Skip to content

agrc/serverless-print-proxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

279 Commits

.github

.github

 
 

.vscode

.vscode

 
 

.dockerignore

.dockerignore

 
 

.env.sample

.env.sample

 
 

.gcloudignore

.gcloudignore

 
 

.gitignore

.gitignore

 
 

.node-version

.node-version

 
 

.prettierignore

.prettierignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

accounts.js

accounts.js

 
 

config.js

config.js

 
 

index.js

index.js

 
 

index.test.js

index.test.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Print Proxy

A web service for proxying requests to the Esri print service switching out locked down quad-words for wide open ones.

The Problem

UGRC’s base maps (including the Google imagery) are served via a custom server application called Discover. Part of the advantage of using Discover is that it allows you to secure and track usage via quad-words. These unique words are assigned to a specific user and are locked down to a specific domain or IP address. For example, if my quad-word is locked down to my-domain.com, then requests originating from any other domain or IP address are blocked by Discover. This prevents unauthorized access of licensed content, as well as allows UGRC to track analytics.

This quad-word system works great . . . until you try to use one of Esri’s out-of-the-box print services. When you send a web map to one of these print services, the service reconstructs all of the layers on the server. This causes requests for base maps to be sent from the ArcGIS Server machine rather than the user’s browser (with your domain as the referrer). We do allow wide-open quad-words (i.e., quad-words not locked down to any domain/IP) to be used by those who need to make requests from servers or other local machines. However, the wide-open quad-words can’t be used in web applications because they could be copied and used by unauthorized users.

The Solution

This project solves this problem by acting as a proxy between web applications and Esri print services. When it receives a request, it switches out the locked down quad-word with a wide-open one and then sends it on to the print service. It also scrubs the wide-open quad-word from the response to prevent it from being compromised.

Usage

  1. Open a pull request to add a configuration for a new account.
  2. Use the following url in place of an Esri print service (e.g. default AGOL service):
https://print.agrc.utah.gov/<accountNumber>/arcgis/rest/services/GPServer/export

The account number must have a corresponding key in accounts.js.

Development

One-time Setup

  1. brew install mkcert
  2. mkcert -install
  3. mkcert localhost
  4. Create .env file with print proxy wide open quad-word.
  5. touch .env && echo 'OPEN_QUAD_WORD=<wide-open-quad-word>' >> .env
  6. npm install & npm start

URL Requirements for Web App Builder Print Widget

The print widget performs validation on the URL in the properties form. It appears that it has to match something like:

/https?:\/\/.+\/GPServer\/.*/

If the URL passes validation, then it makes a GET request (arcgis/rest/info?f=json) to get info about the server.

Testing

Run npm test to run jest tests.

There's also an AGOL web app that you can test with.

Deployment

gcp-terraform/print-proxy is used for infrastructure setup and GitHub actions are for updates.

Upgrading NodeJS

Make sure to update Dockerfile and .node-version files.

About

A web service for switching out quad words in print requests to ArcGIS Server.

print.agrc.utah.gov

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Contributors 5

Languages