Cradicle Explorer
LGift
/ node_modules / pg-connection-string / index.js
index.js
  1  'use strict'
  2  
  3  //Parse method copied from https://github.com/brianc/node-postgres
  4  //Copyright (c) 2010-2014 Brian Carlson (brian.m.carlson@gmail.com)
  5  //MIT License
  6  
  7  //parses a connection string
  8  function parse(str, options = {}) {
  9    //unix socket
 10    if (str.charAt(0) === '/') {
 11      const config = str.split(' ')
 12      return { host: config[0], database: config[1] }
 13    }
 14  
 15    // Check for empty host in URL
 16  
 17    const config = {}
 18    let result
 19    let dummyHost = false
 20    if (/ |%[^a-f0-9]|%[a-f0-9][^a-f0-9]/i.test(str)) {
 21      // Ensure spaces are encoded as %20
 22      str = encodeURI(str).replace(/%25(\d\d)/g, '%$1')
 23    }
 24  
 25    try {
 26      try {
 27        result = new URL(str, 'postgres://base')
 28      } catch (e) {
 29        // The URL is invalid so try again with a dummy host
 30        result = new URL(str.replace('@/', '@___DUMMY___/'), 'postgres://base')
 31        dummyHost = true
 32      }
 33    } catch (err) {
 34      // Remove the input from the error message to avoid leaking sensitive information
 35      err.input && (err.input = '*****REDACTED*****')
 36    }
 37  
 38    // We'd like to use Object.fromEntries() here but Node.js 10 does not support it
 39    for (const entry of result.searchParams.entries()) {
 40      config[entry[0]] = entry[1]
 41    }
 42  
 43    config.user = config.user || decodeURIComponent(result.username)
 44    config.password = config.password || decodeURIComponent(result.password)
 45  
 46    if (result.protocol == 'socket:') {
 47      config.host = decodeURI(result.pathname)
 48      config.database = result.searchParams.get('db')
 49      config.client_encoding = result.searchParams.get('encoding')
 50      return config
 51    }
 52    const hostname = dummyHost ? '' : result.hostname
 53    if (!config.host) {
 54      // Only set the host if there is no equivalent query param.
 55      config.host = decodeURIComponent(hostname)
 56    } else if (hostname && /^%2f/i.test(hostname)) {
 57      // Only prepend the hostname to the pathname if it is not a URL encoded Unix socket host.
 58      result.pathname = hostname + result.pathname
 59    }
 60    if (!config.port) {
 61      // Only set the port if there is no equivalent query param.
 62      config.port = result.port
 63    }
 64  
 65    const pathname = result.pathname.slice(1) || null
 66    config.database = pathname ? decodeURI(pathname) : null
 67  
 68    if (config.ssl === 'true' || config.ssl === '1') {
 69      config.ssl = true
 70    }
 71  
 72    if (config.ssl === '0') {
 73      config.ssl = false
 74    }
 75  
 76    if (config.sslcert || config.sslkey || config.sslrootcert || config.sslmode) {
 77      config.ssl = {}
 78    }
 79  
 80    // Only try to load fs if we expect to read from the disk
 81    const fs = config.sslcert || config.sslkey || config.sslrootcert ? require('fs') : null
 82  
 83    if (config.sslcert) {
 84      config.ssl.cert = fs.readFileSync(config.sslcert).toString()
 85    }
 86  
 87    if (config.sslkey) {
 88      config.ssl.key = fs.readFileSync(config.sslkey).toString()
 89    }
 90  
 91    if (config.sslrootcert) {
 92      config.ssl.ca = fs.readFileSync(config.sslrootcert).toString()
 93    }
 94  
 95    if (options.useLibpqCompat && config.uselibpqcompat) {
 96      throw new Error('Both useLibpqCompat and uselibpqcompat are set. Please use only one of them.')
 97    }
 98  
 99    if (config.uselibpqcompat === 'true' || options.useLibpqCompat) {
100      switch (config.sslmode) {
101        case 'disable': {
102          config.ssl = false
103          break
104        }
105        case 'prefer': {
106          config.ssl.rejectUnauthorized = false
107          break
108        }
109        case 'require': {
110          if (config.sslrootcert) {
111            // If a root CA is specified, behavior of `sslmode=require` will be the same as that of `verify-ca`
112            config.ssl.checkServerIdentity = function () {}
113          } else {
114            config.ssl.rejectUnauthorized = false
115          }
116          break
117        }
118        case 'verify-ca': {
119          if (!config.ssl.ca) {
120            throw new Error(
121              'SECURITY WARNING: Using sslmode=verify-ca requires specifying a CA with sslrootcert. If a public CA is used, verify-ca allows connections to a server that somebody else may have registered with the CA, making you vulnerable to Man-in-the-Middle attacks. Either specify a custom CA certificate with sslrootcert parameter or use sslmode=verify-full for proper security.'
122            )
123          }
124          config.ssl.checkServerIdentity = function () {}
125          break
126        }
127        case 'verify-full': {
128          break
129        }
130      }
131    } else {
132      switch (config.sslmode) {
133        case 'disable': {
134          config.ssl = false
135          break
136        }
137        case 'prefer':
138        case 'require':
139        case 'verify-ca':
140        case 'verify-full': {
141          break
142        }
143        case 'no-verify': {
144          config.ssl.rejectUnauthorized = false
145          break
146        }
147      }
148    }
149  
150    return config
151  }
152  
153  // convert pg-connection-string ssl config to a ClientConfig.ConnectionOptions
154  function toConnectionOptions(sslConfig) {
155    const connectionOptions = Object.entries(sslConfig).reduce((c, [key, value]) => {
156      // we explicitly check for undefined and null instead of `if (value)` because some
157      // options accept falsy values. Example: `ssl.rejectUnauthorized = false`
158      if (value !== undefined && value !== null) {
159        c[key] = value
160      }
161  
162      return c
163    }, {})
164  
165    return connectionOptions
166  }
167  
168  // convert pg-connection-string config to a ClientConfig
169  function toClientConfig(config) {
170    const poolConfig = Object.entries(config).reduce((c, [key, value]) => {
171      if (key === 'ssl') {
172        const sslConfig = value
173  
174        if (typeof sslConfig === 'boolean') {
175          c[key] = sslConfig
176        }
177  
178        if (typeof sslConfig === 'object') {
179          c[key] = toConnectionOptions(sslConfig)
180        }
181      } else if (value !== undefined && value !== null) {
182        if (key === 'port') {
183          // when port is not specified, it is converted into an empty string
184          // we want to avoid NaN or empty string as a values in ClientConfig
185          if (value !== '') {
186            const v = parseInt(value, 10)
187            if (isNaN(v)) {
188              throw new Error(`Invalid ${key}: ${value}`)
189            }
190  
191            c[key] = v
192          }
193        } else {
194          c[key] = value
195        }
196      }
197  
198      return c
199    }, {})
200  
201    return poolConfig
202  }
203  
204  // parses a connection string into ClientConfig
205  function parseIntoClientConfig(str) {
206    return toClientConfig(parse(str))
207  }
208  
209  module.exports = parse
210  
211  parse.parse = parse
212  parse.toClientConfig = toClientConfig
213  parse.parseIntoClientConfig = parseIntoClientConfig