Skip to content

Commit

Permalink
test: added oauth tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@antoniomuso
antoniomuso committed Apr 10, 2024
1 parent db52779 commit ce29850
Show file tree
Hide file tree
Showing 2 changed files with 137 additions and 55 deletions.
184 changes: 131 additions & 53 deletions packages/gitlab-backend/src/service/router.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,8 @@ import { setupServer } from 'msw/node';

import { createRouter } from './router';

describe('createRouter', () => {
let app: express.Application;
const server = setupServer(
const buildServer = () => {
return setupServer(
rest.get(
'https://non-existing-example.com/api/v4/projects/434',
(req, res, ctx) => {
Expand Down Expand Up @@ -59,17 +58,27 @@ describe('createRouter', () => {
}
)
);
};

describe('createRouter', () => {
let app: express.Application;
const server = buildServer();

const token = 'Bearer iT6P7Ikla2zgBfGSPEWps';
const token2 = `${token}other`;

const config = new ConfigReader({
integrations: {
gitlab: [
{
host: 'non-existing-example.com',
apiBaseUrl: 'https://non-existing-example.com/api/v4',
token,
},
{
host: 'non-existing-example-2.com',
apiBaseUrl: 'https://non-existing-example-2.com/api/v4',
token: token2,
},
],
},
Expand Down Expand Up @@ -113,6 +122,7 @@ describe('createRouter', () => {
connection: 'close',
host: 'non-existing-example.com',
'user-agent': 'supertest',
'private-token': token,
},
url: 'https://non-existing-example.com/api/v4/projects/434',
});
Expand All @@ -132,6 +142,7 @@ describe('createRouter', () => {
connection: 'close',
host: 'non-existing-example-2.com',
'user-agent': 'supertest',
'private-token': token2,
},
url: 'https://non-existing-example-2.com/api/v4/projects/434',
});
Expand All @@ -155,6 +166,7 @@ describe('createRouter', () => {
'content-type': 'application/json',
host: 'non-existing-example.com',
'user-agent': 'supertest',
'private-token': token,
},
url: 'https://non-existing-example.com/api/graphql',
});
Expand All @@ -176,6 +188,7 @@ describe('createRouter', () => {
'content-type': 'application/json',
host: 'non-existing-example-2.com',
'user-agent': 'supertest',
'private-token': token2,
},
url: 'https://non-existing-example-2.com/api/graphql',
});
Expand Down Expand Up @@ -256,56 +269,7 @@ describe('createRouter', () => {

describe('createRouter with baseUrl', () => {
let app: express.Application;
const server = setupServer(
rest.get(
'https://non-existing-example.com/api/v4/projects/434',
(req, res, ctx) => {
return res(
ctx.status(200),
ctx.json({
url: req.url.toString(),
headers: req.headers.all(),
})
);
}
),
rest.get(
'https://non-existing-example-2.com/api/v4/projects/434',
(req, res, ctx) => {
return res(
ctx.status(200),
ctx.json({
url: req.url.toString(),
headers: req.headers.all(),
})
);
}
),
rest.post(
'https://non-existing-example.com/api/graphql',
(req, res, ctx) => {
return res(
ctx.status(200),
ctx.json({
url: req.url.toString(),
headers: req.headers.all(),
})
);
}
),
rest.post(
'https://non-existing-example-2.com/api/graphql',
(req, res, ctx) => {
return res(
ctx.status(200),
ctx.json({
url: req.url.toString(),
headers: req.headers.all(),
})
);
}
)
);
const server = buildServer();

const basePath = '/docs';

Expand Down Expand Up @@ -517,3 +481,117 @@ describe('createRouter with baseUrl', () => {
});
});
});

describe('OAuth token authorizations', () => {
let app: express.Application;
const OAuthToken = 'Bearer iT6P7Ikla2zgBfGSPEWps';
const server = setupServer(
rest.get(
'https://example-gitlab.com/api/v4/projects/434',
(req, res, ctx) => {
return res(
ctx.status(200),
ctx.json({
url: req.url.toString(),
headers: req.headers.all(),
})
);
}
),
rest.post('https://example-gitlab.com/api/graphql', (req, res, ctx) => {
return res(
ctx.status(200),
ctx.json({
url: req.url.toString(),
headers: req.headers.all(),
})
);
})
);

const config = new ConfigReader({
gitlab: {
useOAuth: true,
},
integrations: {
gitlab: [
{
host: 'example-gitlab.com',
apiBaseUrl: 'https://example-gitlab.com/api/v4',
token: 'Bearer different-from-oauth',
},
],
},
});

beforeAll(async () => {
const router = await createRouter({
logger: getVoidLogger(),
config,
});
app = express().use('/api/gitlab', router);
server.listen({
onUnhandledRequest: ({ headers }, print) => {
if (headers.get('User-Agent') === 'supertest') {
return;
}
print.error();
},
});
});

afterAll(() => server.close());

beforeEach(async () => {
jest.resetAllMocks();
server.resetHandlers();
});

describe('GET Request', () => {
it('Oauth Token should work', async () => {
const agent = request.agent(app);
// this is set to let msw pass test requests through the mock server
agent.set('User-Agent', 'supertest');
agent.set('gitlab-authorization', OAuthToken);
const response = await agent.get(
'/api/gitlab/rest/example-gitlab.com/projects/434'
);
expect(response.status).toEqual(200);
expect(response.body).toEqual({
headers: {
'accept-encoding': 'gzip, deflate',
connection: 'close',
host: 'example-gitlab.com',
'user-agent': 'supertest',
authorization: OAuthToken,
},
url: 'https://example-gitlab.com/api/v4/projects/434',
});
});
});

describe('Graphql requests', () => {
it('Oauth Token should work', async () => {
const agent = request.agent(app);
// this is set to let msw pass test requests through the mock server
agent.set('User-Agent', 'supertest');
agent.set('gitlab-authorization', OAuthToken);
const response = await agent.post(
'/api/gitlab/graphql/example-gitlab.com'
);
expect(response.status).toEqual(200);
expect(response.body).toEqual({
headers: {
'accept-encoding': 'gzip, deflate',
connection: 'close',
'content-length': '2',
'content-type': 'application/json',
host: 'example-gitlab.com',
'user-agent': 'supertest',
authorization: OAuthToken,
},
url: 'https://example-gitlab.com/api/graphql',
});
});
});
});
8 changes: 6 additions & 2 deletions packages/gitlab-backend/src/service/router.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,20 +51,24 @@ export async function createRouter(
const filter = (_pathname: string, req: Request): boolean => {
if (req.headers['authorization']) delete req.headers['authorization'];
// Forward authorization, this header is defined when gitlab.useOAuth is true
if (req.headers['gitlab-authorization'])
if (req.headers['gitlab-authorization']) {
req.headers['authorization'] = req.headers[
'gitlab-authorization'
] as string;
delete req.headers['gitlab-authorization'];
}
return req.method === 'GET';
};

const graphqlFilter = (_pathname: string, req: Request): boolean => {
if (req.headers['authorization']) delete req.headers['authorization'];
// Forward authorization, this header is defined when gitlab.useOAuth is true
if (req.headers['gitlab-authorization'])
if (req.headers['gitlab-authorization']) {
req.headers['authorization'] = req.headers[
'gitlab-authorization'
] as string;
delete req.headers['gitlab-authorization'];
}
return req.method === 'POST' && !req.body.query?.includes('mutation');
};

Expand Down

0 comments on commit ce29850

Please sign in to comment.