Bump @rollup/plugin-replace from 4.0.0 to 5.0.2 in /services/settings

changelog/unreleased/refactor-proxy.md

@@ -3,4 +3,7 @@ Enhancement: Refactor the proxy service
 The routes of the proxy service now have a "unprotected" flag. This is used by the authentication middleware to determine if the request needs to be blocked when missing authentication or not. 
 
 https://github.com/owncloud/ocis/issues/4401
+https://github.com/owncloud/ocis/issues/4497
 https://github.com/owncloud/ocis/pull/4461
+https://github.com/owncloud/ocis/pull/4498
+https://github.com/owncloud/ocis/pull/4xxx

services/proxy/pkg/middleware/authentication.go

@@ -22,6 +22,7 @@ var (
 	ProxyWwwAuthenticate = []regexp.Regexp{*regexp.MustCompile("/ocs/v[12].php/cloud/")}
 
 	_publicPaths = [...]string{
+		"/archiver",
 		"/dav/public-files/",
 		"/remote.php/dav/public-files/",
 		"/remote.php/ocs/apps/files_sharing/api/v1/tokeninfo/unprotected",
@@ -51,7 +52,8 @@ func Authentication(auths []Authenticator, opts ...Option) func(next http.Handle
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			ri := router.ContextRoutingInfo(r.Context())
 			if isOIDCTokenAuth(r) || ri.IsRouteUnprotected() {
-				// The authentication for this request is handled by the IdP.
+				// Either this is a request that does not need any authentication or
+				// the authentication for this request is handled by the IdP.
 				next.ServeHTTP(w, r)
 				return
 			}

services/proxy/pkg/router/router.go

@@ -5,7 +5,6 @@ import (
 	"net/http"
 	"net/url"
 	"regexp"
-	"sort"
 	"strings"
 
 	"github.com/owncloud/ocis/v2/ocis-pkg/log"
@@ -57,7 +56,8 @@ func New(policySelector *config.PolicySelector, policies []config.Policy, logger
 	}
 
 	r := Router{
-		directors:      make(map[string]map[config.RouteType]map[string]map[string]RoutingInfo),
+		logger:         logger,
+		directors:      make(map[string]map[config.RouteType]map[string][]RoutingInfo),
 		policySelector: selector,
 	}
 	for _, pol := range policies {
@@ -86,6 +86,7 @@ func New(policySelector *config.PolicySelector, policies []config.Policy, logger
 // RoutingInfo contains the proxy director and some information about the route.
 type RoutingInfo struct {
 	director    func(*http.Request)
+	endpoint    string
 	unprotected bool
 }
 
@@ -102,30 +103,31 @@ func (r RoutingInfo) IsRouteUnprotected() bool {
 // Router handles the routing of HTTP requests according to the given policies.
 type Router struct {
 	logger         log.Logger
-	directors      map[string]map[config.RouteType]map[string]map[string]RoutingInfo
+	directors      map[string]map[config.RouteType]map[string][]RoutingInfo
 	policySelector policy.Selector
 }
 
 func (rt Router) addHost(policy string, target *url.URL, route config.Route) {
 	targetQuery := target.RawQuery
 	if rt.directors[policy] == nil {
-		rt.directors[policy] = make(map[config.RouteType]map[string]map[string]RoutingInfo)
+		rt.directors[policy] = make(map[config.RouteType]map[string][]RoutingInfo)
 	}
 	routeType := config.DefaultRouteType
 	if route.Type != "" {
 		routeType = route.Type
 	}
 	if rt.directors[policy][routeType] == nil {
-		rt.directors[policy][routeType] = make(map[string]map[string]RoutingInfo)
+		rt.directors[policy][routeType] = make(map[string][]RoutingInfo)
 	}
 	if rt.directors[policy][routeType][route.Method] == nil {
-		rt.directors[policy][routeType][route.Method] = make(map[string]RoutingInfo)
+		rt.directors[policy][routeType][route.Method] = make([]RoutingInfo, 0)
 	}
 
 	reg := registry.GetRegistry()
 	sel := selector.NewSelector(selector.Registry(reg))
 
