UNPKG

@atlassian/atlassian-connect-express

Version:

Library for building Atlassian Add-ons on top of Express

bitbucket.org/atlassian/atlassian-connect-express

120 lines (108 loc) 3.64 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
const request = require("request"); const _ = require("lodash"); const URI = require("urijs"); const utils = require("./utils"); class ForgeHostRequest { constructor(addon, apiBaseUrl, token) { if (!addon) { throw new Error("addon must be defined"); } if (!token || typeof token !== "string") { throw new Error( "Forge token is not available. Double check your manifest and ensure this route is protected by authenticateForge()." ); } if (!apiBaseUrl || typeof apiBaseUrl !== "string") { throw new Error( "Forge base URL is missing. Ensure this route is protected by authenticateForge()." ); } this.addon = addon; this.token = token; this.apiBaseUrl = apiBaseUrl; } static _crossProtocolRedirectGuard(response) { if (!response.headers["location"]) { return true; } if ( !response.request || !response.request.uri || !response.request.uri.protocol ) { return true; } const locationUri = new URI(response.headers["location"]); const requestUri = new URI(response.request.uri.href); if (!locationUri || !locationUri.protocol || !locationUri.protocol()) { return true; } return locationUri.protocol() === requestUri.protocol(); } _makeVerb(method) { const safeRequestDefaults = { followRedirect: ForgeHostRequest._crossProtocolRedirectGuard }; return function (options, callback) { const self = this; const augmentHeaders = function (headers) { const appId = self.addon.config.appId(); headers["User-Agent"] = self.addon.config.userAgent( `forgeAppId=${appId}` ); headers.authorization = `Bearer ${self.token}`; }; let args; try { args = utils.modifyArgs( self.addon, options || {}, augmentHeaders, callback, self.apiBaseUrl ); const opts = args[0]; /*For GET method, drop request body: To be compliant with https://developer.atlassian.com/cloud/jira/platform/changelog/#CHANGE-2328 and https://developer.atlassian.com/cloud/confluence/changelog/#CHANGE-2328 */ const multipartFormData = method === "get" ? null : opts.multipartFormData; delete opts.multipartFormData; if (method === "get") { delete opts.body; delete opts.formData; // If options.json is true and there is no other body, it only adds the "accept: application/json" header. so we keep it. // When options.json is an object or any type other than boolean, it will be used as the request body, so we need to remove it. if (opts.json !== true) { delete opts.json; } } const req = request .defaults(safeRequestDefaults) [method].apply(null, args); if (multipartFormData) { const form = req.form(); _.forOwn(multipartFormData, (value, key) => { if (Array.isArray(value)) { form.append.apply(form, [key].concat(value)); } else { form.append.apply(form, [key, value]); } }); } return req; } catch (err) { self.addon.logger.error(err); if (callback) { return callback(err); } throw err; } }; } } ["get", "post", "put", "del", "head", "patch"].forEach(method => { ForgeHostRequest.prototype[method] = ForgeHostRequest.prototype._makeVerb(method); }); module.exports = ForgeHostRequest;