iosWebViewFix/nodejs_server_test_auth_bas.../index.js

// Example of the server https is taken from here: https://engineering.circle.com/https-authorized-certs-with-node-js-315e548354a2
// Conversion of client1-crt.pem to certificate.pfx: https://stackoverflow.com/a/38408666/4637638
const express = require('express')
const https = require('https')
const cors = require('cors')
const auth = require('basic-auth')
const app = express()
const appHttps = express()
const appAuthBasic = express()
const fs = require('fs')
const path = require('path')

var options = { 
  key: fs.readFileSync('server-key.pem'), 
  cert: fs.readFileSync('server-crt.pem'), 
  ca: fs.readFileSync('ca-crt.pem'), 
  requestCert: true,
  rejectUnauthorized: false
};

appHttps.get('/', (req, res) => {
  console.log(JSON.stringify(req.headers))
	const cert = req.connection.getPeerCertificate()

  // The `req.client.authorized` flag will be true if the certificate is valid and was issued by a CA we white-listed
  // earlier in `opts.ca`. We display the name of our user (CN = Common Name) and the name of the issuer, which is
  // `localhost`.

	if (req.client.authorized) {
		res.send(`
      <html>
        <head>
        </head>
        <body>
          <h1>Authorized</h1>
        </body>
      </html>
    `);
  // They can still provide a certificate which is not accepted by us. Unfortunately, the `cert` object will be an empty
  // object instead of `null` if there is no certificate at all, so we have to check for a known field rather than
  // truthiness.

	} else if (cert.subject) {
    console.log(`Sorry ${cert.subject.CN}, certificates from ${cert.issuer.CN} are not welcome here.`);
		res.status(403).send(`
      <html>
        <head>
        </head>
        <body>
          <h1>Forbidden</h1>
        </body>
      </html>
    `);
  // And last, they can come to us with no certificate at all:
	} else {
	  console.log(`Sorry, but you need to provide a client certificate to continue.`)
		res.status(401).send(`
      <html>
        <head>
        </head>
        <body>
          <h1>Unauthorized</h1>
        </body>
      </html>
    `);
	}
	res.end()
})

// Let's create our HTTPS server and we're ready to go.
https.createServer(options, appHttps).listen(4433)


// Ensure this is before any other middleware or routes
appAuthBasic.use((req, res, next) => {
  let user = auth(req)

  if (user === undefined || user['name'] !== 'USERNAME' || user['pass'] !== 'PASSWORD') {
    res.statusCode = 401
    res.setHeader('WWW-Authenticate', 'Basic realm="Node"')
    res.send(`
        <html>
          <head>
          </head>
          <body>
            <h1>Unauthorized</h1>
          </body>
        </html>
      `);
    res.end()
  } else {
    next()
  }
})

appAuthBasic.get("/", (req, res) => {
  console.log(JSON.stringify(req.headers))
  res.send(`
    <html>
      <head>
      </head>
      <body>
        <h1>Authorized</h1>
      </body>
    </html>
  `);
  res.end()
})

appAuthBasic.listen(8081)


// Parse URL-encoded bodies (as sent by HTML forms)
app.use(express.urlencoded());

app.use(cors());

// Parse JSON bodies (as sent by API clients)
app.use(express.json());

app.get("/", (req, res) => {
  console.log(JSON.stringify(req.headers))
  res.send(`
    <html>
      <head>
      </head>
      <body>
        <p>HELLO</p>
      </body>
    </html>
  `);
  res.end()
})

app.post("/test-post", (req, res) => {
  console.log(JSON.stringify(req.headers))
  console.log(JSON.stringify(req.body))
  res.send(`
    <html>
      <head>
      </head>
      <body>
        <p>HELLO ${req.body.name}!</p>
      </body>
    </html>
  `);
  res.end()
})

app.post("/test-ajax-post", (req, res) => {
  console.log(JSON.stringify(req.headers))
  console.log(JSON.stringify(req.body))
  res.set("Content-Type", "application/json")
  res.send(JSON.stringify({
    "firstname": req.body.firstname,
    "lastname": req.body.lastname,
    "fullname": req.body.firstname + " " + req.body.lastname,
  }))
  res.end()
})

