@dwp/govuk-casa 8.2.1 → 8.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. package/CHANGELOG.md +9 -0
  2. package/README.md +1 -0
  3. package/dist/casa.d.ts +203 -1
  4. package/dist/casa.js +131 -2
  5. package/dist/lib/CasaTemplateLoader.d.ts +4 -0
  6. package/dist/lib/CasaTemplateLoader.js +5 -0
  7. package/dist/lib/JourneyContext.d.ts +85 -13
  8. package/dist/lib/JourneyContext.js +78 -5
  9. package/dist/lib/Plan.d.ts +122 -49
  10. package/dist/lib/Plan.js +161 -37
  11. package/dist/lib/ValidationError.d.ts +38 -48
  12. package/dist/lib/ValidationError.js +30 -42
  13. package/dist/lib/ValidatorFactory.d.ts +42 -52
  14. package/dist/lib/ValidatorFactory.js +37 -48
  15. package/dist/lib/configuration-ingestor.d.ts +18 -4
  16. package/dist/lib/configuration-ingestor.js +23 -10
  17. package/dist/lib/configure.d.ts +4 -0
  18. package/dist/lib/configure.js +20 -52
  19. package/dist/lib/end-session.d.ts +3 -2
  20. package/dist/lib/end-session.js +2 -1
  21. package/dist/lib/field.d.ts +97 -35
  22. package/dist/lib/field.js +90 -41
  23. package/dist/lib/nunjucks-filters.d.ts +12 -2
  24. package/dist/lib/nunjucks-filters.js +11 -1
  25. package/dist/lib/nunjucks.d.ts +1 -0
  26. package/dist/lib/nunjucks.js +1 -0
  27. package/dist/lib/utils.d.ts +46 -14
  28. package/dist/lib/utils.js +43 -26
  29. package/dist/lib/validators/dateObject.d.ts +75 -1
  30. package/dist/lib/validators/dateObject.js +29 -18
  31. package/dist/lib/validators/email.d.ts +28 -1
  32. package/dist/lib/validators/email.js +20 -9
  33. package/dist/lib/validators/inArray.d.ts +34 -1
  34. package/dist/lib/validators/inArray.js +21 -0
  35. package/dist/lib/validators/index.js +3 -0
  36. package/dist/lib/validators/nino.d.ts +34 -1
  37. package/dist/lib/validators/nino.js +17 -7
  38. package/dist/lib/validators/postalAddressObject.d.ts +68 -1
  39. package/dist/lib/validators/postalAddressObject.js +27 -15
  40. package/dist/lib/validators/regex.d.ts +35 -1
  41. package/dist/lib/validators/regex.js +17 -7
  42. package/dist/lib/validators/required.d.ts +28 -1
  43. package/dist/lib/validators/required.js +19 -6
  44. package/dist/lib/validators/strlen.d.ts +40 -1
  45. package/dist/lib/validators/strlen.js +18 -8
  46. package/dist/lib/validators/wordCount.d.ts +40 -1
  47. package/dist/lib/validators/wordCount.js +18 -8
  48. package/dist/lib/waypoint-url.d.ts +1 -0
  49. package/dist/lib/waypoint-url.js +10 -0
  50. package/dist/middleware/data.js +21 -5
  51. package/dist/middleware/gather-fields.js +1 -0
  52. package/dist/middleware/pre.js +1 -0
  53. package/dist/middleware/steer-journey.js +2 -1
  54. package/dist/middleware/strip-proxy-path.d.ts +4 -0
  55. package/dist/middleware/strip-proxy-path.js +56 -0
  56. package/dist/middleware/validate-fields.js +3 -0
  57. package/dist/routes/ancillary.d.ts +16 -5
  58. package/dist/routes/ancillary.js +7 -3
  59. package/dist/routes/journey.d.ts +30 -6
  60. package/dist/routes/journey.js +27 -0
  61. package/dist/routes/static.d.ts +1 -0
  62. package/dist/routes/static.js +2 -1
  63. package/package.json +16 -11
  64. package/views/casa/components/character-count/README.md +1 -1
  65. package/views/casa/components/input/README.md +1 -1
  66. package/views/casa/components/radios/README.md +2 -2
  67. package/views/casa/components/textarea/README.md +1 -1
@@ -1,83 +1,73 @@
1
1
  /**
2
- * @typedef {import('./index').ProcessorFunction} ProcessorFunction
2
+ * @access private
3
+ * @typedef {import('../casa').ErrorMessageConfig} ErrorMessageConfig
