From 6b614cdd63beba1e1b9015724b82448763d7d7c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Cruz?= Date: Mon, 14 Oct 2024 14:17:00 +0100 Subject: [PATCH] Call `securityHandlers` and `securityErrorMapper` with req and operation --- README.md | 4 ++-- src/parser/security.js | 4 ++-- src/parser/security.test.js | 10 +++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 440e15d..255e79d 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,7 @@ await fastify.register(import('@fastify/fastify-openapi-router-plugin'), { } }, securityHandlers: { - OAuth2: async (token, request) => { + OAuth2: async (token, request, operation) => { // Validate and decode token. const { userId } = verifyToken(token); @@ -154,7 +154,7 @@ await fastify.register(import('@fastify/fastify-openapi-router-plugin'), { // ... } }, - securityErrorMapper: (unauthorizedError) => { + securityErrorMapper: (unauthorizedError, request, operation) => { // Use `unauthorizedError.securityReport` to perform logic and return a custom error. return MyUnauthorizedError(); }, diff --git a/src/parser/security.js b/src/parser/security.js index ea84c0c..7c2776c 100644 --- a/src/parser/security.js +++ b/src/parser/security.js @@ -40,7 +40,7 @@ export const applySecurity = (operation, spec, securityHandlers, securityErrorMa let promise = promisesCache.get(name); if (!promise) { - promise = new Promise(resolve => resolve(securityHandlers[name](value, request))); + promise = new Promise(resolve => resolve(securityHandlers[name](value, request, operation))); promisesCache.set(name, promise); } @@ -95,7 +95,7 @@ export const applySecurity = (operation, spec, securityHandlers, securityErrorMa if (!lastResult.ok) { const error = createUnauthorizedError(report); - throw securityErrorMapper?.(error) ?? error; + throw securityErrorMapper?.(error, request, operation) ?? error; } // Otherwise, we can safely use the last result to decorate the request. diff --git a/src/parser/security.test.js b/src/parser/security.test.js index deb3c7c..1a2fa14 100644 --- a/src/parser/security.test.js +++ b/src/parser/security.test.js @@ -130,9 +130,9 @@ describe('applySecurity()', () => { await onRequest(request); expect(securityHandlers.ApiKey).toHaveBeenCalledTimes(1); - expect(securityHandlers.ApiKey).toHaveBeenCalledWith('api key', request); + expect(securityHandlers.ApiKey).toHaveBeenCalledWith('api key', request, operation); expect(securityHandlers.OAuth2).toHaveBeenCalledTimes(1); - expect(securityHandlers.OAuth2).toHaveBeenCalledWith('bearer token', request); + expect(securityHandlers.OAuth2).toHaveBeenCalledWith('bearer token', request, operation); expect(securityHandlers.ApiKey2).not.toHaveBeenCalled(); expect(request[DECORATOR_NAME].security).toMatchObject({ ApiKey: 'ApiKey data', OAuth2: 'OAuth2 data' }); expect(request[DECORATOR_NAME].securityReport).toMatchInlineSnapshot(` @@ -185,9 +185,9 @@ describe('applySecurity()', () => { await onRequest(request); expect(securityHandlers.ApiKey).toHaveBeenCalledTimes(1); - expect(securityHandlers.ApiKey).toHaveBeenCalledWith('api key', request); + expect(securityHandlers.ApiKey).toHaveBeenCalledWith('api key', request, operation); expect(securityHandlers.OAuth2).toHaveBeenCalledTimes(1); - expect(securityHandlers.OAuth2).toHaveBeenCalledWith('bearer token', request); + expect(securityHandlers.OAuth2).toHaveBeenCalledWith('bearer token', request, operation); expect(request[DECORATOR_NAME].security).toMatchObject({ OAuth2: 'OAuth2 data' }); expect(request[DECORATOR_NAME].securityReport).toMatchInlineSnapshot(` [ @@ -554,7 +554,7 @@ describe('applySecurity()', () => { } catch (err) { expect(err).toBe(customError); expect(securityErrorMapper).toHaveBeenCalledTimes(1); - expect(securityErrorMapper.mock.calls[0][0]).toBeInstanceOf(errors.UnauthorizedError); + expect(securityErrorMapper).toHaveBeenCalledWith(expect.any(errors.UnauthorizedError), request, operation); } }); });