@mojaloop/central-services-shared 18.35.0-snapshot.2 → 18.35.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
|
4
4
|
|
|
5
|
+
## [18.35.0](https://github.com/mojaloop/central-services-shared/compare/v18.34.6...v18.35.0) (2026-01-22)
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
### Features
|
|
9
|
+
|
|
10
|
+
* **csi-2030:** added validateSourceHeader feature ([#499](https://github.com/mojaloop/central-services-shared/issues/499)) ([27ecf64](https://github.com/mojaloop/central-services-shared/commit/27ecf643136e6639320f24e0ba578e7b28f15bd0))
|
|
11
|
+
|
|
5
12
|
### [18.34.6](https://github.com/mojaloop/central-services-shared/compare/v18.34.5...v18.34.6) (2026-01-13)
|
|
6
13
|
|
|
7
14
|
|
package/package.json
CHANGED
package/src/constants.js
CHANGED
|
@@ -5,6 +5,8 @@ const API_TYPES = Object.freeze({
|
|
|
5
5
|
|
|
6
6
|
const ISO_HEADER_PART = 'iso20022'
|
|
7
7
|
|
|
8
|
+
const CLIENT_ID_HEADER = 'x-client-id'
|
|
9
|
+
|
|
8
10
|
const REDIS_SUCCESS = 'OK'
|
|
9
11
|
const REDIS_IS_CONNECTED_STATUSES = ['connect', 'ready']
|
|
10
12
|
|
|
@@ -21,6 +23,7 @@ const errorMessages = {
|
|
|
21
23
|
module.exports = {
|
|
22
24
|
API_TYPES,
|
|
23
25
|
ISO_HEADER_PART,
|
|
26
|
+
CLIENT_ID_HEADER,
|
|
24
27
|
REDIS_SUCCESS,
|
|
25
28
|
REDIS_IS_CONNECTED_STATUSES,
|
|
26
29
|
errorMessages
|
|
@@ -9,7 +9,7 @@ const { env } = require('node:process')
|
|
|
9
9
|
const { Factory: { createFSPIOPError }, Enums } = require('@mojaloop/central-services-error-handling')
|
|
10
10
|
const RootJoi = require('joi')
|
|
11
11
|
const DateExtension = require('@hapi/joi-date')
|
|
12
|
-
const { API_TYPES, MAX_CONTENT_LENGTH, errorMessages } = require('../../../constants')
|
|
12
|
+
const { API_TYPES, MAX_CONTENT_LENGTH, CLIENT_ID_HEADER, errorMessages } = require('../../../constants')
|
|
13
13
|
const { Headers } = require('../../../enums/http')
|
|
14
14
|
const { logger } = require('../../../logger')
|
|
15
15
|
const {
|
|
@@ -20,7 +20,7 @@ const {
|
|
|
20
20
|
convertSupportedVersionToExtensionList
|
|
21
21
|
} = require('../../headerValidation')
|
|
22
22
|
|
|
23
|
-
const NEED_SOURCE_VALIDATION = env.
|
|
23
|
+
const NEED_SOURCE_VALIDATION = (env.ENABLED_SOURCE_HEADER_VALIDATION ?? 'true') === 'true'
|
|
24
24
|
|
|
25
25
|
// Some defaults
|
|
26
26
|
|
|
@@ -150,11 +150,11 @@ const plugin = {
|
|
|
150
150
|
/* istanbul ignore next */
|
|
151
151
|
const validateSourceHeader = (headers = {}) => {
|
|
152
152
|
const source = headers[Headers.FSPIOP.SOURCE]
|
|
153
|
-
const clientId = headers[
|
|
153
|
+
const clientId = headers[CLIENT_ID_HEADER]
|
|
154
154
|
// x-client-id is added by oathkeeper during processing request from DFSP to hub extapi
|
|
155
155
|
|
|
156
|
-
if (!clientId) {
|
|
157
|
-
logger.
|
|
156
|
+
if (!clientId) { // internal service-to-service calls
|
|
157
|
+
logger.info('No x-client-id header found, skip source-header validation', { source })
|
|
158
158
|
return
|
|
159
159
|
}
|
|
160
160
|
|
|
@@ -167,7 +167,6 @@ const validateSourceHeader = (headers = {}) => {
|
|
|
167
167
|
|
|
168
168
|
module.exports = {
|
|
169
169
|
plugin,
|
|
170
|
-
errorMessages,
|
|
171
170
|
defaultProtocolResources,
|
|
172
171
|
defaultProtocolVersions
|
|
173
172
|
}
|
|
@@ -32,16 +32,16 @@ const Test = require('tapes')(require('tape'))
|
|
|
32
32
|
const Sinon = require('sinon')
|
|
33
33
|
const Hapi = require('@hapi/hapi')
|
|
34
34
|
const ErrorHandling = require('@mojaloop/central-services-error-handling')
|
|
35
|
-
|
|
36
|
-
const {
|
|
37
|
-
const {
|
|
35
|
+
|
|
36
|
+
const { plugin } = require('#src/util/hapi/plugins/headerValidation')
|
|
37
|
+
const { protocolVersionsMap } = require('#src/util/headerValidation/index')
|
|
38
|
+
const { CLIENT_ID_HEADER, errorMessages } = require('#src/constants')
|
|
39
|
+
const { defaultHeaders, tryCatchEndTest } = require('#test/util/helper')
|
|
38
40
|
const {
|
|
39
41
|
generateAcceptHeader,
|
|
40
42
|
generateContentTypeHeader
|
|
41
43
|
} = require('../../headerValidation/support')
|
|
42
44
|
|
|
43
|
-
const { defaultHeaders, tryCatchEndTest } = require('#test/util/helper')
|
|
44
|
-
|
|
45
45
|
const resource = 'participants'
|
|
46
46
|
|
|
47
47
|
const init = async (needSourceValidation = false) => {
|
|
@@ -99,7 +99,7 @@ const headersDto = ({
|
|
|
99
99
|
xClientId = source
|
|
100
100
|
} = {}) => ({
|
|
101
101
|
...defaultHeaders(destination, resource, source),
|
|
102
|
-
...(xClientId && {
|
|
102
|
+
...(xClientId && { [CLIENT_ID_HEADER]: xClientId }),
|
|
103
103
|
date: new Date().toUTCString()
|
|
104
104
|
})
|
|
105
105
|
|
|
@@ -369,18 +369,18 @@ Test('headerValidation plugin test', async (pluginTest) => {
|
|
|
369
369
|
const { statusCode } = await testServer.inject({
|
|
370
370
|
method: 'get',
|
|
371
371
|
url: `/${resource}`,
|
|
372
|
-
headers: headersDto({ xClientId:
|
|
372
|
+
headers: headersDto({ xClientId: null, source: 'source' })
|
|
373
373
|
})
|
|
374
374
|
t.is(statusCode, 202)
|
|
375
375
|
}))
|
|
376
376
|
|
|
377
377
|
sourceTests.test('should pass validation if xClientId equals source-header', tryCatchEndTest(async t => {
|
|
378
|
-
const
|
|
378
|
+
const dfspId = 'dfsp1'
|
|
379
379
|
|
|
380
380
|
const { statusCode } = await testServer.inject({
|
|
381
381
|
method: 'get',
|
|
382
382
|
url: `/${resource}`,
|
|
383
|
-
headers: headersDto({ xClientId:
|
|
383
|
+
headers: headersDto({ xClientId: dfspId, source: dfspId })
|
|
384
384
|
})
|
|
385
385
|
t.is(statusCode, 202)
|
|
386
386
|
}))
|