3
4
  */
4
5
  /**
6
+ * @access private
5
7
  * @typedef {import('./index').JourneyContext} JourneyContext
6
8
  */
7
9
  /**
10
+ * @access private
8
11
  * @typedef {import('./index').ValidationError} ValidationError
9
12
  */
10
13
  /**
11
- * @typedef {object} Validator
12
- * @property {ValidateFunction} validate Validation function
13
- * @property {ProcessorFunction} sanitise Sanitise a given value prior to validation
14
- * @property {object} config Configuration
15
- * @property {string} name Validator name
14
+ * @access private
15
+ * @typedef {import('../casa').ValidateContext} ValidateContext
16
16
  */
17
17
  /**
18
- * @callback ValidateFunction
19
- * @param {any} value
20
- * @param {ValidateContext} context
21
- * @returns {ValidationError[]}
18
+ * @access private
19
+ * @typedef {import('../casa').Validator} Validator
22
20
  */
23
21
  /**
24
- * @typedef {object} ValidateContext Context passed to validate function
25
- * @property {JourneyContext} journeyContext Journey context
26
- * @property {string} waypoint Waypoint
27
- * @property {string} fieldName Name of field being processed
22
+ * @typedef {object} ValidatorFactoryOptions
23
+ * @property {ErrorMessageConfig} errorMsg Error message
24
+ */
25
+ /**
26
+ * @class
27
+ * @memberof module:@dwp/govuk-casa
28
28
  */
29
29
  export default class ValidatorFactory {
30
30
  /**
31
31
  * This is a convenience method that will return a consistently object
32
32
  * structure containing validation and sanitisation methods.
33
33
  *
34
- * @param {object} config Validator config (custom to the validator being created)
34
+ * @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
35
35
  * @returns {Validator} Validator object
36
36
  * @throws {TypeError} When configurarion is invalid.
37
37
  */
38
- static make(config?: object): Validator;
39
- static coerceToValidatorObject(input: any): any;
40
- constructor(config?: {});
41
- config: {};
42
- validate(fieldValue: any, context: any): void;
43
- sanitise(fieldValue: any): any;
44
- }
45
- export type ProcessorFunction = import('./index').ProcessorFunction;
46
- export type JourneyContext = import('./index').JourneyContext;
47
- export type ValidationError = import('./index').ValidationError;
48
- export type Validator = {
49
- /**
50
- * Validation function
51
- */
52
- validate: ValidateFunction;
53
- /**
54
- * Sanitise a given value prior to validation
55
- */
56
- sanitise: any;
57
- /**
58
- * Configuration
59
- */
60
- config: object;
38
+ static make(config?: ValidatorFactoryOptions): Validator;
61
39
  /**
62
- * Validator name
40
+ * NEVER CALL THIS DIRECTLY. USE `make()`.
41
+ *
42
+ * @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
63
43
  */
64
- name: string;
65
- };
66
- export type ValidateFunction = (value: any, context: ValidateContext) => ValidationError[];
67
- /**
68
- * Context passed to validate function
69
- */
70
- export type ValidateContext = {
44
+ constructor(config?: ValidatorFactoryOptions);
45
+ config: ValidatorFactoryOptions;
71
46
  /**
72
- * Journey context
47
+ * Validate the given value.
48
+ *
49
+ * @param {any} fieldValue Value to validate
50
+ * @param {ValidateContext} context Contextual information
51
+ * @returns {ValidationError[]} A list of errors (empty if no errors found)
52
+ * @throws {Error}
73
53
  */
74
- journeyContext: JourneyContext;
54
+ validate(fieldValue: any, context: ValidateContext): ValidationError[];
75
55
  /**
76
- * Waypoint
56
+ * Sanitise the given value.
