Skip to content

Commit

Permalink
Merge pull request #775 from splitio/fix_sdk_key_validation
Browse files Browse the repository at this point in the history
Update SDK key validation in NodeJS
  • Loading branch information
EmilianoSanchez authored Nov 3, 2023
2 parents d13fdcc + bbad0a4 commit f9728ca
Show file tree
Hide file tree
Showing 5 changed files with 77 additions and 14 deletions.
1 change: 1 addition & 0 deletions CHANGES.txt
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
- Updated the following SDK manager methods to expose flag sets on flag views.
- Added `defaultTreatment` property to the `SplitView` object returned by the `split` and `splits` methods of the SDK manager (Related to issue https://github.com/splitio/javascript-commons/issues/225).
- Updated @splitsoftware/splitio-commons package to version 1.11.0 that includes vulnerability fixes, and adds the `defaultTreatment` property to the `SplitView` object.
- Bugfixing - Fixed SDK key validation in NodeJS to ensure the SDK_READY_TIMED_OUT event is emitted when a client-side type SDK key is provided instead of a server-side one (Related to issue https://github.com/splitio/javascript-client/issues/768).

10.23.1 (September 22, 2023)
- Updated @splitsoftware/splitio-commons package to version 1.9.1. This update removes the handler for 'unload' DOM events, that can prevent browsers from being able to put pages in the back/forward cache for faster back and forward loads (Related to issue https://github.com/splitio/javascript-client/issues/759).
Expand Down
26 changes: 13 additions & 13 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
"node": ">=6"
},
"dependencies": {
"@splitsoftware/splitio-commons": "1.10.1-rc.3",
"@splitsoftware/splitio-commons": "1.10.1-rc.4",
"@types/google.analytics": "0.0.40",
"@types/ioredis": "^4.28.0",
"bloom-filters": "^3.0.0",
Expand Down
58 changes: 58 additions & 0 deletions src/__tests__/nodeSuites/readiness.spec.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
import { SplitFactory } from '../../';

import splitChangesMock1 from '../mocks/splitchanges.since.-1.json';
import splitChangesMock2 from '../mocks/splitchanges.since.1457552620999.json';

const readyTimeout = 0.1;

const baseConfig = {
core: {
authorizationKey: '<fake-token>',
},
startup: {
readyTimeout,
},
streamingEnabled: false
};

export default function (fetchMock, assert) {

assert.test(t => { // Timeout test: we provide a client-side SDK key on server-side (403 error)
const testUrls = {
sdk: 'https://sdk.baseurl/readinessSuite1',
events: 'https://events.baseurl/readinessSuite1'
};

fetchMock.getOnce(testUrls.sdk + '/splitChanges?since=-1', { status: 200, body: splitChangesMock1 });
fetchMock.getOnce(testUrls.sdk + '/splitChanges?since=1457552620999', { status: 200, body: splitChangesMock2 });
fetchMock.get(new RegExp(testUrls.sdk + '/segmentChanges/*'), 403);
fetchMock.postOnce(testUrls.events + '/events/bulk', 200);

const splitio = SplitFactory({
...baseConfig, urls: testUrls
});
const client = splitio.client();

t.true(client.track('some_key', 'some_tt', 'some_event_type'), 'since client is not destroyed, client.track returns true');

client.once(client.Event.SDK_READY, () => {
t.fail('### IS READY - NOT TIMED OUT when it should.');
t.end();
});
client.once(client.Event.SDK_READY_TIMED_OUT, async () => {
t.pass('### SDK TIMED OUT - SegmentChanges requests with client-side SDK key should fail with 403. Timed out.');

t.false(client.track('some_key', 'some_tt', 'some_event_type'), 'since client is flagged as destroyed, client.track returns false');
t.equal(client.getTreatment('hierarchical_splits_test'), 'control', 'since client is flagged as destroyed, client.getTreatment returns control');

// ready promise should reject
try {
await client.ready();
} catch (e) {
await client.destroy();
t.end();
}
});
});

}
4 changes: 4 additions & 0 deletions src/__tests__/online/node.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import expectedTreatmentsSuite from '../nodeSuites/expected-treatments.spec';
import managerSuite from '../nodeSuites/manager.spec';
import ipAddressesSetting from '../nodeSuites/ip-addresses-setting.spec';
import ipAddressesSettingDebug from '../nodeSuites/ip-addresses-setting.debug.spec';
import readinessSuite from '../nodeSuites/readiness.spec';
import readyPromiseSuite from '../nodeSuites/ready-promise.spec';
import { fetchSpecificSplits, fetchSpecificSplitsForFlagSets } from '../nodeSuites/fetch-specific-splits.spec';

Expand Down Expand Up @@ -78,6 +79,9 @@ tape('## Node JS - E2E CI Tests ##', async function (assert) {
assert.test('E2E / IP Addresses Setting', ipAddressesSetting.bind(null, fetchMock));
assert.test('E2E / IP Addresses Setting Debug', ipAddressesSettingDebug.bind(null, fetchMock));

/* Validate readiness */
assert.test('E2E / Readiness', readinessSuite.bind(null, fetchMock));

/* Validate readiness with ready promises */
assert.test('E2E / Ready promise', readyPromiseSuite.bind(null, key, fetchMock));

Expand Down

0 comments on commit f9728ca

Please sign in to comment.