-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Clean the output when useJWT=true (#756)
Remove the apiKey from the build output when useJWT=true The apiKey needs to be removed in the templatedataformatter and in the JAMBO_INJECTED_DATA that weback puts in the bundles. J=J=SLAP-1118 TEST=manual, auto When useJWT is true, run a build and search for the apiKey and confirm that it does not appear anywhere in the build output. Test this with JAMBO_INJECTED_DATA which contains apiKeys. Smoke test the JWT integration and the standard integration. Add unit test.
- Loading branch information
Showing
4 changed files
with
112 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
const _ = require('lodash'); | ||
|
||
/** | ||
* Returns JAMBO_INJECTED_DATA with instances of the global config's apiKey removed | ||
* | ||
* @param {Object} data JAMBO_INJECTED_DATA | ||
* @returns {Object} | ||
*/ | ||
function getCleanedJamboInjectedData (data) { | ||
if (!data || !data.answers || !data.answers.experiences) { | ||
return; | ||
} | ||
const updatedData = _.cloneDeep(data); | ||
const experiences = updatedData.answers.experiences; | ||
|
||
const removeApiKeyFromConfig = config => { | ||
if ('apiKey' in config) { | ||
delete config['apiKey']; | ||
} | ||
} | ||
|
||
Object.values(experiences).forEach(config => { | ||
removeApiKeyFromConfig(config); | ||
if ('configByLabel' in config) { | ||
Object.values(config.configByLabel).forEach(removeApiKeyFromConfig); | ||
} | ||
}); | ||
return updatedData; | ||
} | ||
|
||
module.exports = getCleanedJamboInjectedData; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
import getCleanedJamboInjectedData from '../../../static/webpack/getCleanedJamboInjectedData'; | ||
|
||
describe('secures the injected data', () => { | ||
const sampleConfig = { | ||
apiKey: 999, | ||
verticals: { | ||
KM: { | ||
displayName: 'Locations', | ||
source: 'KNOWLEDGE_MANAGER' | ||
} | ||
} | ||
}; | ||
|
||
const mockInjectedData = { | ||
businessId: 999, | ||
answers: { | ||
experiences: { | ||
test_experience: { | ||
...sampleConfig, | ||
configByLabel: { | ||
PRODUCTION: sampleConfig, | ||
STAGING: sampleConfig | ||
} | ||
} | ||
} | ||
} | ||
}; | ||
|
||
it('removes instances of the apiKey', () => { | ||
const securedInjectedData = getCleanedJamboInjectedData(mockInjectedData); | ||
expect(securedInjectedData).toEqual(expect.not.objectContaining({apiKey: 999})); | ||
}); | ||
}); | ||
|