diff --git a/package.json b/package.json index 913212e..b0bb39e 100644 --- a/package.json +++ b/package.json @@ -34,14 +34,14 @@ "express-basic-auth": "^1.2.1", "express-rate-limit": "^6.7.0", "express-validator": "^7.0.1", - "graphql": "^16.6.0", + "graphql": "^16.7.1", "graphql-http": "^1.19.0", "graphql-tag": "^2.12.6", "helmet": "^7.0.0", "jsonwebtoken": "^9.0.0", "moment": "^2.29.4", "mongodb": "^5.6.0", - "mongoose": "^7.3.0", + "mongoose": "^7.3.1", "pino": "^8.14.1", "pino-pretty": "^10.0.0", "swagger-ui-express": "^4.6.3", @@ -62,7 +62,7 @@ "jest-sonar-reporter": "^2.0.0", "node-notifier": "^10.0.1", "nodemon": "^2.0.22", - "sinon": "^15.1.0", + "sinon": "^15.2.0", "supertest": "^6.3.3" }, "repository": { diff --git a/src/client/relay/index.js b/src/client/relay/index.js index 0a97f9b..45329a7 100644 --- a/src/client/relay/index.js +++ b/src/client/relay/index.js @@ -1,7 +1,14 @@ import axios from 'axios'; +import https from 'https'; import { StrategiesToRelayDataType, RelayMethods } from '../../models/config'; +import { checkHttpsAgent } from '../../external/switcher-api-facade'; -export function resolveNotification(relay, entry, environment) { +const agent = async (url) => { + const rejectUnauthorized = !(await checkHttpsAgent(url)); + return new https.Agent({ rejectUnauthorized }); +}; + +export async function resolveNotification(relay, entry, environment) { const url = relay.endpoint[environment]; const header = createHeader(relay.auth_prefix, relay.auth_token, environment); @@ -41,7 +48,7 @@ export async function resolveVerification(relay, environment) { async function post(url, data, headers) { try { - return await axios.post(url, data, headers); + return await axios.post(url, data, { httpsAgent: await agent(url), headers }); } catch (error) { throw new Error(`Failed to reach ${url} via POST`); } @@ -49,7 +56,7 @@ async function post(url, data, headers) { async function get(url, data, headers) { try { - return await axios.get(`${url}${data}`, headers); + return await axios.get(`${url}${data}`, { httpsAgent: await agent(url), headers }); } catch (error) { throw new Error(`Failed to reach ${url} via GET`); } @@ -73,9 +80,9 @@ function createParams(entry) { } function createHeader(auth_prefix, auth_token, environment) { - let headers = {}; - - headers['Content-Type'] = 'application/json'; + let headers = { + ['Content-Type']: 'application/json' + }; if (environment) { if (auth_token && environment in auth_token && auth_prefix) { @@ -85,7 +92,5 @@ function createHeader(auth_prefix, auth_token, environment) { headers['Authorization'] = `${auth_prefix} ${auth_token}`; } - return { - headers - }; + return headers; } \ No newline at end of file diff --git a/src/external/switcher-api-facade.js b/src/external/switcher-api-facade.js index 91ca5cf..1f2a546 100644 --- a/src/external/switcher-api-facade.js +++ b/src/external/switcher-api-facade.js @@ -1,4 +1,4 @@ -import { Switcher, checkValue, checkPayload } from 'switcher-client'; +import { Switcher, checkValue, checkPayload, checkRegex } from 'switcher-client'; import { EnvType } from '../models/environment'; import { BadRequestError, FeatureUnavailableError } from '../exceptions'; import { getDomainById, getTotalDomainsByOwner } from '../services/domain'; @@ -227,5 +227,5 @@ export async function checkHttpsAgent(value) { if (process.env.SWITCHER_API_ENABLE != 'true') return; - return await checkFeature(SwitcherKeys.HTTPS_AGENT, [checkValue(value)]); + return checkFeature(SwitcherKeys.HTTPS_AGENT, [checkRegex(value)]); } \ No newline at end of file