57
+ *
58
+ * @param {any} fieldValue Value to validate
59
+ * @returns {any} The sanitised value
77
60
  */
78
- waypoint: string;
61
+ sanitise(fieldValue: any): any;
62
+ }
63
+ export type ErrorMessageConfig = import('../casa').ErrorMessageConfig;
64
+ export type JourneyContext = import('./index').JourneyContext;
65
+ export type ValidationError = import('./index').ValidationError;
66
+ export type ValidateContext = import('../casa').ValidateContext;
67
+ export type Validator = import('../casa').Validator;
68
+ export type ValidatorFactoryOptions = {
79
69
  /**
80
- * Name of field being processed
70
+ * Error message
81
71
  */
82
- fieldName: string;
72
+ errorMsg: ErrorMessageConfig;
83
73
  };
@@ -7,39 +7,39 @@ Object.defineProperty(exports, "__esModule", { value: true });
7
7
  const lodash_1 = __importDefault(require("lodash"));
8
8
  const { isPlainObject } = lodash_1.default; // CommonJS
9
9
  /**
10
- * @typedef {import('./index').ProcessorFunction} ProcessorFunction
10
+ * @access private
11
+ * @typedef {import('../casa').ErrorMessageConfig} ErrorMessageConfig
11
12
  */
12
13
  /**
14
+ * @access private
13
15
  * @typedef {import('./index').JourneyContext} JourneyContext
14
16
  */
15
17
  /**
18
+ * @access private
16
19
  * @typedef {import('./index').ValidationError} ValidationError
17
20
  */
18
21
  /**
19
- * @typedef {object} Validator
20
- * @property {ValidateFunction} validate Validation function
21
- * @property {ProcessorFunction} sanitise Sanitise a given value prior to validation
22
- * @property {object} config Configuration
23
- * @property {string} name Validator name
22
+ * @access private
23
+ * @typedef {import('../casa').ValidateContext} ValidateContext
24
24
  */
25
25
  /**
26
- * @callback ValidateFunction
27
- * @param {any} value
28
- * @param {ValidateContext} context
29
- * @returns {ValidationError[]}
26
+ * @access private
27
+ * @typedef {import('../casa').Validator} Validator
30
28
  */
31
29
  /**
32
- * @typedef {object} ValidateContext Context passed to validate function
33
- * @property {JourneyContext} journeyContext Journey context
34
- * @property {string} waypoint Waypoint
35
- * @property {string} fieldName Name of field being processed
30
+ * @typedef {object} ValidatorFactoryOptions
31
+ * @property {ErrorMessageConfig} errorMsg Error message
32
+ */
33
+ /**
34
+ * @class
35
+ * @memberof module:@dwp/govuk-casa
36
36
  */
37
37
  class ValidatorFactory {
38
38
  /**
39
39
  * This is a convenience method that will return a consistently object
40
40
  * structure containing validation and sanitisation methods.
41
41
  *
42
- * @param {object} config Validator config (custom to the validator being created)
42
+ * @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
43
43
  * @returns {Validator} Validator object
44
44
  * @throws {TypeError} When configurarion is invalid.
45
45
  */
@@ -57,48 +57,37 @@ class ValidatorFactory {
57
57
  Object.freeze(instance);
58
58
  return instance;
59
59
  }
60
- static coerceToValidatorObject(input) {
61
- let validator = Object.create(null);
62
- validator.validate = () => (Promise.reject(new Error('validate() method has not been defined')));
63
- validator.sanitise = (val) => (val);
64
- validator.config = Object.create(null);
65
- // An uninstantied Validator subclass
66
- if (typeof input === 'function' && Reflect.getPrototypeOf(input) === ValidatorFactory) {
67
- validator = input.make();
68
- }
69
- else if (typeof input === 'function') {
70
- // A plain function is assumed to be just the validation logic. We do not
71
- // bind the function to `validator` here because it may already be bound to
72
- // another context in userland.
73
- validator.name = input.name || input.constructor.name || 'unknown';
74
- validator.validate = input;
75
- }
76
- else if (isPlainObject(input)) {
77
- // A plain object
78
- validator = {
79
- validate: input.validate || validator.validate,
80
- sanitise: input.sanitise || validator.sanitise,
81
- config: input.config || validator.config,
82
- name: input.name || validator.name,
83
- };
84
- }
85
- else {
86
- // An unsupported scenario
87
- throw new TypeError(`Cannot coerce input to a validator object (typeof = ${typeof input})`);
88
- }
89
- return validator;
90
- }
60
+ /**
61
+ * NEVER CALL THIS DIRECTLY. USE `make()`.
62
+ *
63
+ * @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
64
+ */
91
65
  constructor(config = {}) {
92
66
  if (new.target === ValidatorFactory) {
93
67
  throw new TypeError('Cannot instantiate the abstract class, ValidatorFactory');
94
68
  }
95
69
  this.config = config;
96
70
  }
97
- /* eslint-disable-next-line no-unused-vars */
71
+ /* eslint-disable no-unused-vars */
72
+ /* eslint-disable-next-line jsdoc/require-returns-check */
73
+ /**
74
+ * Validate the given value.
