mirror of
https://github.com/Unleash/unleash.git
synced 2025-02-23 00:22:19 +01:00
chore: expose type and more fixes (#5268)
Expose new interface while also getting rid of unneeded compiler ignores None of the changes should add new security risks, despite this report: > Code scanning results / CodeQL Failing after 4s — 2 new alerts including 2 high severity security vulnerabilities Not sure what that means, maybe a removed ignore...
This commit is contained in:
Gastón Fournier
GitHub
parent
1d9a67189a
commit
6f8f21fd48
@ -4,21 +4,22 @@ import { IUnleashServices } from '../types/services';
|
|||||||
import { IUnleashConfig } from '../types/option';
|
import { IUnleashConfig } from '../types/option';
|
||||||
import ApiUser from '../types/api-user';
|
import ApiUser from '../types/api-user';
|
||||||
import { ApiTokenType } from '../types/models/api-token';
|
import { ApiTokenType } from '../types/models/api-token';
|
||||||
|
import { IAuthRequest } from 'lib/server-impl';
|
||||||
|
import { IApiRequest } from 'lib/routes/unleash-types';
|
||||||
|
|
||||||
function demoAuthentication(
|
function demoAuthentication(
|
||||||
app: Application,
|
app: Application,
|
||||||
basePath: string, // eslint-disable-line
|
basePath: string,
|
||||||
{ userService }: Pick<IUnleashServices, 'userService'>,
|
{ userService }: Pick<IUnleashServices, 'userService'>,
|
||||||
{ authentication }: Pick<IUnleashConfig, 'authentication'>,
|
{ authentication }: Pick<IUnleashConfig, 'authentication'>,
|
||||||
): void {
|
): void {
|
||||||
app.post(`${basePath}/auth/demo/login`, async (req, res) => {
|
app.post(`${basePath}/auth/demo/login`, async (req: IAuthRequest, res) => {
|
||||||
const { email } = req.body;
|
const { email } = req.body;
|
||||||
try {
|
try {
|
||||||
const user = await userService.loginUserWithoutPassword(
|
const user = await userService.loginUserWithoutPassword(
|
||||||
email,
|
email,
|
||||||
true,
|
true,
|
||||||
);
|
);
|
||||||
// @ts-expect-error
|
|
||||||
req.session.user = user;
|
req.session.user = user;
|
||||||
return res.status(200).json(user);
|
return res.status(200).json(user);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
@ -28,19 +29,15 @@ function demoAuthentication(
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
app.use(`${basePath}/api/admin/`, (req, res, next) => {
|
app.use(`${basePath}/api/admin/`, (req: IAuthRequest, res, next) => {
|
||||||
// @ts-expect-error
|
|
||||||
if (req.session.user?.email) {
|
if (req.session.user?.email) {
|
||||||
// @ts-expect-error
|
|
||||||
req.user = req.session.user;
|
req.user = req.session.user;
|
||||||
}
|
}
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
|
|
||||||
app.use(`${basePath}/api/client`, (req, res, next) => {
|
app.use(`${basePath}/api/client`, (req: IApiRequest, res, next) => {
|
||||||
// @ts-expect-error
|
|
||||||
if (!authentication.enableApiToken && !req.user) {
|
if (!authentication.enableApiToken && !req.user) {
|
||||||
// @ts-expect-error
|
|
||||||
req.user = new ApiUser({
|
req.user = new ApiUser({
|
||||||
tokenName: 'unauthed-default-client',
|
tokenName: 'unauthed-default-client',
|
||||||
permissions: [],
|
permissions: [],
|
||||||
@ -53,8 +50,7 @@ function demoAuthentication(
|
|||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
|
|
||||||
app.use(`${basePath}/api`, (req, res, next) => {
|
app.use(`${basePath}/api`, (req: IAuthRequest, res, next) => {
|
||||||
// @ts-expect-error
|
|
||||||
if (req.user) {
|
if (req.user) {
|
||||||
return next();
|
return next();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -7,7 +7,7 @@ import {
|
|||||||
NONE,
|
NONE,
|
||||||
} from '../../types';
|
} from '../../types';
|
||||||
import { Logger } from '../../logger';
|
import { Logger } from '../../logger';
|
||||||
import ApiUser from '../../types/api-user';
|
import { IApiUser } from '../../types/api-user';
|
||||||
import {
|
import {
|
||||||
ClientMetricsSchema,
|
ClientMetricsSchema,
|
||||||
createRequestSchema,
|
createRequestSchema,
|
||||||
@ -32,7 +32,7 @@ interface ApiUserRequest<
|
|||||||
ReqBody = any,
|
ReqBody = any,
|
||||||
ReqQuery = any,
|
ReqQuery = any,
|
||||||
> extends Request<PARAM, ResBody, ReqBody, ReqQuery> {
|
> extends Request<PARAM, ResBody, ReqBody, ReqQuery> {
|
||||||
user: ApiUser;
|
user: IApiUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
type Services = Pick<
|
type Services = Pick<
|
||||||
|
|||||||
@ -25,7 +25,7 @@ import ApiUser from './types/api-user';
|
|||||||
import { Logger, LogLevel } from './logger';
|
import { Logger, LogLevel } from './logger';
|
||||||
import AuthenticationRequired from './types/authentication-required';
|
import AuthenticationRequired from './types/authentication-required';
|
||||||
import Controller from './routes/controller';
|
import Controller from './routes/controller';
|
