Skip to content

Commit

Permalink
HTTPS
Browse files Browse the repository at this point in the history
  • Loading branch information
@claudiochimera
claudiochimera committed Jan 30, 2023
1 parent e849558 commit 28c3f50
Show file tree
Hide file tree
Showing 6 changed files with 128 additions and 6 deletions.
57 changes: 57 additions & 0 deletions alexa/alexa-adapter.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@
emails: { value: [], required: false },
msg_check: { value: false, required: false },
verbose: { value: false, required: false },
https_server: { value: false, required: false },
usehttpnoderoot: { value: false, required: false },
port: {
value: '', required: false, validate: function (v) {
const n = parseInt(v);
Expand All @@ -22,6 +24,8 @@
credentials: {
username: { type: "text" },
password: { type: "password" },
publickey: { type: "text" },
privatekey: { type: "text" },
your_client_id: { type: "text" },
your_secret: { type: "password" },
oa2_client_id: { type: "text" },
Expand Down Expand Up @@ -81,6 +85,32 @@
}
loginWithAmazon();
$("#node-config-input-login_with_amazon").change(loginWithAmazon);

// Use same NODE-Red port
let useNODERedPort = function () {
let input_port = $('#node-config-input-port').val();
input_port = isNaN(input_port) ? 0 : +input_port;
if ((input_port <= 0)) { // || (RED.settings.uiPort === node)) {
$('#connectioninfo').hide();
} else {
$('#connectioninfo').show();
}
};
useNODERedPort();
$('#node-config-input-port').change(useNODERedPort);

// Use external SSL offload on / off
let sslOffLoadKeys = function () {
let https_server = $("#node-config-input-https_server").prop('checked');
if (https_server) {
$("#ssloffloadkeys").show();
} else {
$("#ssloffloadkeys").hide();
}
};
sslOffLoadKeys();
$("#node-config-input-https_server").change(sslOffLoadKeys);

},
oneditsave: function () {
var node = this;
Expand Down Expand Up @@ -227,6 +257,33 @@
<label for="node-config-input-http_path"><i class="fa fa-globe"></i> <span data-i18n="alexa-adapter.label.http_path"></span></label>
<input type="text" id="node-config-input-http_path" data-i18n="[placeholder]alexa-adapter.placeholder.http_path">
</div>

<div class="form-row hidden" id="connectioninfo" style="background: #fbfbfb">

<div class="form-row">
<label style="width:auto" for="node-config-input-usehttpnoderoot"><i class="fa fa-arrow-right"></i> <span data-i18n="alexa-adapter.label.usehttpnoderoot"></span></label>
<input type="checkbox" id="node-config-input-usehttpnoderoot" style="display:inline-block; width:auto; vertical-align:top;">
</div>

<div class="form-row">
<label style="width:auto" for="node-config-input-https_server"><i class="fa fa-arrow-right"></i> <span data-i18n="alexa-adapter.label.https_server"></span></label>
<input type="checkbox" id="node-config-input-https_server" style="display:inline-block; width:auto; vertical-align:top;">
</div>

<div class="form-row hidden" id="ssloffloadkeys" style="background: #fbfbfb">

<div class="form-row">
<label for="node-config-input-publickey"><i class="fa fa-folder"></i> <span data-i18n="alexa-adapter.label.publickey"></span></label>
<input type="text" id="node-config-input-publickey" data-i18n="[placeholder]alexa-adapter.placeholder.publickey">
</div>

<div class="form-row">
<label for="node-config-input-privatekey"><i class="fa fa-folder"></i> <span data-i18n="alexa-adapter.label.privatekey"></span></label>
<input type="text" id="node-config-input-privatekey" data-i18n="[placeholder]alexa-adapter.placeholder.privatekey">
</div>
</div>
</div>