-	rt.directors[policy][routeType][route.Method][route.Endpoint] = RoutingInfo{
+	rt.directors[policy][routeType][route.Method] = append(rt.directors[policy][routeType][route.Method], RoutingInfo{
+		endpoint:    route.Endpoint,
 		unprotected: route.Unprotected,
 		director: func(req *http.Request) {
 			if route.Service != "" {
@@ -169,7 +171,7 @@ func (rt Router) addHost(policy string, target *url.URL, route config.Route) {
 				req.Header.Set("User-Agent", "")
 			}
 		},
-	}
+	})
 }
 
 // Route is evaluating the policies on the request and returns the RoutingInfo if successful.
@@ -207,32 +209,27 @@ func (rt Router) Route(r *http.Request) (RoutingInfo, bool) {
 			method = r.Method
 		}
 
-		endpoints := make([]string, 0, len(rt.directors[pol][rtype][method]))
-		for endpoint := range rt.directors[pol][rtype][method] {
-			endpoints = append(endpoints, endpoint)
-		}
-		sort.Slice(endpoints, func(i, j int) bool {
-			return len(endpoints[j]) < len(endpoints[i])
-		})
-		for _, endpoint := range endpoints {
-			if handler(endpoint, *r.URL) {
+		for _, ri := range rt.directors[pol][rtype][method] {
+			rt.logger.Error().Str("endpoint", ri.endpoint).Msg("testing")
+			if handler(ri.endpoint, *r.URL) {
 				rt.logger.Debug().
 					Str("policy", pol).
 					Str("method", r.Method).
-					Str("prefix", endpoint).
+					Str("prefix", ri.endpoint).
 					Str("path", r.URL.Path).
 					Str("routeType", string(rtype)).
 					Msg("director found")
 
-				return rt.directors[pol][rtype][method][endpoint], true
+				rt.logger.Error().Str("endpoint", ri.endpoint).Msg("match")
+				return ri, true
 			}
 		}
 	}
 
 	// override default director with root. If any
-	if ri, ok := rt.directors[pol][config.PrefixRoute][method]["/"]; ok { // try specific method
+	if ri := rt.directors[pol][config.PrefixRoute][method][0]; ri.endpoint == "/" { // try specific method
 		return ri, true
-	} else if ri, ok := rt.directors[pol][config.PrefixRoute][""]["/"]; ok { // fallback to unspecific method
+	} else if ri := rt.directors[pol][config.PrefixRoute][""][0]; ri.endpoint == "/" { // fallback to unspecific method
 		return ri, true
 	}
 

services/settings/package.json

@@ -56,7 +56,7 @@
     "@erquhart/rollup-plugin-node-builtins": "^2.1.5",
     "@rollup/plugin-commonjs": "^17.1.0",
     "@rollup/plugin-json": "^4.0.1",
-    "@rollup/plugin-replace": "^4.0.0",
+    "@rollup/plugin-replace": "^5.0.2",
     "archiver": "^5.3.0",
     "chromedriver": "^93.0.1",
     "cross-env": "^7.0.3",

services/settings/yarn.lock

@@ -1166,7 +1166,7 @@
     "@jridgewell/gen-mapping" "^0.3.0"
     "@jridgewell/trace-mapping" "^0.3.9"
 
-"@jridgewell/sourcemap-codec@^1.4.10":
+"@jridgewell/sourcemap-codec@^1.4.10", "@jridgewell/sourcemap-codec@^1.4.13":
   version "1.4.14"
   resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz#add4c98d341472a289190b424efbdb096991bb24"
   integrity sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw==
@@ -1280,13 +1280,13 @@
   dependencies:
     "@rollup/pluginutils" "^3.0.8"
 
