-
Notifications
You must be signed in to change notification settings - Fork 262
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use proxy authentication #572
Comments
That code is new in the v1.x version of node-pre-gyp. So I presume this worked for you with [email protected]? Asking to try to understand if this is truly a regression or not. /cc @bmacnaughton |
Thank you for your reply. The building result is following.
|
i will take a look this weekend. @feuxfollets1013 - thank you for the report. |
@feuxfollets1013 - can you install `npm install https://github.com/mapbox/node-pre-gyp#proxy-url-work and see if that works for you? i probably should always have let the agent parse the proxy url; i've changed it to do so. |
@bmacnaughton - Thank you for your support. |
Maybe related: The switch from
In my experience, only the now deprecated |
Just a wild guess, but maybe this has to do with the way the code here decides whether to use http_proxy=http://our-proxy.company.net:3128
https_proxy=http://our-proxy.company.net:3128 In that case, the code mentioned above decides to use If my thinking is correct, this would mean
Or am I off track here? 😉 |
@soulchild - i will take a look at this sometime this week. thanks for your detailed thoughts. there was some risk to replacing |
@bmacnaughton
This is error details. |
i'm seeing the error with bcrypt - it uses a github remote_path in the binary section of package.json and that redirects to amazon. i believe it is the redirect that is creating the problem. if that doesn't seem right to everyone, please let me know. on the http/https proxy agent choice - i don't think that is an issue. my understanding might be wrong, but i believe that both handle http and https requests; the difference is whether the traffic between the client and the proxy is encrypted or not. i will get to it this weekend if i can't find time during the week. |
Well, at least with our proxy (Squid) using Can you give this a try and see if you're getting similar results? const fetch = require('node-fetch');
const HTTPProxyAgent = require('http-proxy-agent');
const HTTPSProxyAgent = require('https-proxy-agent');
const proxyUrl = 'http://proxy.company.net:3128';
const m = proxyUrl.match(/^(?:(https?:)\/\/)?([^:]+)(?::(\d{1,4}))?\/?$/);
const protocol = m[1] === 'https:' ? 'https:' : 'http:';
const host = m[2];
const port = +(m[3] || (protocol === 'https:' ? 443 : 80));
const agentOpts = { host, port, protocol };
const httpAgent = new HTTPProxyAgent(agentOpts);
const httpsAgent = new HTTPSProxyAgent(agentOpts);
(async() => {
console.log(`Non-SSL URL w/ httpAgent : ${(await fetch('http://example.com', { agent: httpAgent })).status}`);
console.log(`Non-SSL URL w/ httpsAgent : ${(await fetch('http://example.com', { agent: httpsAgent })).status}`);
console.log(`SSL URL w/ httpAgent : ${(await fetch('https://example.com', { agent: httpAgent })).status}`);
console.log(`SSL URL w/ httpsAgent : ${(await fetch('https://example.com', { agent: httpsAgent })).status}`);
})().catch(console.error); ResultsNon-SSL URL w/ httpAgent : 200
Non-SSL URL w/ httpsAgent : 403
SSL URL w/ httpAgent : 503
SSL URL w/ httpsAgent : 200 EDIT: The redirect is also followed correctly when utilizing const res = await fetch('https://github.com/kelektiv/node.bcrypt.js/releases/download/v5.0.1/bcrypt_lib-v5.0.1-napi-v3-linux-x64-musl.tar.gz', { agent: httpsAgent });
console.log(await res.text()); |
I made a few changes to your code and tried to run it.
I was able to download it successfully too.
