I'm trying to get node.js to print http request properties to the browser. However, the properties of the request url either return null or don't print at all. Here is the code for the server (server.js):
var http = require('http');
var url = require('url');
function start() {
function onRequest(request, response) {
var pathname = url.parse(request.url, true).pathname;
var protocol = url.parse(request.url, true).protocol;
var hostname = url.parse(request.url, true).host;
var path = url.parse(request.url, true).path;
response.writeHead(200, {"Content-Type": "text/plain"});
response.write("Hello World"); //this is the text that is sent back
response.write("\nThe HTTP response is " + response.statusCode);
response.write("\nRequest for "+ pathname +" has been received. The request url is " + request.url + " and our protocol is " + protocol +".Also, our host is " + hostname);
response.write("\nThe concatenated path is " + path);
response.end(); //this is the end of the response
}
var new_server = http.createServer(onRequest).listen(8888);
} //end of start function
exports.start = start;
And the index file that executes this is index.js
var server = require("./server");
console.log("To see what the sever responds with, go to localhost:8888.");
server.start();
My browser output is, when I type in the url bar localhost:8888
Hello World
The HTTP response is 200
Request for / has been received. The request url is / and our protocol is null.Also, our host is null
The concatenated path is /
I need to get the url properties. Thank you.
The reason these variables are returning undefined is because the url only contains the path. The protocol and the host are stored elsewhere. Take this example from the node.js documentation:
var url = require('url');
console.log( url.parse(
'http://user:pass#host.com:8080/p/a/t/h?query=string#hash', true
));
That will return the following object:
{
href: 'http://user:pass#host.com:8080/p/a/t/h?query=string#hash',
protocol: 'http:',
host: 'user:pass#host.com:8080',
auth: 'user:pass',
hostname: 'host.com',
port: '8080',
pathname: '/p/a/t/h',
search: '?query=string',
query: { query: 'string' },
hash: '#hash',
slashes: true
}
These values are present in the URL, so they are present in the object. The localhost:8888 URL has none of these.
On another note, there are three important aspects to the request object: the url, the method, and the headers. If you try doing this, I suspect you will find the information you're looking for:
var urlStr = 'http://' + req.headers.host + req.url,
parsedURL = url.parse( urlStr ,true );
console.log(parsedURL);
//this should give you the data you are looking for.
Related
I have a pure Javascript app which attempts to get an access token from Azure using OAuth Authorization Flow with PKCE.
The app is not hosted in Azure. I only use Azure as an OAuth Authorization Server.
//Based on: https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead
var config = {
client_id: "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
redirect_uri: "http://localhost:8080/",
authorization_endpoint: "https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/authorize",
token_endpoint: "https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token",
requested_scopes: "openid api://{tenant-id}/user_impersonation"
};
// PKCE HELPER FUNCTIONS
// Generate a secure random string using the browser crypto functions
function generateRandomString() {
var array = new Uint32Array(28);
window.crypto.getRandomValues(array);
return Array.from(array, dec => ('0' + dec.toString(16)).substr(-2)).join('');
}
// Calculate the SHA256 hash of the input text.
// Returns a promise that resolves to an ArrayBuffer
function sha256(plain) {
const encoder = new TextEncoder();
const data = encoder.encode(plain);
return window.crypto.subtle.digest('SHA-256', data);
}
// Base64-urlencodes the input string
function base64urlencode(str) {
// Convert the ArrayBuffer to string using Uint8 array to convert to what btoa accepts.
// btoa accepts chars only within ascii 0-255 and base64 encodes them.
