;
 
     constructor(options: ICrowdSecHTTPBouncerMiddlewareOptions, clientOptions: ICrowdSecClientOptions, cache?: IpObjectsCacher) {
-        debug('construct');
+        super('CrowdSecHTTPBouncerMiddleware', options.logger);
+        this.logger.debug('construct');
+
         this.options = options;
         this.clientOptions = clientOptions;
 
@@ -50,7 +57,7 @@ export class CrowdSecHTTPBouncerMiddleware {
     }
 
     private getBouncerAuthentication(bouncerOptions: ICrowdSecHTTPMiddlewareOptions['bouncer']) {
-        debug('getBouncerAuthentication');
+        this.logger.debug('getBouncerAuthentication');
         if (Validate.implementsTKeys<ITLSAuthentication>(bouncerOptions, ['key', 'ca', 'cert'])) {
             return {
                 cert: bouncerOptions.cert,
@@ -69,6 +76,7 @@ export class CrowdSecHTTPBouncerMiddleware {
     }
 
     public async start() {
+        this.logger.info('start');
         await this.client.login();
 
         this._decisionStream = this.client.Decisions.getStream({
@@ -77,13 +85,11 @@ export class CrowdSecHTTPBouncerMiddleware {
         });
 
         this._decisionStream.on('error', (e) => {
-            debug('client stream error : %o', e);
+            this.logger.error('client stream error', e);
         });
 
         let timeout: NodeJS.Timeout | undefined;
         this._decisionStream.on('added', (decision) => {
-            const localDebug = debug.extend('decisionAdded');
-            localDebug('start');
             try {
                 // TODO this method doesn't support range including multiple top level group
                 const ipObject = this.ipObjectCache.getIpObjectWithCache(decision.value);
@@ -97,18 +103,14 @@ export class CrowdSecHTTPBouncerMiddleware {
                     this.decisions[decisionId].push({ decision, selector: this.ipObjectCache.getIpObjectWithCache(decision.value) });
                 }
             } catch (e) {
-                debug('fail to add decision %o : ', decision, e);
+                this.logger.error('fail to add decision', e, decision);
             }
-            localDebug('end');
         });
 
         this._decisionStream.on('deleted', (decision) => {
-            const localDebug = debug.extend('decisionDeleted');
-            localDebug('start');
             const ipObject = this.ipObjectCache.getIpObjectWithCache(decision.value);
             const decisionId = ipObject.parsedAddress[0];
             this.decisions[decisionId] = (this.decisions[decisionId] || []).filter(({ decision: d }) => !this.isSameDecision(d, decision));
-            localDebug('end');
         });
 
         this._decisionStream.resume();
@@ -119,27 +121,27 @@ export class CrowdSecHTTPBouncerMiddleware {
     }
 
     public async stop() {
-        debug('stop');
+        this.logger.info('stop');
         return this.client.stop();
     }
 
     public middleware(ip: string, req: IncomingMessage & { decision?: Decision<any> }) {
-        const localDebug = debug.extend('bouncerMiddleware');
-        localDebug('start');
+        const localDebug = this.logger.extend('bouncerMiddleware');
+        localDebug.debug('start');
 
         const currentAddress = this.ipObjectCache.getIpObjectWithCache(ip);
 
-        localDebug('bouncerMiddleware receive request from %s', currentAddress.addressMinusSuffix);
-        localDebug('start decision loop');
+        localDebug.debug('bouncerMiddleware receive request from %s', currentAddress.addressMinusSuffix);
+        localDebug.debug('start decision loop');
         const decision = (this.decisions[currentAddress.parsedAddress[0]] || []).find(({ selector }) =>
             currentAddress.isInSubnet(selector)
         );
-        localDebug('end decision loop');
+        localDebug.debug('end decision loop');
 
         if (decision) {
             req.decision = decision.decision;
         }
-        localDebug('end');
+        localDebug.debug('end');
     }
 
     public getMiddleware(getIpFromRequest: getCurrentIpFn) {

packages/crowdsec-http-middleware/src/CrowdSecHTTPMiddleware.ts

@@ -1,18 +1,18 @@
-import { ICrowdSecHTTPMiddlewareOptions } from './ICrowdSecHTTPMiddlewareOptions.js';
+import { ICommonOptions, ICrowdSecHTTPMiddlewareOptions } from './ICrowdSecHTTPMiddlewareOptions.js';
 import { ICrowdSecClientOptions } from 'crowdsec-client';
 import { pkg } from './pkg.js';
-import { AddressObject, createDebugger } from './utils.js';
+import { AddressObject } from './utils.js';
 import type { IncomingMessage, ServerResponse } from 'http';
 import { CrowdSecHTTPBouncerMiddleware } from './CrowdSecHTTPBouncerMiddleware.js';
 import { IpObjectsCacher } from './IpObjectsCacher.js';
 import { CrowdSecHTTPWatcherMiddleware } from './CrowdSecHTTPWatcherMiddleware.js';
+import { CommonsMiddleware } from './CommonsMiddleware.js';
 
 const defaultClientOptions: Partial<ICrowdSecHTTPMiddlewareOptions['clientOptions']> = {
     userAgent: `${pkg.name}/v${pkg.version}`
 };
-const debug = createDebugger('CrowdSecHTTPMiddleware');
 
-export class CrowdSecHTTPMiddleware {
+export class CrowdSecHTTPMiddleware extends CommonsMiddleware {
     private readonly clientOptions: ICrowdSecClientOptions;
     private options: ICrowdSecHTTPMiddlewareOptions;
 
@@ -21,7 +21,9 @@ export class CrowdSecHTTPMiddleware {
     private ipObjectCache: IpObjectsCacher;
 
     constructor(options: ICrowdSecHTTPMiddlewareOptions) {
-        debug('construct');
+        super('CrowdSecHTTPMiddleware', options.logger);
+        this.logger.debug('construct');
+
         this.options = {
             protectedByHeader: true,
             ...options
@@ -34,19 +36,24 @@ export class CrowdSecHTTPMiddleware {
 
         this.ipObjectCache = new IpObjectsCacher(options.maxIpCache);
 
+        const commonsOptions: ICommonOptions = {
+            logger: options.logger,
+            maxIpCache: options.maxIpCache
+        };
+
         if (options.watcher) {
-            this.watcher = new CrowdSecHTTPWatcherMiddleware(options.watcher, this.clientOptions);
+            this.watcher = new CrowdSecHTTPWatcherMiddleware({ ...commonsOptions, ...options.watcher }, this.clientOptions);
         }
 
         if (options.bouncer) {
-            this.bouncer = new CrowdSecHTTPBouncerMiddleware(options.bouncer, this.clientOptions);
+            this.bouncer = new CrowdSecHTTPBouncerMiddleware({ ...commonsOptions, ...options.bouncer }, this.clientOptions);
         }
     }
 
     public async start() {
-        debug('start');
+        this.logger.info('start');
 
-        debug('login');
+        this.logger.debug('login');
         await Promise.all([
             this.bouncer ? this.bouncer.start() : Promise.resolve(),
             this.watcher ? this.watcher.start() : Promise.resolve()
@@ -100,12 +107,12 @@ export class CrowdSecHTTPMiddleware {
     };
 
     public getMiddleware() {
-        debug('getMiddleware');
+        this.logger.debug('getMiddleware');
         return this.middlewareFunction;
     }
 
     public async stop() {
-        debug('stop');
+        this.logger.info('stop');
         await Promise.all([this.bouncer?.stop(), this.watcher?.stop()]);
     }
 }