||||||
import { IAuthRequest } from './routes/unleash-types';
|
import { IApiRequest, IAuthRequest } from './routes/unleash-types';
|
||||||
import { SimpleAuthSettings } from './types/settings/simple-auth-settings';
|
import { SimpleAuthSettings } from './types/settings/simple-auth-settings';
|
||||||
import { Knex } from 'knex';
|
import { Knex } from 'knex';
|
||||||
import * as permissions from './types/permissions';
|
import * as permissions from './types/permissions';
|
||||||
@ -209,5 +209,6 @@ export type {
|
|||||||
IUser,
|
IUser,
|
||||||
IUnleashServices,
|
IUnleashServices,
|
||||||
IAuthRequest,
|
IAuthRequest,
|
||||||
|
IApiRequest,
|
||||||
SimpleAuthSettings,
|
SimpleAuthSettings,
|
||||||
};
|
};
|
||||||
|
|||||||
@ -13,7 +13,7 @@ import {
|
|||||||
secondsToMilliseconds,
|
secondsToMilliseconds,
|
||||||
} from 'date-fns';
|
} from 'date-fns';
|
||||||
import { CLIENT_METRICS } from '../../types/events';
|
import { CLIENT_METRICS } from '../../types/events';
|
||||||
import ApiUser from '../../types/api-user';
|
import ApiUser, { IApiUser } from '../../types/api-user';
|
||||||
import { ALL } from '../../types/models/api-token';
|
import { ALL } from '../../types/models/api-token';
|
||||||
import User from '../../types/user';
|
import User from '../../types/user';
|
||||||
import { collapseHourlyMetrics } from '../../util/collapseHourlyMetrics';
|
import { collapseHourlyMetrics } from '../../util/collapseHourlyMetrics';
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
import { IUnleashConfig, IUnleashServices, IUnleashStores } from '../types';
|
import { IUnleashConfig, IUnleashServices, IUnleashStores } from '../types';
|
||||||
import { Logger } from '../logger';
|
import { Logger } from '../logger';
|
||||||
import { ClientMetricsSchema, ProxyFeatureSchema } from '../openapi';
|
import { ClientMetricsSchema, ProxyFeatureSchema } from '../openapi';
|
||||||
import ApiUser from '../types/api-user';
|
import ApiUser, { IApiUser } from '../types/api-user';
|
||||||
import {
|
import {
|
||||||
Context,
|
Context,
|
||||||
InMemStorageProvider,
|
InMemStorageProvider,
|
||||||
@ -61,7 +61,7 @@ export class ProxyService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async getProxyFeatures(
|
async getProxyFeatures(
|
||||||
token: ApiUser,
|
token: IApiUser,
|
||||||
context: Context,
|
context: Context,
|
||||||
): Promise<ProxyFeatureSchema[]> {
|
): Promise<ProxyFeatureSchema[]> {
|
||||||
const client = await this.clientForProxyToken(token);
|
const client = await this.clientForProxyToken(token);
|
||||||
@ -85,7 +85,7 @@ export class ProxyService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async registerProxyMetrics(
|
async registerProxyMetrics(
|
||||||
token: ApiUser,
|
token: IApiUser,
|
||||||
metrics: ClientMetricsSchema,
|
metrics: ClientMetricsSchema,
|
||||||
ip: string,
|
ip: string,
|
||||||
): Promise<void> {
|
): Promise<void> {
|
||||||
@ -93,7 +93,7 @@ export class ProxyService {
|
|||||||
|
|
||||||
const environment =
|
const environment =
|
||||||
this.services.clientMetricsServiceV2.resolveMetricsEnvironment(
|
this.services.clientMetricsServiceV2.resolveMetricsEnvironment(
|
||||||
token,
|
token as ApiUser,
|
||||||
metrics,
|
metrics,
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -103,7 +103,7 @@ export class ProxyService {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
private async clientForProxyToken(token: ApiUser): Promise<Unleash> {
|
private async clientForProxyToken(token: IApiUser): Promise<Unleash> {
|
||||||
ProxyService.assertExpectedTokenType(token);
|
ProxyService.assertExpectedTokenType(token);
|
||||||
|
|
||||||
let client = this.clients.get(token.secret);
|
let client = this.clients.get(token.secret);
|
||||||
@ -115,7 +115,7 @@ export class ProxyService {
|
|||||||
return client;
|
return client;
|
||||||
}
|
}
|
||||||
|
|
||||||
private async createClientForProxyToken(token: ApiUser): Promise<Unleash> {
|
private async createClientForProxyToken(token: IApiUser): Promise<Unleash> {
|
||||||
const repository = new ProxyRepository(
|
const repository = new ProxyRepository(
|
||||||
this.config,
|
this.config,
|
||||||
this.stores,
|
this.stores,
|
||||||
@ -153,7 +153,7 @@ export class ProxyService {
|
|||||||
this.clients.forEach((promise) => promise.then((c) => c.destroy()));
|
this.clients.forEach((promise) => promise.then((c) => c.destroy()));
|
||||||
}
|
}
|
||||||
|
|
||||||
private static assertExpectedTokenType({ type }: ApiUser) {
|
private static assertExpectedTokenType({ type }: IApiUser) {
|
||||||
if (!(type === ApiTokenType.FRONTEND || type === ApiTokenType.ADMIN)) {
|
if (!(type === ApiTokenType.FRONTEND || type === ApiTokenType.ADMIN)) {
|
||||||
throw new InvalidTokenError();
|
throw new InvalidTokenError();
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user