2024-03-22 17:18:02 +00:00
|
|
|
|
import {
|
|
|
|
|
BackendApi,
|
|
|
|
|
CassandraProxyEndpoints,
|
|
|
|
|
JunoEndpoints,
|
|
|
|
|
MongoProxyEndpoints,
|
|
|
|
|
PortalBackendEndpoints,
|
|
|
|
|
} from "Common/Constants";
|
|
|
|
|
import { configContext } from "ConfigContext";
|
2022-01-24 21:06:43 +00:00
|
|
|
|
import * as Logger from "../Common/Logger";
|
|
|
|
|
|
|
|
|
|
export function validateEndpoint(
|
|
|
|
|
endpointToValidate: string | undefined,
|
2023-10-03 16:13:24 +01:00
|
|
|
|
allowedEndpoints: ReadonlyArray<string>,
|
2022-01-24 21:06:43 +00:00
|
|
|
|
): boolean {
|
|
|
|
|
try {
|
|
|
|
|
return validateEndpointInternal(
|
|
|
|
|
endpointToValidate,
|
2023-10-03 16:13:24 +01:00
|
|
|
|
allowedEndpoints.map((e) => e),
|
2022-01-24 21:06:43 +00:00
|
|
|
|
);
|
|
|
|
|
} catch (reason) {
|
|
|
|
|
Logger.logError(`${endpointToValidate} not allowed`, "validateEndpoint");
|
|
|
|
|
Logger.logError(`${JSON.stringify(reason)}`, "validateEndpoint");
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function validateEndpointInternal(
|
|
|
|
|
endpointToValidate: string | undefined,
|
2023-10-03 16:13:24 +01:00
|
|
|
|
allowedEndpoints: ReadonlyArray<string>,
|
2022-01-24 21:06:43 +00:00
|
|
|
|
): boolean {
|
|
|
|
|
if (endpointToValidate === undefined) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const originToValidate: string = new URL(endpointToValidate).origin;
|
|
|
|
|
const allowedOrigins: string[] = allowedEndpoints.map((allowedEndpoint) => new URL(allowedEndpoint).origin) || [];
|
|
|
|
|
const valid = allowedOrigins.indexOf(originToValidate) >= 0;
|
|
|
|
|
|
|
|
|
|
if (!valid) {
|
|
|
|
|
throw new Error(
|
2023-10-03 16:13:24 +01:00
|
|
|
|
`${endpointToValidate} is not an allowed endpoint. Allowed endpoints are ${allowedEndpoints.toString()}`,
|
2022-01-24 21:06:43 +00:00
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return valid;
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-03 19:47:50 +01:00
|
|
|
|
export const defaultAllowedArmEndpoints: ReadonlyArray<string> = [
|
2023-12-20 13:53:02 +00:00
|
|
|
|
"https://api-dogfood.resources.windows-int.net/",
|
2022-01-24 21:06:43 +00:00
|
|
|
|
"https://management.azure.com",
|
|
|
|
|
"https://management.usgovcloudapi.net",
|
|
|
|
|
"https://management.chinacloudapi.cn",
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
export const allowedAadEndpoints: ReadonlyArray<string> = ["https://login.microsoftonline.com/"];
|
|
|
|
|
|
2023-08-03 19:47:50 +01:00
|
|
|
|
export const defaultAllowedBackendEndpoints: ReadonlyArray<string> = [
|
2022-01-24 21:06:43 +00:00
|
|
|
|
"https://main.documentdb.ext.azure.com",
|
2022-01-29 02:43:34 +00:00
|
|
|
|
"https://main.documentdb.ext.azure.cn",
|
|
|
|
|
"https://main.documentdb.ext.azure.us",
|
2022-08-16 18:15:26 +01:00
|
|
|
|
"https://main.cosmos.ext.azure",
|
2022-01-24 21:06:43 +00:00
|
|
|
|
