| 1 | "use strict";
|
|---|
| 2 |
|
|---|
| 3 | var _interopRequireDefault = require("@babel/runtime-corejs3/helpers/interopRequireDefault").default;
|
|---|
| 4 | exports.__esModule = true;
|
|---|
| 5 | exports.applySecurities = applySecurities;
|
|---|
| 6 | exports.default = buildRequest;
|
|---|
| 7 | var _btoaNode = _interopRequireDefault(require("../../helpers/btoa.node.js"));
|
|---|
| 8 | // This function runs after the common function,
|
|---|
| 9 | // `src/execute/index.js#buildRequest`
|
|---|
| 10 | function buildRequest(options, req) {
|
|---|
| 11 | const {
|
|---|
| 12 | spec,
|
|---|
| 13 | operation,
|
|---|
| 14 | securities,
|
|---|
| 15 | requestContentType,
|
|---|
| 16 | responseContentType,
|
|---|
| 17 | attachContentTypeForEmptyPayload
|
|---|
| 18 | } = options;
|
|---|
| 19 | // Add securities, which are applicable
|
|---|
| 20 | req = applySecurities({
|
|---|
| 21 | request: req,
|
|---|
| 22 | securities,
|
|---|
| 23 | operation,
|
|---|
| 24 | spec
|
|---|
| 25 | });
|
|---|
| 26 | if (req.body || req.form || attachContentTypeForEmptyPayload) {
|
|---|
| 27 | // all following conditionals are Swagger2 only
|
|---|
| 28 | if (requestContentType) {
|
|---|
| 29 | req.headers['Content-Type'] = requestContentType;
|
|---|
| 30 | } else if (Array.isArray(operation.consumes)) {
|
|---|
| 31 | [req.headers['Content-Type']] = operation.consumes;
|
|---|
| 32 | } else if (Array.isArray(spec.consumes)) {
|
|---|
| 33 | [req.headers['Content-Type']] = spec.consumes;
|
|---|
| 34 | } else if (operation.parameters && operation.parameters.filter(p => p.type === 'file').length) {
|
|---|
| 35 | req.headers['Content-Type'] = 'multipart/form-data';
|
|---|
| 36 | } else if (operation.parameters && operation.parameters.filter(p => p.in === 'formData').length) {
|
|---|
| 37 | req.headers['Content-Type'] = 'application/x-www-form-urlencoded';
|
|---|
| 38 | }
|
|---|
| 39 | } else if (requestContentType) {
|
|---|
| 40 | const isBodyParamPresent = operation.parameters && operation.parameters.filter(p => p.in === 'body').length > 0;
|
|---|
| 41 | const isFormDataParamPresent = operation.parameters && operation.parameters.filter(p => p.in === 'formData').length > 0;
|
|---|
| 42 | if (isBodyParamPresent || isFormDataParamPresent) {
|
|---|
| 43 | req.headers['Content-Type'] = requestContentType;
|
|---|
| 44 | }
|
|---|
| 45 | }
|
|---|
| 46 | if (!responseContentType && Array.isArray(operation.produces) && operation.produces.length > 0) {
|
|---|
| 47 | req.headers.accept = operation.produces.join(', ');
|
|---|
| 48 | }
|
|---|
| 49 | return req;
|
|---|
| 50 | }
|
|---|
| 51 |
|
|---|
| 52 | // Add security values, to operations - that declare their need on them
|
|---|
| 53 | function applySecurities({
|
|---|
| 54 | request,
|
|---|
| 55 | securities = {},
|
|---|
| 56 | operation = {},
|
|---|
| 57 | spec
|
|---|
| 58 | }) {
|
|---|
| 59 | const result = {
|
|---|
| 60 | ...request
|
|---|
| 61 | };
|
|---|
| 62 | const {
|
|---|
| 63 | authorized = {},
|
|---|
| 64 | specSecurity = []
|
|---|
| 65 | } = securities;
|
|---|
| 66 | const security = operation.security || specSecurity;
|
|---|
| 67 | const isAuthorized = authorized && !!Object.keys(authorized).length;
|
|---|
| 68 | const securityDef = spec.securityDefinitions;
|
|---|
| 69 | result.headers = result.headers || {};
|
|---|
| 70 | result.query = result.query || {};
|
|---|
| 71 | if (!Object.keys(securities).length || !isAuthorized || !security || Array.isArray(operation.security) && !operation.security.length) {
|
|---|
| 72 | return request;
|
|---|
| 73 | }
|
|---|
| 74 | security.forEach(securityObj => {
|
|---|
| 75 | Object.keys(securityObj).forEach(key => {
|
|---|
| 76 | const auth = authorized[key];
|
|---|
| 77 | if (!auth) {
|
|---|
| 78 | return;
|
|---|
| 79 | }
|
|---|
| 80 | const {
|
|---|
| 81 | token
|
|---|
| 82 | } = auth;
|
|---|
| 83 | const value = auth.value || auth;
|
|---|
| 84 | const schema = securityDef[key];
|
|---|
| 85 | const {
|
|---|
| 86 | type
|
|---|
| 87 | } = schema;
|
|---|
| 88 | const tokenName = schema['x-tokenName'] || 'access_token';
|
|---|
| 89 | const oauthToken = token && token[tokenName];
|
|---|
| 90 | let tokenType = token && token.token_type;
|
|---|
| 91 | if (auth) {
|
|---|
| 92 | if (type === 'apiKey') {
|
|---|
| 93 | const inType = schema.in === 'query' ? 'query' : 'headers';
|
|---|
| 94 | result[inType] = result[inType] || {};
|
|---|
| 95 | result[inType][schema.name] = value;
|
|---|
| 96 | } else if (type === 'basic') {
|
|---|
| 97 | if (value.header) {
|
|---|
| 98 | result.headers.authorization = value.header;
|
|---|
| 99 | } else {
|
|---|
| 100 | const username = value.username || '';
|
|---|
| 101 | const password = value.password || '';
|
|---|
| 102 | value.base64 = (0, _btoaNode.default)(`${username}:${password}`);
|
|---|
| 103 | result.headers.authorization = `Basic ${value.base64}`;
|
|---|
| 104 | }
|
|---|
| 105 | } else if (type === 'oauth2' && oauthToken) {
|
|---|
| 106 | tokenType = !tokenType || tokenType.toLowerCase() === 'bearer' ? 'Bearer' : tokenType;
|
|---|
| 107 | result.headers.authorization = `${tokenType} ${oauthToken}`;
|
|---|
| 108 | }
|
|---|
| 109 | }
|
|---|
| 110 | });
|
|---|
| 111 | });
|
|---|
| 112 | return result;
|
|---|
| 113 | } |
|---|