75
+ *
76
+ * @param {any} fieldValue Value to validate
77
+ * @param {ValidateContext} context Contextual information
78
+ * @returns {ValidationError[]} A list of errors (empty if no errors found)
79
+ * @throws {Error}
80
+ */
98
81
  validate(fieldValue, context) {
99
82
  throw new Error('validate() method has not been implemented');
100
83
  }
101
- /* eslint-disable-next-line no-unused-vars */
84
+ /* eslint-disable-next-line jsdoc/require-returns-check */
85
+ /**
86
+ * Sanitise the given value.
87
+ *
88
+ * @param {any} fieldValue Value to validate
89
+ * @returns {any} The sanitised value
90
+ */
102
91
  sanitise(fieldValue) {
103
92
  return fieldValue;
104
93
  }
@@ -1,6 +1,7 @@
1
1
  /**
2
2
  * Validates and sanitises i18n obejct.
3
3
  *
4
+ * @access private
4
5
  * @param {object} i18n Object to validate.
5
6
  * @param {Function} cb Callback function that receives the validated value.
6
7
  * @throws {TypeError} For invalid object.
@@ -10,6 +11,7 @@ export function validateI18nObject(i18n?: object, cb?: Function): object;
10
11
  /**
11
12
  * Validates and sanitises i18n directory.
12
13
  *
14
+ * @access private
13
15
  * @param {Array} dirs Array of directories.
14
16
  * @throws {SyntaxError} For invalid directories.
15
17
  * @throws {TypeError} For invalid type.
@@ -19,6 +21,7 @@ export function validateI18nDirs(dirs?: any[]): any[];
19
21
  /**
20
22
  * Validates and sanitises i18n locales.
21
23
  *
24
+ * @access private
22
25
  * @param {Array} locales Array of locales.
23
26
  * @throws {SyntaxError} For invalid locales.
24
27
  * @throws {TypeError} For invalid type.
@@ -28,15 +31,16 @@ export function validateI18nLocales(locales?: any[]): any[];
28
31
  /**
29
32
  * Validates and sanitises mount url.
30
33
  *
31
- * @param {string} mountUrl URL from which Express app will be served.
32
- * @param {string} name Name of the URL type (Mount URL, or Proxy Mount URL).
34
+ * @access private
35
+ * @param {string} mountUrl Prefix for all URLs in the browser address bar
33
36
  * @throws {SyntaxError} For invalid URL.
34
- * @returns {string} Sanitised URL.
37
+ * @returns {string|undefined} Sanitised URL.
35
38
  */
36
- export function validateMountUrl(mountUrl: string, name?: string): string;
39
+ export function validateMountUrl(mountUrl: string): string | undefined;
37
40
  /**
38
41
  * Validates and sanitises sessions object.
39
42
  *
43
+ * @access private
40
44
  * @param {object} session Object to validate.
41
45
  * @param {Function} cb Callback function that receives the validated value.
42
46
  * @throws {TypeError} For invalid object.
@@ -46,6 +50,7 @@ export function validateSessionObject(session?: object, cb?: Function): object;
46
50
  /**
47
51
  * Validates and sanitises view directory.
48
52
  *
53
+ * @access private
49
54
  * @param {Array} dirs Array of directories.
50
55
  * @throws {SyntaxError} For invalid directories.
51
56
  * @throws {TypeError} For invalid type.
@@ -55,6 +60,7 @@ export function validateViews(dirs?: any[]): any[];
55
60
  /**
56
61
  * Validates and sanitises sessions secret.
57
62
  *
63
+ * @access private
58
64
  * @param {string} secret Session secret.
59
65
  * @throws {ReferenceError} For missing value type.
60
66
  * @throws {TypeError} For invalid value.
@@ -64,6 +70,7 @@ export function validateSessionSecret(secret: string): string;
64
70
  /**
65
71
  * Validates and sanitises sessions ttl.
66
72
  *
73
+ * @access private
67
74
  * @param {number} ttl Session ttl (seconds).
68
75
  * @throws {ReferenceError} For missing value type.
69
76
  * @throws {TypeError} For invalid value.
@@ -73,6 +80,7 @@ export function validateSessionTtl(ttl?: number): number;
73
80
  /**
74
81
  * Validates and sanitises sessions name.
75
82
  *
83
+ * @access private
76
84
  * @param {string} [name=casa-session] Session name.
77
85
  * @throws {ReferenceError} For missing value type.
78
86
  * @throws {TypeError} For invalid value.
