Skip to content
This repository was archived by the owner on Apr 3, 2019. It is now read-only.

feat(fake-server): Have the fake server serve CORS requests, handle OAuth tokens. #76

Merged
shane-tomlinson merged 1 commit into from
Mar 19, 2019
Merged

feat(fake-server): Have the fake server serve CORS requests, handle OAuth tokens. #76

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions bin/fake-basket-server.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,13 @@ var url = require('url');
var config = require('../lib/config');
var logger = require('../lib/logging')('server');

var app = require('../lib/basket/fake.js');
const app = require('../lib/basket/fake');

function listen(app) {
var apiUrl = url.parse(config.get('basket.api_url'));
app.listen(apiUrl.port, apiUrl.hostname);
logger.info('FxA Fake Basket Server listening on port', apiUrl.port);
logger.info(`FxA Fake Basket Server listening on port ${apiUrl.port}`);
return true;
}

listen(app());
listen(app(logger));
39 changes: 32 additions & 7 deletions lib/basket/fake.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,32 @@
var config = require('../config');
var basket = require('./');

var express = require('express');
const cors = require('cors');
var bodyParser = require('body-parser');
var express = require('express');

const verifyOAuthToken = require('../verify')();

var API_KEY = config.get('basket.api_key');
const API_KEY = config.get('basket.api_key');
const CORS_ORIGIN = config.get('cors_origin');

function verifyAuthorization (logger) {
return (req, res, next) => {
const apiKey = req.headers['x-api-key'];
const authHeader = req.headers.authorization;

if (apiKey) {
logger.info('fake.authorization.api_key');
verifyApiKey(req, res, next);
} else if (authHeader) {
logger.info('fake.authorization.oauth');
verifyOAuthToken(req, res, next);
} else {
res.status(400).json(basket.errorResponse('unauthorized', basket.errors.AUTH_ERROR));
}

};
}

function verifyApiKey (req, res, next) {
var key = req.headers['x-api-key'];
Expand All @@ -34,7 +55,7 @@ function extend(target, source) {
}


module.exports = function initApp() {
module.exports = function initApp(logger) {

var userData = {};
var tokenToUser = {};
Expand All @@ -46,10 +67,14 @@ module.exports = function initApp() {

var app = express();
app.use(bodyParser.urlencoded());
app.use(verifyApiKey);
app.use(cors({
origin: CORS_ORIGIN
}));

app.use(verifyAuthorization(logger));

app.get('/lookup-user/', function (req, res) {
var email = req.query.email;
const email = (res.locals.creds && res.locals.creds.email) || req.query.email;
if (! userData[email]) {
res.status(404).json(basket.errorResponse('unknown-email', basket.errors.UNKNOWN_EMAIL));
return;
Expand All @@ -61,7 +86,7 @@ module.exports = function initApp() {

app.post('/subscribe/', function (req, res) {
var params = req.body;
var email = params.email;
const email = (res.locals.creds && res.locals.creds.email) || params.email;
var user = userData[email];
// Basket accepts either an explicit language choice,
// or an "accept_lang" preference string from which it
Expand All @@ -74,7 +99,7 @@ module.exports = function initApp() {
// elaborate accept-lang parsing, just use first one.
lang = lang.split(/[\s\-;,]/)[0];
} else {
lang = '';
lang = 'en-US';
}
}
var token;
Expand Down