</div>

<div class="form-row red-ui-editableList-border" style="background: #fbfbfb; padding: 5px;">
Expand Down
41 changes: 39 additions & 2 deletions alexa/alexa-adapter.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ module.exports = function (RED) {
const TOKEN_PATH = 'token';
const SMART_HOME_PATH = "smarthome";
const TOKENS_FILENAME = "alexa-tokens_%s.json";
const GRACE_MILLISECONDS = 500;
const GRACE_MILLISECONDS = 0;
const LWA_TOKEN_URI = 'https://api.amazon.com/auth/o2/token';
const LWA_USER_PROFILE = 'https://api.amazon.com/user/profile';
const LWA_AP_OA = 'https://www.amazon.com/ap/oa';
Expand Down Expand Up @@ -133,6 +133,8 @@ module.exports = function (RED) {
const node = this;
node.http_path = config.http_path || '';
node.http_port = config.port || '';
node.https_server = config.https_server || false;
node.usehttpnoderoot = config.usehttpnoderoot || false;
node.http_root = node.Path_join('/', node.http_path.trim());
node.http_server = RED.httpNode || RED.httpAdmin;
node.app = node.http_server;
Expand Down Expand Up @@ -223,7 +225,39 @@ module.exports = function (RED) {
node.handler = node.app.listen(parseInt(node.http_port), () => {
if (node.config.verbose) node._debug(`setup server listening at http://localhost:${node.http_port}${node.http_root}/` + OAUTH_PATH + "|" + TOKEN_PATH + "|" + SMART_HOME_PATH);
});
node.http_server = stoppable(http.createServer(node.app), GRACE_MILLISECONDS);
let options = {};
if (node.https_server) {
try {
let filename = node.credentials.privatekey;
if(!filename) {
node.error('No certificate private SSL key file specified in configuration.');
return;
}
if (!filename.startsWith(path.sep)) {
filename = path.join(node.user_dir, filename);
}
options.key = fs.readFileSync(filename)
} catch (error) {
node.error(`Error while loading private SSL key from file "${this.filename}" (${error})`);
return;
}

try {
let filename = node.credentials.pubblickey;
if(!filename) {
node.error('No certificate public SSL key file specified in configuration.');
return;
}
if (!filename.startsWith(path.sep)) {
filename = path.join(node.user_dir, filename);
}
options.cert = fs.readFileSync(filename)
} catch (error) {
node.error(`Error while loading public SSL key from file "${this.filename}" (${error})`);
return;
}
}
node.http_server = stoppable(http.createServer(options, node.app), GRACE_MILLISECONDS);
} else {
if (node.config.verbose) node._debug("Use the Node-RED port");
}
Expand Down Expand Up @@ -306,6 +340,7 @@ module.exports = function (RED) {
node.UnregisterUrl();
if (node.handler) {
if (node.config.verbose) node._debug("Stopping server");
node.http_server.closeAllConnections();
node.http_server.stop(function (err, grace) {
if (node.config.verbose) node._debug("Server stopped " + grace + " " + err);
});
Expand Down Expand Up @@ -2172,6 +2207,8 @@ module.exports = function (RED) {
credentials: {
username: { type: "text" },
password: { type: "password" },
publickey: { type: "text" },
privatekey: { type: "text" },
your_client_id: { type: "text" },
your_secret: { type: "password" },
oa2_client_id: { type: "text" },
Expand Down
12 changes: 10 additions & 2 deletions alexa/locales/en-US/alexa-adapter.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,17 @@ <h3>Details</h3>

<p><code>Event endpoint</code>: the endpoint for your region. See <a href="https://developer.amazon.com/en-US/docs/alexa/smarthome/develop-smart-home-skills-in-multiple-languages.html#send-events-to-the-correct-url">Send Events to the Correct URL</a>.</p>

<p><code>HTTP Port</code>: the server port waiting for Alexa messages. If filled, the node starts the server to the specified port, if empty or 0, use the same Node-RED port. You need to redirect to this port the HTTPS traffic sent to the path specified in the <code>HTTP Path</code>.</p>
<p><code>HTTP(s) Port</code>: the server port waiting for Alexa messages. If filled, the node starts the server to the specified port, if empty or 0, use the same Node-RED port. You need to redirect to this port the HTTPS traffic sent to the path specified in the <code>HTTP(s) Path</code>.</p>

<p><code>HTTP Path</code>: the server path prefix. The default value is <code>alexa</code>. If You change it, You need to adapt all the URI in the Amazon configuration.</p>
<p><code>HTTP(s) Path</code>: the server path prefix. The default value is <code>alexa</code>. If You change it, You need to adapt all the URI in the Amazon configuration.</p>

<p><code>Use http Node-RED root path</code>: If enabled, use the same http root path prefix configured for Node-RED. Otherwise, no prefix will be used.<p>

<p><code>HTTPS server</code>: If enabled, the smarthome service will use HTTPS instead of HTTP. Uncheck if you want to do SSL termination on a reverse proxy.</p>

<p><code>Public Key</code>: Path to the file containing the certificate public SSL key, e.g. `fullchain.pem` from Let's Encrypt. Can be an absolute path or a path relative to Node-REDs user dir (where your settings.js, flows.json etc. are stored).</p>
<p><code>Private Key</code>: Path to the file containing the certificate private SSL key, e.g. `privkey.pem` from Let's Encrypt. Can be an absolute path or a path relative to Node-REDs user dir (where your settings.js, flows.json etc. are stored).</p>

