Updated version mismatch middleware to handle API keys

refs https://github.com/TryGhost/Toolbox/issues/292 - The version mismatch middleware middleware is the best place where the information can be assembled for the APIVersionCompatibilityService to handle. We need API key identification information to be able to pick up the integration name when sending a notification email to the administrators
2022-05-10 16:44:18 +08:00 · 2022-05-10 16:44:18 +08:00 · 09594cb5e1
commit 09594cb5e1
parent c317069c75
3 changed files with 65 additions and 1 deletions
--- a/ghost/mw-api-version-mismatch/lib/mw-api-version-mismatch.js
+++ b/ghost/mw-api-version-mismatch/lib/mw-api-version-mismatch.js
@ -1,3 +1,5 @@
+const extractApiKey = require('@tryghost/extract-api-key');
+
 const versionMismatchHandler = (APIVersionCompatibilityService) => {
    /**
     * @param {Object} err
@ -8,11 +10,15 @@ const versionMismatchHandler = (APIVersionCompatibilityService) => {
    return async (err, req, res, next) => {
        if (err && err.errorType === 'RequestNotAcceptableError') {
            if (err.code === 'UPDATE_CLIENT') {
+                const {key, type} = extractApiKey(req);
+
                await APIVersionCompatibilityService.handleMismatch({
                    acceptVersion: req.headers['accept-version'],
                    contentVersion: `v${res.locals.safeVersion}`,
                    requestURL: req.originalUrl,
-                    userAgent: req.headers['user-agent']
+                    userAgent: req.headers['user-agent'],
+                    apiKeyValue: key,
+                    apiKeyType: type
                });
            }
        }
--- a/ghost/mw-api-version-mismatch/package.json
+++ b/ghost/mw-api-version-mismatch/package.json
@ -24,5 +24,8 @@
    "c8": "7.11.2",
    "mocha": "10.0.0",
    "sinon": "14.0.0"
+  },
+  "dependencies": {
+    "@tryghost/extract-api-key": "^0.1.0"
  }
 }
--- a/ghost/mw-api-version-mismatch/test/mw-api-version-mismatch.test.js
+++ b/ghost/mw-api-version-mismatch/test/mw-api-version-mismatch.test.js
@ -26,10 +26,65 @@ describe('mw-api-version-mismatch', function () {
            code: 'UPDATE_CLIENT'
        }), req, res, () => {
            assert.equal(APIVersionCompatibilityService.handleMismatch.called, true);
+            assert.deepEqual(Object.keys(APIVersionCompatibilityService.handleMismatch.args[0][0]), [
+                'acceptVersion',
+                'contentVersion',
+                'requestURL',
+                'userAgent',
+                'apiKeyValue',
+                'apiKeyType'
+            ], 'handleMismatch called with wrong arguments');
+
            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].acceptVersion, 'v3.28');
            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].contentVersion, 'v4.46');
            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].requestURL, '/api/admin/posts/1');
            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].userAgent, 'Zapier/2.1 GhostAdminSDK/3.28');
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyValue, null);
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyType, null);
+
+            done();
+        });
+    });
+
+    it('Does call handle mismatch when with correct API key values when identification information is in the request', function (done) {
+        const APIVersionCompatibilityService = {
+            handleMismatch: sinon.stub().resolves()
+        };
+        const req = {
+            originalUrl: '/api/admin/posts/1',
+            query: {
+                key: 'content_api_key_secret'
+            },
+            headers: {
+                'accept-version': 'v3.28',
+                'user-agent': 'Zapier/2.1 GhostAdminSDK/3.28'
+            }
+        };
+        const res = {
+            locals: {
+                safeVersion: '4.46'
+            }
+        };
+
+        versionMismatchMW(APIVersionCompatibilityService)(new errors.RequestNotAcceptableError({
+            code: 'UPDATE_CLIENT'
+        }), req, res, () => {
+            assert.equal(APIVersionCompatibilityService.handleMismatch.called, true);
+            assert.deepEqual(Object.keys(APIVersionCompatibilityService.handleMismatch.args[0][0]), [
+                'acceptVersion',
+                'contentVersion',
+                'requestURL',
+                'userAgent',
+                'apiKeyValue',
+                'apiKeyType'
+            ], 'handleMismatch called with wrong arguments');
+
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].acceptVersion, 'v3.28');
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].contentVersion, 'v4.46');
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].requestURL, '/api/admin/posts/1');
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].userAgent, 'Zapier/2.1 GhostAdminSDK/3.28');
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyValue, 'content_api_key_secret');
+            assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyType, 'content');

            done();
        });