@onlineapps/conn-orch-api-mapper 1.0.27 → 1.0.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/ApiMapper.js +39 -9
package/package.json
CHANGED
package/src/ApiMapper.js
CHANGED
|
@@ -560,6 +560,9 @@ class ApiMapper {
|
|
|
560
560
|
operations[operationId] = {
|
|
561
561
|
method: (operation.method || 'POST').toUpperCase(),
|
|
562
562
|
path: operation.endpoint || `/${operationId}`,
|
|
563
|
+
// Static headers from operations.json (e.g. x-validation-request).
|
|
564
|
+
// NOTE: account-id is controlled by workflow context (_system.account_id) and must not be overridden here.
|
|
565
|
+
headers: operation.headers || null,
|
|
563
566
|
// Store original operations.json input schema for type-driven descriptor handling
|
|
564
567
|
input: operation.input || null,
|
|
565
568
|
parameters: operation.input ? this._convertOperationsJsonInputToOpenApi(operation.input) : [],
|
|
@@ -696,6 +699,27 @@ class ApiMapper {
|
|
|
696
699
|
data: null
|
|
697
700
|
};
|
|
698
701
|
|
|
702
|
+
// operations.json static headers (if present)
|
|
703
|
+
if (operation && operation.headers && typeof operation.headers === 'object') {
|
|
704
|
+
Object.entries(operation.headers).forEach(([k, v]) => {
|
|
705
|
+
if (!k) return;
|
|
706
|
+
// Never allow operation-level config to override tenant header
|
|
707
|
+
if (String(k).toLowerCase() === 'account-id') return;
|
|
708
|
+
|
|
709
|
+
// Optional: allow ${context.path} variable resolution (no env side-effects here).
|
|
710
|
+
if (typeof v === 'string' && v.startsWith('${') && v.endsWith('}')) {
|
|
711
|
+
const path = v.slice(2, -1);
|
|
712
|
+
const resolved = this._getValueFromPath(context, path);
|
|
713
|
+
if (resolved !== undefined) {
|
|
714
|
+
request.headers[k] = resolved;
|
|
715
|
+
}
|
|
716
|
+
return;
|
|
717
|
+
}
|
|
718
|
+
|
|
719
|
+
request.headers[k] = v;
|
|
720
|
+
});
|
|
721
|
+
}
|
|
722
|
+
|
|
699
723
|
// Process path parameters
|
|
700
724
|
operation.parameters.forEach(param => {
|
|
701
725
|
const value = input[param.name];
|
|
@@ -738,17 +762,23 @@ class ApiMapper {
|
|
|
738
762
|
}
|
|
739
763
|
|
|
740
764
|
// Multitenancy: propagate account context from workflow _system into HTTP header.
|
|
741
|
-
//
|
|
742
|
-
//
|
|
765
|
+
// FAIL-FAST: _system.account_id is REQUIRED for all workflow requests.
|
|
766
|
+
// Gateway sets this, so missing value indicates configuration error.
|
|
743
767
|
const sys = context && typeof context === 'object' ? context._system : null;
|
|
744
|
-
if (sys
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
|
|
768
|
+
if (!sys || !Object.prototype.hasOwnProperty.call(sys, 'account_id')) {
|
|
769
|
+
throw new Error(
|
|
770
|
+
'[ApiMapper][AccountContext] Missing account context - Expected context._system.account_id. ' +
|
|
771
|
+
'Fix: Gateway must set _system.account_id from account-id header.'
|
|
772
|
+
);
|
|
773
|
+
}
|
|
774
|
+
const accountId = Number.parseInt(String(sys.account_id), 10);
|
|
775
|
+
if (!Number.isInteger(accountId) || accountId <= 0) {
|
|
776
|
+
throw new Error(
|
|
777
|
+
`[ApiMapper][AccountContext] Invalid account context - Expected context._system.account_id to be a positive integer, got: ${sys.account_id}`
|
|
778
|
+
);
|
|
751
779
|
}
|
|
780
|
+
// Do not allow step input to override tenant header
|
|
781
|
+
request.headers['account-id'] = String(accountId);
|
|
752
782
|
|
|
753
783
|
return request;
|
|
754
784
|
}
|