fix: fixed http library to properly set API header with organization …

…name
snyk · Feb 21, 2023 · 6eb1b56 · 6eb1b56
1 parent 7c6d401
commit 6eb1b56
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 38 deletions.
diff --git a/src/http.ts b/src/http.ts
@@ -181,11 +181,14 @@ export async function getFilters(
   return generateError<GenericErrorTypes>(res.errorCode, GENERIC_ERROR_MESSAGES, apiName);
 }
 
-function prepareTokenHeaders(sessionToken: string) {
+function prepareHeaders(options: ConnectionOptions) {
   return {
-    'Session-Token': sessionToken,
+    'Session-Token': options.sessionToken,
     // We need to be able to test code-client without deepcode locally
-    Authorization: `Bearer ${sessionToken}`,
+    Authorization: `Bearer ${options.sessionToken}`,
+    source: options.source,
+    ...(options.requestId && { 'snyk-request-id': options.requestId }),
+    ...(options.org && { 'snyk-org-name': options.org }),
   };
 }
 
@@ -221,11 +224,9 @@ export async function createBundle(
   const payloadBody = await compressAndEncode(options.files);
   const payload: Payload = {
     headers: {
-      ...prepareTokenHeaders(options.sessionToken),
-      source: options.source,
-      ...(options.requestId && { 'snyk-request-id': options.requestId }),
-      ...{ 'content-type': 'application/octet-stream', 'content-encoding': 'gzip' },
-      ...(options.org && { 'snyk-org-name': options.org }),
+      'content-type': 'application/octet-stream',
+      'content-encoding': 'gzip',
+      ...prepareHeaders(options),
     },
     url: `${options.baseURL}/bundle`,
     method: 'post',
@@ -259,12 +260,7 @@ interface CheckBundleOptions extends ConnectionOptions {
 
 export async function checkBundle(options: CheckBundleOptions): Promise<Result<RemoteBundle, CheckBundleErrorCodes>> {
   const res = await makeRequest<RemoteBundle>({
-    headers: {
-      ...prepareTokenHeaders(options.sessionToken),
-      source: options.source,
-      ...(options.requestId && { 'snyk-request-id': options.requestId }),
-      ...(options.org && { 'snyk-org-name': options.org }),
-    },
+    headers: prepareHeaders(options),
     url: `${options.baseURL}/bundle/${options.bundleHash}`,
     method: 'get',
   });
@@ -302,11 +298,9 @@ export async function extendBundle(
   const payloadBody = await compressAndEncode(pick(options, ['files', 'removedFiles']));
   const res = await makeRequest<RemoteBundle>({
     headers: {
-      ...prepareTokenHeaders(options.sessionToken),
-      source: options.source,
-      ...(options.requestId && { 'snyk-request-id': options.requestId }),
-      ...{ 'content-type': 'application/octet-stream', 'content-encoding': 'gzip' },
-      ...(options.org && { 'snyk-org-name': options.org }),
+      'content-type': 'application/octet-stream',
+      'content-encoding': 'gzip',
+      ...prepareHeaders(options),
     },
     url: `${options.baseURL}/bundle/${options.bundleHash}`,
     method: 'put',
@@ -363,10 +357,8 @@ export async function getAnalysis(
 ): Promise<Result<GetAnalysisResponseDto, GetAnalysisErrorCodes>> {
   const config: Payload = {
     headers: {
-      ...prepareTokenHeaders(options.sessionToken),
-      source: options.source,
-      ...(options.requestId && { 'snyk-request-id': options.requestId }),
-      ...(options.org && { 'snyk-org-name': options.org }),
+      ...prepareHeaders(options),
+      ...(options.analysisContext?.org?.name && { 'snyk-org-name': options.analysisContext.org.name }),
     },
     url: `${options.baseURL}/analysis`,
     method: 'post',

diff --git a/tests/analysis.spec.ts b/tests/analysis.spec.ts
@@ -1,7 +1,7 @@
 import path from 'path';
 import jsonschema from 'jsonschema';
 
-import { analyzeFolders, extendAnalysis } from '../src/analysis';
+import { analyzeFolders, extendAnalysis, analyzeBundle } from '../src/analysis';
 import { uploadRemoteBundle } from '../src/bundles';
 import { baseURL, sessionToken, source, TEST_TIMEOUT } from './constants/base';
 import { sampleProjectPath, bundleFilesFull, bundleExtender } from './constants/sample';
@@ -301,30 +301,49 @@ describe('Functional test of analysis', () => {
         analysisContext: {
           flow: 'test',
           initiator: 'CLI',
-          orgDisplayName: 'org',
-          orgPublicId: 'id',
-          projectName: 'proj',
-          projectPublicId: 'id',
+          org: {
+            name: 'org',
+            displayName: 'organization',
+            publicId: 'id',
+            flags: {},
+          },
+          project: {
+            name: 'proj',
+            publicId: 'id',
+            type: 'code',
+          },
         },
       };
 
       const makeRequestSpy = jest.spyOn(needle, 'makeRequest');
 
-      await analyzeFolders({
-        connection: { baseURL, sessionToken, source },
-        analysisOptions: {
+      try {
+        await analyzeBundle({
+          baseURL,
+          sessionToken,
+          source,
           severity: 1,
-        },
-        fileOptions: {
-          paths: [sampleProjectPath],
-          symlinksEnabled: false,
-        },
-        ...analysisContext,
-      });
+          bundleHash: 'hash',
+          shard: sampleProjectPath,
+          ...analysisContext,
+        });
+      } catch (err) {
+        // Authentication mechanism should deny the request as this user does not belong to the org 'org'
+        expect(err).toEqual({
+          apiName: 'getAnalysis',
+          statusCode: 401,
+          statusText: 'Missing, revoked or inactive token',
+        });
+      }
+
       const makeRequestSpyLastCalledWith = makeRequestSpy.mock.calls[makeRequestSpy.mock.calls.length - 1][0];
       expect(makeRequestSpyLastCalledWith).toEqual(
         expect.objectContaining({
           body: expect.objectContaining(analysisContext),
+          headers: expect.objectContaining({
+            'snyk-org-name': 'org',
+            source: 'test-source',
+          }),
         }),
       );
     });