@@ -82,6 +90,7 @@ export function validateSessionName(name?: string | undefined): string;
82
90
  /**
83
91
  * Validates and sanitises sessions secure flag.
84
92
  *
93
+ * @access private
85
94
  * @param {boolean} [secure=false] Session secure flag.
86
95
  * @throws {ReferenceError} For missing value type.
87
96
  * @throws {TypeError} For invalid value.
@@ -91,6 +100,7 @@ export function validateSessionSecure(secure?: boolean | undefined): string;
91
100
  /**
92
101
  * Validates and sanitises sessions store.
93
102
  *
103
+ * @access private
94
104
  * @param {Function} store Session store.
95
105
  * @returns {Function} Store.
96
106
  */
@@ -98,6 +108,7 @@ export function validateSessionStore(store: Function): Function;
98
108
  /**
99
109
  * Validates and sanitises sessions cookie url path.
100
110
  *
111
+ * @access private
101
112
  * @param {string} cookiePath Session cookie url path.
102
113
  * @param {string} defaultPath Default path if none specified.
103
114
  * @returns {string} Cookie path.
@@ -111,6 +122,7 @@ export function validateSessionCookiePath(cookiePath: string, defaultPath?: stri
111
122
  * Lax
112
123
  * None
113
124
  *
125
+ * @access private
114
126
  * @param {any} cookieSameSite Session cookie "sameSite" flag
115
127
  * @param {any} defaultFlag Default path if none specified
116
128
  * @returns {boolean} cookie path
@@ -127,6 +139,7 @@ export function validateEvents(events: any): any;
127
139
  /**
128
140
  * Validates helmet configuration function.
129
141
  *
142
+ * @access private
130
143
  * @param {HelmetConfigurator} helmetConfigurator Configuration function
131
144
  * @returns {HelmetConfigurator} Validated configuration function
132
145
  * @throws {TypeError} when passed a non-function
@@ -135,6 +148,7 @@ export function validateHelmetConfigurator(helmetConfigurator: HelmetConfigurato
135
148
  /**
136
149
  * Ingest, validate, sanitise and manipulate configuration parameters.
137
150
  *
151
+ * @access private
138
152
  * @param {ConfigurationOptions} config Config to ingest.
139
153
  * @throws {Error|SyntaxError|TypeError} For invalid config values.
140
154
  * @returns {object} Immutable config object.
@@ -10,9 +10,11 @@ const Plan_js_1 = __importDefault(require("./Plan.js"));
10
10
  const logger_js_1 = __importDefault(require("./logger.js"));
11
11
  const utils_js_1 = require("./utils.js");
12
12
  /**
13
+ * @access private
13
14
  * @typedef {import('../casa').ConfigurationOptions} ConfigurationOptions
14
15
  */
15
16
  /**
17
+ * @access private
16
18
  * @typedef {import('../casa').HelmetConfigurator} HelmetConfigurator
17
19
  */
18
20
  const log = (0, logger_js_1.default)('lib:configuration-ingestor');
@@ -20,6 +22,7 @@ const echo = (a) => (a);
20
22
  /**
21
23
  * Validates and sanitises i18n obejct.
22
24
  *
25
+ * @access private
23
26
  * @param {object} i18n Object to validate.
24
27
  * @param {Function} cb Callback function that receives the validated value.
25
28
  * @throws {TypeError} For invalid object.
@@ -35,6 +38,7 @@ exports.validateI18nObject = validateI18nObject;
35
38
  /**
36
39
  * Validates and sanitises i18n directory.
37
40
  *
41
+ * @access private
38
42
  * @param {Array} dirs Array of directories.
39
43
  * @throws {SyntaxError} For invalid directories.
40
44
  * @throws {TypeError} For invalid type.
@@ -55,6 +59,7 @@ exports.validateI18nDirs = validateI18nDirs;
55
59
  /**
56
60
  * Validates and sanitises i18n locales.
57
61
  *
62
+ * @access private
58
63
  * @param {Array} locales Array of locales.
59
64
  * @throws {SyntaxError} For invalid locales.
60
65
  * @throws {TypeError} For invalid type.
@@ -75,17 +80,17 @@ exports.validateI18nLocales = validateI18nLocales;
75
80
  /**
76
81
  * Validates and sanitises mount url.
77
82
  *
78
- * @param {string} mountUrl URL from which Express app will be served.
79
- * @param {string} name Name of the URL type (Mount URL, or Proxy Mount URL).