<p><code>Verbose log</code>: enable it only for troubleshooting.</p>

Expand Down
6 changes: 6 additions & 0 deletions alexa/locales/en-US/alexa-adapter.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@
"secirity_profile_web_settings": "Security Profile Web Settings",
"local_credentials": "Local credentials",
"http_server": "HTTP(s) Server",
"usehttpnoderoot": "Use http Node-RED root path",
"https_server": "HTTPS server",
"publickey": "Public Key",
"privatekey": "Private Key",
"skill_info": "Alexa Skill info",
"emails": "Allowed emails",
"event_endpoint": "Event endpoint",
Expand All @@ -38,6 +42,8 @@
"oa2_secret": "Oauth Secret",
"port": "HTTP Port, empty or zero for the Node-RED port",
"http_path": "HTTP Path",
"publickey": "Certificate public key filename",
"privatekey": "Certificate private key filename",
"event_endpoint": "Event endpoint",
"scope": "Scope"
},
Expand Down
12 changes: 10 additions & 2 deletions alexa/locales/it_IT/alexa-adapter.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,17 @@ <h3>Dettagli</h3>

<p><code>URL dell'Event endpoint</code>: l'URL dell'Event endpoint relativo alla tua zona geografica. Per l'Europa è <code>https://api.eu.amazonalexa.com/v3/events</code>. Vedi <a href="https://developer.amazon.com/en-US/docs/alexa/smarthome/develop-smart-home-skills-in-multiple-languages.html#send-events-to-the-correct-url">Send Events to the Correct URL</a> per ulteriori informazioni.</p>

<p><code>Porta del server HTTP</code>: la porta del server HTTP che riceve i messaggi di Alexa. Se specificata, il nodo crea un server in ascolto sulla porta specificata, se vuoto o 0, usa la stessa porta di Node-REDt. Devi ridirigere a questa porta il traffico HTTPS inviato al percorso specificato in <code>/Percorso del server HTTP/</code>.</p>
<p><code>Porta del server HTTP(s)</code>: la porta del server HTTP(s) che riceve i messaggi di Alexa. Se specificata, il nodo crea un server in ascolto sulla porta specificata, se vuoto o 0, usa la stessa porta di Node-REDt. Devi ridirigere a questa porta il traffico HTTPS inviato al percorso specificato in <code>/Percorso del server HTTP(s)/</code>.</p>

<p><code>Percorso del server HTTP</code>: il percorso del server HTTP. Il valore predefinito è <code>alexa</code>. Se diverso, devi adattare tutti gli URI nella configurazione fatta sui server di Amazon.</p>
<p><code>Percorso del server HTTP(s)</code>: il percorso del server HTTP(s). Il valore predefinito è <code>alexa</code>. Se diverso, devi adattare tutti gli URI nella configurazione fatta sui server di Amazon.</p>

<p><code>Usa il percorso radice http di Node-RED</code>: Se abilitato, usa come prefizzo del percorso il perforso configurato per Node-RED, altrimenti usa /.</p>

<p><code>Server HTTPS</code>: Se disabilitato, la cifratura SSL non sarà gestita da questo nodo e deve essere configurata altrove, ad esempio usando un reverse proxy.</p>

<p><code>Chiave pubblica</code>: Percorso (assoluto o relativo alla cartella di Node-RED) del file contenente la chiave pubblica del certificato, es:. `fullchain.pem` scaricato da Let's Encrypt.</p>
<p><code>Chiave privata</code>: Percorso (assoluto o relativo alla cartella di Node-RED) del file contenente la chiave privata del certificato, es:. `privkey.pem` scaricato da Let's Encrypt.</p>

<p><code>Log dettagliato</code>: fornisce più informazioni, abilitalo solo per la risoluzione dei problemi.</p>

Expand Down
6 changes: 6 additions & 0 deletions alexa/locales/it_IT/alexa-adapter.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@
"secirity_profile_web_settings": "Impostazioni del profilo di sicurezza WEB",
"local_credentials": "Credenziali locali",
"http_server": "Server HTTP(s) ",
"usehttpnoderoot": "Usa il percorso radice http di Node-RED",
"https_server": "Server HTTPS",
"publickey": "Chiave pubblica",
"privatekey": "Chiave privata",
"skill_info": "Informazioni Skill Alexa",
"emails": "Email consentite",
"event_endpoint": "URL dell'Event endpoint",
Expand All @@ -38,6 +42,8 @@
"oa2_secret": "Segreto",
"port": "Porta del server HTTP, zero o vuoto per usare la porta di Node-RED",
"http_path": "Percorso del server HTTP",
"publickey": "File con la chiave pubblica del certificato",
"privatekey": "File con la chiave privata del certificato",
"event_endpoint": "URL dell'Event endpoint",
"scope": "Scopo, e.g.: smart_home"
},
Expand Down

0 comments on commit 28c3f50

Please sign in to comment.