Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Let Representations always have a body

Browse Source 
This is relevant when the request has a content-type
but no data.
This commit is contained in:
Joachim Van Herwegen
2021-10-11 15:21:40 +02:00
parent f1ef2ced03
commit 5613ff9e71
36 changed files with 95 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/authorization/permissions/SparqlPatchModesExtractor.ts
View File

@@ -11,9 +11,6 @@ export class SparqlPatchModesExtractor extends ModesExtractor {
if (method !== 'PATCH') {
throw new NotImplementedHttpError(`Cannot determine permissions of ${method}, only PATCH.`);
}
if (!body) {
throw new NotImplementedHttpError('Cannot determine permissions of PATCH operations without a body.');
}
if (!this.isSparql(body)) {
throw new NotImplementedHttpError('Cannot determine permissions of non-SPARQL patches.');
}

4
src/http/Operation.ts
View File

@@ -29,7 +29,7 @@ export interface Operation {
*/
permissionSet?: PermissionSet;
/**
* Optional representation of the body.
* Representation of the body and metadata headers.
*/
body?: Representation;
body: Representation;
}

2
src/http/input/body/BodyParser.ts
View File

@@ -19,4 +19,4 @@ export interface BodyParserArgs {
* Parses the body of an incoming {@link HttpRequest} and converts it to a {@link Representation}.
*/
export abstract class BodyParser extends
AsyncHandler<BodyParserArgs, Representation | undefined> {}
AsyncHandler<BodyParserArgs, Representation> {}

4
src/http/input/body/RawBodyParser.ts
View File

@@ -13,7 +13,7 @@ export class RawBodyParser extends BodyParser {
// Note that the only reason this is a union is in case the body is empty.
// If this check gets moved away from the BodyParsers this union could be removed
public async handle({ request, metadata }: BodyParserArgs): Promise<Representation | undefined> {
public async handle({ request, metadata }: BodyParserArgs): Promise<Representation> {
const {
'content-type': contentType,
'content-length': contentLength,
@@ -26,7 +26,7 @@ export class RawBodyParser extends BodyParser {
// some still provide a Content-Length of 0 (but without Content-Type).
if ((!contentLength || (/^0+$/u.test(contentLength) && !contentType)) && !transferEncoding) {
this.logger.debug('HTTP request does not have a body, or its empty body is missing a Content-Type header');
return;
return new BasicRepresentation([], metadata);
}
// While RFC7231 allows treating a body without content type as an octet stream,

1
src/http/input/body/SparqlUpdateBodyParser.ts
View File

@@ -38,6 +38,7 @@ export class SparqlUpdateBodyParser extends BodyParser {
binary: true,
data: guardedStreamFrom(sparql),
metadata,
isEmpty: false,
};
}
}

6
src/http/ldp/PatchOperationHandler.ts
View File

@@ -32,9 +32,9 @@ export class PatchOperationHandler extends OperationHandler {
// Solid, §2.1: "A Solid server MUST reject PUT, POST and PATCH requests
// without the Content-Type header with a status code of 400."
// https://solid.github.io/specification/protocol#http-server
if (!operation.body?.metadata.contentType) {
this.logger.warn('No Content-Type header specified on PATCH request');
throw new BadRequestHttpError('No Content-Type header specified on PATCH request');
if (!operation.body.metadata.contentType) {
this.logger.warn('PATCH requests require the Content-Type header to be set');
throw new BadRequestHttpError('PATCH requests require the Content-Type header to be set');
}
await this.store.modifyResource(operation.target, operation.body as Patch, operation.conditions);
return new ResetResponseDescription();

6
src/http/ldp/PostOperationHandler.ts
View File

@@ -31,9 +31,9 @@ export class PostOperationHandler extends OperationHandler {
// Solid, §2.1: "A Solid server MUST reject PUT, POST and PATCH requests
// without the Content-Type header with a status code of 400."
// https://solid.github.io/specification/protocol#http-server
if (!operation.body?.metadata.contentType) {
this.logger.warn('No Content-Type header specified on POST request');
throw new BadRequestHttpError('No Content-Type header specified on POST request');
if (!operation.body.metadata.contentType) {
this.logger.warn('POST requests require the Content-Type header to be set');
throw new BadRequestHttpError('POST requests require the Content-Type header to be set');
}
const identifier = await this.store.addResource(operation.target, operation.body, operation.conditions);
return new CreatedResponseDescription(identifier);

6
src/http/ldp/PutOperationHandler.ts
View File

@@ -31,9 +31,9 @@ export class PutOperationHandler extends OperationHandler {
// Solid, §2.1: "A Solid server MUST reject PUT, POST and PATCH requests
// without the Content-Type header with a status code of 400."
// https://solid.github.io/specification/protocol#http-server
if (!operation.body?.metadata.contentType) {
this.logger.warn('No Content-Type header specified on PUT request');
throw new BadRequestHttpError('No Content-Type header specified on PUT request');
if (!operation.body.metadata.contentType) {
this.logger.warn('PUT requests require the Content-Type header to be set');
throw new BadRequestHttpError('PUT requests require the Content-Type header to be set');
}
await this.store.setRepresentation(operation.target, operation.body, operation.conditions);
return new ResetResponseDescription();

