fix: ensure onSubscriptionConnect throws when no connectionParams sup…

…plied
aerogear · Jun 25, 2019 · f7cffe2 · f7cffe2
1 parent 47c49e2
commit f7cffe2
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 0 deletions.
diff --git a/packages/voyager-keycloak/src/KeycloakSecurityService.ts b/packages/voyager-keycloak/src/KeycloakSecurityService.ts
@@ -97,6 +97,9 @@ export class KeycloakSecurityService implements SecurityService {
   }
 
   public async onSubscriptionConnect(connectionParams: any, webSocket: any, context: any): Promise<any> {
+    if (!connectionParams || typeof connectionParams !== 'object') {
+      throw new Error('Access Denied - missing connection parameters for Authentication')
+    }
     const header = connectionParams.Authorization
                   || connectionParams.authorization
                   || connectionParams.Auth

diff --git a/packages/voyager-keycloak/test/KeycloakSecurityService.test.ts b/packages/voyager-keycloak/test/KeycloakSecurityService.test.ts
@@ -3,6 +3,43 @@ import test from 'ava'
 import { KeycloakSecurityService } from '../src/KeycloakSecurityService'
 import { Token } from '../src/KeycloakToken';
 
+test('onSubscriptionConnect throws if no connectionParams Provided', async t => {
+  const stubKeycloak = {
+    grantManager: {
+      validateToken: (token: string, type: 'string') => {
+        return new Promise((resolve, reject) => {
+          resolve(true)
+        })
+      }
+    }
+  }
+
+  const securityService = new KeycloakSecurityService({}, { log: console, keycloak: stubKeycloak })
+
+  await t.throwsAsync(async () => {
+    await securityService.onSubscriptionConnect(null, {}, {})
+  }, 'Access Denied - missing connection parameters for Authentication')
+})
+
+test('onSubscriptionConnect throws if no connectionParams is not an object', async t => {
+  const stubKeycloak = {
+    grantManager: {
+      validateToken: (token: string, type: 'string') => {
+        return new Promise((resolve, reject) => {
+          resolve(true)
+        })
+      }
+    }
+  }
+
+  const securityService = new KeycloakSecurityService({}, { log: console, keycloak: stubKeycloak })
+  const connectionParams = 'not an object'
+
+  await t.throwsAsync(async () => {
+    await securityService.onSubscriptionConnect(connectionParams, {}, {})
+  }, 'Access Denied - missing connection parameters for Authentication')
+})
+
 test('onSubscriptionConnect throws if no Auth provided', async t => {
   const stubKeycloak = {
     grantManager: {