From 909535f4af95b40ac8714a92afb5cbd48f4fa47b Mon Sep 17 00:00:00 2001
From: simeng-li <simeng@silverhand.io>
Date: Thu, 26 May 2022 16:54:40 +0800
Subject: [PATCH] fix(core): update proxy guard middleware (#963)

update proxy guard middleware
---
 .../src/middleware/koa-proxy-guard.test.ts    | 42 ++++++++++++-------
 .../core/src/middleware/koa-proxy-guard.ts    | 29 ++++---------
 2 files changed, 35 insertions(+), 36 deletions(-)

diff --git a/packages/core/src/middleware/koa-proxy-guard.test.ts b/packages/core/src/middleware/koa-proxy-guard.test.ts
index d34c89045..17b0d903f 100644
--- a/packages/core/src/middleware/koa-proxy-guard.test.ts
+++ b/packages/core/src/middleware/koa-proxy-guard.test.ts
@@ -3,7 +3,7 @@ import { Provider } from 'oidc-provider';
 import { MountedApps } from '@/env-set';
 import { createContextWithRouteParameters } from '@/utils/test-utils';
 
-import koaProxyGuard, { sessionNotFoundPath } from './koa-proxy-guard';
+import koaProxyGuard, { sessionNotFoundPath, guardedPath } from './koa-proxy-guard';
 
 jest.mock('fs/promises', () => ({
   ...jest.requireActual('fs/promises'),
@@ -44,16 +44,7 @@ describe('koaProxyGuard', () => {
     });
   }
 
-  it('should not redirect if session found', async () => {
-    const provider = new Provider('');
-    const ctx = createContextWithRouteParameters({
-      url: `/sign-in`,
-    });
-    await koaProxyGuard(provider)(ctx, next);
-    expect(ctx.redirect).not.toBeCalled();
-  });
-
-  it('should not redirect if path is sessionNotFoundPath', async () => {
+  it(`should not redirect for path ${sessionNotFoundPath}`, async () => {
     const provider = new Provider('');
 
     (provider.interactionDetails as jest.Mock).mockRejectedValue(new Error('session not found'));
@@ -64,14 +55,37 @@ describe('koaProxyGuard', () => {
     expect(ctx.redirect).not.toBeCalled();
   });
 
-  it('should redirect if session not found', async () => {
+  it(`should not redirect for path /callback`, async () => {
     const provider = new Provider('');
 
     (provider.interactionDetails as jest.Mock).mockRejectedValue(new Error('session not found'));
     const ctx = createContextWithRouteParameters({
-      url: '/sign-in',
+      url: '/callback/github',
     });
     await koaProxyGuard(provider)(ctx, next);
-    expect(ctx.redirect).toBeCalled();
+    expect(ctx.redirect).not.toBeCalled();
   });
+
+  it('should not redirect if session found', async () => {
+    const provider = new Provider('');
+    const ctx = createContextWithRouteParameters({
+      url: `/sign-in`,
+    });
+    await koaProxyGuard(provider)(ctx, next);
+    expect(ctx.redirect).not.toBeCalled();
+  });
+
+  for (const path of guardedPath) {
+    // eslint-disable-next-line @typescript-eslint/no-loop-func
+    it(`should redirect if session not found for ${path}`, async () => {
+      const provider = new Provider('');
+
+      (provider.interactionDetails as jest.Mock).mockRejectedValue(new Error('session not found'));
+      const ctx = createContextWithRouteParameters({
+        url: `${path}/foo`,
+      });
+      await koaProxyGuard(provider)(ctx, next);
+      expect(ctx.redirect).toBeCalled();
+    });
+  }
 });
diff --git a/packages/core/src/middleware/koa-proxy-guard.ts b/packages/core/src/middleware/koa-proxy-guard.ts
index ceeb1dca7..9a81283e7 100644
--- a/packages/core/src/middleware/koa-proxy-guard.ts
+++ b/packages/core/src/middleware/koa-proxy-guard.ts
@@ -1,14 +1,12 @@
-import fs from 'fs/promises';
-import path from 'path';
-
 import { MiddlewareType } from 'koa';
 import { IRouterParamContext } from 'koa-router';
 import { Provider } from 'oidc-provider';
 
 import { MountedApps } from '@/env-set';
-import { fromRoot } from '@/env-set/parameters';
 
+// Need To Align With UI
 export const sessionNotFoundPath = '/unknown-session';
+export const guardedPath = ['/sign-in', '/register', '/social-register'];
 
 export default function koaSpaSessionGuard<
   StateT,
@@ -17,8 +15,6 @@ export default function koaSpaSessionGuard<
 >(provider: Provider): MiddlewareType<StateT, ContextT, ResponseBodyT> {
   return async (ctx, next) => {
     const requestPath = ctx.request.path;
-    const packagesPath = fromRoot ? 'packages/' : '..';
-    const clientPath = path.join(packagesPath, 'ui', 'dist');
 
     // Empty path Redirect
     if (requestPath === '/') {
@@ -27,22 +23,11 @@ export default function koaSpaSessionGuard<
       return next();
     }
 
-    // Check client routes session status only
-    if (Object.values(MountedApps).some((app) => requestPath.startsWith(`/${app}`))) {
-      return next();
-    }
-
-    // Client session guard
-    try {
-      await provider.interactionDetails(ctx.req, ctx.res);
-    } catch {
-      const spaDistFiles = await fs.readdir(clientPath);
-
-      if (
-        !spaDistFiles.some((file) => requestPath.startsWith('/' + file)) &&
-        !ctx.request.path.endsWith(sessionNotFoundPath) &&
-        !ctx.request.URL.searchParams.get('preview') // Should not check session on preview mode
-      ) {
+    // Session guard
+    if (guardedPath.some((path) => requestPath.startsWith(path))) {
+      try {
+        await provider.interactionDetails(ctx.req, ctx.res);
+      } catch {
         ctx.redirect(sessionNotFoundPath);
       }
     }