Komodo / komodo-gw-komodo-httpgex

Download as
Browse Code ยป

Commit 15d2aafc81832b46d7850602adef388c0ad15da3

Authored by Adhidarma Hadiwinoto
1 parent 620c83459a
Exists in master

Callback apikey debug

Showing 1 changed file with 29 additions and 2 deletions Inline Diff

lib/callback/apikey-checker.js
Diff comments   View file @ 15d2aaf
1 const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER'; 1 const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER';
2 2
3 const config = require('komodo-sdk/config'); 3 const config = require('komodo-sdk/config');
4 const logger = require('tektrans-logger'); 4 const logger = require('tektrans-logger');
5 5
6 const { DEBUG_CALLBACK_APIKEY } = process.env;
7
6 const sendInvalidApikeyResponse = (xid, res) => { 8 const sendInvalidApikeyResponse = (xid, res) => {
7 res.status(403).json({ 9 res.status(403).json({
8 status: 'NOT-OK', 10 status: 'NOT-OK',
9 error: 'Invalid APIKEY', 11 error: 'Invalid APIKEY',
10 ts: new Date(), 12 ts: new Date(),
11 xid, 13 xid,
12 }); 14 });
13 }; 15 };
14 16
15 if (!config.partner.callback.apikey) { 17 if (!config.partner.callback.apikey) {
16 logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`); 18 logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`);
17 } 19 }
18 20
19 module.exports = (req, res, next) => { 21 module.exports = (req, res, next) => {
22 const { xid } = res.locals;
23 const apikeyFromRequest = req.params.apikey;
24
20 if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) { 25 if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) {
26 if (DEBUG_CALLBACK_APIKEY) {
27 logger.verbose(`${MODULE_NAME} 8BE57EB4: Skip APIKEY checker on no config`, {
28 xid,
29 });
30 }
21 next(); 31 next();
22 return; 32 return;
23 } 33 }
24 34
25 const { xid } = res.locals; 35 if (DEBUG_CALLBACK_APIKEY) {
26 const apikeyFromRequest = req.params.apikey; 36 logger.verbose(`${MODULE_NAME} 1A634029: Checking for apikey validity`, {
37 xid,
38 apikeyFromRequest,
39 });
40 }
27 41
28 if ( 42 if (
29 typeof config.partner.callback.apikey === 'object' 43 typeof config.partner.callback.apikey === 'object'
30 && Array.isArray(config.partner.callback.apikey) 44 && Array.isArray(config.partner.callback.apikey)
31 && config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0 45 && config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0
32 ) { 46 ) {
47 if (DEBUG_CALLBACK_APIKEY) {
48 logger.verbose(`${MODULE_NAME} 4BC7B45D: Apikey match with one of array element`, {
49 xid,
50 apikeyFromRequest,
51 });
52 }
53
33 next(); 54 next();
34 return; 55 return;
35 } 56 }
36 57
37 if ( 58 if (
38 typeof config.partner.callback.apikey === 'string' 59 typeof config.partner.callback.apikey === 'string'
39 && config.partner.callback.apikey === apikeyFromRequest 60 && config.partner.callback.apikey === apikeyFromRequest
40 ) { 61 ) {
62 if (DEBUG_CALLBACK_APIKEY) {
63 logger.verbose(`${MODULE_NAME} FC80DC85: Apikey match with string config`, {
64 xid,
65 apikeyFromRequest,
66 });
67 }
41 next(); 68 next();
42 return; 69 return;
43 } 70 }
44 71
45 logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, { 72 logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, {
46 xid, 73 xid,
47 remoteIp: req.ip, 74 remoteIp: req.ip,
48 url: req.url, 75 url: req.url,
49 apikeyFromRequest, 76 apikeyFromRequest,
50 }); 77 });
51 78
52 sendInvalidApikeyResponse(xid, res); 79 sendInvalidApikeyResponse(xid, res);
53 }; 80 };
54 81