-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathurlValidation.ts
More file actions
61 lines (50 loc) · 2.26 KB
/
urlValidation.ts
File metadata and controls
61 lines (50 loc) · 2.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
// SPDX-FileCopyrightText: 2025 Digg - Agency for Digital Government
//
// SPDX-License-Identifier: EUPL-1.2
import { Document } from '@stoplight/spectral-core';
import Parsers from '@stoplight/spectral-parsers';
import { Express } from 'express';
import { processApiSpec, validateYamlInput } from '../util/apiUtil.js';
import { UrlContentDto } from '../model/UrlContentDto.js';
import { importAndCreateRuleInstances } from '../util/ruleUtil.js';
import { ERROR_TYPE, RapLPBaseApiError } from '../util/RapLPBaseApiErrorHandling.js';
import { loadUrlValidationConfiguration } from '../util/urlValidationConfig.js';
import { RuleExecutionContext } from '../util/RuleExecutionContext.js';
export const registerUrlValidationRoutes = (app: Express, urlValidationConfigFile?: string) => {
const config = loadUrlValidationConfiguration(urlValidationConfigFile);
// Route for validating openapi yaml from url.
app.post('/api/v1/validation/url', async (req, res, next) => {
try {
const context = new RuleExecutionContext();
const dto: UrlContentDto = req.body;
if (config?.urlMatchRegex && !dto.url.match(config.urlMatchRegex)) {
throw new RapLPBaseApiError(
'Invalid Request',
'The requested address failed the allowed url pattern. Contact your administrator if you think this is a misstake.',
ERROR_TYPE.BAD_REQUEST,
);
}
const response = await fetch(dto.url, config?.customFetchConfig);
const yamlContentString = await response.text();
validateYamlInput(yamlContentString);
const apiSpecDocument = new Document(yamlContentString, Parsers.Yaml, '');
const rules = await importAndCreateRuleInstances(context, dto.categories);
const result = await processApiSpec(context,rules, apiSpecDocument);
res.send(result);
} catch (e) {
next(e);
}
});
};
// Fallback route if feature dissabled.
export const registerUrlValidationFallbackRoutes = (app: Express) => {
app.post('/api/v1/validation/url', async (req, res, next) => {
next(
new RapLPBaseApiError(
'Conflict',
'This feature is currenctly dissabled due to server configuration. Contact your administrator if you think this is a misstake.',
ERROR_TYPE.CONFLICT,
),
);
});
};