djkato/saleor-app-sdk-REDIS_APL
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Check app id during the registration (#136)

Browse source 
* Check the App ID before saving the auth data

* Update the test
This commit is contained in:
Krzysztof Wolski 2022-12-06 18:26:14 +01:00 committed by GitHub
parent 52c31f7d30
commit e73b792496
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/handlers/next/create-app-register-handler.test.ts
View file

@ -6,6 +6,10 @@ import { createAppRegisterHandler } from "./create-app-register-handler";
describe("create-app-register-handler", () => { describe("create-app-register-handler", () => {
it("Sets auth data for correct request", async () => { it("Sets auth data for correct request", async () => {
vi.mock("../../get-app-id", () => ({
getAppId: vi.fn().mockResolvedValue("42"),
}));
const mockApl: APL = { const mockApl: APL = {
get: vi.fn(), get: vi.fn(),
set: vi.fn(), set: vi.fn(),

26
src/handlers/next/create-app-register-handler.ts
View file

@ -4,9 +4,13 @@ import { withMethod } from "retes/middleware";
import { Response } from "retes/response"; import { Response } from "retes/response";
import { SALEOR_DOMAIN_HEADER } from "../../const"; import { SALEOR_DOMAIN_HEADER } from "../../const";
import { createDebug } from "../../debug";
import { getAppId } from "../../get-app-id";
import { withAuthTokenRequired, withSaleorDomainPresent } from "../../middleware"; import { withAuthTokenRequired, withSaleorDomainPresent } from "../../middleware";
import { HasAPL } from "../../saleor-app"; import { HasAPL } from "../../saleor-app";
const debug = createDebug("createAppRegisterHandler");
export type CreateAppRegisterHandlerOptions = HasAPL; export type CreateAppRegisterHandlerOptions = HasAPL;
/** /**
@ -16,12 +20,14 @@ export type CreateAppRegisterHandlerOptions = HasAPL;
*/ */
export const createAppRegisterHandler = ({ apl }: CreateAppRegisterHandlerOptions) => { export const createAppRegisterHandler = ({ apl }: CreateAppRegisterHandlerOptions) => {
const baseHandler: Handler = async (request) => { const baseHandler: Handler = async (request) => {
debug("Request received");
const authToken = request.params.auth_token; const authToken = request.params.auth_token;
const saleorDomain = request.headers[SALEOR_DOMAIN_HEADER] as string; const saleorDomain = request.headers[SALEOR_DOMAIN_HEADER] as string;
const { configured: aplConfigured } = await apl.isConfigured(); const { configured: aplConfigured } = await apl.isConfigured();
if (!aplConfigured) { if (!aplConfigured) {
debug("The APL has not been configured");
return new Response( return new Response(
{ {
success: false, success: false,
@ -36,9 +42,28 @@ export const createAppRegisterHandler = ({ apl }: CreateAppRegisterHandlerOption
); );
} }
// Try to get App ID from the API, to confirm that communication can be established
const appId = await getAppId({ domain: saleorDomain, token: authToken });
if (!appId) {
return new Response(
{
success: false,
error: {
code: "UNKNOWN_APP_ID",
message:
"The auth data given during registration request could not be used to fetch app ID.",
},
},
{
status: 401,
}
);
}
try { try {
await apl.set({ domain: saleorDomain, token: authToken }); await apl.set({ domain: saleorDomain, token: authToken });
} catch { } catch {
debug("There was an error during saving the auth data");
return Response.InternalServerError({ return Response.InternalServerError({
success: false, success: false,
error: { error: {
@ -46,6 +71,7 @@ export const createAppRegisterHandler = ({ apl }: CreateAppRegisterHandlerOption
}, },
}); });
} }
debug("Register complete");
return Response.OK({ success: true }); return Response.OK({ success: true });
}; };