"https://localhost:12901",
|
|
|
|
|
"https://localhost:1234",
|
|
|
|
|
];
|
|
|
|
|
|
2023-09-20 01:12:41 +01:00
|
|
|
|
export const PortalBackendIPs: { [key: string]: string[] } = {
|
|
|
|
|
"https://main.documentdb.ext.azure.com": ["104.42.195.92", "40.76.54.131"],
|
|
|
|
|
// DE doesn't talk to prod2 (main2) but it might be added
|
|
|
|
|
//"https://main2.documentdb.ext.azure.com": ["104.42.196.69"],
|
|
|
|
|
"https://main.documentdb.ext.azure.cn": ["139.217.8.252"],
|
|
|
|
|
"https://main.documentdb.ext.azure.us": ["52.244.48.71"],
|
|
|
|
|
// Add ussec and usnat when endpoint address is known:
|
|
|
|
|
//ussec: ["29.26.26.67", "29.26.26.66"],
|
|
|
|
|
//usnat: ["7.28.202.68"],
|
|
|
|
|
};
|
|
|
|
|
|
2024-02-22 20:53:01 +00:00
|
|
|
|
export const MongoProxyOutboundIPs: { [key: string]: string[] } = {
|
|
|
|
|
[MongoProxyEndpoints.Mpac]: ["20.245.81.54", "40.118.23.126"],
|
|
|
|
|
[MongoProxyEndpoints.Prod]: ["40.80.152.199", "13.95.130.121"],
|
|
|
|
|
[MongoProxyEndpoints.Fairfax]: ["52.244.176.112", "52.247.148.42"],
|
|
|
|
|
[MongoProxyEndpoints.Mooncake]: ["52.131.240.99", "143.64.61.130"],
|
|
|
|
|
};
|
2024-02-09 15:58:10 +00:00
|
|
|
|
|
2022-01-24 21:06:43 +00:00
|
|
|
|
export const allowedMongoProxyEndpoints: ReadonlyArray<string> = [
|
2024-04-18 00:01:12 +01:00
|
|
|
|
MongoProxyEndpoints.Local,
|
2024-02-22 20:53:01 +00:00
|
|
|
|
MongoProxyEndpoints.Mpac,
|
2024-02-09 15:58:10 +00:00
|
|
|
|
MongoProxyEndpoints.Prod,
|
|
|
|
|
MongoProxyEndpoints.Fairfax,
|
|
|
|
|
MongoProxyEndpoints.Mooncake,
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
export const allowedMongoProxyEndpoints_ToBeDeprecated: ReadonlyArray<string> = [
|
2022-01-24 21:06:43 +00:00
|
|
|
|
"https://main.documentdb.ext.azure.com",
|
2022-01-29 02:43:34 +00:00
|
|
|
|
"https://main.documentdb.ext.azure.cn",
|
|
|
|
|
"https://main.documentdb.ext.azure.us",
|
2022-08-16 18:15:26 +01:00
|
|
|
|
"https://main.cosmos.ext.azure",
|
2022-01-24 21:06:43 +00:00
|
|
|
|
"https://localhost:12901",
|
|
|
|
|
];
|
|
|
|
|
|
2024-02-22 20:53:01 +00:00
|
|
|
|
export const allowedCassandraProxyEndpoints: ReadonlyArray<string> = [
|
|
|
|
|
CassandraProxyEndpoints.Development,
|
|
|
|
|
CassandraProxyEndpoints.Mpac,
|
|
|
|
|
CassandraProxyEndpoints.Prod,
|
|
|
|
|
CassandraProxyEndpoints.Fairfax,
|
|
|
|
|
CassandraProxyEndpoints.Mooncake,
|
|
|
|
|
];
|
|
|
|
|
|
2024-03-11 22:17:01 +00:00
|
|
|
|
export const allowedCassandraProxyEndpoints_ToBeDeprecated: ReadonlyArray<string> = [
|
|
|
|
|
"https://main.documentdb.ext.azure.com",
|
|
|
|
|
"https://main.documentdb.ext.azure.cn",
|
|
|
|
|
"https://main.documentdb.ext.azure.us",
|
|
|
|
|
"https://main.cosmos.ext.azure",
|
|
|
|
|
"https://localhost:12901",
|
|
|
|
|
];
|
|
|
|
|
|
2024-02-22 20:53:01 +00:00
|
|
|
|
export const CassandraProxyOutboundIPs: { [key: string]: string[] } = {
|
|
|
|
|
