mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
chore: add response guard and integration test for .well-known api (#3769)
This commit is contained in:
parent
cf1dd17dd6
commit
9200169f80
2 changed files with 26 additions and 12 deletions
|
@ -4,7 +4,6 @@ import { conditionalArray } from '@silverhand/essentials';
|
|||
import { z } from 'zod';
|
||||
|
||||
import { EnvSet, getTenantEndpoint } from '#src/env-set/index.js';
|
||||
import RequestError from '#src/errors/RequestError/index.js';
|
||||
import detectLanguage from '#src/i18n/detect-language.js';
|
||||
import { guardFullSignInExperience } from '#src/libraries/sign-in-experience/types.js';
|
||||
import koaGuard from '#src/middleware/koa-guard.js';
|
||||
|
@ -24,17 +23,21 @@ export default function wellKnownRoutes<T extends AnonymousRouter>(
|
|||
} = queries;
|
||||
|
||||
if (tenantId === adminTenantId) {
|
||||
router.get('/.well-known/endpoints/:tenantId', async (ctx, next) => {
|
||||
if (!ctx.params.tenantId) {
|
||||
throw new RequestError('request.invalid_input');
|
||||
}
|
||||
|
||||
router.get(
|
||||
'/.well-known/endpoints/:tenantId',
|
||||
koaGuard({
|
||||
params: z.object({ tenantId: z.string().min(1) }),
|
||||
response: z.object({ user: z.string().url() }),
|
||||
status: 200,
|
||||
}),
|
||||
async (ctx, next) => {
|
||||
ctx.body = {
|
||||
user: getTenantEndpoint(ctx.params.tenantId, EnvSet.values),
|
||||
user: getTenantEndpoint(ctx.guard.params.tenantId, EnvSet.values).toString(),
|
||||
};
|
||||
|
||||
return next();
|
||||
});
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
router.get(
|
||||
|
|
|
@ -1,8 +1,19 @@
|
|||
import type { SignInExperience, Translation } from '@logto/schemas';
|
||||
import { type SignInExperience, type Translation } from '@logto/schemas';
|
||||
import { HTTPError } from 'got';
|
||||
|
||||
import api, { adminTenantApi, authedAdminApi } from '#src/api/api.js';
|
||||
|
||||
describe('.well-known api', () => {
|
||||
it('should return tenant endpoint URL for any given tenant id', async () => {
|
||||
const { user } = await adminTenantApi.get(`.well-known/endpoints/123`).json<{ user: string }>();
|
||||
expect(user).not.toBeNull();
|
||||
});
|
||||
|
||||
it('should not found API route in non-admin tenant', async () => {
|
||||
const response = await api.get('.well-known/endpoints/123').catch((error: unknown) => error);
|
||||
expect(response instanceof HTTPError && response.response.statusCode === 404).toBe(true);
|
||||
});
|
||||
|
||||
it('get /.well-known/sign-in-exp for console', async () => {
|
||||
const response = await adminTenantApi.get('.well-known/sign-in-exp').json<SignInExperience>();
|
||||
|
||||
|
|
Loading…
Reference in a new issue