83
+ * @access private
84
+ * @param {string} mountUrl Prefix for all URLs in the browser address bar
80
85
  * @throws {SyntaxError} For invalid URL.
81
- * @returns {string} Sanitised URL.
86
+ * @returns {string|undefined} Sanitised URL.
82
87
  */
83
- function validateMountUrl(mountUrl, name = 'Mount URL') {
88
+ function validateMountUrl(mountUrl) {
84
89
  if (typeof mountUrl === 'undefined') {
85
- return '/';
90
+ return undefined;
86
91
  }
87
92
  if (!mountUrl.match(/\/$/)) {
88
- throw new SyntaxError(`${name} must include a trailing slash (/)`);
93
+ throw new SyntaxError('mountUrl must include a trailing slash (/)');
89
94
  }
90
95
  return mountUrl;
91
96
  }
@@ -93,6 +98,7 @@ exports.validateMountUrl = validateMountUrl;
93
98
  /**
94
99
  * Validates and sanitises sessions object.
95
100
  *
101
+ * @access private
96
102
  * @param {object} session Object to validate.
97
103
  * @param {Function} cb Callback function that receives the validated value.
98
104
  * @throws {TypeError} For invalid object.
@@ -111,6 +117,7 @@ exports.validateSessionObject = validateSessionObject;
111
117
  /**
112
118
  * Validates and sanitises view directory.
113
119
  *
120
+ * @access private
114
121
  * @param {Array} dirs Array of directories.
115
122
  * @throws {SyntaxError} For invalid directories.
116
123
  * @throws {TypeError} For invalid type.
@@ -131,6 +138,7 @@ exports.validateViews = validateViews;
131
138
  /**
132
139
  * Validates and sanitises sessions secret.
133
140
  *
141
+ * @access private
134
142
  * @param {string} secret Session secret.
135
143
  * @throws {ReferenceError} For missing value type.
136
144
  * @throws {TypeError} For invalid value.
@@ -149,6 +157,7 @@ exports.validateSessionSecret = validateSessionSecret;
149
157
  /**
150
158
  * Validates and sanitises sessions ttl.
151
159
  *
160
+ * @access private
152
161
  * @param {number} ttl Session ttl (seconds).
153
162
  * @throws {ReferenceError} For missing value type.
154
163
  * @throws {TypeError} For invalid value.
@@ -164,6 +173,7 @@ exports.validateSessionTtl = validateSessionTtl;
164
173
  /**
165
174
  * Validates and sanitises sessions name.
166
175
  *
176
+ * @access private
167
177
  * @param {string} [name=casa-session] Session name.
168
178
  * @throws {ReferenceError} For missing value type.
169
179
  * @throws {TypeError} For invalid value.
@@ -179,6 +189,7 @@ exports.validateSessionName = validateSessionName;
179
189
  /**
180
190
  * Validates and sanitises sessions secure flag.
181
191
  *
192
+ * @access private
182
193
  * @param {boolean} [secure=false] Session secure flag.
183
194
  * @throws {ReferenceError} For missing value type.
184
195
  * @throws {TypeError} For invalid value.
@@ -194,6 +205,7 @@ exports.validateSessionSecure = validateSessionSecure;
194
205
  /**
195
206
  * Validates and sanitises sessions store.
196
207
  *
208
+ * @access private
197
209
  * @param {Function} store Session store.
198
210
  * @returns {Function} Store.
199
211
  */
@@ -208,6 +220,7 @@ exports.validateSessionStore = validateSessionStore;
208
220
  /**
209
221
  * Validates and sanitises sessions cookie url path.
210
222
  *
223
+ * @access private
211
224
  * @param {string} cookiePath Session cookie url path.
212
225
  * @param {string} defaultPath Default path if none specified.
213
226
  * @returns {string} Cookie path.
@@ -227,6 +240,7 @@ exports.validateSessionCookiePath = validateSessionCookiePath;
227
240
  * Lax
228
241
  * None
229
242
  *
243
+ * @access private
230
244
  * @param {any} cookieSameSite Session cookie "sameSite" flag
231
245
  * @param {any} defaultFlag Default path if none specified
232
246
  * @returns {boolean} cookie path
@@ -357,6 +371,7 @@ exports.validateEvents = validateEvents;
357
371
  /**
358
372
  * Validates helmet configuration function.