// Then convert the base64 encoded to base64url encoded
// (replace + with -, replace / with _, trim trailing =)
return btoa(String.fromCharCode.apply(null, new Uint8Array(str)))
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
}
// Return the base64-urlencoded sha256 hash for the PKCE challenge
async function pkceChallengeFromVerifier(v) {
const hashed = await sha256(v);
return base64urlencode(hashed);
}
// Parse a query string into an object
function parseQueryString(string) {
if (string == "") { return {}; }
var segments = string.split("&").map(s => s.split("="));
var queryString = {};
segments.forEach(s => queryString[s[0]] = s[1]);
return queryString;
}
// Make a POST request and parse the response as JSON
function sendPostRequest(url, params, success, error) {
var request = new XMLHttpRequest();
request.open('POST', url, true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
request.onload = function () {
var body = {};
try {
body = JSON.parse(request.response);
} catch (e) { }
if (request.status == 200) {
success(request, body);
} else {
error(request, body);
}
}
request.onerror = function () {
error(request, {});
}
var body = Object.keys(params).map(key => key + '=' + params[key]).join('&');
request.send(body);
}
function component() {
const element = document.createElement('div');
const btn = document.createElement('button');
element.innerHTML = 'Hello'+ 'webpack';
element.classList.add('hello');
return element;
}
(async function () {
document.body.appendChild(component());
const isAuthenticating = JSON.parse(window.localStorage.getItem('IsAuthenticating'));
console.log('init -> isAuthenticating', isAuthenticating);
if (!isAuthenticating) {
window.localStorage.setItem('IsAuthenticating', JSON.stringify(true));
// Create and store a random "state" value
var state = generateRandomString();
localStorage.setItem("pkce_state", state);
// Create and store a new PKCE code_verifier (the plaintext random secret)
var code_verifier = generateRandomString();
localStorage.setItem("pkce_code_verifier", code_verifier);
// Hash and base64-urlencode the secret to use as the challenge
var code_challenge = await pkceChallengeFromVerifier(code_verifier);
// Build the authorization URL
var url = config.authorization_endpoint
+ "?response_type=code"
+ "&client_id=" + encodeURIComponent(config.client_id)
+ "&state=" + encodeURIComponent(state)
+ "&scope=" + encodeURIComponent(config.requested_scopes)
+ "&redirect_uri=" + encodeURIComponent(config.redirect_uri)
+ "&code_challenge=" + encodeURIComponent(code_challenge)
+ "&code_challenge_method=S256"
;
// Redirect to the authorization server
window.location = url;
} else {
// Handle the redirect back from the authorization server and
// get an access token from the token endpoint
var q = parseQueryString(window.location.search.substring(1));
console.log('queryString', q);
// Check if the server returned an error string
if (q.error) {
alert("Error returned from authorization server: " + q.error);
document.getElementById("error_details").innerText = q.error + "\n\n" + q.error_description;
document.getElementById("error").classList = "";
}
// If the server returned an authorization code, attempt to exchange it for an access token
if (q.code) {
// Verify state matches what we set at the beginning
if (localStorage.getItem("pkce_state") != q.state) {
alert("Invalid state");
} else {
// Exchange the authorization code for an access token
// !!!!!!! This POST fails because of CORS policy.
sendPostRequest(config.token_endpoint, {
grant_type: "authorization_code",
code: q.code,
client_id: config.client_id,
redirect_uri: config.redirect_uri,
code_verifier: localStorage.getItem("pkce_code_verifier")
}, function (request, body) {
// Initialize your application now that you have an access token.
// Here we just display it in the browser.
document.getElementById("access_token").innerText = body.access_token;
document.getElementById("start").classList = "hidden";
document.getElementById("token").classList = "";
// Replace the history entry to remove the auth code from the browser address bar
window.history.replaceState({}, null, "/");
}, function (request, error) {
// This could be an error response from the OAuth server, or an error because the
// request failed such as if the OAuth server doesn't allow CORS requests
document.getElementById("error_details").innerText = error.error + "\n\n" + error.error_description;
document.getElementById("error").classList = "";
});
}
// Clean these up since we don't need them anymore
localStorage.removeItem("pkce_state");
localStorage.removeItem("pkce_code_verifier");
}
}
}());
In Azure I only have an App registration (not an app service).
