ce0ddf93fc
This is a reworking of #3410 based on some feedback @calebcartwright left on that PR. The goals of injecting the secrets are threefold: 1. Simplify testing 2. Be consistent with all of the other config (which is injected) 3. Encapsulate the sensitive auth-related code in one place so it can be studied and tested thoroughly - Rather than add more code to BaseService to handle authorization logic, it delegates that to an AuthHelper class. - When the server starts, it fetches the credentials from `config` and injects them into `BaseService.register()` which passes them to `invoke()`. - In `invoke()` the service's auth configuration is checked (`static get auth()`, much like `static get route()`). - If the auth config is present, an AuthHelper instance is created and attached to the new instance. - Then within the service, the password, basic auth config, or bearer authentication can be accessed via e.g. `this.authHelper.basicAuth` and passed to `this._requestJson()` and friends. - Everything is being done very explicitly, so it should be very clear where and how the configured secrets are being used. - Testing different configurations of services can now be done by injecting the config into `invoke()` in `.spec` files instead of mocking global state in the service tests as was done before. See the new Jira spec files for a good example of this. Ref #3393
25 lines
492 B
JavaScript
25 lines
492 B
JavaScript
'use strict'
|
|
|
|
const nock = require('nock')
|
|
const request = require('request')
|
|
const { promisify } = require('../core/base-service/legacy-request-handler')
|
|
|
|
function cleanUpNockAfterEach() {
|
|
afterEach(function() {
|
|
nock.restore()
|
|
nock.cleanAll()
|
|
nock.enableNetConnect()
|
|
nock.activate()
|
|
})
|
|
}
|
|
|
|
const sendAndCacheRequest = promisify(request)
|
|
|
|
const defaultContext = { sendAndCacheRequest }
|
|
|
|
module.exports = {
|
|
cleanUpNockAfterEach,
|
|
sendAndCacheRequest,
|
|
defaultContext,
|
|
}
|