UNPKG

@sap/cds

Version:

SAP Cloud Application Programming Model - CDS for Node.js

cap.cloud.sap

155 lines (139 loc) 6.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
const cds = require('../../cds.js') const express = require('express') const getTenantInfo = require('./getTenantInfo.js') const isSecured = () => cds.requires.auth && (cds.requires.auth.impl || cds.requires.auth.credentials) const _isAll = a => a && a.includes('all') let jwt_auth class EndpointRegistry { constructor(basePath, LOG) { const deployPath = basePath + '/deploy' this.webhookCallbacks = new Map() this.deployCallbacks = new Map() if (isSecured()) { if (cds.requires.auth.impl) { cds.app.use(basePath, cds.middlewares.before) // contains auth, trace, context } else { jwt_auth ??= require('../../../../lib/srv/middlewares/auth/jwt-auth.js') cds.app.use(basePath, cds.middlewares.context()) cds.app.use(basePath, jwt_auth(cds.requires.auth)) cds.app.use(basePath, (err, req, res, next) => { if (err === 401) res.sendStatus(401) else next(err) }) } // unsuccessful auth doesn't automatically reject! cds.app.use(basePath, (req, res, next) => { // REVISIT: we should probably pass an error into next so that a (custom) error middleware can handle it if (cds.context.user._is_anonymous) return res.status(401).end() next() }) } else { if (process.env.NODE_ENV === 'production') { LOG.warn('Messaging endpoints not secured') } // auth middlewares set cds.context.user cds.app.use(basePath, cds.middlewares.context()) } cds.app.use(basePath, express.json({ type: 'application/*+json' })) cds.app.use(basePath, express.json()) cds.app.use(basePath, express.urlencoded({ extended: true })) LOG._debug && LOG.debug('Register inbound endpoint', { basePath, method: 'OPTIONS' }) // Clear cds.context as it would interfere with subsequent transactions // cds.app.use(basePath, (_req, _res, next) => { // cds.context = undefined // REVISIT: Why is that necessary? // next() // }) cds.app.options(basePath, (req, res) => { try { if (isSecured() && !cds.context.user.is('emcallback')) return res.sendStatus(403) res.set('webhook-allowed-origin', req.headers['webhook-request-origin']) res.sendStatus(200) } catch { res.sendStatus(500) } }) LOG._debug && LOG.debug('Register inbound endpoint', { basePath, method: 'POST' }) cds.app.post(basePath, (req, res) => { try { if (isSecured() && !cds.context.user.is('emcallback')) return res.sendStatus(403) const queueName = req.query.q if (!queueName) { LOG.error('Query parameter `q` not found.') return res.sendStatus(400) } const xAddress = req.headers['x-address'] const topic = xAddress && xAddress.match(/^topic:(.*)/)?.[1] if (!topic) { LOG.error('Incoming message does not contain a topic in header `x-address`: ' + xAddress) return res.sendStatus(400) } const payload = req.body const cb = this.webhookCallbacks.get(queueName) if (!cb) return res.sendStatus(200) const { tenant } = cds.context const other = tenant ? { _: { req, res }, // For `cds.context.http` tenant } : {} if (!cb) return res.sendStatus(200) cb(topic, payload, other, { done: () => { res.sendStatus(200) }, failed: () => { res.sendStatus(500) } }) } catch (error) { LOG.error(error) return res.sendStatus(500) } }) cds.app.post(deployPath, async (req, res) => { try { if (isSecured() && !cds.context.user.is('emmanagement')) return res.sendStatus(403) const tenants = req.body && !_isAll(req.body.tenants) && req.body.tenants const queues = req.body && !_isAll(req.body.queues) && req.body.queues const options = { wipeData: req.body && req.body.wipeData } if (tenants && !Array.isArray(tenants)) res.send(400).send('Request parameter `tenants` must be an array.') if (queues && !Array.isArray(queues)) res.send(400).send('Request parameter `queues` must be an array.') const tenantInfo = tenants ? await Promise.all(tenants.map(t => getTenantInfo(t))) : await getTenantInfo() const callbacks = queues ? queues.map(q => this.deployCallbacks.get(q)) : [...this.deployCallbacks.values()] const results = await Promise.all(callbacks.map(c => c(tenantInfo, options))) // [{ queue: '...', failed: [...], succeeded: [...] }, ...] const hasError = results.some(r => r.failed.length) if (hasError) return res.status(500).send(results) return res.status(201).send(results) } catch { // REVISIT: Still needed with cds-mtxs? // If an unknown tenant id is provided, cds-mtx will crash ("Cannot read property 'hanaClient' of undefined") return res.sendStatus(500) } }) } registerWebhookCallback(queueName, cb) { this.webhookCallbacks.set(queueName, cb) } registerDeployCallback(queueName, cb) { this.deployCallbacks.set(queueName, cb) } } // Singleton registries per basePath const registries = new Map() // REVISIT: Use cds mechanism instead of express? -> Need option method and handler for specifica const registerWebhookEndpoints = (basePath, queueName, LOG, cb) => { const registry = registries.get(basePath) || (registries.set(basePath, new EndpointRegistry(basePath, LOG)) && registries.get(basePath)) registry.registerWebhookCallback(queueName, cb) } const registerDeployEndpoints = (basePath, queueName, cb) => { const registry = registries.get(basePath) || (registries.set(basePath, new EndpointRegistry(basePath)) && registries.get(basePath)) registry.registerDeployCallback(queueName, cb) } // Only needed for testing, not used in productive code const __clearRegistries = () => registries.clear() module.exports = { registerWebhookEndpoints, registerDeployEndpoints, __clearRegistries }