[CassandraProxyEndpoints.Mpac]: ["40.113.96.14", "104.42.11.145"],
|
|
|
|
|
[CassandraProxyEndpoints.Prod]: ["137.117.230.240", "168.61.72.237"],
|
|
|
|
|
[CassandraProxyEndpoints.Fairfax]: ["52.244.50.101", "52.227.165.24"],
|
|
|
|
|
[CassandraProxyEndpoints.Mooncake]: ["40.73.99.146", "143.64.62.47"],
|
|
|
|
|
};
|
|
|
|
|
|
2022-01-24 21:06:43 +00:00
|
|
|
|
export const allowedEmulatorEndpoints: ReadonlyArray<string> = ["https://localhost:8081"];
|
|
|
|
|
|
|
|
|
|
export const allowedMongoBackendEndpoints: ReadonlyArray<string> = ["https://localhost:1234"];
|
|
|
|
|
|
2023-09-28 19:42:40 +01:00
|
|
|
|
export const allowedGraphEndpoints: ReadonlyArray<string> = ["https://graph.microsoft.com"];
|
2022-01-24 21:06:43 +00:00
|
|
|
|
|
|
|
|
|
export const allowedArcadiaEndpoints: ReadonlyArray<string> = ["https://workspaceartifacts.projectarcadia.net"];
|
|
|
|
|
|
|
|
|
|
export const allowedHostedExplorerEndpoints: ReadonlyArray<string> = ["https://cosmos.azure.com/"];
|
|
|
|
|
|
|
|
|
|
export const allowedMsalRedirectEndpoints: ReadonlyArray<string> = [
|
|
|
|
|
"https://cosmos-explorer-preview.azurewebsites.net/",
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
export const allowedJunoOrigins: ReadonlyArray<string> = [
|
|
|
|
|
JunoEndpoints.Test,
|
|
|
|
|
JunoEndpoints.Test2,
|
|
|
|
|
JunoEndpoints.Test3,
|
|
|
|
|
JunoEndpoints.Prod,
|
|
|
|
|
JunoEndpoints.Stage,
|
|
|
|
|
"https://localhost",
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
export const allowedNotebookServerUrls: ReadonlyArray<string> = [];
|
2024-03-22 17:18:02 +00:00
|
|
|
|
|
2024-04-04 18:18:50 +01:00
|
|
|
|
//
|
|
|
|
|
// Temporary function to determine if a portal backend API is supported by the
|
|
|
|
|
// new backend in this environment.
|
|
|
|
|
//
|
|
|
|
|
// TODO: Remove this function once new backend migration is completed for all environments.
|
|
|
|
|
//
|
|
|
|
|
export function useNewPortalBackendEndpoint(backendApi: string): boolean {
|
|
|
|
|
// This maps backend APIs to the environments supported by the new backend.
|
|
|
|
|
const newBackendApiEnvironmentMap: { [key: string]: string[] } = {
|
2024-04-24 20:04:01 +01:00
|
|
|
|
[BackendApi.GenerateToken]: [
|
|
|
|
|
PortalBackendEndpoints.Development,
|
|
|
|
|
PortalBackendEndpoints.Mpac,
|
|
|
|
|
PortalBackendEndpoints.Prod,
|
|
|
|
|
],
|
2024-04-22 22:34:20 +01:00
|
|
|
|
[BackendApi.PortalSettings]: [
|
|
|
|
|
PortalBackendEndpoints.Development,
|
|
|
|
|
PortalBackendEndpoints.Mpac,
|
|
|
|
|
PortalBackendEndpoints.Prod,
|
|
|
|
|
],
|
2024-04-04 18:18:50 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if (!newBackendApiEnvironmentMap[backendApi] || !configContext.PORTAL_BACKEND_ENDPOINT) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return newBackendApiEnvironmentMap[backendApi].includes(configContext.PORTAL_BACKEND_ENDPOINT);
|
2024-03-22 17:18:02 +00:00
|
|
|
|
}
|