app.get("/test-download-file", (req, res) => {
  console.log(JSON.stringify(req.headers))
  const filePath = path.join(__dirname, 'assets', 'flutter_logo.png');
  const stat = fs.statSync(filePath);
  const file = fs.readFileSync(filePath, 'binary');
  res.setHeader('Content-Length', stat.size);
  res.setHeader('Content-Type', 'image/png');
  res.setHeader('Content-Disposition', 'attachment; filename=flutter_logo.png');
  res.write(file, 'binary');
  res.end();
})

app.listen(8082)
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`// Example of the server https is taken from here: https://engineering.circle.com/https-authorized-certs-with-node-js-315e548354a2`
			`// Conversion of client1-crt.pem to certificate.pfx: https://stackoverflow.com/a/38408666/4637638`
			`const express = require('express')`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`const https = require('https')`
			`const cors = require('cors')`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`const auth = require('basic-auth')`
updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			`const app = express()`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`const appHttps = express()`
			`const appAuthBasic = express()`
			`const fs = require('fs')`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`const path = require('path')`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00
			`var options = {`
			`key: fs.readFileSync('server-key.pem'),`
			`cert: fs.readFileSync('server-crt.pem'),`
			`ca: fs.readFileSync('ca-crt.pem'),`
			`requestCert: true,`
			`rejectUnauthorized: false`
			`};`

			`appHttps.get('/', (req, res) => {`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`console.log(JSON.stringify(req.headers))`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`const cert = req.connection.getPeerCertificate()`

fixed android content blocker, updated flutter driver tests 2019-11-25 00:42:27 +00:00			// The `req.client.authorized` flag will be true if the certificate is valid and was issued by a CA we white-listed
			// earlier in `opts.ca`. We display the name of our user (CN = Common Name) and the name of the issuer, which is
			// `localhost`.
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00
			`if (req.client.authorized) {`
added getHtml method, updated android config, remove block on long press webview android, fixed other issues 2019-11-02 18:58:01 +00:00			res.send(`
fixed android content blocker, updated flutter driver tests 2019-11-25 00:42:27 +00:00			`<html>`
			`<head>`
			`</head>`
			`<body>`
			`<h1>Authorized</h1>`
			`</body>`
			`</html>`
			`);
			// They can still provide a certificate which is not accepted by us. Unfortunately, the `cert` object will be an empty
			// object instead of `null` if there is no certificate at all, so we have to check for a known field rather than
			`// truthiness.`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00
			`} else if (cert.subject) {`
fixed android content blocker, updated flutter driver tests 2019-11-25 00:42:27 +00:00			console.log(`Sorry ${cert.subject.CN}, certificates from ${cert.issuer.CN} are not welcome here.`);
			res.status(403).send(`
			`<html>`
			`<head>`
			`</head>`
			`<body>`
			`<h1>Forbidden</h1>`
			`</body>`
			`</html>`
			`);
			`// And last, they can come to us with no certificate at all:`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`} else {`
fixed android content blocker, updated flutter driver tests 2019-11-25 00:42:27 +00:00			console.log(`Sorry, but you need to provide a client certificate to continue.`)
			res.status(401).send(`
			`<html>`
			`<head>`
			`</head>`
			`<body>`
			`<h1>Unauthorized</h1>`
			`</body>`
			`</html>`
			`);
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`}`
added getHtml method, updated android config, remove block on long press webview android, fixed other issues 2019-11-02 18:58:01 +00:00			`res.end()`
			`})`

added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`// Let's create our HTTPS server and we're ready to go.`
			`https.createServer(options, appHttps).listen(4433)`

fixed android content blocker, updated flutter driver tests 2019-11-25 00:42:27 +00:00

added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`// Ensure this is before any other middleware or routes`
			`appAuthBasic.use((req, res, next) => {`
			`let user = auth(req)`

added onLoadHttpError event, fixed InAppWebView handleMethod, updated example, updated driver tests 2019-11-21 01:19:43 +00:00			`if (user === undefined \|\| user['name'] !== 'USERNAME' \|\| user['pass'] !== 'PASSWORD') {`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`res.statusCode = 401`
			`res.setHeader('WWW-Authenticate', 'Basic realm="Node"')`
added onLoadHttpError event, fixed InAppWebView handleMethod, updated example, updated driver tests 2019-11-21 01:19:43 +00:00			res.send(`
			`<html>`
			`<head>`
			`</head>`
			`<body>`
			`<h1>Unauthorized</h1>`
			`</body>`
			`</html>`
			`);
			`res.end()`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`} else {`
			`next()`
			`}`
			`})`