-"@rollup/plugin-replace@^4.0.0":
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/@rollup/plugin-replace/-/plugin-replace-4.0.0.tgz#e34c457d6a285f0213359740b43f39d969b38a67"
-  integrity sha512-+rumQFiaNac9y64OHtkHGmdjm7us9bo1PlbgQfdihQtuNxzjpaB064HbRnewUOggLQxVCCyINfStkgmBeQpv1g==
+"@rollup/plugin-replace@^5.0.2":
+  version "5.0.2"
+  resolved "https://registry.yarnpkg.com/@rollup/plugin-replace/-/plugin-replace-5.0.2.tgz#45f53501b16311feded2485e98419acb8448c61d"
+  integrity sha512-M9YXNekv/C/iHHK+cvORzfRYfPbq0RDD8r0G+bMiTXjNGKulPnCT9O3Ss46WfhI6ZOCgApOP7xAdmCQJ+U2LAA==
   dependencies:
-    "@rollup/pluginutils" "^3.1.0"
-    magic-string "^0.25.7"
+    "@rollup/pluginutils" "^5.0.1"
+    magic-string "^0.27.0"
 
 "@rollup/pluginutils@^3.0.8", "@rollup/pluginutils@^3.1.0":
   version "3.1.0"
@@ -1297,6 +1297,15 @@
     estree-walker "^1.0.1"
     picomatch "^2.2.2"
 
+"@rollup/pluginutils@^5.0.1":
+  version "5.0.2"
+  resolved "https://registry.yarnpkg.com/@rollup/pluginutils/-/pluginutils-5.0.2.tgz#012b8f53c71e4f6f9cb317e311df1404f56e7a33"
+  integrity sha512-pTd9rIsP92h+B6wWwFbW8RkZv4hiR/xKsqre4SIuAOaOEQRxi0lqLke9k2/7WegC85GgUs9pjmOjCUi3In4vwA==
+  dependencies:
+    "@types/estree" "^1.0.0"
+    estree-walker "^2.0.2"
+    picomatch "^2.3.1"
+
 "@testim/chrome-version@^1.0.7":
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/@testim/chrome-version/-/chrome-version-1.1.2.tgz#092005c5b77bd3bb6576a4677110a11485e11864"
@@ -1329,6 +1338,11 @@
   resolved "https://registry.yarnpkg.com/@types/estree/-/estree-0.0.48.tgz#18dc8091b285df90db2f25aa7d906cfc394b7f74"
   integrity sha512-LfZwXoGUDo0C3me81HXgkBg5CTQYb6xzEl+fNmbO4JdRiSKQ8A0GD1OBBvKAIsbCUgoyAty7m99GqqMQe784ew==
 
+"@types/estree@^1.0.0":
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.0.tgz#5fb2e536c1ae9bf35366eed879e827fa59ca41c2"
+  integrity sha512-WulqXMDUTYAXCjZnk6JtIHPigp55cVtDgDrO2gHRwhyJto21+1zbVCtOYB2L1F9w4qCQ0rOGWBnBe0FNTiEJIQ==
+
 "@types/json5@^0.0.29":
   version "0.0.29"
   resolved "https://registry.yarnpkg.com/@types/json5/-/json5-0.0.29.tgz#ee28707ae94e11d2b827bcbe5270bcea7f3e71ee"
@@ -5349,6 +5363,13 @@ magic-string@^0.25.7:
   dependencies:
     sourcemap-codec "^1.4.4"
 
+magic-string@^0.27.0:
+  version "0.27.0"
+  resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.27.0.tgz#e4a3413b4bab6d98d2becffd48b4a257effdbbf3"
+  integrity sha512-8UnnX2PeRAPZuN12svgR9j7M1uWMovg/CEnIwIG0LFkXSJJe4PdfUGiTGl8V9bsBHFUtfVINcSyYxd7q+kx9fA==
+  dependencies:
+    "@jridgewell/sourcemap-codec" "^1.4.13"
+
 make-dir@^2.0.0, make-dir@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-2.1.0.tgz#5f0310e18b8be898cc07009295a30ae41e91e6f5"
@@ -6206,6 +6227,11 @@ picomatch@^2.0.4, picomatch@^2.2.1, picomatch@^2.2.2, picomatch@^2.2.3:
   resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.0.tgz#f1f061de8f6a4bf022892e2d128234fb98302972"
   integrity sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==
 
+picomatch@^2.3.1:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42"
+  integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
+
 pify@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231"