@mojaloop/central-services-shared 18.15.1 → 18.16.0

package/.nvmrc

@@ -1 +1 @@
-18.17.1
+18.20.4

package/CHANGELOG.md

@@ -2,6 +2,20 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [18.16.0](https://github.com/mojaloop/central-services-shared/compare/v18.15.2...v18.16.0) (2025-01-24)
+
+
+### Features
+
+* added missing types and maintenance fixes ([#428](https://github.com/mojaloop/central-services-shared/issues/428)) ([f8e84e5](https://github.com/mojaloop/central-services-shared/commit/f8e84e52c3052196de23b51994297b35fd6ac757))
+
+### [18.15.2](https://github.com/mojaloop/central-services-shared/compare/v18.15.1...v18.15.2) (2025-01-20)
+
+
+### Chore
+
+* add date validation ([#427](https://github.com/mojaloop/central-services-shared/issues/427)) ([96b3e34](https://github.com/mojaloop/central-services-shared/commit/96b3e34cf9732178b197daa488079f1bb7ea6bf9))
+
 ### [18.15.1](https://github.com/mojaloop/central-services-shared/compare/v18.15.0...v18.15.1) (2025-01-07)
 
 

package/CODEOWNERS

@@ -6,7 +6,7 @@
 ## @global-owner1 and @global-owner2 will be requested for
 ## review when someone opens a pull request.
 #*       @global-owner1 @global-owner2
-* @mdebarros @elnyry-sam-k @vijayg10 @kleyow @oderayi
+* @bushjames @elnyry-sam-k @vijayg10 @kleyow @oderayi @shashi165 @gibaros
 
 ## Order is important; the last matching pattern takes the most
 ## precedence. When someone opens a pull request that only

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mojaloop/central-services-shared",
-  "version": "18.15.1",
+  "version": "18.16.0",
   "description": "Shared code for mojaloop central services",
   "license": "Apache-2.0",
   "author": "ModusBox",
@@ -60,7 +60,10 @@
   "dependencies": {
     "@hapi/catbox": "12.1.1",
     "@hapi/catbox-memory": "5.0.1",
+    "@hapi/hapi": "21.3.12",
+    "@hapi/joi-date": "2.0.1",
     "@mojaloop/inter-scheme-proxy-cache-lib": "2.3.1",
+    "@mojaloop/sdk-standard-components": "19.6.3",
     "axios": "1.7.9",
     "clone": "2.1.2",
     "dotenv": "16.4.7",
@@ -69,6 +72,7 @@
     "fast-safe-stringify": "^2.1.1",
     "immutable": "5.0.3",
     "ioredis": "^5.4.2",
+    "joi": "17.13.3",
     "lodash": "4.17.21",
     "mustache": "4.2.0",
     "openapi-backend": "5.11.1",
@@ -81,12 +85,11 @@
     "yaml": "2.7.0"
   },
   "devDependencies": {
-    "@hapi/hapi": "21.3.12",
-    "@hapi/joi": "17.1.1",
+    "@types/hapi__joi": "^17.1.15",
     "audit-ci": "^7.1.0",
     "base64url": "3.0.1",
     "chance": "1.1.12",
-    "npm-check-updates": "17.1.13",
+    "npm-check-updates": "17.1.14",
     "nyc": "17.1.0",
     "portfinder": "1.0.32",
     "pre-commit": "1.2.2",

package/src/index.d.ts

@@ -1,4 +1,5 @@
 import { Utils as HapiUtil, Server } from '@hapi/hapi'
+import { Joi } from 'joi'
 import { ILogger } from '@mojaloop/central-services-logger/src/contextLogger'
 
 declare namespace CentralServicesShared {
@@ -663,6 +664,9 @@ declare namespace CentralServicesShared {
   type ProtocolResources = string[]
   type ProtocolVersions = (string | symbol)[]
   type ApiTypeValues = 'fspiop' | 'iso20022'
+  type APIDocumentationPluginOptions = 
+  | { documentPath: string; document?: never }
+  | { document?: string; documentPath?: never }
 