			`appAuthBasic.get("/", (req, res) => {`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`console.log(JSON.stringify(req.headers))`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			res.send(`
			`<html>`
			`<head>`
			`</head>`
			`<body>`
added onLoadHttpError event, fixed InAppWebView handleMethod, updated example, updated driver tests 2019-11-21 01:19:43 +00:00			`<h1>Authorized</h1>`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`</body>`
			`</html>`
			`);
updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			`res.end()`
added onReceivedServerTrustAuthRequest and onReceivedClientCertRequest events to manage SSL requests, added clearSslPreferences and clearClientCertPreferences for Android, added nodejs_server_test_auth_basic_and_ssl for testing auth and ssl requests 2019-10-31 22:09:54 +00:00			`})`

updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			`appAuthBasic.listen(8081)`

fixed android content blocker, updated flutter driver tests 2019-11-25 00:42:27 +00:00

updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			`// Parse URL-encoded bodies (as sent by HTML forms)`
			`app.use(express.urlencoded());`

Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`app.use(cors());`

updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			`// Parse JSON bodies (as sent by API clients)`
			`app.use(express.json());`

			`app.get("/", (req, res) => {`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`console.log(JSON.stringify(req.headers))`
updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			res.send(`
			`<html>`
			`<head>`
			`</head>`
			`<body>`
			`<p>HELLO</p>`
			`</body>`
			`</html>`
			`);
			`res.end()`
			`})`

			`app.post("/test-post", (req, res) => {`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`console.log(JSON.stringify(req.headers))`
fixed ajax interceptor javascript code, re-added flutterInAppBrowserPlatformReady javascript for the window object, tests moved inside example folder using flutter driver 2019-11-16 11:41:30 +00:00			`console.log(JSON.stringify(req.body))`
updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			res.send(`
			`<html>`
			`<head>`
			`</head>`
			`<body>`
			`<p>HELLO ${req.body.name}!</p>`
			`</body>`
			`</html>`
			`);
			`res.end()`
			`})`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00
			`app.post("/test-ajax-post", (req, res) => {`
			`console.log(JSON.stringify(req.headers))`
fixed ajax interceptor javascript code, re-added flutterInAppBrowserPlatformReady javascript for the window object, tests moved inside example folder using flutter driver 2019-11-16 11:41:30 +00:00			`console.log(JSON.stringify(req.body))`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`res.set("Content-Type", "application/json")`
			`res.send(JSON.stringify({`
fixed ajax interceptor javascript code, re-added flutterInAppBrowserPlatformReady javascript for the window object, tests moved inside example folder using flutter driver 2019-11-16 11:41:30 +00:00			`"firstname": req.body.firstname,`
			`"lastname": req.body.lastname,`
			`"fullname": req.body.firstname + " " + req.body.lastname,`
Added shouldInterceptAjaxRequest, onAjaxReadyStateChange, onAjaxProgressEvent and shouldInterceptFetchRequest events, added useShouldInterceptAjaxRequest and useShouldInterceptFetchRequest webview options, updated node.js server test, added injectJavascriptFileFromAsset and injectCSSFileFromAsset methods, renamed some methods 2019-11-05 02:44:22 +00:00			`}))`
			`res.end()`
			`})`

			`app.get("/test-download-file", (req, res) => {`
			`console.log(JSON.stringify(req.headers))`
			`const filePath = path.join(__dirname, 'assets', 'flutter_logo.png');`
			`const stat = fs.statSync(filePath);`
			`const file = fs.readFileSync(filePath, 'binary');`
			`res.setHeader('Content-Length', stat.size);`
			`res.setHeader('Content-Type', 'image/png');`
			`res.setHeader('Content-Disposition', 'attachment; filename=flutter_logo.png');`
			`res.write(file, 'binary');`
			`res.end();`
			`})`

updated webview options classes, fixed debuggingEnabled, added getTRexRunnerHtml and getTRexRunnerCss methods 2019-11-04 00:39:23 +00:00			`app.listen(8082)`