mercure
Mercure Hub & Publisher implemented in Node.js.
Note : this npm package has been transfered for a new project by the initial owner, which serves a totally different purpose. This new version is an implementation of the Mercure protocol. The previous mercure
package had 1 release (0.0.1
) and served as a file downloader. You can still access it : https://www.npmjs.com/package/mercure/v/0.0.1. Please make sure to lock this version in your package.json
file, as the new versions will begin at 0.0.2
and will keep following the semver versioning.
TODOs
- CORS
- Hearthbeat mechanism (https://github.com/dunglas/mercure/pull/53)
- Docker image (iso with official image)
- Prometheus metrics exporter
- Events database
- Export authorization.js mechanism
- Discovery helpers
- Increase code quality score
- JSDoc
- Logging
- Unit tests
- Find a way to clear Redis if the process gets interrupted
- Benchmarks
State
This is a beta version. This has not fully been tested in production yet.
Requirements
- node.js >= 11.7.0
- Redis (optional)
Features
- 100% implementation of the protocol
- Events asymmetric encryption
- Easy integration to any existing app using
http.Server
orexpress
- Redis-based clustering support
- Inventory of all open connections stored in Redis, per node process
- Kill switch
Future improvements
- Implement as a lambda function ?
Installation
npm install mercure --save
Usage
This library provides 3 components : a Hub
, a Server
and a Publisher
:
Simple hub
The Hub
class is the core component that uses a simple http.Server
instance. An existing instance can be provided to the Hub
, thus the Hub will use it instead of creating a new one.
Use case : implanting the hub on an existing http.Server
app, without the need to handle external publishers (only the app does the publishing).
It handles :
- the SSE connections
- the events database
- the authorization mechanism
- events related to the Hub activity
const http = ;const Hub = ; const server = http; const hub = server jwtKey: '!UnsecureChangeMe!' path: '/hub'; hub;
Hub server
The Server
is built upon the Hub
component. It creates a new Express instance and allows external publishers to POST
an event to the hub.
Use case : implanting he hub on an new application that is meant to accept external publishers, with no other HTTP server ... or one listening on a different port.
It handles everything the Hub
does, plus :
- a freshly created Express instance, built upon the Hub's
http.Server
(middlewares can be applied to enhance security) - external publishers (POST requests)
const Server = ; const server = jwtKey: '!UnsecureChangeMe!' path: '/hub'; server;
Because the Server is leverages Express, it is possible to add middlewares in front of the internal Hub middleware :
const compression = ; { thisapp; } const server = ...;
Publisher
It can be created in different ways :
- using an existing
Hub
instance (when the app is meant to be THE ONLY publisher) - using an existing
Server
instance (when the app is meant to be a publisher) - using configuration :
host
,port
... (when the publisher and the hub are distant)
It handles :
- Message publication to the Hub
- Message encryption (optional)
const Publisher = ; const publisher = protocol: 'https' // or 'http', but please don't. host: 'example.com' port: 3000 path: '/hub' jwt: 'PUBLISHER_JWT'; // Payload to send to the subscribers.const data = '@id': 'http://localhost:3000/books/666.jsonld' hello: 'world'; await publisher;
API
API docs can be found in the docs/API.md file.
Encrypting the datas
In certain cases, the Mercure hub can be hosted by a third-party host. You don't really want them to "sniff" all your cleartext messages. To make the Publisher => Hub => Subscriber flow fully encrypted, it is required that the Publisher sends encrypted data.
To achieve this, the Publisher#useEncryption()
method will activate messages encryption. Thus, the Hub will not be able to access your private datas :
const crypto = ;const util = ; const publisher = // ...; const data = message: 'TOP SECRET DATAS' ;const privateKey = await util'rsa' modulusLength: 4096 privateKeyEncoding: type: 'pkcs8' format: 'pem' ; // Start encrypting the events.await publisher; // Will send encrypted datas.await publisher;
Decrypting :
const jose = ; const encryptedData = 'ENCRYPTED DATA';const decrypted = await joseJWE; console;
Kill switch
In case the hub must urgently close all connections (e.g.: in case of compromission of the JWT key), a kill switch is available :
await hub;
The new JWT Key will be output to stdout.
License
GNU GENERAL PUBLIC LICENSE v3.