Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: 3scale/APIcast
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: c3356217afe9c2ccbe339e568b09e1b1e8f68d4d
Choose a base ref
..
head repository: 3scale/APIcast
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: d55e8d210942a9e38def5dafe70d8cd046f8729c
Choose a head ref
Showing with 9 additions and 6 deletions.
  1. +1 −0 gateway/Roverfile.lock
  2. +6 −4 gateway/src/apicast/policy/fapi/fapi.lua
  3. +2 −2 spec/policy/fapi/fapi_spec.lua
1 change: 1 addition & 0 deletions gateway/Roverfile.lock
Original file line number Diff line number Diff line change
@@ -10,6 +10,7 @@ liquid 0.2.0-2||production
lua-resty-env 0.4.0-1||production
lua-resty-execvp 0.1.1-1||production
lua-resty-http 0.17.1-0||production
lua-resty-ipmatcher 0.6.1-0||production
lua-resty-iputils 0.3.0-2||production
lua-resty-jit-uuid 0.0.7-2||production
lua-resty-jwt 0.2.0-0||production
10 changes: 6 additions & 4 deletions gateway/src/apicast/policy/fapi/fapi.lua
Original file line number Diff line number Diff line change
@@ -5,6 +5,7 @@ local _M = policy.new('Financial-grade API (FAPI) Policy', 'builtin')

local uuid = require 'resty.jit-uuid'
local ipmatcher = require "resty.ipmatcher"
local fmt = string.format

local new = _M.new
local X_FAPI_TRANSACTION_ID_HEADER = "x-fapi-transaction-id"
@@ -21,9 +22,10 @@ local function is_valid_ip(ip)
return ipmatcher.parse_ipv6(ip)
end

local function deny_request(error_msg)
ngx.status = ngx.HTTP_FORBIDDEN
ngx.say(error_msg)
local function error(status_code, msg)
ngx.status = status_code
ngx.header.content_type = 'application/json; charset=utf-8'
ngx.print(fmt('{"error": "%s"}', msg))
ngx.exit(ngx.status)
end

@@ -49,7 +51,7 @@ function _M:access()
-- if the header is a table.
if not is_valid_ip(customer_ip) then
ngx.log(ngx.WARN, "invalid x-fapi-customer-ip-address")
return deny_request("invalid request")
return error(ngx.HTTP_FORBIDDEN, "invalid_request")
end
end
end
4 changes: 2 additions & 2 deletions spec/policy/fapi/fapi_spec.lua
Original file line number Diff line number Diff line change
@@ -14,7 +14,7 @@ describe('fapi_1_baseline_profile policy', function()
stub(ngx.req, 'set_header', function(name, value) ngx_req_headers[name] = value end)
stub(ngx.resp, 'get_headers', function() return ngx_resp_headers end)
stub(ngx.resp, 'set_header', function(name, value) ngx_resp_headers[name] = value end)
stub(ngx, 'say')
stub(ngx, 'print')
stub(ngx, 'exit')
end)

@@ -74,7 +74,7 @@ describe('fapi_1_baseline_profile policy', function()
local transaction_id_policy = FAPIPolicy.new({validate_x_fapi_customer_ip_address=true})
transaction_id_policy:access()
assert.same(ngx.status, 403)
assert.stub(ngx.say).was.called_with("invalid request")
assert.stub(ngx.print).was.called_with('{"error": "invalid_request"}')
assert.stub(ngx.exit).was.called_with(403)
end)
end)