0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

chore: add response guard and integration test for .well-known api (#3769)

This commit is contained in:
Charles Zhao 2023-05-05 15:07:26 +08:00 committed by GitHub
parent cf1dd17dd6
commit 9200169f80
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 12 deletions

View file

@ -4,7 +4,6 @@ import { conditionalArray } from '@silverhand/essentials';
import { z } from 'zod';
import { EnvSet, getTenantEndpoint } from '#src/env-set/index.js';
import RequestError from '#src/errors/RequestError/index.js';
import detectLanguage from '#src/i18n/detect-language.js';
import { guardFullSignInExperience } from '#src/libraries/sign-in-experience/types.js';
import koaGuard from '#src/middleware/koa-guard.js';
@ -24,17 +23,21 @@ export default function wellKnownRoutes<T extends AnonymousRouter>(
} = queries;
if (tenantId === adminTenantId) {
router.get('/.well-known/endpoints/:tenantId', async (ctx, next) => {
if (!ctx.params.tenantId) {
throw new RequestError('request.invalid_input');
router.get(
'/.well-known/endpoints/:tenantId',
koaGuard({
params: z.object({ tenantId: z.string().min(1) }),
response: z.object({ user: z.string().url() }),
status: 200,
}),
async (ctx, next) => {
ctx.body = {
user: getTenantEndpoint(ctx.guard.params.tenantId, EnvSet.values).toString(),
};
return next();
}
ctx.body = {
user: getTenantEndpoint(ctx.params.tenantId, EnvSet.values),
};
return next();
});
);
}
router.get(

View file

@ -1,8 +1,19 @@
import type { SignInExperience, Translation } from '@logto/schemas';
import { type SignInExperience, type Translation } from '@logto/schemas';
import { HTTPError } from 'got';
import api, { adminTenantApi, authedAdminApi } from '#src/api/api.js';
describe('.well-known api', () => {
it('should return tenant endpoint URL for any given tenant id', async () => {
const { user } = await adminTenantApi.get(`.well-known/endpoints/123`).json<{ user: string }>();
expect(user).not.toBeNull();
});
it('should not found API route in non-admin tenant', async () => {
const response = await api.get('.well-known/endpoints/123').catch((error: unknown) => error);
expect(response instanceof HTTPError && response.response.statusCode === 404).toBe(true);
});
it('get /.well-known/sign-in-exp for console', async () => {
const response = await adminTenantApi.get('.well-known/sign-in-exp').json<SignInExperience>();