Skip to content

Fix snyk vulnerabilities #70

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Fix snyk vulnerabilities #70

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
644cdff
add ft s3o
ookejimift Feb 19, 2018
f44df7a
Longer s30 cookie time
adgad Mar 23, 2020
e5f6846
Merge pull request #1 from Financial-Times/adgad-patch-1
adgad Mar 23, 2020
6442634
enable trust proxy
ookejimift May 28, 2020
d557de7
okta migration
ookejimift Aug 25, 2020
225d809
Merge pull request #2 from Financial-Times/okta
ookejimift Aug 25, 2020
3a77bdc
[Skip CI] Automatically creating CODEOWNERS file
wheresrhys Feb 10, 2021
e236f25
fix snyk vulnerabilities by snyk wizard
nader-akhgari Mar 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Guessed from System and Package relationships in Biz Ops
* @Financial-Times/digital-newsroom
4 changes: 4 additions & 0 deletions .snyk
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.22.2
ignore: {}
patch: {}
4 changes: 1 addition & 3 deletions app.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,6 @@
"env": {
"AWS_ACCESS_KEY_ID" : "Your AWS Access Key ID Here",
"AWS_SECRET_ACCESS_KEY" : "Your AWS Secret Key Here",
"ENDPOINT" : "ES Endpoint (ex: my-endpoint.region-1.es.amazonaws.com)",
"USER" : "HTTP Auth Username",
"PASSWORD" : "HTTP Auth Password"
"ENDPOINT" : "ES Endpoint (ex: my-endpoint.region-1.es.amazonaws.com)"
}
}
26 changes: 9 additions & 17 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@ var express = require('express');
var bodyParser = require('body-parser');
var stream = require('stream');
var figlet = require('figlet');
var basicAuth = require('basic-auth-connect');
var compress = require('compression');

const EdTechAuth = require('@financial-times/ed-tech-auth');

var yargs = require('yargs')
.usage('usage: $0 [options] <aws-es-cluster-endpoint>')
.option('b', {
Expand All @@ -33,18 +34,6 @@ var yargs = require('yargs')
describe: 'the region of the Elasticsearch cluster',
type: 'string'
})
.option('u', {
alias: 'user',
default: process.env.USER,
demand: false,
describe: 'the username to access the proxy'
})
.option('a', {
alias: 'password',
default: process.env.PASSWORD,
demand: false,
describe: 'the password to access the proxy'
})
.option('s', {
alias: 'silent',
default: false,
Expand Down Expand Up @@ -112,10 +101,13 @@ var proxy = httpProxy.createProxyServer({
});

var app = express();

app.enable('trust proxy');

app.use(compress());
if (argv.u && argv.a) {
app.use(basicAuth(argv.u, argv.a));
}
const auth = new EdTechAuth(app);
app.use(auth.middleware);

app.use(bodyParser.raw({limit: REQ_LIMIT, type: function() { return true; }}));
app.use(getCredentials);
app.use(function (req, res) {
Expand Down Expand Up @@ -153,7 +145,7 @@ proxy.on('proxyRes', function (proxyReq, req, res) {
}
});

http.createServer(app).listen(PORT, BIND_ADDRESS);
http.createServer(app).listen(PORT);

if(!argv.s) {
console.log(figlet.textSync('AWS ES Proxy!', {
Expand Down
Loading