Add option to not run as system proxy and do not install self-signed cert (#530)

* Add --do-not-act-as-system-proxy option #505

* Add --do-not-install-self-signed-cert option #505

* Remove unnecessary launch settings

* Rename launch options to avoid double negations

* Run EnsureRootCertificate only on non-windows OS

* Rework AsSystemProxy condition

* Combine conditions in FirstRunSetup

* Update --as-system-proxy description

* Unify EOL in ProxyHost

* Adds comment

* Update ProxyHost.cs

* Change loading of cert if it should not be installed

---------

Co-authored-by: Waldek Mastykarz <[email protected]>

Author: ohaucke

Diff for: dev-proxy/Properties/launchSettings.json

@@ -18,6 +18,8 @@ public class ProxyCommandHandler : ICommandHandler
     public Option<IEnumerable<string>?> WatchProcessNames { get; set; }
     public Option<int?> Rate { get; set; }
     public Option<bool?> NoFirstRun { get; set; }
+    public Option<bool?> AsSystemProxy { get; set; }
+    public Option<bool?> InstallCert { get; set; }
 
     private readonly PluginEvents _pluginEvents;
     private readonly ISet<UrlToWatch> _urlsToWatch;
@@ -31,6 +33,8 @@ public ProxyCommandHandler(Option<int?> port,
                                Option<IEnumerable<string>?> watchProcessNames,
                                Option<int?> rate,
                                Option<bool?> noFirstRun,
+                               Option<bool?> asSystemProxy,
+                               Option<bool?> installCert,
                                PluginEvents pluginEvents,
                                ISet<UrlToWatch> urlsToWatch,
                                ILogger logger)
@@ -43,6 +47,8 @@ public ProxyCommandHandler(Option<int?> port,
         WatchProcessNames = watchProcessNames ?? throw new ArgumentNullException(nameof(watchProcessNames));
         Rate = rate ?? throw new ArgumentNullException(nameof(rate));
         NoFirstRun = noFirstRun ?? throw new ArgumentNullException(nameof(noFirstRun));
+        AsSystemProxy = asSystemProxy ?? throw new ArgumentNullException(nameof(asSystemProxy));
+        InstallCert = installCert ?? throw new ArgumentNullException(nameof(installCert));
         _pluginEvents = pluginEvents ?? throw new ArgumentNullException(nameof(pluginEvents));
         _urlsToWatch = urlsToWatch ?? throw new ArgumentNullException(nameof(urlsToWatch));
         _logger = logger ?? throw new ArgumentNullException(nameof(logger));
@@ -95,6 +101,16 @@ public async Task<int> InvokeAsync(InvocationContext context)
         {
             Configuration.NoFirstRun = noFirstRun.Value;
         }
+        var asSystemProxy = context.ParseResult.GetValueForOption(AsSystemProxy);
+        if (asSystemProxy is not null)
+        {
+            Configuration.AsSystemProxy = asSystemProxy.Value;
+        }
+        var installCert = context.ParseResult.GetValueForOption(InstallCert);
+        if (installCert is not null)
+        {
+            Configuration.InstallCert = installCert.Value;
+        }
 
         CancellationToken? cancellationToken = (CancellationToken?)context.BindingContext.GetService(typeof(CancellationToken?));
 

Diff for: dev-proxy/ProxyCommandHandler.cs

@@ -36,6 +36,8 @@ public class ProxyConfiguration : IProxyConfiguration
     [JsonPropertyName("rate")]
     public int Rate { get; set; } = 50;
     public bool NoFirstRun { get; set; } = false;
+    public bool AsSystemProxy { get; set; } = true;
+    public bool InstallCert { get; set; } = true;
     public string ConfigFile { get; set; } = "devproxyrc.json";
     [JsonPropertyName("newVersionNotification")]
     [JsonConverter(typeof(JsonStringEnumConverter))]

Diff for: dev-proxy/ProxyConfiguration.cs

@@ -86,6 +86,10 @@ public async Task Run(CancellationToken? cancellationToken)
 
         _proxyServer.CertificateManager.RootCertificateName = "Dev Proxy CA";
         _proxyServer.CertificateManager.CertificateStorage = new CertificateDiskCache();
+        // we need to change this to a value lower than 397
+        // to avoid the ERR_CERT_VALIDITY_TOO_LONG error in Edge
+        _proxyServer.CertificateManager.CertificateValidDays = 365;
+        _proxyServer.CertificateManager.CreateRootCertificate();
         _proxyServer.BeforeRequest += OnRequest;
         _proxyServer.BeforeResponse += OnBeforeResponse;
         _proxyServer.AfterResponse += OnAfterResponse;
@@ -95,18 +99,16 @@ public async Task Run(CancellationToken? cancellationToken)
 
         var ipAddress = string.IsNullOrEmpty(_config.IPAddress) ? IPAddress.Any : IPAddress.Parse(_config.IPAddress);
         _explicitEndPoint = new ExplicitProxyEndPoint(ipAddress, _config.Port, true);
-        if (!RunTime.IsWindows)
+        // Fired when a CONNECT request is received
+        _explicitEndPoint.BeforeTunnelConnectRequest += OnBeforeTunnelConnectRequest;
+        if (_config.InstallCert)
         {
-            // we need to change this to a value lower than 397
-            // to avoid the ERR_CERT_VALIDITY_TOO_LONG error in Edge
-            _proxyServer.CertificateManager.CertificateValidDays = 365;
-            // we need to call it explicitly for non-Windows OSes because it's
-            // a part of the SetAsSystemHttpProxy that works only on Windows
             _proxyServer.CertificateManager.EnsureRootCertificate();
         }
-
-        // Fired when a CONNECT request is received
-        _explicitEndPoint.BeforeTunnelConnectRequest += OnBeforeTunnelConnectRequest;
+        else
+        {
+            _explicitEndPoint.GenericCertificate = _proxyServer.CertificateManager.LoadRootCertificate();
+        }
 