   type LoggingPluginOptions = {
     log?: ILogger,
@@ -694,10 +698,40 @@ declare namespace CentralServicesShared {
       defaultProtocolResources: ProtocolResources
       defaultProtocolVersions: ProtocolVersions
     };
+    OpenapiBackendValidator: {
+      plugin: {
+        name: string,
+        register: (server: Server) => void
+      }
+    };
+    HapiEventPlugin: {
+      plugin: {
+        name: string,
+        register: (server: Server) => void
+      }      
+    };
+    customCurrencyCodeValidation: (joi: Joi) => {
+      base: Joi.StringSchema;
+      type: string;
+      messages: {
+        'currency.base': string;
+      };
+      rules: {
+        currency: {
+          validate: (value: string, helpers: any) => string | any;
+        };
+      };
+    };
+    APIDocumentation: {
+      plugin: {
+        name: string,
+        register: (server: Server, options: APIDocumentationPluginOptions) => void
+      }
+    };
     loggingPlugin: {
       name: string,
       register: (server: Server, options?: LoggingPluginOptions) => Promise<void>
-    }
+    };
     API_TYPES: Record<ApiTypeValues, ApiTypeValues>;
   }
   // todo: define the rest of the types

package/src/util/hapi/plugins/apiDocumentation.js

@@ -27,7 +27,7 @@ const APIDocBuilder = require('../../documentation').APIDocBuilder
 
 /**
  * Hapi plugin to add '/swagger.json' and '/documentation' endpoints.
- * It generates API documenation from supplied OpenAPI spec (json or yaml).
+ * It generates API documentation from supplied OpenAPI spec (json or yaml).
  *
  * options.documentPath - Full path to the OpenAPI (fka Swagger) document (JSON or YAML). Mutually exclusive to `document` option.
  * options.document     - OpenAPI document as string. Mutually exclusive to `documentPath` option.

package/src/util/hapi/plugins/headerValidation.js

@@ -6,7 +6,10 @@
 // accuracy of this statement has not been thoroughly tested.
 
 const { Factory: { createFSPIOPError }, Enums } = require('@mojaloop/central-services-error-handling')
-const { API_TYPES } = require('../../../constants')
+const RootJoi = require('joi')
+const DateExtension = require('@hapi/joi-date')
+const Joi = RootJoi.extend(DateExtension)
+const { API_TYPES, MAX_CONTENT_LENGTH } = require('../../../constants')
 const {
   checkApiType,
   parseAcceptHeader,
@@ -100,10 +103,25 @@ const plugin = {
         }
       }
 
+      const dateSchema = Joi.date().format('ddd, DD MMM YYYY HH:mm:ss [GMT]').required()
+      const dateHeader = request.headers.date
+      const { error } = dateSchema.validate(dateHeader)
+
+      if (error) {
+        throw createFSPIOPError(Enums.FSPIOPErrorCodes.MALFORMED_SYNTAX, 'Invalid date header')
+      }
+
+      if (request.headers['content-length'] > MAX_CONTENT_LENGTH) {
+        throw createFSPIOPError(
+          Enums.FSPIOPErrorCodes.TOO_LARGE_PAYLOAD, 'Payload size is too large.'
+        )
+      }
+
       // Always validate the content-type header
       if (request.headers['content-type'] === undefined) {
         throw createFSPIOPError(Enums.FSPIOPErrorCodes.MISSING_ELEMENT, errorMessages.REQUIRE_CONTENT_TYPE_HEADER)
       }
+
       const contentType = parseContentTypeHeader(resource, request.headers['content-type'], apiType)
       if (!contentType.valid) {
         throw createFSPIOPError(

package/test/unit/healthCheck/HealthCheck.test.js

@@ -26,7 +26,7 @@
 
 const Test = require('tapes')(require('tape'))
 const Sinon = require('sinon')
-const Joi = require('@hapi/joi')
+const Joi = require('joi')
 
 const HealthCheck = require('../../../src/healthCheck').HealthCheck
 

package/test/unit/util/hapi/plugins/customCurrencyCodeExtension.test.js

@@ -24,7 +24,7 @@
  ******/
 
 const Test = require('tape')
-const BaseJoi = require('@hapi/joi')
+const BaseJoi = require('joi')
 const currencyExtension = require('../../../../../src/util/hapi/plugins/customCurrencyCodeExtension')
 const Joi = BaseJoi.extend(currencyExtension)
 