359
373
  *
374
+ * @access private
360
375
  * @param {HelmetConfigurator} helmetConfigurator Configuration function
361
376
  * @returns {HelmetConfigurator} Validated configuration function
362
377
  * @throws {TypeError} when passed a non-function
@@ -371,6 +386,7 @@ exports.validateHelmetConfigurator = validateHelmetConfigurator;
371
386
  /**
372
387
  * Ingest, validate, sanitise and manipulate configuration parameters.
373
388
  *
389
+ * @access private
374
390
  * @param {ConfigurationOptions} config Config to ingest.
375
391
  * @throws {Error|SyntaxError|TypeError} For invalid config values.
376
392
  * @returns {object} Immutable config object.
@@ -382,10 +398,7 @@ function ingest(config = {}) {
382
398
  dirs: validateI18nDirs(i18n.dirs),
383
399
  locales: validateI18nLocales(i18n.locales),
384
400
  })),
385
- // !!! DEPRECATION NOTICE !!!
386
- // This will be removed in next major version
387
- //
388
- // Public URL from which the app will be served
401
+ // URL that will prefix all URLs in the browser address bar
389
402
  mountUrl: validateMountUrl(config.mountUrl),
390
403
  // Session
391
404
  session: validateSessionObject(config.session, (session) => ({
@@ -1,15 +1,19 @@
1
1
  /**
2
+ * @access private
2
3
  * @typedef {import('../casa').ConfigurationOptions} ConfigurationOptions
3
4
  */
4
5
  /**
6
+ * @access private
5
7
  * @typedef {import('../casa').ConfigurationOptions} ConfigureResult
6
8
  */
7
9
  /**
10
+ * @access private
8
11
  * @typedef {import('../casa').Mounter} Mounter
9
12
  */
10
13
  /**
11
14
  * Configure some middleware for use in creating a new CASA app.
12
15
  *
16
+ * @memberof module:@dwp/govuk-casa
13
17
  * @param {ConfigurationOptions} config Configuration options
14
18
  * @returns {ConfigureResult} Result
15
19
  */
@@ -16,6 +16,7 @@ const nunjucks_js_1 = __importDefault(require("./nunjucks.js"));
16
16
  const static_js_1 = __importDefault(require("../routes/static.js"));
17
17
  const ancillary_js_1 = __importDefault(require("../routes/ancillary.js"));
18
18
  const journey_js_1 = __importDefault(require("../routes/journey.js"));
19
+ const strip_proxy_path_js_1 = __importDefault(require("../middleware/strip-proxy-path.js"));
19
20
  const pre_js_1 = __importDefault(require("../middleware/pre.js"));
20
21
  const post_js_1 = __importDefault(require("../middleware/post.js"));
21
22
  const session_js_1 = __importDefault(require("../middleware/session.js"));
@@ -23,20 +24,22 @@ const i18n_js_1 = __importDefault(require("../middleware/i18n.js"));
23
24
  const data_js_1 = __importDefault(require("../middleware/data.js"));
24
25
  const body_parser_js_1 = __importDefault(require("../middleware/body-parser.js"));
25
26
  const csrf_js_1 = __importDefault(require("../middleware/csrf.js"));
26
- const logger_js_1 = __importDefault(require("./logger.js"));
27
- const log = (0, logger_js_1.default)('lib:configure');
28
27
  /**
28
+ * @access private
29
29
  * @typedef {import('../casa').ConfigurationOptions} ConfigurationOptions
30
30
  */
31
31
  /**
32
+ * @access private
32
33
  * @typedef {import('../casa').ConfigurationOptions} ConfigureResult
33
34
  */
34
35
  /**
36
+ * @access private
35
37
  * @typedef {import('../casa').Mounter} Mounter
36
38
  */
37
39
  /**
38
40
  * Configure some middleware for use in creating a new CASA app.
39
41
  *
42
+ * @memberof module:@dwp/govuk-casa
40
43
  * @param {ConfigurationOptions} config Configuration options
41
44
  * @returns {ConfigureResult} Result
42
45
  */
@@ -48,7 +51,7 @@ function configure(config = {}) {
48
51
  plugin.configure(config);
49
52
  });
50
53
  // Extract config
51
- const { mountUrl = '/', views = [], session = {
54
+ const { mountUrl, views = [], session = {
52
55
  secret: 'secret',
53
56
  name: 'casasession',
54
57
  secure: false,
@@ -134,54 +137,10 @@ function configure(config = {}) {
134
137
  const mount = (app, { route = '/' } = {}) => {
135
138
  nunjucksEnv.express(app);
136
139
  app.set('view engine', 'njk');
137
- // !!! DEPRECATION NOTICE !!!
