From eb062c6b109022919caf7ce1304d989bd93c8849 Mon Sep 17 00:00:00 2001 From: Krzysztof Wolski Date: Fri, 2 Sep 2022 16:52:44 +0200 Subject: [PATCH] Update types on headers util --- src/headers.ts | 15 ++++++++++----- src/middleware/with-jwt-verified.ts | 9 ++++++++- .../with-registered-saleor-domain-header.ts | 6 ++++++ src/middleware/with-webhook-signature-verified.ts | 9 ++++++++- 4 files changed, 32 insertions(+), 7 deletions(-) diff --git a/src/headers.ts b/src/headers.ts index fa43f3a..068f9cc 100644 --- a/src/headers.ts +++ b/src/headers.ts @@ -5,9 +5,14 @@ import { SALEOR_SIGNATURE_HEADER, } from "./const"; -export const getSaleorHeaders = (headers: { [name: string]: any }) => ({ - domain: headers[SALEOR_DOMAIN_HEADER], - authorizationBearer: headers[SALEOR_AUTHORIZATION_BEARER_HEADER], - signature: headers[SALEOR_SIGNATURE_HEADER], - event: headers[SALEOR_EVENT_HEADER], +const toStringOrUndefined = (value: string | string[] | undefined) => + value ? value.toString() : undefined; + +export const getSaleorHeaders = (headers: { + [name: string]: string | string[] | undefined; +}): Record => ({ + domain: toStringOrUndefined(headers[SALEOR_DOMAIN_HEADER]), + authorizationBearer: toStringOrUndefined(headers[SALEOR_AUTHORIZATION_BEARER_HEADER]), + signature: toStringOrUndefined(headers[SALEOR_SIGNATURE_HEADER]), + event: toStringOrUndefined(headers[SALEOR_EVENT_HEADER]), }); diff --git a/src/middleware/with-jwt-verified.ts b/src/middleware/with-jwt-verified.ts index 062f0f2..9921e3f 100644 --- a/src/middleware/with-jwt-verified.ts +++ b/src/middleware/with-jwt-verified.ts @@ -2,7 +2,7 @@ import * as jose from "jose"; import type { Middleware, Request } from "retes"; import { Response } from "retes/response"; -import { SALEOR_AUTHORIZATION_BEARER_HEADER } from "../const"; +import { SALEOR_AUTHORIZATION_BEARER_HEADER, SALEOR_DOMAIN_HEADER } from "../const"; import { getSaleorHeaders } from "../headers"; import { getJwksUrl } from "../urls"; @@ -24,6 +24,13 @@ export const withJWTVerified = }); } + if (domain === undefined) { + return Response.BadRequest({ + success: false, + message: `${ERROR_MESSAGE} Missing ${SALEOR_DOMAIN_HEADER} header.`, + }); + } + let tokenClaims: DashboardTokenPayload; try { tokenClaims = jose.decodeJwt(token as string) as DashboardTokenPayload; diff --git a/src/middleware/with-registered-saleor-domain-header.ts b/src/middleware/with-registered-saleor-domain-header.ts index 86c7e04..70e1033 100644 --- a/src/middleware/with-registered-saleor-domain-header.ts +++ b/src/middleware/with-registered-saleor-domain-header.ts @@ -9,6 +9,12 @@ export const withRegisteredSaleorDomainHeader = (handler) => async (request) => { const { domain: saleorDomain } = getSaleorHeaders(request.headers); + if (!saleorDomain) { + return Response.BadRequest({ + success: false, + message: "Domain header missing.", + }); + } const authData = await apl.get(saleorDomain); if (!authData) { return Response.Forbidden({ diff --git a/src/middleware/with-webhook-signature-verified.ts b/src/middleware/with-webhook-signature-verified.ts index dc3c0d3..73406a2 100644 --- a/src/middleware/with-webhook-signature-verified.ts +++ b/src/middleware/with-webhook-signature-verified.ts @@ -3,7 +3,7 @@ import * as jose from "jose"; import { Middleware } from "retes"; import { Response } from "retes/response"; -import { SALEOR_SIGNATURE_HEADER } from "../const"; +import { SALEOR_DOMAIN_HEADER, SALEOR_SIGNATURE_HEADER } from "../const"; import { getSaleorHeaders } from "../headers"; import { getJwksUrl } from "../urls"; @@ -29,6 +29,13 @@ export const withWebhookSignatureVerified = }); } + if (!saleorDomain) { + return Response.BadRequest({ + success: false, + message: `${ERROR_MESSAGE} Missing ${SALEOR_DOMAIN_HEADER} header.`, + }); + } + if (secretKey !== undefined) { const calculatedSignature = crypto .createHmac("sha256", secretKey)