mirror of
https://github.com/directus/directus.git
synced 2026-01-26 20:48:04 -05:00
17afb9a3bc
* Update `@directus/api` deps (minor)
@aws-sdk/client-ses 3.292.0 → 3.316.0
@godaddy/terminus 4.11.2 → 4.12.0
@rollup/plugin-alias 4.0.3 → 4.0.4
@rollup/plugin-node-resolve 15.0.1 → 15.0.2
@types/node 18.15.3 → 18.15.11
@vitest/coverage-c8 0.29.3 → 0.30.1
axios 1.3.4 → 1.3.6
fs-extra 11.1.0 → 11.1.1
helmet 6.0.1 → 6.1.5
ioredis 5.3.1 → 5.3.2
joi 17.8.4 → 17.9.1
liquidjs 10.6.1 → 10.7.0
marked 4.2.12 → 4.3.0
nanoid 3.3.4 → 3.3.6
rollup 3.19.1 → 3.20.6
sharp 0.31.3 → 0.32.0
vitest 0.29.3 → 0.30.1
vm2 3.9.16 → 3.9.17
* Update `@directus/api` deps (major)
@rollup/plugin-alias 4.0.4 → 5.0.0
@types/inquirer 8.2.6 → 9.0.3
@types/node 18.15.11 → 18.15.12
camelcase 6.3.0 → 7.0.1
chalk 4.1.2 → 5.2.0
commander 9.5.0 → 10.0.1
execa 5.1.1 → 7.1.1
icc 2.0.0 → 3.0.0
inquirer 8.2.5 → 9.1.5
~ldapjs 2.3.3 → 3.0.2~
nanoid 3.3.6 → 4.0.2
~openapi3-ts 3.2.0 → 4.1.1~
ora 5.4.1 → 6.3.0
strip-bom-stream 4.0.0 → 5.0.0
tedious 15.1.3 → 16.0.0
typescript 4.9.5 → 5.0.4
* Update `@directus/app` deps
@babel/core 7.21.3 → 7.21.4
@babel/preset-env 7.20.2 → 7.21.4
@fortawesome/fontawesome-svg-core 6.3.0 → 6.4.0
@fortawesome/free-brands-svg-icons 6.3.0 → 6.4.0
@fullcalendar/core 6.1.4 → 6.1.5
@fullcalendar/daygrid 6.1.4 → 6.1.5
@fullcalendar/interaction 6.1.4 → 6.1.5
@fullcalendar/list 6.1.4 → 6.1.5
@fullcalendar/timegrid 6.1.4 → 6.1.5
@pinia/testing 0.0.15 → 0.0.16
@popperjs/core 2.11.6 → 2.11.7
@storybook/addon-actions 7.0.0-rc.4 → 7.0.6
@storybook/addon-backgrounds 7.0.0-rc.4 → 7.0.6
@storybook/addon-docs 7.0.0-rc.4 → 7.0.6
@storybook/addon-essentials 7.0.0-rc.4 → 7.0.6
@storybook/addon-links 7.0.0-rc.4 → 7.0.6
@storybook/addon-mdx-gfm 7.0.0-rc.4 → 7.0.6
@storybook/addon-measure 7.0.0-rc.4 → 7.0.6
@storybook/addon-outline 7.0.0-rc.4 → 7.0.6
@storybook/client-api 7.0.0-rc.4 → 7.0.6
@storybook/client-logger 7.0.0-rc.4 → 7.0.6
@storybook/vue3 7.0.0-rc.4 → 7.0.6
@storybook/vue3-vite 7.0.0-rc.4 → 7.0.6
@types/diff 5.0.2 → 5.0.3
@types/dompurify 3.0.0 → 3.0.2
@types/lodash 4.14.191 → 4.14.194
@vitejs/plugin-vue 4.0.0 → 4.1.0
@vue/test-utils 2.3.1 → 2.3.2
apexcharts 3.37.1 → 3.39.0
axios 1.3.4 → 1.3.6
dompurify 3.0.1 → 3.0.2
happy-dom 8.9.0 → 9.8.4
marked 4.2.12 → 4.3.0
nanoid 4.0.1 → 4.0.2
pinia 2.0.33 → 2.0.34
sass 1.59.3 → 1.62.0
storybook 7.0.0-rc.4 → 7.0.6
typescript 4.9.5 → 5.0.4
vite 4.1.4 → 4.2.2
vitest 0.29.3 → 0.30.1
webpack 5.76.2 → 5.80.0
* Update root deps
* Update `@directus/composables` deps
* Update `@directus/constant` deps
* Update `create-directus-extension` deps
* Update `@directus/exceptions` deps
* tsconfig workaround: ignoreDeprecations
* Update `@directus/extensions-sdk` deps
