watermanagement-backend-prod/node_modules/proxy-addr/index.js

/*!
 * proxy-addr
 * Copyright(c) 2014-2016 Douglas Christopher Wilson
 * MIT Licensed
 */

'use strict'

/**
 * Module exports.
 * @public
 */

module.exports = proxyaddr
module.exports.all = alladdrs
module.exports.compile = compile

/**
 * Module dependencies.
 * @private
 */

var forwarded = require('forwarded')
var ipaddr = require('ipaddr.js')

/**
 * Variables.
 * @private
 */

var DIGIT_REGEXP = /^[0-9]+$/
var isip = ipaddr.isValid
var parseip = ipaddr.parse

/**
 * Pre-defined IP ranges.
 * @private
 */

var IP_RANGES = {
  linklocal: ['169.254.0.0/16', 'fe80::/10'],
  loopback: ['127.0.0.1/8', '::1/128'],
  uniquelocal: ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', 'fc00::/7']
}

/**
 * Get all addresses in the request, optionally stopping
 * at the first untrusted.
 *
 * @param {Object} request
 * @param {Function|Array|String} [trust]
 * @public
 */

function alladdrs (req, trust) {
  // get addresses
  var addrs = forwarded(req)

  if (!trust) {
    // Return all addresses
    return addrs
  }

  if (typeof trust !== 'function') {
    trust = compile(trust)
  }

  for (var i = 0; i < addrs.length - 1; i++) {
    if (trust(addrs[i], i)) continue

    addrs.length = i + 1
  }

  return addrs
}

/**
 * Compile argument into trust function.
 *
 * @param {Array|String} val
 * @private
 */

function compile (val) {
  if (!val) {
    throw new TypeError('argument is required')
  }

  var trust

  if (typeof val === 'string') {
    trust = [val]
  } else if (Array.isArray(val)) {
    trust = val.slice()
  } else {
    throw new TypeError('unsupported trust argument')
  }

  for (var i = 0; i < trust.length; i++) {
    val = trust[i]

    if (!Object.prototype.hasOwnProperty.call(IP_RANGES, val)) {
      continue
    }

    // Splice in pre-defined range
    val = IP_RANGES[val]
    trust.splice.apply(trust, [i, 1].concat(val))
    i += val.length - 1
  }

  return compileTrust(compileRangeSubnets(trust))
}

/**
 * Compile `arr` elements into range subnets.
 *
 * @param {Array} arr
 * @private
 */

function compileRangeSubnets (arr) {
  var rangeSubnets = new Array(arr.length)

  for (var i = 0; i < arr.length; i++) {
    rangeSubnets[i] = parseipNotation(arr[i])
  }

  return rangeSubnets
}

/**
 * Compile range subnet array into trust function.
 *
 * @param {Array} rangeSubnets
 * @private
 */

function compileTrust (rangeSubnets) {
  // Return optimized function based on length
  var len = rangeSubnets.length
  return len === 0
    ? trustNone
    : len === 1
      ? trustSingle(rangeSubnets[0])
      : trustMulti(rangeSubnets)
}

/**
 * Parse IP notation string into range subnet.
 *
 * @param {String} note
 * @private
 */

function parseipNotation (note) {
  var pos = note.lastIndexOf('/')
  var str = pos !== -1
    ? note.substring(0, pos)
    : note

  if (!isip(str)) {
    throw new TypeError('invalid IP address: ' + str)
  }

  var ip = parseip(str)

  if (pos === -1 && ip.kind() === 'ipv6' && ip.isIPv4MappedAddress()) {
    // Store as IPv4
    ip = ip.toIPv4Address()
  }

  var max = ip.kind() === 'ipv6'
    ? 128
    : 32

  var range = pos !== -1
    ? note.substring(pos + 1, note.length)
    : null

  if (range === null) {
    range = max
  } else if (DIGIT_REGEXP.test(range)) {
    range = parseInt(range, 10)
  } else if (ip.kind() === 'ipv4' && isip(range)) {
    range = parseNetmask(range)
  } else {
    range = null
  }

  if (range <= 0 || range > max) {
    throw new TypeError('invalid range on address: ' + note)
  }

  return [ip, range]
}

/**
 * Parse netmask string into CIDR range.
 *
 * @param {String} netmask
 * @private
 */

function parseNetmask (netmask) {
  var ip = parseip(netmask)
  var kind = ip.kind()

  return kind === 'ipv4'
    ? ip.prefixLengthFromSubnetMask()
    : null
}

/**
 * Determine address of proxied request.
 *
 * @param {Object} request
 * @param {Function|Array|String} trust
 * @public
 */

function proxyaddr (req, trust) {
  if (!req) {
    throw new TypeError('req argument is required')
  }

  if (!trust) {
    throw new TypeError('trust argument is required')
  }

  var addrs = alladdrs(req, trust)
  var addr = addrs[addrs.length - 1]

  return addr
}

/**
 * Static trust function to trust nothing.
 *
 * @private
 */

function trustNone () {
  return false
}

/**
 * Compile trust function for multiple subnets.
 *
 * @param {Array} subnets
 * @private
 */