         _proxyServer.AddEndPoint(_explicitEndPoint);
         _proxyServer.Start();
@@ -119,18 +121,24 @@ public async Task Run(CancellationToken? cancellationToken)
             _logger.LogInfo($"Listening on {endPoint.IpAddress}:{endPoint.Port}...");
         }
 
-        if (RunTime.IsWindows)
-        {
-            // Only explicit proxies can be set as system proxy!
-            _proxyServer.SetAsSystemHttpsProxy(_explicitEndPoint);
-        }
-        else if (RunTime.IsMac)
+        if (_config.AsSystemProxy)
         {
-            ToggleSystemProxy(ToggleSystemProxyAction.On, _config.IPAddress, _config.Port);
+            if (RunTime.IsWindows)
+            {
+                _proxyServer.SetAsSystemHttpsProxy(_explicitEndPoint);
+            }
+            else if (RunTime.IsMac)
+            {
+                ToggleSystemProxy(ToggleSystemProxyAction.On, _config.IPAddress, _config.Port);
+            }
+            else
+            {
+                _logger.LogWarn("Configure your operating system to use this proxy's port and address");
+            }
         }
         else
         {
-            _logger.LogWarn("Configure your operating system to use this proxy's port and address");
+            _logger.LogInfo("Configure your application to use this proxy's port and address");
         }
 
         _logger.LogInfo("Press CTRL+C to stop Dev Proxy");
@@ -156,7 +164,8 @@ private void FirstRunSetup()
     {
         if (!RunTime.IsMac ||
             _config.NoFirstRun ||
-            !IsFirstRun())
+            !IsFirstRun() ||
+            !_config.InstallCert)
         {
             return;
         }
@@ -340,7 +349,7 @@ private void StopProxy()
                 _proxyServer.Stop();
             }
 
-            if (RunTime.IsMac)
+            if (RunTime.IsMac && _config.AsSystemProxy)
             {
                 ToggleSystemProxy(ToggleSystemProxyAction.Off);
             }
@@ -562,4 +571,4 @@ Task OnCertificateSelection(object sender, CertificateSelectionEventArgs e)
         // set e.clientCertificate to override
         return Task.CompletedTask;
     }
-}
+}

Diff for: dev-proxy/ProxyEngine.cs

@@ -19,6 +19,8 @@ internal class ProxyHost
     private static Option<string?>? _configFileOption;
     private Option<int?> _rateOption;
     private Option<bool?> _noFirstRunOption;
+    private Option<bool?> _asSystemProxyOption;
+    private Option<bool?> _installCertOption;
     private static Option<IEnumerable<string>?>? _urlsToWatchOption;
 
     private static bool _configFileResolved = false;
@@ -216,6 +218,21 @@ public ProxyHost()
 
         _noFirstRunOption = new Option<bool?>("--no-first-run", "Skip the first run experience");
 
+        _asSystemProxyOption = new Option<bool?>("--as-system-proxy", "Set Dev Proxy as the system proxy");
+        _asSystemProxyOption.SetDefaultValue(true);
+
+        _installCertOption = new Option<bool?>("--install-cert", "Install self-signed certificate");
+        _installCertOption.SetDefaultValue(true);
+        _installCertOption.AddValidator((input) =>
+        {
+            var asSystemProxy = input.GetValueForOption(_asSystemProxyOption) ?? true;
+            var installCert = input.GetValueForOption(_installCertOption) ?? true;
+            if (asSystemProxy && !installCert)
+            {
+                input.ErrorMessage = $"Requires option '--{_asSystemProxyOption.Name}' to be 'false'";
+            }
+        });
+
         _urlsToWatchOption = new("--urls-to-watch", "The list of URLs to watch for requests")
         {
             ArgumentHelpName = "urlsToWatch",
@@ -243,6 +260,8 @@ public RootCommand GetRootCommand(ILogger logger)
             // `ProxyCommandHandler.Configuration`. As such, it's always set here
             _configFileOption!,
             _noFirstRunOption,
+            _asSystemProxyOption,
+            _installCertOption,
             // _urlsToWatchOption is set while initialize the Program
             // As such, it's always set here
             _urlsToWatchOption!
@@ -256,7 +275,7 @@ public RootCommand GetRootCommand(ILogger logger)
         command.Add(msGraphDbCommand);
 
         var presetCommand = new Command("preset", "Manage Dev Proxy presets");
-        
+
         var presetGetCommand = new Command("get", "Download the specified preset from the Sample Solution Gallery");
         var presetIdArgument = new Argument<string>("preset-id", "The ID of the preset to download");
         presetGetCommand.AddArgument(presetIdArgument);
@@ -268,6 +287,6 @@ public RootCommand GetRootCommand(ILogger logger)
         return command;
     }
 
-    public ProxyCommandHandler GetCommandHandler(PluginEvents pluginEvents, ISet<UrlToWatch> urlsToWatch, ILogger logger) => new ProxyCommandHandler(_portOption, _ipAddressOption, _logLevelOption!, _recordOption, _watchPidsOption, _watchProcessNamesOption, _rateOption, _noFirstRunOption, pluginEvents, urlsToWatch, logger);
+    public ProxyCommandHandler GetCommandHandler(PluginEvents pluginEvents, ISet<UrlToWatch> urlsToWatch, ILogger logger) => new ProxyCommandHandler(_portOption, _ipAddressOption, _logLevelOption!, _recordOption, _watchPidsOption, _watchProcessNamesOption, _rateOption, _noFirstRunOption, _asSystemProxyOption, _installCertOption, pluginEvents, urlsToWatch, logger);
 }