Azure App Registration
The first step to get the authorization code works.
But the POST to get the access token fails. (picture from here)
OAuth Authorization Code Flow with PKCE
Access to XMLHttpRequest at
'https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token' from
origin 'http://localhost:8080' has been blocked by CORS policy: No
'Access-Control-Allow-Origin' header is present on the requested
resource.
Where in Azure do I configure the CORS policy for an App Registration?
Okay, after days of banging my head against the stupidity of Azure's implementation I stumbled upon a little hidden nugget of information here: https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-browser#prerequisites
If you change the type of the redirectUri in the manifest from 'Web' to 'Spa' it gives me back an access token! We're in business!
It breaks the UI in Azure, but so be it.
You should define the internal url with your local host address.
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy-understand-cors-issues
When I first posted, the Azure AD token endpoint did not allow CORS requests from browsers to the token endpoint, but it does now. Some Azure AD peculiarities around scopes and token validation are explained in these posts and code in case useful:
Code Sample
Blog Post
I am developing a website (client + server) that runs from the same machine.
I haven't found any errors in chrome's developer tools, so I don't know where the problem is.
I try to POST a string from the client to the Node back-end, but upon performing
url.parse(request.url, true).query
the result is empty.
Here is my client:
var xhttp = new XMLHttpRequest();
xhttp.open("POST", "http://localhost:8080/newComment", true);
xhttp.setRequestHeader("Content-type","application/x-www-form-urlencoded");
xhttp.send("val=" + commentString);
My commentString is "hey there"
Here is my server:
var path = url.parse(request.url).pathname;
else if (path == "/newComment") {
console.log("query: " + url.parse(request.url, true).body);
//setNewComment(comment);
response.writeHead(200, {
'Content-Type': 'text/plain',
'Access-Control-Allow-Origin' : '*',
'Access-Control-Allow-Methods': 'GET,PUT,POST,DELETE'
}); // enable cors
response.write("Recieved request");
response.end();
}
And I am at the website
file:///C:/Users/.../website.html?name=hey+there
So I'd like my Node server to print out "query: hey there" but instead it prints "query undefined"
You are trying to access the body, and this is right, yet the url doesn't hold the body's content, you should either accumulate it by listening to 'data' events:
let body = [];
request.on('data', (chunk) => {
body.push(chunk);
}).on('end', () => {
body = Buffer.concat(body).toString();
// at this point, `body` has the entire request body stored in it as a string
});
or use "express" and "body-parser".
1.Go to the request body section: https://nodejs.org/en/docs/guides/anatomy-of-an-http-transaction/
I am running the following code snippet from the node js beginner book.
var http = require("http");
var url = require("url");
function onRequest(request, response) {
console.log("request url issss " + request.url);
var pathName = url.parse(request.url).pathName;
console.log("Request for " + pathName + " received");
response.writeHead(200, {"Content-Type": "text/plain"});
response.write("Hello Worldd");
response.end();
}
http.createServer(onRequest).listen(8888);
console.log("Server has started11.");
Now while hitting http://localhost:8888/start in the browser, i am getting request.url is start only instead of full url. Hence path name is coming undefined.
Following is the console out put
Server has started11.
request url issss /start/
Request for undefined received
Thanks,
Shantanu
It's pathname with the n lowercased.
Also, request.url does not contain the fully qualified URL, it only contains the requested URL that the client sends.