function trustMulti (subnets) {
  return function trust (addr) {
    if (!isip(addr)) return false

    var ip = parseip(addr)
    var ipconv
    var kind = ip.kind()

    for (var i = 0; i < subnets.length; i++) {
      var subnet = subnets[i]
      var subnetip = subnet[0]
      var subnetkind = subnetip.kind()
      var subnetrange = subnet[1]
      var trusted = ip

      if (kind !== subnetkind) {
        if (subnetkind === 'ipv4' && !ip.isIPv4MappedAddress()) {
          // Incompatible IP addresses
          continue
        }

        if (!ipconv) {
          // Convert IP to match subnet IP kind
          ipconv = subnetkind === 'ipv4'
            ? ip.toIPv4Address()
            : ip.toIPv4MappedAddress()
        }

        trusted = ipconv
      }

      if (trusted.match(subnetip, subnetrange)) {
        return true
      }
    }

    return false
  }
}

/**
 * Compile trust function for single subnet.
 *
 * @param {Object} subnet
 * @private
 */

function trustSingle (subnet) {
  var subnetip = subnet[0]
  var subnetkind = subnetip.kind()
  var subnetisipv4 = subnetkind === 'ipv4'
  var subnetrange = subnet[1]

  return function trust (addr) {
    if (!isip(addr)) return false

    var ip = parseip(addr)
    var kind = ip.kind()

    if (kind !== subnetkind) {
      if (subnetisipv4 && !ip.isIPv4MappedAddress()) {
        // Incompatible IP addresses
        return false
      }

      // Convert IP to match subnet IP kind
      ip = subnetisipv4
        ? ip.toIPv4Address()
        : ip.toIPv4MappedAddress()
    }

    return ip.match(subnetip, subnetrange)
  }
}
Removed multer 3 years ago			`/*!`
			`* proxy-addr`
			`* Copyright(c) 2014-2016 Douglas Christopher Wilson`
			`* MIT Licensed`
			`*/`

			`'use strict'`

			`/**`
			`* Module exports.`
			`* @public`
			`*/`

			`module.exports = proxyaddr`
			`module.exports.all = alladdrs`
			`module.exports.compile = compile`

			`/**`
			`* Module dependencies.`
			`* @private`
			`*/`

			`var forwarded = require('forwarded')`
			`var ipaddr = require('ipaddr.js')`

			`/**`
			`* Variables.`
			`* @private`
			`*/`

			`var DIGIT_REGEXP = /^[0-9]+$/`
			`var isip = ipaddr.isValid`
			`var parseip = ipaddr.parse`

			`/**`
			`* Pre-defined IP ranges.`
			`* @private`
			`*/`

			`var IP_RANGES = {`
			`linklocal: ['169.254.0.0/16', 'fe80::/10'],`
			`loopback: ['127.0.0.1/8', '::1/128'],`
			`uniquelocal: ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', 'fc00::/7']`
			`}`

			`/**`
			`* Get all addresses in the request, optionally stopping`
			`* at the first untrusted.`
			`*`
			`* @param {Object} request`
			`* @param {Function\|Array\|String} [trust]`
			`* @public`
			`*/`

			`function alladdrs (req, trust) {`
			`// get addresses`
			`var addrs = forwarded(req)`

			`if (!trust) {`
			`// Return all addresses`
			`return addrs`
			`}`

			`if (typeof trust !== 'function') {`
			`trust = compile(trust)`
			`}`

			`for (var i = 0; i < addrs.length - 1; i++) {`
			`if (trust(addrs[i], i)) continue`

			`addrs.length = i + 1`
			`}`

			`return addrs`
			`}`

			`/**`
			`* Compile argument into trust function.`
			`*`
			`* @param {Array\|String} val`
			`* @private`
			`*/`

			`function compile (val) {`
			`if (!val) {`
			`throw new TypeError('argument is required')`
			`}`

			`var trust`

			`if (typeof val === 'string') {`
			`trust = [val]`
			`} else if (Array.isArray(val)) {`
			`trust = val.slice()`
			`} else {`
			`throw new TypeError('unsupported trust argument')`
			`}`

			`for (var i = 0; i < trust.length; i++) {`
			`val = trust[i]`

			`if (!Object.prototype.hasOwnProperty.call(IP_RANGES, val)) {`
			`continue`
			`}`

			`// Splice in pre-defined range`
			`val = IP_RANGES[val]`
			`trust.splice.apply(trust, [i, 1].concat(val))`
			`i += val.length - 1`
			`}`

			`return compileTrust(compileRangeSubnets(trust))`
			`}`

			`/**`
			* Compile `arr` elements into range subnets.
			`*`
			`* @param {Array} arr`
			`* @private`
			`*/`

			`function compileRangeSubnets (arr) {`
			`var rangeSubnets = new Array(arr.length)`

			`for (var i = 0; i < arr.length; i++) {`
			`rangeSubnets[i] = parseipNotation(arr[i])`
			`}`

