app.use((req: PivotRequest, res: Response, next: Function) => { res.setHeader("X-Frame-Options", "DENY"); res.setHeader("Content-Security-Policy", "frame-ancestors 'none'"); next(); });
app.use((req: Request, res: Response, next: NextFunction) => { res.status(404).send({ statusCode: 404, error: 'Route is not found' }); });
app.use((err: any, req: Request, res: Response, next: Function) => { res.status(err.status || 500); res.send(errorLayout({ version: VERSION, title: 'Error' }, err.message)); });
.catch(err =>{ this.log.error(err) res.json(err) })
getIndex2:(req:Request, res:Response)=>{ res.send('Hello world....'); //Compiles the file named "index" in the views directory (`/views`) using the view engine (Jade). },
ccHelper.emailUs(req).then(s => {res.json(s)});
.then(info =>{ res.json(info.response) })
protected can(req: Request, res: Response) { res.json(req.session.isAdmin ? true : false); }
protected current(req: Request, res: Response) { res.json(req.session.username || 'Sign In'); }
describe('express tooling', () => { const loggerMock = undefined; const createRequestMock = (scopes: String[]): Request => ({ get: (name: string) => name, $$tokeninfo: { scope: scopes } } as any as Request); const createResponseMock = (): Response => ({ sendStatus: sinon.spy((status: string) => undefined) } as any as Response); describe('requireScopesMiddleware', () => { it('should reject request with 403 if required scopes are not met', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid', 'test']); const responseMock = createResponseMock(); const requiredScopes = ['uid', 'test', 'additional']; // when requireScopesMiddleware(requiredScopes)(requestMock, responseMock, next); // then setTimeout(() => { expect(responseMock.sendStatus).to.have.been.calledWith(403); done(); }); }); it('should not call next() if required scopes are not met', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid', 'test']); const requiredScopes = ['uid', 'test', 'additional']; // when requireScopesMiddleware(requiredScopes)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.not.have.been.called; done(); }); }); it('should call #next if required scopes are met', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid', 'test']); const requiredScopes = ['uid', 'test']; // when requireScopesMiddleware(requiredScopes)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.have.been.called; done(); }); }); it('should call #next also if user has a superset of the required scopes', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid', 'test', 'additionalScope']); const requiredScopes = ['uid', 'test']; // when requireScopesMiddleware(requiredScopes)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.have.been.called; done(); }); }); it('should call #next if precedence function returns true', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid']); const requiredScopes = ['test']; const precedenceOptions = { precedenceFunction: () => { return Promise.resolve(true); } }; const options: ScopeMiddlewareOptions = { logger: loggerMock, precedenceOptions }; // when requireScopesMiddleware(requiredScopes, options)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.have.been.called; done(); }); }); it('should not call #next if precedence function returns false and scopes do not match', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid']); const requiredScopes = ['test']; const precedenceOptions = { precedenceFunction: () => { return Promise.resolve(false); } }; const options: ScopeMiddlewareOptions = { logger: loggerMock, precedenceOptions }; // when requireScopesMiddleware(requiredScopes, options)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.not.have.been.called; done(); }); }); it('should not fail if precedence function returns false and precedence error handler is undefined', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['uid']); const requiredScopes = ['uid']; const precedenceOptions = { precedenceFunction: () => { return Promise.reject(false); } } as any as PrecedenceOptions; const options: ScopeMiddlewareOptions = { logger: loggerMock, precedenceOptions }; // when requireScopesMiddleware(requiredScopes, options)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.have.been.called; done(); }); }); it('should call #next if precedence function returns false and scopes matches', (done) => { // given const next = sinon.spy(); const requestMock = createRequestMock(['test']); const requiredScopes = ['test']; const precedenceOptions = { precedenceFunction: () => { return Promise.resolve(false); } }; const options: ScopeMiddlewareOptions = { logger: loggerMock, precedenceOptions }; // when requireScopesMiddleware(requiredScopes, options)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.have.been.called; done(); }); }); it('should fallback to normal scope validation', (done) => { // if precedence function rejects // given const next = sinon.spy(); const requestMock = createRequestMock(['test']); const requiredScopes = ['test']; const precedenceOptions = { precedenceFunction: () => { return Promise.reject(false); } }; const options: ScopeMiddlewareOptions = { logger: loggerMock, precedenceOptions }; // when requireScopesMiddleware(requiredScopes, options)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.have.been.called; done(); }); }); it('should call onAuthorizationFailed handler', (done) => { // given const next = sinon.spy(); const middlewareOptions: ScopeMiddlewareOptions = { onAuthorizationFailedHandler: sinon.spy() }; const requestMock = createRequestMock(['uid', 'test']); const requiredScopes = ['uid', 'test', 'additional']; // when requireScopesMiddleware(requiredScopes, middlewareOptions)(requestMock, createResponseMock(), next); // then setTimeout(() => { // tslint:disable-next-line expect(next).to.not.have.been.called; // tslint:disable-next-line expect(middlewareOptions.onAuthorizationFailedHandler).to.have.been.called; done(); }); }); }); });