@@ -65,15 +65,15 @@ async function request(options, data) {
6565}
6666
6767function _validateCertificate ( req , res , next ) {
68- this . LOG . debug ( 'event broker trying to authenticate via mTLS' )
68+ this . LOG . _debug && this . LOG . debug ( 'event broker trying to authenticate via mTLS' )
6969
7070 if ( req . headers [ 'x-ssl-client-verify' ] !== '0' ) {
71- this . LOG . info ( 'cf did not validate client certificate.' )
71+ this . LOG . _debug && this . LOG . debug ( 'cf did not validate client certificate.' )
7272 return res . status ( 401 ) . json ( { message : 'Unauthorized' } )
7373 }
7474
7575 if ( ! req . headers [ 'x-forwarded-client-cert' ] ) {
76- this . LOG . info ( 'no certificate in xfcc header.' )
76+ this . LOG . _debug && this . LOG . debug ( 'no certificate in xfcc header.' )
7777 return res . status ( 401 ) . json ( { message : 'Unauthorized' } )
7878 }
7979
@@ -90,34 +90,34 @@ function _validateCertificate(req, res, next) {
9090 this . auth . validationCert . subject . CN !== clientCert . subject . CN ||
9191 this . auth . validationCert . subject . CN !== cfSubject
9292 ) {
93- this . LOG . info ( 'certificate subject does not match' )
93+ this . LOG . _debug && this . LOG . debug ( 'certificate subject does not match' )
9494 return res . status ( 401 ) . json ( { message : 'Unauthorized' } )
9595 }
96- this . LOG . debug ( 'incoming Subject CN is valid.' )
96+ this . LOG . _debug && this . LOG . debug ( 'incoming Subject CN is valid.' )
9797
9898 if ( this . auth . validationCert . issuer . CN !== clientCert . issuer . CN ) {
99- this . LOG . info ( 'Certificate issuer subject does not match' )
99+ this . LOG . _debug && this . LOG . debug ( 'Certificate issuer subject does not match' )
100100 return res . status ( 401 ) . json ( { message : 'Unauthorized' } )
101101 }
102- this . LOG . debug ( 'incoming issuer subject CN is valid.' )
102+ this . LOG . _debug && this . LOG . debug ( 'incoming issuer subject CN is valid.' )
103103
104104 if ( this . auth . validationCert . issuer . O !== clientCert . issuer . O ) {
105- this . LOG . info ( 'Certificate issuer org does not match' )
105+ this . LOG . _debug && this . LOG . debug ( 'Certificate issuer org does not match' )
106106 return res . status ( 401 ) . json ( { message : 'Unauthorized' } )
107107 }
108- this . LOG . debug ( 'incoming Issuer Org is valid.' )
108+ this . LOG . _debug && this . LOG . debug ( 'incoming Issuer Org is valid.' )
109109
110110 if ( this . auth . validationCert . issuer . OU !== clientCert . issuer . OU ) {
111- this . LOG . info ( 'certificate issuer OU does not match' )
111+ this . LOG . _debug && this . LOG . debug ( 'certificate issuer OU does not match' )
112112 return res . status ( 401 ) . json ( { message : 'Unauthorized' } )
113113 }
114- this . LOG . debug ( 'certificate issuer OU is valid.' )
114+ this . LOG . _debug && this . LOG . debug ( 'certificate issuer OU is valid.' )
115115
116116 const valid_from = new Date ( clientCert . valid_from )
117117 const valid_to = new Date ( clientCert . valid_to )
118118 const now = new Date ( Date . now ( ) )
119119 if ( valid_from <= now && valid_to >= now ) {
120- this . LOG . debug ( 'certificate validation completed' )
120+ this . LOG . _debug && this . LOG . debug ( 'certificate validation completed' )
121121 next ( )
122122 } else {
123123 this . LOG . error ( 'Certificate expired' )
@@ -249,15 +249,13 @@ class EventBroker extends cds.MessagingService {
249249 } ,
250250 agent : this . agent
251251 }
252- if ( this . LOG . _debug ) {
253- this . LOG . debug ( 'HTTP headers:' , JSON . stringify ( options . headers ) )
254- this . LOG . debug ( 'HTTP body:' , JSON . stringify ( msg . data ) )
255- }
252+ this . LOG . _debug && this . LOG . debug ( 'HTTP headers:' , JSON . stringify ( options . headers ) )
253+ this . LOG . _debug && this . LOG . debug ( 'HTTP body:' , JSON . stringify ( msg . data ) )
256254 // what about headers?
257255 // TODO: Clarify if we should send `{ data, ...headers }` vs. `data` + HTTP headers (`ce-*`)
258256 // Disadvantage with `data` + HTTP headers is that they're case insensitive -> information loss, but they're 'closer' to the cloudevents standard
259257 await request ( options , { data : msg . data , ...headers } ) // TODO: fetch does not work with mTLS as of today, requires another module. see https://github.com/nodejs/node/issues/48977
260- if ( this . LOG . _info ) this . LOG . info ( 'Emit' , { topic : msg . event } )
258+ this . LOG . info ( 'Emit' , { topic : msg . event } )
261259 } catch ( e ) {
262260 this . LOG . error ( 'Emit failed:' , e . message )
263261 throw e
@@ -340,7 +338,7 @@ class EventBroker extends cds.MessagingService {
340338 if ( msg . tenant ) context . tenant = msg . tenant
341339
342340 await this . tx ( context , tx => tx . emit ( msg ) )
343- this . LOG . debug ( 'Event processed successfully.' )
341+ this . LOG . _debug && this . LOG . debug ( 'Event processed successfully.' )
344342 return res . status ( 200 ) . json ( { message : 'OK' } )
345343 } catch ( e ) {
346344 this . LOG . error ( 'ERROR during inbound event processing:' , e )
0 commit comments