			`return rangeSubnets`
			`}`

			`/**`
			`* Compile range subnet array into trust function.`
			`*`
			`* @param {Array} rangeSubnets`
			`* @private`
			`*/`

			`function compileTrust (rangeSubnets) {`
			`// Return optimized function based on length`
			`var len = rangeSubnets.length`
			`return len === 0`
			`? trustNone`
			`: len === 1`
			`? trustSingle(rangeSubnets[0])`
			`: trustMulti(rangeSubnets)`
			`}`

			`/**`
			`* Parse IP notation string into range subnet.`
			`*`
			`* @param {String} note`
			`* @private`
			`*/`

			`function parseipNotation (note) {`
			`var pos = note.lastIndexOf('/')`
			`var str = pos !== -1`
			`? note.substring(0, pos)`
			`: note`

			`if (!isip(str)) {`
			`throw new TypeError('invalid IP address: ' + str)`
			`}`

			`var ip = parseip(str)`

			`if (pos === -1 && ip.kind() === 'ipv6' && ip.isIPv4MappedAddress()) {`
			`// Store as IPv4`
			`ip = ip.toIPv4Address()`
			`}`

			`var max = ip.kind() === 'ipv6'`
			`? 128`
			`: 32`

			`var range = pos !== -1`
			`? note.substring(pos + 1, note.length)`
			`: null`

			`if (range === null) {`
			`range = max`
			`} else if (DIGIT_REGEXP.test(range)) {`
			`range = parseInt(range, 10)`
			`} else if (ip.kind() === 'ipv4' && isip(range)) {`
			`range = parseNetmask(range)`
			`} else {`
			`range = null`
			`}`

			`if (range <= 0 \|\| range > max) {`
			`throw new TypeError('invalid range on address: ' + note)`
			`}`

			`return [ip, range]`
			`}`

			`/**`
			`* Parse netmask string into CIDR range.`
			`*`
			`* @param {String} netmask`
			`* @private`
			`*/`

			`function parseNetmask (netmask) {`
			`var ip = parseip(netmask)`
			`var kind = ip.kind()`

			`return kind === 'ipv4'`
			`? ip.prefixLengthFromSubnetMask()`
			`: null`
			`}`

			`/**`
			`* Determine address of proxied request.`
			`*`
			`* @param {Object} request`
			`* @param {Function\|Array\|String} trust`
			`* @public`
			`*/`

			`function proxyaddr (req, trust) {`
			`if (!req) {`
			`throw new TypeError('req argument is required')`
			`}`

			`if (!trust) {`
			`throw new TypeError('trust argument is required')`
			`}`

			`var addrs = alladdrs(req, trust)`
			`var addr = addrs[addrs.length - 1]`

			`return addr`
			`}`

			`/**`
			`* Static trust function to trust nothing.`
			`*`
			`* @private`
			`*/`

			`function trustNone () {`
			`return false`
			`}`

			`/**`
			`* Compile trust function for multiple subnets.`
			`*`
			`* @param {Array} subnets`
			`* @private`
			`*/`

			`function trustMulti (subnets) {`
			`return function trust (addr) {`
			`if (!isip(addr)) return false`

			`var ip = parseip(addr)`
			`var ipconv`
			`var kind = ip.kind()`

			`for (var i = 0; i < subnets.length; i++) {`
			`var subnet = subnets[i]`
			`var subnetip = subnet[0]`
			`var subnetkind = subnetip.kind()`
			`var subnetrange = subnet[1]`
			`var trusted = ip`

			`if (kind !== subnetkind) {`
			`if (subnetkind === 'ipv4' && !ip.isIPv4MappedAddress()) {`
			`// Incompatible IP addresses`
			`continue`
			`}`

			`if (!ipconv) {`
			`// Convert IP to match subnet IP kind`
			`ipconv = subnetkind === 'ipv4'`
			`? ip.toIPv4Address()`
			`: ip.toIPv4MappedAddress()`
			`}`

			`trusted = ipconv`
			`}`

			`if (trusted.match(subnetip, subnetrange)) {`
			`return true`
			`}`
			`}`

			`return false`
			`}`
			`}`

			`/**`
			`* Compile trust function for single subnet.`
			`*`
			`* @param {Object} subnet`
			`* @private`
			`*/`

			`function trustSingle (subnet) {`
			`var subnetip = subnet[0]`
			`var subnetkind = subnetip.kind()`
			`var subnetisipv4 = subnetkind === 'ipv4'`
			`var subnetrange = subnet[1]`

			`return function trust (addr) {`
			`if (!isip(addr)) return false`

			`var ip = parseip(addr)`
			`var kind = ip.kind()`

			`if (kind !== subnetkind) {`
			`if (subnetisipv4 && !ip.isIPv4MappedAddress()) {`
			`// Incompatible IP addresses`
			`return false`
			`}`

			`// Convert IP to match subnet IP kind`
			`ip = subnetisipv4`
			`? ip.toIPv4Address()`
			`: ip.toIPv4MappedAddress()`
			`}`

			`return ip.match(subnetip, subnetrange)`
			`}`
			`}`