Results
|
@feuxfollets1013 Interesting! Don't know why Also, |
I think we don't need to deconstruct the url, because if we call https-proxy-agent constructor with a string url, the constructor destructs the url using |
@feuxfollets1013 @soulchild - thank you both for your efforts on this. i will make make the change to only use |
@feuxfollets1013 @soulchild - https://github.com/mapbox/node-pre-gyp/tree/proxy-url-work uses only https-proxy-agent and previously removed If you get a chance to give it a try that would be great. i plan on adding additional tests this weekend, but it seems to address the issues you've raised. |
@springmeyer - i think this is an improvement at a very minimum. i have just tested this locally running through a squid proxy to install bcrypt (which redirects - it can be seen using the previous version:
but with the version in this branch the redirect is transparent and the download still succeeds:
@feuxfollets1013 and @soulchild - it would be great if you could install this version as a dependency in an already-downloaded bcrypt and manually execute a command similar to the one i did above: (you can install with i really appreciate the testing you two put into this. my understanding was that the only difference between the two was whether the connection from client => proxy was http or https. the test showed that my understanding was wrong (in this implementation at the very least) and that just using the https proxy agent is the best solution. |
Thank you everyone for the great collaboration here! Happy to cut a new release once @bmacnaughton thinks the fixed code is ready. |
@feuxfollets1013 @soulchild - please give this branch a try if you can - #573. I believe that it addresses the issues you've raised. I added a test using the simple proxy that's part of our test suite and, in the debugger, verified that node-fetch is handling a redirect even though it is transparent to i think we should target a release on tuesday or wednesday - let me know if that timeframe is to aggressive for your testing. or, if you just won't have time to test, let me know as well and we can move ahead sooner. thank you again for the work you've done and information you've provided. |
Sorry for the late reply! This looks good to me: > https_proxy=http://proxy.company.net:3128 http_proxy=http://proxy.company.net:3128 ../.bin/node-pre-gyp install --update-binary
node-pre-gyp info it worked if it ends with ok
node-pre-gyp info using [email protected]
node-pre-gyp info using [email protected] | darwin | x64
node-pre-gyp http GET https://github.com/kelektiv/node.bcrypt.js/releases/download/v5.0.1/bcrypt_lib-v5.0.1-napi-v3-darwin-x64-unknown.tar.gz
node-pre-gyp http download proxy agent configured using: "http://proxy.company.net:3128"
node-pre-gyp info install unpacking napi-v3/bcrypt_lib.node
node-pre-gyp info extracted file count: 1
[bcrypt] Success: "/Users/.../Desktop/node-pre-gyp-bug/node_modules/bcrypt/lib/binding/napi-v3/bcrypt_lib.node" is installed via remote
node-pre-gyp info ok Thanks for the work, @bmacnaughton! |
awesome @soulchild. i've just pushed a few changes to the tests only (so they run on node 8). proxy support is really important and we knew we were likely to run into some troubles replacing |
@bmacnaughton - Sorry for the late reply. I got an following error.
I found out the part(L70) that seems to be the cause. Lines 67 to 72 in a0100ab
I changed to following and it works for me, but I don't understand for detail yet, because I haven't checked |
i suppose there is no point in parsing the url at all. let me see how all the other tests work. thanks for testing in advance of a release. it really helps. |
i just pushed a version making your changes - i think it makes perfect sense to let |
@bmacnaughton - It works!
I agree with you, because Thank you for your rapidly and great supports! |
I've released the great work of @bmacnaughton in #573 as |
Thanks for the great work guys! I really appreciate that. Just wanted to report back that our CI is happy again as well: It's correctly downloading a pre-built bcrypt binary via our corporate proxy. 👍 |
Current Behavior
I set auth-proxy address to npm proxy as following and I got invalid proxy error when I built some library.
node-pre-gyp WARN download ignoring invalid "proxy" config setting: "http://id:[email protected]:18080/"
Expected Behavior
The build process uses proxy config setting.
Additional Info
In the following code(L63), it looks like auth-proxy and 5 digits port is not taken into account.
I checked whether node-https-proxy-agent(L65) supports auth-proxy, and I guess it supports auth-proxy from this comment.
node-pre-gyp/lib/install.js
Lines 63 to 75 in f9b3948
The text was updated successfully, but these errors were encountered: