From 9f3e4be50a6cbcb35ae5484d4e759edf0557af7d Mon Sep 17 00:00:00 2001 From: Sergey Ukustov Date: Wed, 10 Jul 2024 20:19:00 +0300 Subject: [PATCH] Check if body (#1235) --- src/auth/__tests__/auth.middleware.test.ts | 11 +++++++++-- src/auth/auth.middleware.ts | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/auth/__tests__/auth.middleware.test.ts b/src/auth/__tests__/auth.middleware.test.ts index 4380c47c..e17967b6 100644 --- a/src/auth/__tests__/auth.middleware.test.ts +++ b/src/auth/__tests__/auth.middleware.test.ts @@ -164,6 +164,9 @@ describe('Auth lambda', () => { app.post('/', (req, res) => { res.json({ hello: 'world' }) }) + app.get('/', (req, res) => { + res.json({ hello: 'world' }) + }) }) test('valid digest', async () => { @@ -175,7 +178,7 @@ describe('Auth lambda', () => { .set('did', did.id) .set('digest', cid.toString()) .send(Buffer.from(carFile.bytes)) // Supertest quirk - expect(response.status).toBe(200) + expect(response.status).toEqual(200) }) test('invalid digest', async () => { const carFile = carFactory.build() @@ -185,7 +188,11 @@ describe('Auth lambda', () => { .set('did', did.id) .set('digest', 'INVALID') .send(Buffer.from(carFile.bytes)) // Supertest quirk - expect(response.status).toBe(403) + expect(response.status).toEqual(403) + }) + test('get', async () => { + const response = await supertest(app).get('/') + expect(response.status).toEqual(200) }) }) diff --git a/src/auth/auth.middleware.ts b/src/auth/auth.middleware.ts index dbee7de9..f919b89d 100644 --- a/src/auth/auth.middleware.ts +++ b/src/auth/auth.middleware.ts @@ -57,7 +57,7 @@ export function auth(opts: AuthOpts): Handler { // Use auth lambda const didFromHeader = req.header('did') - if (didFromHeader && req.body) { + if (didFromHeader && req.body && Object.keys(req.body).length > 0) { const digest = buildBodyDigest(req.header('Content-Type'), req.body) if (req.header('digest') === digest) { ServiceMetrics.count(METRIC_NAMES.AUTH_ALLOWED, 1, { did: didFromHeader })