mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-11 00:08:30 +01:00
refactor: improve token type error message (#1709)
This commit is contained in:
parent
28ecb158a9
commit
e6b49e4bce
@ -1,9 +1,11 @@
|
|||||||
import apiTokenMiddleware from './api-token-middleware';
|
|
||||||
import getLogger from '../../test/fixtures/no-logger';
|
import getLogger from '../../test/fixtures/no-logger';
|
||||||
import { CLIENT } from '../types/permissions';
|
import { CLIENT } from '../types/permissions';
|
||||||
import { createTestConfig } from '../../test/config/test-config';
|
import { createTestConfig } from '../../test/config/test-config';
|
||||||
import ApiUser from '../types/api-user';
|
import ApiUser from '../types/api-user';
|
||||||
import { ALL, ApiTokenType } from '../types/models/api-token';
|
import { ALL, ApiTokenType } from '../types/models/api-token';
|
||||||
|
import apiTokenMiddleware, {
|
||||||
|
TOKEN_TYPE_ERROR_MESSAGE,
|
||||||
|
} from './api-token-middleware';
|
||||||
|
|
||||||
let config: any;
|
let config: any;
|
||||||
|
|
||||||
@ -86,6 +88,8 @@ test('should add user if known token', async () => {
|
|||||||
});
|
});
|
||||||
|
|
||||||
test('should not add user if not /api/client', async () => {
|
test('should not add user if not /api/client', async () => {
|
||||||
|
expect.assertions(5);
|
||||||
|
|
||||||
const apiUser = new ApiUser({
|
const apiUser = new ApiUser({
|
||||||
username: 'default',
|
username: 'default',
|
||||||
permissions: [CLIENT],
|
permissions: [CLIENT],
|
||||||
@ -93,16 +97,21 @@ test('should not add user if not /api/client', async () => {
|
|||||||
environment: ALL,
|
environment: ALL,
|
||||||
type: ApiTokenType.CLIENT,
|
type: ApiTokenType.CLIENT,
|
||||||
});
|
});
|
||||||
|
|
||||||
const apiTokenService = {
|
const apiTokenService = {
|
||||||
getUserForToken: jest.fn().mockReturnValue(apiUser),
|
getUserForToken: jest.fn().mockReturnValue(apiUser),
|
||||||
};
|
};
|
||||||
|
|
||||||
const func = apiTokenMiddleware(config, { apiTokenService });
|
const func = apiTokenMiddleware(config, { apiTokenService });
|
||||||
|
|
||||||
const cb = jest.fn();
|
const cb = jest.fn();
|
||||||
|
|
||||||
const res = {
|
const res = {
|
||||||
sendStatus: jest.fn(),
|
status: (code: unknown) => ({
|
||||||
|
send: (data: unknown) => {
|
||||||
|
expect(code).toEqual(403);
|
||||||
|
expect(data).toEqual({ message: TOKEN_TYPE_ERROR_MESSAGE });
|
||||||
|
},
|
||||||
|
}),
|
||||||
};
|
};
|
||||||
|
|
||||||
const req = {
|
const req = {
|
||||||
@ -116,7 +125,6 @@ test('should not add user if not /api/client', async () => {
|
|||||||
expect(cb).not.toHaveBeenCalled();
|
expect(cb).not.toHaveBeenCalled();
|
||||||
expect(req.header).toHaveBeenCalled();
|
expect(req.header).toHaveBeenCalled();
|
||||||
expect(req.user).toBeUndefined();
|
expect(req.user).toBeUndefined();
|
||||||
expect(res.sendStatus).toHaveBeenCalledWith(403);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
test('should not add user if disabled', async () => {
|
test('should not add user if disabled', async () => {
|
||||||
|
@ -6,6 +6,9 @@ const isClientApi = ({ path }) => {
|
|||||||
return path && path.startsWith('/api/client');
|
return path && path.startsWith('/api/client');
|
||||||
};
|
};
|
||||||
|
|
||||||
|
export const TOKEN_TYPE_ERROR_MESSAGE =
|
||||||
|
'invalid token: expected an admin token but got a client token instead';
|
||||||
|
|
||||||
const apiAccessMiddleware = (
|
const apiAccessMiddleware = (
|
||||||
{
|
{
|
||||||
getLogger,
|
getLogger,
|
||||||
@ -28,9 +31,11 @@ const apiAccessMiddleware = (
|
|||||||
try {
|
try {
|
||||||
const apiToken = req.header('authorization');
|
const apiToken = req.header('authorization');
|
||||||
const apiUser = apiTokenService.getUserForToken(apiToken);
|
const apiUser = apiTokenService.getUserForToken(apiToken);
|
||||||
|
|
||||||
if (apiUser) {
|
if (apiUser) {
|
||||||
if (apiUser.type === ApiTokenType.CLIENT && !isClientApi(req)) {
|
if (apiUser.type === ApiTokenType.CLIENT && !isClientApi(req)) {
|
||||||
return res.sendStatus(403);
|
res.status(403).send({ message: TOKEN_TYPE_ERROR_MESSAGE });
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
req.user = apiUser;
|
req.user = apiUser;
|
||||||
}
|
}
|
||||||
@ -38,9 +43,8 @@ const apiAccessMiddleware = (
|
|||||||
logger.error(error);
|
logger.error(error);
|
||||||
}
|
}
|
||||||
|
|
||||||
return next();
|
next();
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
module.exports = apiAccessMiddleware;
|
|
||||||
export default apiAccessMiddleware;
|
export default apiAccessMiddleware;
|
||||||
|
Loading…
Reference in New Issue
Block a user