package/test/unit/util/hapi/plugins/headerValidation.test.js

@@ -106,7 +106,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: '/unconfigured',
       headers: {
         accept: generateAcceptHeader(resource, [1]),
-        'content-type': generateContentTypeHeader(resource, 1)
+        'content-type': generateContentTypeHeader(resource, 1),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, 202)
@@ -119,7 +120,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       method: 'get',
       url: `/${resource}`,
       headers: {
-        'content-type': generateContentTypeHeader(resource, 1)
+        'content-type': generateContentTypeHeader(resource, 1),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, fspiopCode.httpStatusCode)
@@ -132,7 +134,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
     const opts = {
       url: `/${resource}`,
       headers: {
-        'content-type': generateContentTypeHeader(resource, 1)
+        'content-type': generateContentTypeHeader(resource, 1),
+        date: new Date().toUTCString()
       }
     }
     await Promise.all(['post', 'put'].map(async method => {
@@ -150,7 +153,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 1),
-        accept: 'hello'
+        accept: 'hello',
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, fspiopCode.httpStatusCode)
@@ -167,7 +171,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 1),
-        accept: generateAcceptHeader(resource, [5])
+        accept: generateAcceptHeader(resource, [5]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, fspiopCode.httpStatusCode)
@@ -185,7 +190,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}`,
       headers: {
         'content-type': 'application/json',
-        accept: generateAcceptHeader(resource, [1])
+        accept: generateAcceptHeader(resource, [1]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, fspiopCode.httpStatusCode)
@@ -202,7 +208,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 5),
-        accept: generateAcceptHeader(resource, [1])
+        accept: generateAcceptHeader(resource, [1]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, fspiopCode.httpStatusCode)
@@ -219,7 +226,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}/MSISDN/12346`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 1),
-        accept: generateAcceptHeader(resource, [1])
+        accept: generateAcceptHeader(resource, [1]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, 202)
@@ -233,7 +241,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}/MSISDN/12346`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 5),
-        accept: generateAcceptHeader(resource, [1])
+        accept: generateAcceptHeader(resource, [1]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.statusCode, fspiopCode.httpStatusCode)
@@ -249,7 +258,8 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 1),
-        accept: generateAcceptHeader(resource, [1])
+        accept: generateAcceptHeader(resource, [1]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.payload, '')
@@ -263,7 +273,41 @@ Test('headerValidation plugin test', async (pluginTest) => {
       url: `/${resource}`,
       headers: {
         'content-type': generateContentTypeHeader(resource, 1),
-        accept: `application/vnd.interoperability.${resource}+json`
+        accept: `application/vnd.interoperability.${resource}+json`,
+        date: new Date().toUTCString()
+      }
+    })
+    t.is(res.payload, '')
+    t.is(res.statusCode, 202)
+    t.end()
+  })
+
+  pluginTest.test('MALFORMED_SYNTAX/INVALID_DATE_HEADER', async t => {
+    const fspiopCode = ErrorHandling.Enums.FSPIOPErrorCodes.MALFORMED_SYNTAX
+    const res = await server.inject({
+      method: 'put',
+      url: `/${resource}`,
+      headers: {
+        'content-type': generateContentTypeHeader(resource, 1),
+        accept: generateAcceptHeader(resource, [1]),
+        date: 'invalid-date'
+      }
+    })
+    t.is(res.statusCode, fspiopCode.httpStatusCode)
+    const payload = JSON.parse(res.payload)
+    t.is(payload.apiErrorCode.code, fspiopCode.code)
+    t.is(payload.message, 'Invalid date header')
+    t.end()
+  })
+
+  pluginTest.test('accepts valid date header', async t => {
+    const res = await server.inject({
+      method: 'put',
+      url: `/${resource}`,
+      headers: {
+        'content-type': generateContentTypeHeader(resource, 1),
+        accept: generateAcceptHeader(resource, [1]),
+        date: new Date().toUTCString()
       }
     })
     t.is(res.payload, '')

package/test/unit/util/hapi/plugins/rawPayloadToDataUri.test.js

@@ -27,7 +27,7 @@
 const Hapi = require('@hapi/hapi')
 const Test = require('tapes')(require('tape'))
 const Sinon = require('sinon')
-const Joi = require('@hapi/joi')
+const Joi = require('joi')
 const StreamingProtocol = require('../../../../../src/util').StreamingProtocol
 
 const init = async (options) => {