18
src/http/representation/BasicRepresentation.ts
View File

@@ -24,6 +24,11 @@ export class BasicRepresentation implements Representation {
public readonly metadata: RepresentationMetadata;
public readonly binary: boolean;
/**
* An empty Representation
*/
public constructor();
/**
* @param data - The representation data
* @param metadata - The representation metadata
@@ -86,13 +91,15 @@ export class BasicRepresentation implements Representation {
);
public constructor(
data: Readable | any[] | string,
metadata: RepresentationMetadata | MetadataRecord | MetadataIdentifier | string,
data?: Readable | any[] | string,
metadata?: RepresentationMetadata | MetadataRecord | MetadataIdentifier | string,
metadataRest?: MetadataRecord | string | boolean,
binary?: boolean,
) {
if (typeof data === 'string' || Array.isArray(data)) {
data = guardedStreamFrom(data);
} else if (!data) {
data = guardedStreamFrom([]);
}
this.data = guardStream(data);
@@ -110,4 +117,11 @@ export class BasicRepresentation implements Representation {
}
this.binary = binary;
}
/**
* Data should only be interpreted if there is a content type.
*/
public get isEmpty(): boolean {
return !this.metadata.contentType;
}
}

6
src/http/representation/Representation.ts
View File

@@ -19,4 +19,10 @@ export interface Representation {
* (as opposed to complex objects).
*/
binary: boolean;
/**
* Whether the data stream is empty.
* This being true does not imply that the data stream has a length of more than 0,
* only that it is a possibility and should be read to be sure.
*/
isEmpty: boolean;
}

7
src/identity/IdentityProviderHttpHandler.ts
View File

@@ -3,7 +3,6 @@ import type { ErrorHandler } from '../http/output/error/ErrorHandler';
import { RedirectResponseDescription } from '../http/output/response/RedirectResponseDescription';
import { ResponseDescription } from '../http/output/response/ResponseDescription';
import { BasicRepresentation } from '../http/representation/BasicRepresentation';
import type { Representation } from '../http/representation/Representation';
import { getLoggerFor } from '../logging/LogUtil';
import type { HttpRequest } from '../server/HttpRequest';
import type { OperationHttpHandlerInput } from '../server/OperationHttpHandler';
@@ -124,10 +123,10 @@ export class IdentityProviderHttpHandler extends OperationHttpHandler {
}
// Cloning input data so it can be sent back in case of errors
let clone: Representation | undefined;
let clone = operation.body;
// IDP handlers expect JSON data
if (operation.body) {
if (!operation.body.isEmpty) {
const args = {
representation: operation.body,
preferences: { type: { [APPLICATION_JSON]: 1 }},
@@ -187,7 +186,7 @@ export class IdentityProviderHttpHandler extends OperationHttpHandler {
const details = await readJsonStream(response.data!);
// Add the input data to the JSON response;
if (operation.body) {
if (!operation.body.isEmpty) {
details.prefilled = await readJsonStream(operation.body.data);
// Don't send passwords back

2
src/identity/interaction/SessionHttpHandler.ts
View File

@@ -12,7 +12,7 @@ export class SessionHttpHandler extends InteractionHandler {
throw new NotImplementedHttpError('Only interactions with a valid session are supported.');
}
const { remember } = await readJsonStream(operation.body!.data);
const { remember } = await readJsonStream(operation.body.data);
return {
type: 'complete',
details: { webId: oidcInteraction.session.accountId, shouldRemember: Boolean(remember) },

2
src/identity/interaction/email-password/handler/ForgotPasswordHandler.ts
View File

@@ -39,7 +39,7 @@ export class ForgotPasswordHandler extends InteractionHandler {
public async handle({ operation }: InteractionHandlerInput): Promise<InteractionResponseResult<{ email: string }>> {
// Validate incoming data
const { email } = await readJsonStream(operation.body!.data);
const { email } = await readJsonStream(operation.body.data);
assert(typeof email === 'string' && email.length > 0, 'Email required');
await this.resetPassword(email);

2
src/identity/interaction/email-password/handler/LoginHandler.ts
View File

@@ -43,7 +43,7 @@ export class LoginHandler extends InteractionHandler {
*/
private async parseInput(operation: Operation): Promise<{ email: string; password: string; remember: boolean }> {
const prefilled: Record<string, string> = {};
const { email, password, remember } = await readJsonStream(operation.body!.data);
const { email, password, remember } = await readJsonStream(operation.body.data);
assert(typeof email === 'string' && email.length > 0, 'Email required');
prefilled.email = email;
assert(typeof password === 'string' && password.length > 0, 'Password required');

2
src/identity/interaction/email-password/handler/RegistrationHandler.ts
View File

@@ -19,7 +19,7 @@ export class RegistrationHandler extends InteractionHandler {
public async handle({ operation }: InteractionHandlerInput):
Promise<InteractionResponseResult<RegistrationResponse>> {
const data = await readJsonStream(operation.body!.data);
const data = await readJsonStream(operation.body.data);
const validated = this.registrationManager.validateInput(data, false);
const details = await this.registrationManager.register(validated, false);
return { type: 'response', details };

2
src/identity/interaction/email-password/handler/ResetPasswordHandler.ts
View File

@@ -24,7 +24,7 @@ export class ResetPasswordHandler extends InteractionHandler {
// Extract record ID from request URL
const recordId = /\/([^/]+)$/u.exec(operation.target.path)?.[1];
// Validate input data
const { password, confirmPassword } = await readJsonStream(operation.body!.data);
const { password, confirmPassword } = await readJsonStream(operation.body.data);
assert(
typeof recordId === 'string' && recordId.length > 0,
'Invalid request. Open the link from your email again',

2
src/init/setup/SetupHttpHandler.ts
View File

@@ -159,7 +159,7 @@ export class SetupHttpHandler extends OperationHttpHandler {
// Registration manager expects JSON data
let json: SetupInput = {};
if (operation.body) {
if (!operation.body.isEmpty) {
const args = {
representation: operation.body,
preferences: { type: { [APPLICATION_JSON]: 1 }},