From ccfad51e620d3bba54c9bc84f8298a6419486601 Mon Sep 17 00:00:00 2001 From: simeng-li Date: Mon, 27 Nov 2023 16:56:55 +0800 Subject: [PATCH] chore(core): add dev feature guard to SSO endpoints (#4971) * chore(core): guard sso api guard sso api * chore(core): guard sso interaction api guard sso interaction api --- packages/core/src/routes/interaction/single-sign-on.ts | 6 ++++++ packages/core/src/routes/sso-connector/index.ts | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/packages/core/src/routes/interaction/single-sign-on.ts b/packages/core/src/routes/interaction/single-sign-on.ts index e886be2a4..57cf3e56d 100644 --- a/packages/core/src/routes/interaction/single-sign-on.ts +++ b/packages/core/src/routes/interaction/single-sign-on.ts @@ -3,6 +3,7 @@ import type Router from 'koa-router'; import { type IRouterParamContext } from 'koa-router'; import { z } from 'zod'; +import { EnvSet } from '#src/env-set/index.js'; import RequestError from '#src/errors/RequestError/index.js'; import { assignInteractionResults } from '#src/libraries/session.js'; import { type WithLogContext } from '#src/middleware/koa-audit-log.js'; @@ -28,6 +29,11 @@ export default function singleSignOnRoutes( router: Router>>, tenant: TenantContext ) { + // FIXME: @simeng-li should remove this check after the feature is enabled in production + if (!EnvSet.values.isDevFeaturesEnabled) { + return; + } + const { provider, libraries, queries } = tenant; const { ssoConnectors: ssoConnectorsLibrary } = libraries; diff --git a/packages/core/src/routes/sso-connector/index.ts b/packages/core/src/routes/sso-connector/index.ts index 152c3d83e..40781e098 100644 --- a/packages/core/src/routes/sso-connector/index.ts +++ b/packages/core/src/routes/sso-connector/index.ts @@ -8,6 +8,7 @@ import { generateStandardShortId } from '@logto/shared'; import { conditional, assert } from '@silverhand/essentials'; import { z } from 'zod'; +import { EnvSet } from '#src/env-set/index.js'; import RequestError from '#src/errors/RequestError/index.js'; import koaGuard from '#src/middleware/koa-guard.js'; import koaPagination from '#src/middleware/koa-pagination.js'; @@ -26,6 +27,11 @@ import { } from './utils.js'; export default function singleSignOnRoutes(...args: RouterInitArgs) { + // FIXME: @simeng-li should remove this check after the feature is enabled in production + if (!EnvSet.values.isDevFeaturesEnabled) { + return; + } + const [ router, {