From 0c485f523f9d9a3ae285b704b6010f8ff27f4d9c Mon Sep 17 00:00:00 2001 From: Adrien Brault Date: Tue, 3 Dec 2024 18:10:01 +0100 Subject: [PATCH 1/2] fix: response body validation --- validator.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/validator.js b/validator.js index 161c382..70dc9a1 100644 --- a/validator.js +++ b/validator.js @@ -285,7 +285,7 @@ export class PathfinderValidator { body: `{data[*].created >= '${createdVariation[0]}'}` }) : ({ status: 400, - body: "{code = 'NotImplemented'}" + body: JSON.stringify({code: 'NotImplemented'}) })) } ] @@ -312,7 +312,7 @@ export class PathfinderValidator { body: `{'${productIdsVariation[0]}' in data[*].productIds}` }) : ({ status: 400, - body: "{code = 'NotImplemented'}" + body: JSON.stringify({code: 'NotImplemented'}) })) } ] @@ -340,7 +340,7 @@ export class PathfinderValidator { body: "{data.length == 1}" }) : ({ status: 400, - body: "{code = 'NotImplemented'}" + body: JSON.stringify({code: 'NotImplemented'}) })) } ] @@ -364,7 +364,7 @@ export class PathfinderValidator { }, response: { status: 200, - body: "{data.id = '"+footprints[0].id+"'}" + body: JSON.stringify({data: {id: footprints[0].id}}) } } ] @@ -398,7 +398,7 @@ export class PathfinderValidator { status: 200 }) : ({ status: 400, - body: "{code = 'NotImplemented'}" + body: JSON.stringify({code: 'NotImplemented'}) })) } ] @@ -436,7 +436,7 @@ export class PathfinderValidator { status: 200 }) : ({ status: 400, - body: "{code = 'NotImplemented'}" + body: JSON.stringify({code: 'NotImplemented'}) })) } ] @@ -457,7 +457,7 @@ export class PathfinderValidator { }, response: { status: 400, - body: "{code = 'BadRequest'}" + body: JSON.stringify({code: 'BadRequest'}) } } ] @@ -481,7 +481,7 @@ export class PathfinderValidator { }, response: { status: 404, - body: "{code = 'NoSuchFootprint'}" + body: JSON.stringify({code: 'NoSuchFootprint'}) } } ] From 4c3dcbe296c4aa7ef7a6b5c6eaed6a9d0e3491ba Mon Sep 17 00:00:00 2001 From: Adrien Brault Date: Tue, 3 Dec 2024 18:16:50 +0100 Subject: [PATCH 2/2] fix: missing/illegal access token response should be 403 AccessDenied See https://wbcsd.github.io/data-exchange-protocol/v2/#example-f81277c7 --- validator.js | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/validator.js b/validator.js index 70dc9a1..2a42076 100644 --- a/validator.js +++ b/validator.js @@ -441,6 +441,26 @@ export class PathfinderValidator { } ] }, + { + title: "Missing access token", + contextPath: dataContextPath, + sequence: [ + { + path: pathPrefex + "/footprints", + method: "get", + request: { + headers: { + host: host, + "user-agent": userAgent + } + }, + response: { + status: 403, + body: JSON.stringify({code: 'AccessDenied'}) + } + } + ] + }, { title: "Illegal access token", contextPath: dataContextPath, @@ -456,8 +476,8 @@ export class PathfinderValidator { } }, response: { - status: 400, - body: JSON.stringify({code: 'BadRequest'}) + status: 403, + body: JSON.stringify({code: 'AccessDenied'}) } } ]