138
- // This provides a non-breaking pathway to replacing `mountUrl` with
139
- // `req.baseUrl` in all internal route handlers/middleware for services
140
- // that use a proxy path in their mount point.
141
- //
142
- // In some cases, the URL on which `app` instance is mounted might include a
143
- // proxy path so that it can handle incoming requests that have had a path
144
- // prepended to it by an intermediary, such as nginx. This would be common
145
- // in a hosting environment that serves several separate applications.
146
- //
147
- // This bit of middleware removes that proxy path segment from the request
148
- // so that all subsequent middleware behave as if it was never present.
149
- //
150
- // e.g. Where the proxy path is `my-proxy`, then a request to
151
- // `/my-proxy/app` will be seen as `/app` in all subsequent middleware, and
152
- // all URLs generated for the browser will use `/app`.
153
- //
154
- // Using `config.mountUrl` rather than `mountUrl` here to test whether the
155
- // consumer explicitly set a `mountUrl`, in which case we're dealing with
156
- // backwards-compatibility mode.
157
- //
158
- // This intervention would not be needed for apps that omit `mountUrl` as if
159
- // so, it's assumed they're following the guidance for setting up a proxy
160
- // as described in `docs/guides/setup-behind-a-proxy.md`.
161
- if (config.mountUrl) {
162
- log.warn('[DEPRECATION WARNING] Using configuration attribute, mountUrl. This will be removed in an upcoming major version');
163
- app.use((req, res, next) => {
164
- // Mimic what the `docs/guides/setup-behind-a-proxy.md` guidance
165
- // recommends for stripping off any proxy prefixes to leave just the
166
- // "mountUrl" remaining.
167
- const originalBaseUrl = req.baseUrl;
168
- req.baseUrl = mountUrl.replace(/\/$/, '');
169
- // If the app has been mounted directly on the specific `mountUrl`, then
170
- // there's nothing we need to do and can let this request pass-through.
171
- if (req.baseUrl === originalBaseUrl) {
172
- next();
173
- }
174
- else if (req.__CASA_BASE_URL_REWRITTEN__) {
175
- delete req.__CASA_BASE_URL_REWRITTEN__;
176
- next();
177
- }
178
- else {
179
- // Issuing this call will re-run this same middleware, so we use this
180
- // `__CASA_BASE_URL_REWRITTEN__` flag to prevent recursion.
181
- req.__CASA_BASE_URL_REWRITTEN__ = true;
182
- req.app.handle(req, res, next);
183
- }
184
- });
140
+ // If a `mountUrl` has been defined, then we're potentially in "proxy mode",
141
+ // in which we strip the proxy path prefix from the incoming request URLs.
142
+ if (mountUrl) {
143
+ app.use((0, strip_proxy_path_js_1.default)({ mountUrl }));
185
144
  }
186
145
  // Attach a handler to redirect requests for `/` to the first waypoint in
187
146
  // the plan
@@ -195,7 +154,16 @@ function configure(config = {}) {
195
154
  res.redirect(302, `${reqPath}${reqParams}`);
196
155
  });
197
156
  }
198
- // Service static assets from the `app` rather than the `router`. The router
157
+ // Capture the mount path of this CASA app, before any parameterised path
158
+ // segments exert influence over `req.baseUrl` in the `router` further below.
159
+ // This can later be used by middleware that wants to use the
160
+ // "unparameterised" version of the request's `baseUrl`, such as the static
161
+ // router's middleware.
162
+ app.use((req, res, next) => {
163
+ req.unparameterisedBaseUrl = req.baseUrl;
164
+ next();
165
+ });
166
+ // Serve static assets from the `app` rather than the `router`. The router
199
167
  // may contain paramaterised path segments which would mean serving static
200
168
  // assets over a dynamic URL each time, thus causing lots of cache misses on
201
169
  // the browser.
@@ -6,8 +6,9 @@
6
6
  * Note: this will not remove the session from server-side storage, which will
7
7
  * instead be left up to the storage mechanism to clean up.
8
8
  *
9
- * @param {object} req HTTP request
9
+ * @memberof module:@dwp/govuk-casa
10
+ * @param {import('express').Request} req HTTP request
10
11
  * @param {Function} next Chain
11
12
  * @returns {void}
12
13
  */
13
- export default function endSession(req: object, next: Function): void;
14
+ export default function endSession(req: import('express').Request, next: Function): void;