* Update `@directus/schema` deps
* Update `@directus/storage` deps
* Update `@directus/storage-driver-azure` deps
* Update `@directus/storage-driver-cloudinary` deps
* Update `@directus/storage-driver-gcs` deps
* Update `@directus/storage-driver-local` deps
* Update `@directus/storage-driver-s3` deps
* Update `@directus/types` deps
* Update `@directus/update-check` deps
* Update `@directus/utils` deps
* tsconfig workaround in schema: ignoreDeprecations
* tsconfig workaround in remaining packages: ignoreDeprecations
* Update `tests-blackbox` deps
* Revert "tsconfig workaround: ignoreDeprecations"
This reverts commit 5d97da55e3.
* Revert tsconfig override
* Update tsconfig
* Fix imports in @directus/utils
* Fix imports in composables
* Fix imports in extensions-sdk
* Fix imports in @directus/api
* Move RateLimiterAbstract to types import as well
* Bump pnpm to 8.3.1
* Update `docs` deps
> [...] the @vueuse/head package will be deprecated. If you're setting up this package on a new project, you should use the @unhead/vue package directly [...]
* Remove obselete dep `concurrently` from extensions-sdk
Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
* New day, new updates
Also forgot to include minor updates of deps in `tests-blackbox` in previous
commit
* Fix `api` tests
---------
Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
Co-authored-by: Azri Kahar <42867097+azrikahar@users.noreply.github.com>
152 lines
3.5 KiB
TypeScript
152 lines
3.5 KiB
TypeScript
import { Writable } from 'node:stream';
|
|
import { pino } from 'pino';
|
|
import { afterEach, beforeEach, describe, expect, test, vi } from 'vitest';
|
|
import { REDACT_TEXT } from './constants.js';
|
|
|
|
const REFRESH_TOKEN_COOKIE_NAME = 'directus_refresh_token';
|
|
|
|
vi.doMock('./env', async () => {
|
|
const MOCK_ENV = {
|
|
AUTH_PROVIDERS: 'ranger,monospace',
|
|
AUTH_RANGER_DRIVER: 'oauth2',
|
|
AUTH_MONOSPACE_DRIVER: 'openid',
|
|
REFRESH_TOKEN_COOKIE_NAME,
|
|
LOG_LEVEL: 'info',
|
|
LOG_STYLE: 'raw',
|
|
};
|
|
|
|
return {
|
|
default: MOCK_ENV,
|
|
getEnv: () => MOCK_ENV,
|
|
};
|
|
});
|
|
|
|
const { httpLoggerOptions } = await import('./logger.js');
|
|
|
|
const logOutput = vi.fn();
|
|
|
|
let stream: Writable;
|
|
|
|
beforeEach(() => {
|
|
stream = new Writable({
|
|
write(chunk) {
|
|
logOutput(JSON.parse(chunk.toString()));
|
|
},
|
|
});
|
|
});
|
|
|
|
afterEach(() => {
|
|
vi.clearAllMocks();
|
|
});
|
|
|
|
describe('req.headers.authorization', () => {
|
|
test('Should redact bearer token in Authorization header', () => {
|
|
const instance = pino(httpLoggerOptions, stream);
|
|
|
|
instance.info({
|
|
req: {
|
|
headers: {
|
|
authorization: `Bearer test-access-token-value`,