I have been trying to get my server to work but when I send post data it just keeps loading and no results are given. Here is my noen.js file.
var http = require('http');
var url = require('url');
// Configure our HTTP server to respond with Hello World to all requests.
var server = http.createServer(function (request, response) {
var queryData = url.parse(request.url, true).query;
response.writeHead(200, {"Content-Type": "text/plain"});
if (queryData.name) {
// user told us their name in the GET request, ex: http://host:8000/?name=Tom
var exec = require('child_process').exec;
function puts(error, stdout, stderr) {sys.puts(stdout)}
exec ("casperjs test.js " + queryData.name + '\n');
} else {
response.end("Contact Admin - Not Working\n");
}
});
// Listen on port 8000, IP defaults to 127.0.0.1
server.listen(1213);
Can anyone help me fix this? When I go to
127.0.0.1:8000/?name=tom
I get no response the page just goes into a long loading loop
There is no response.end in case if is true so then response "never" ends.
write at bottom of the if
response.end("something");
And you will get the response;
For get the output of the process to the response:
https://stackoverflow.com/a/3944751/3018595
var http = require('http');
var url = require('url');
// Configure our HTTP server to respond with Hello World to all requests.
var server = http.createServer(function (request, response) {
var queryData = url.parse(request.url, true).query;
response.writeHead(200, {"Content-Type": "text/plain"});
if (queryData.name) {
// user told us their name in the GET request, ex: http://host:8000/?name=Tom
var exec = require('child_process').exec;
exec ("casperjs test.js " + queryData.name + '\n',function(err, stdout, stderr) {
response.end(stdout);
});
} else {
response.end("Contact Admin - Not Working\n");
}
});
// Listen on port 8000, IP defaults to 127.0.0.1
server.listen(1213);
The reason your browser is keep waiting because you are not ending your response. You have to call response.end to let your server complete the response otherwise it will keep thinking that the response is not complete yet. I added a line in your if statement and tested your code and it is working perfectly fine.
added line ** response.end("Request processed successfully...\n");**, assuming that you need to display a different message in case your "else" statement.
I tested url http://:1213/?name=tom
var http = require('http');
var url = require('url');
// Configure our HTTP server to respond with Hello World to all requests.
var server = http.createServer(function (request, response) {
var queryData = url.parse(request.url, true).query;
response.writeHead(200, {"Content-Type": "text/plain"});
if (queryData.name) {
// user told us their name in the GET request, ex: http://host:8000/?name=Tom
var exec = require('child_process').exec;
function puts(error, stdout, stderr) {sys.puts(stdout)}
exec ("casperjs test.js " + queryData.name + '\n');
response.end("Request processed successfully...\n");
} else {
response.end("Contact Admin - Not Working\n");
}
});
// Listen on port 8000, IP defaults to 127.0.0.1
server.listen(1213);
Before I begin I'd like to tell all of you that I made a lot of searching for solution of this problem on my own.
Here is my nodejs server:
var http = require('http');
http.createServer(function (req, res) {
console.log("Recived request url " + req.url);
var sname = req.url.search("name");
if(sname != -1){
sname = sname + "name".length + 1;
var from = sname;
while(req.url[sname] != '?' && sname<req.url.length){
sname++;
}
var name = req.url.substring(from,sname);
console.log("Returning parameter of name - " + name);
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end(name+'\n');
}
else{
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end('Error - ask about name\n');
}
}).listen(1337, '127.0.0.1');
console.log('Server running at http://127.0.0.1:1337/');
It listens on port 1337 and if request url is correct it returns some string.
Here is my javascript code asking nodejs for answer.
function httpGet(theUrl){
var xmlHttp = null;
xmlHttp = new XMLHttpRequest();
xmlHttp.open( "GET", theUrl, true );
xmlHttp.send( null );
return xmlHttp.responseText;
}
var url = httpGet("http://127.0.0.1:1337/?name=Mateusz");
setTimeout(function(){
document.getElementById("actualnewsspace").innerHTML=url;
var xurl = httpGet("http://127.0.0.1:1337/?"+url);
},5000)
returned xmlHttp.responseText is blank.
Why? That's my question.
That's what my nodejs server has to say in this matter
Recived request url /?name=Mateusz
Returning parameter of name - Mateusz
Recived request url /?
If I curl my server it returns mi proper value.
xmlHttp.responseText hasn't been populated when you return it. Ajax is Asynchronous.
See Using XMLHttpRequest and bind an event handler to listen for when the HTTP response has arrived and process the data in that.