Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Foreign fields not declared in schemas should be warned in EG #619

Open
StickNitro opened this issue Jan 25, 2018 · 1 comment
Open

Foreign fields not declared in schemas should be warned in EG #619

StickNitro opened this issue Jan 25, 2018 · 1 comment

Comments

@StickNitro
Copy link

The headerPrefix doesn’t seem to be getting applied in 1.6.1, my config is:

      - headers: &common-headers
          - action:
              headerPrefix: eg-
              forwardHeaders:
                user-id: 'consumer.token.authenticatedUserId'
                last-login: 'consumer.token.createdAt’

I am getting the user-id header, however it is named user-id instead of eg-user-id as expected

See comments below from gist

Serhii Kuts @DrMegavolt 10:35
@StickNitro I’ve checked there was a fallback to headerPrefix https://github.com/ExpressGateway/express-gateway/blame/de501c6509a5256d867b5709f30bc20d6fdf8a08/lib/policies/headers/headers.js#L5
now it is removed. to make properties consistent
@XVincentX I’m curious is it possible to allow fields that are not in schema but still output a warning that field not from schema is in configuration ?

Vincenzo Chianese @XVincentX 10:39
I was exactly thinking the same.
There should be an option for sure.
@StickNitro Could you open an issue on the Gateway repository so I can track that and verify?
@XVincentX XVincentX changed the title headerPrefix not getting applied after upgrading to v1.6.1 Foreign fields should be warned in EG Jan 25, 2018
@XVincentX XVincentX changed the title Foreign fields should be warned in EG Foreign fields not declared in schemas should be warned in EG Jan 25, 2018
@XVincentX
Copy link
Member

It turns out this might not be that easy.

I've checked our schema validator (ajv) and it does not have a way to simply detect properties that are not part of the schema. It can discard them automagically, but it seems like it hasn't got any way to return "foreign" properties in a schema so we can notice the user.

Given that, we have multiple ways to handle this:

  1. Discard all foreign properties that is — if you do not declare them in the schema, you don't get it in your policy/plugin/condition. Super strict.

  2. Roll out our own mechanism to detect such properties. This might be extremely tricky given that the a JSON Schema can be pretty complicated as well as nested, circular references…I would't go in such dungeon. An idea I was having in mind: let's take the original object, give it to ajv; it will return a new version with deleted property. We could try to compare the original object with the filtered one: if we detect missing properties with regards to the original data, then there's a foreign property we can signal to the user.

I can continue to investigate (ask guys at Ajv or dig into the source code). However before going into such dungeon let's make sure we're all on the same page and eventually schedule it.

@altsang @DrMegavolt @kevinswiber

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@XVincentX @StickNitro