|
|
},
|
|
},
|
|
});
|
|
|
|
expect(logOutput.mock.calls[0][0]).toMatchObject({
|
|
req: {
|
|
headers: {
|
|
authorization: REDACT_TEXT,
|
|
},
|
|
},
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('req.headers.cookie', () => {
|
|
test('Should redact refresh token when there is only one entry', () => {
|
|
const instance = pino(httpLoggerOptions, stream);
|
|
|
|
instance.info({
|
|
req: {
|
|
headers: {
|
|
cookie: `${REFRESH_TOKEN_COOKIE_NAME}=test-refresh-token-value`,
|
|
},
|
|
},
|
|
});
|
|
|
|
expect(logOutput.mock.calls[0][0]).toMatchObject({
|
|
req: {
|
|
headers: {
|
|
cookie: REDACT_TEXT,
|
|
},
|
|
},
|
|
});
|
|
});
|
|
|
|
test('Should redact refresh token with multiple entries', () => {
|
|
const instance = pino(httpLoggerOptions, stream);
|
|
|
|
instance.info({
|
|
req: {
|
|
headers: {
|
|
cookie: `custom_test_cookie=custom_test_value; access_token=test-access-token-value; oauth2.ranger=test-oauth2-value; openid.monospace=test-openid-value; ${REFRESH_TOKEN_COOKIE_NAME}=test-refresh-token-value`,
|
|
},
|
|
},
|
|
});
|
|
|
|
expect(logOutput.mock.calls[0][0]).toMatchObject({
|
|
req: {
|
|
headers: {
|
|
cookie: REDACT_TEXT,
|
|
},
|
|
},
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('res.headers', () => {
|
|
test('Should redact refresh token when there is only one entry', () => {
|
|
const instance = pino(httpLoggerOptions, stream);
|
|
|
|
instance.info({
|
|
res: {
|
|
headers: {
|
|
'set-cookie': `${REFRESH_TOKEN_COOKIE_NAME}=test-refresh-token-value; Max-Age=604800; Path=/; Expires=Tue, 14 Feb 2023 12:00:00 GMT; HttpOnly; SameSite=Lax`,
|
|
},
|
|
},
|
|
});
|
|
|
|
expect(logOutput.mock.calls[0][0]).toMatchObject({
|
|
res: {
|
|
headers: {
|
|
'set-cookie': REDACT_TEXT,
|
|
},
|
|
},
|
|
});
|
|
});
|
|
|
|
test('Should redact refresh token with multiple entries', () => {
|
|
const instance = pino(httpLoggerOptions, stream);
|
|
|
|
instance.info({
|
|
res: {
|
|
headers: {
|
|
'set-cookie': [
|
|
`access_token=test-access-token-value; Max-Age=604800; Path=/; Expires=Tue, 14 Feb 2023 12:00:00 GMT; HttpOnly; SameSite=Lax`,
|
|
`oauth2.ranger=test-oauth2-value; Max-Age=604800; Path=/; Expires=Tue, 14 Feb 2023 12:00:00 GMT; HttpOnly; SameSite=Lax`,
|
|
`openid.monospace=test-openid-value; Max-Age=604800; Path=/; Expires=Tue, 14 Feb 2023 12:00:00 GMT; HttpOnly; SameSite=Lax`,
|
|
`${REFRESH_TOKEN_COOKIE_NAME}=test-refresh-token-value; Max-Age=604800; Path=/; Expires=Tue, 14 Feb 2023 12:00:00 GMT; HttpOnly; SameSite=Lax`,
|
|
],
|
|
},
|
|
},
|
|
});
|
|
|
|
expect(logOutput.mock.calls[0][0]).toMatchObject({
|
|
res: {
|
|
headers: {
|
|
'set-cookie': REDACT_TEXT,
|
|
},
|
|
},
|
|
});
|
|
});
|
|
});
|