Add openhab server uuid validation (#443)

Signed-off-by: jsetton <jeremy.setton@gmail.com>
openhab · Dec 13, 2021 · 52e6b88 · 52e6b88
1 parent a59e1eb
commit 52e6b88
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/lambda/openhab/index.js b/lambda/openhab/index.js
@@ -15,6 +15,7 @@ const fs = require('fs');
 const request = require('request-promise-native');
 const Agent = require('agentkeepalive');
 const { sprintf } = require('sprintf-js');
+const { validate: uuidValidate } = require('uuid');
 
 /**
  * Defines openHAB class
@@ -80,7 +81,7 @@ class OpenHAB {
     const [properties, uuid] = await Promise.all([this.getRootResource(), this.getUUID().catch(() => undefined)]);
     const { locale, measurementSystem, runtimeInfo, version } = properties || {};
     const apiVersion = parseFloat(version);
-    const settings = { regional: {}, runtime: { ...(uuid && { uuid }) } };
+    const settings = { regional: {}, runtime: { ...(uuidValidate(uuid) && { uuid }) } };
 
     if (apiVersion >= 4) {
       // Use root resource properties for OH 3.0 and later [API Version >= 4]

diff --git a/lambda/test/openhab.test.js b/lambda/test/openhab.test.js
@@ -328,6 +328,23 @@ describe('OpenHAB Tests', () => {
       expect(nock.isDone()).to.be.true;
     });
 
+    it('oh3.x with invalid uuid', async () => {
+      // set environment
+      nock(baseURL)
+        // root resource
+        .get('/rest/')
+        .reply(200, { version: '4', locale, measurementSystem, runtimeInfo: { version: '3.0.0' } })
+        // uuid
+        .get('/rest/uuid')
+        .reply(200, 'invalid');
+      // run test
+      expect(await openhab.getServerSettings()).to.deep.equal({
+        regional: { language, measurementSystem, region },
+        runtime: { version: '3.0.0' }
+      });
+      expect(nock.isDone()).to.be.true;
+    });
+
     it('oh3.x with unauthorized uuid', async () => {
       // set environment
       nock(baseURL)