From 6b333d670923da4cdf6088b4e6b5abdb42f5375d Mon Sep 17 00:00:00 2001 From: Cristiano Aguzzi Date: Mon, 26 Feb 2024 11:43:52 +0100 Subject: [PATCH] fix(binding-http): fill security scheme when baseURI defined (#1244) * fix(binding-http): fill security scheme when baseURI defined * refactor(binding-http/http-server): move warning near fillSecurityScheme * docs(binding-http/http-server): remove outdated code comment --- packages/binding-http/src/http-server.ts | 13 ++++++------- packages/binding-http/test/http-server-test.ts | 15 +++++++++++++++ 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/packages/binding-http/src/http-server.ts b/packages/binding-http/src/http-server.ts index 0489093e9..27cfd5e34 100644 --- a/packages/binding-http/src/http-server.ts +++ b/packages/binding-http/src/http-server.ts @@ -277,6 +277,12 @@ export default class HttpServer implements ProtocolServer { debug(`HttpServer on port ${this.getPort()} exposes '${thing.title}' as unique '/${urlPath}'`); this.things.set(urlPath, thing); + if (this.scheme === "http" && Object.keys(thing.securityDefinitions).length !== 0) { + warn(`HTTP Server will attempt to use your security schemes even if you are not using HTTPS.`); + } + + this.fillSecurityScheme(thing); + if (this.baseUri !== undefined) { const base: string = this.baseUri.concat("/", encodeURIComponent(urlPath)); info("HttpServer TD hrefs using baseUri " + this.baseUri); @@ -288,14 +294,7 @@ export default class HttpServer implements ProtocolServer { this.scheme + "://" + address + ":" + this.getPort() + "/" + encodeURIComponent(urlPath); this.addEndpoint(thing, tdTemplate, base); - // media types - } // addresses - - if (this.scheme === "http" && Object.keys(thing.securityDefinitions).length !== 0) { - warn(`HTTP Server will attempt to use your security schemes even if you are not using HTTPS.`); } - - this.fillSecurityScheme(thing); } } } diff --git a/packages/binding-http/test/http-server-test.ts b/packages/binding-http/test/http-server-test.ts index d96c956cd..974cf263b 100644 --- a/packages/binding-http/test/http-server-test.ts +++ b/packages/binding-http/test/http-server-test.ts @@ -438,6 +438,21 @@ class HttpServerTest { expect(testThing.securityDefinitions.bearer).not.eql(undefined); } + @test async "should fill default security scheme even with baseURI defined"() { + const httpServer = new HttpServer({ + port: port2, + baseUri: "https://example.com", + }); + await httpServer.start(new Servient()); + const testThing = new ExposedThing(new Servient()); + testThing.title = "Test"; + httpServer.expose(testThing); + await httpServer.stop(); + + expect(testThing.securityDefinitions.nosec).to.not.eql(undefined); + expect(testThing.securityDefinitions.nosec.scheme).to.be.eql("nosec"); + } + @test async "should not accept an unsupported scheme"() { debug("START SHOULD"); const httpServer = new HttpServer({