proxy-pac-proxy

1.0.12 • Public • Published

proxy-pac-proxy

Forwarding proxy with support for upstream proxy.pac resolution and BASIC authentication

Software development in network environments where Internet access is forced through dynamically configured HTTP proxies is a pain. The simple use of common package managers such as npm, pip, gem or docker -- perhaps in combination with services and repositories on the local network -- requires reverse engineering of a proxy.pac file and the configuration of arbitrarily complicated combinations of the usual *_PROXY environment variables. Worse, if the proxy requires authentication, passwords will quickly spread across environment variables, *_history files and whatnot.

Proxy-pac-proxy tries to alleviate at least some of that pain.

Installation

Note: proxy-pac-proxy requires at least Node v7.6.0

Note2: installation requires access to the public npmjs.com repository. That is straightforward when connected to a public network, but may be tricky in those network environments where proxy-pac-proxy is needed. In the latter case, npm can be instructed to access the Internet through a previously discovered HTTP proxy by using the --https-proxy option. This is needed only at installation time; afterwards proxy-pac-proxy can take care of the problem

To install proxy-pac-proxy on your system run:

$ npm install -g proxy-pac-proxy

Quick Start

Export the proxy.pac URL (optional, but if the environment variable is not set, the URL will need to be provided on the command line with the -u option):

$ export PROXYPACPROXY_URL=http://intranet.mycompany.com/proxy.pac

Start the forwarding proxy server with authentication:

$ proxy-pac-proxy start -A
Username: joedoe
Password for joedoe: [hidden]
Proxy succesfully started.
You may configure your shell by running the `proxy-pac-proxy env` command.

From this point on, in any shell it will be possible to automatically configure all the appropriate *_PROXY environment variables for steering traffic through the new forwarding proxy:

$ eval $(proxy-pac-proxy env)

Test:

$ curl -v http://example.com
* Rebuilt URL to: http://example.com/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to (nil) (127.0.0.1) port 8079 (#0)
> GET http://example.com/ HTTP/1.1
> Host: example.com
> User-Agent: curl/7.52.1
> Accept: */*
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 200 OK
< date: Sat, 30 Sep 2017 09:16:36 GMT
< etag: "359670651+ident"
< vary: Accept-Encoding
< server: ECS (dca/24D1)
< expires: Sat, 07 Oct 2017 09:16:36 GMT
< x-cache: HIT, HIT from 10.29.176.45
< content-type: text/html
< cache-control: max-age=604800
< last-modified: Fri, 09 Aug 2013 23:54:35 GMT
< content-length: 1270
< proxy-connection: Keep-Alive
< Connection: keep-alive
< ...

Retrieving the proxy.pac URL

The proxy.pac URL is often configured automatically, in ways that depend on the operating system and the IT/network administration policies (e.g. autodiscovery, remote admin...). One simple cross-platform way to retrieve the URL is on the chrome://net-internals tab in Chrome:

Chrome net-internals screenshot

Usage

proxy-pac-proxy start

Start a local instance of a forwarding proxy that can be controlled through the stop and env commands.

$ proxy-pac-proxy start --help
proxy-pac-proxy start [options]

Options:
  --url, -u               The proxy.pac URL                 [string] [required]
  --address, -a           The local address the proxy will bind to
                                                [string] [default: "127.0.0.1"]
  --port, -p              The local port the proxy will bind to
                                                       [number] [default: 8079]
  --authenticate, -A      Prompt for username and password for proxy
                          authentication             [boolean] [default: false]
  --username, --user, -U  The username for proxy authentication        [string]
  --password, --pass, -P  The password for proxy authentication        [string]
  --foreground, -f        Run in foreground          [boolean] [default: false]
  -h, --help              Show help                                   [boolean]
  -v, --version           Show version number                         [boolean]

proxy-pac-proxy stop

Stop the local forwarding proxy instance.

$ proxy-pac-proxy stop --help
proxy-pac-proxy stop [options]

Options:

  --address, -a           The local address the proxy is bound to
                                                [string] [default: "127.0.0.1"]
  --port, -p              The local port the proxy is bound to
                                                       [number] [default: 8079]
  -h, --help              Show help                                   [boolean]
  -v, --version           Show version number                         [boolean]

proxy-pac-proxy env

Display the commands to configure the shell environment.

$ proxy-pac-proxy env --help
proxy-pac-proxy env [options]

Options:
  --address, -a           The local address the proxy is bound to
                                                [string] [default: "127.0.0.1"]
  --port, -p              The local port the proxy is bound to
                                                       [number] [default: 8079]
  --reset, -r             Display commands to reset the environment
                                                     [boolean] [default: false]
  -h, --help              Show help                                   [boolean]
  -v, --version           Show version number                         [boolean]

Limitations

  • Only supports BASIC Authentication

  • Only slightly more secure than storing credentials in environment variables. With BASIC authentication Base64-encoded passwords are transmitted in clear

    • Do not use authentication unless you totally trust the local network administrator; if that's not the case, then leave authentication unset (i.e. don't use -A or -U options) and rely on application-based authentication
  • The env command only displays commands for bash. Commands for other shells can be easily derived, but at this point that's a job that must be done manually

Readme

Keywords

Package Sidebar

Install

npm i proxy-pac-proxy

Weekly Downloads

1

Version

1.0.12

License

Apache-2.0

Unpacked Size

76.8 kB

Total Files

14

Last publish

Collaborators

  • emarock