allow for handling of redirects in toml resolver (#1053)

* allow for handling of redirects
* correct unit tests for resolver
* add maxRedirects to http client request config

---------

Signed-off-by: KyleSmith19091 <skorpion19091@gmail.com>
Co-authored-by: George <Shaptic@users.noreply.github.com>

CHANGELOG.md

@@ -11,6 +11,9 @@ A breaking change will get clearly marked in this log.
   * `basicNodeSigner` has been updated to reflect the new type.
 - `ClientOptions.signAuthEntry` type has also been updated to reflect the SEP 43 protocol, which also returns a promise containing the`signerAddress` in addition to the `signAuthEntry` that was returned previously. It also can return an `Error` type. 
 
+### Added
+- `stellartoml-Resolver.resolve` now has a `allowedRedirects` option to configure the number of allowed redirects to follow when resolving a stellar toml file.
+
 ## [v13.0.0-rc.1](https://github.com/stellar/js-stellar-sdk/compare/v12.3.0...v13.0.0-rc.1)
 
 ### Breaking Changes

src/http-client/types.ts

@@ -32,6 +32,7 @@ export interface HttpClientRequestConfig<D = any> {
   headers?: HeadersInit;
   params?: Record<string, any>;
   maxContentLength?: number;
+  maxRedirects?: number;
   cancelToken?: CancelToken;
   adapter?: (config: HttpClientRequestConfig) => Promise<HttpClientResponse>;
 }

src/stellartoml/index.ts

@@ -59,6 +59,7 @@ export class Resolver {
 
     return httpClient
       .get(`${protocol}://${domain}/.well-known/stellar.toml`, {
+        maxRedirects: opts.allowedRedirects ?? 0,
         maxContentLength: STELLAR_TOML_MAX_SIZE,
         cancelToken: timeout
           ? new CancelToken((cancel) =>
@@ -99,6 +100,7 @@ export namespace Api {
   export interface StellarTomlResolveOptions {
     allowHttp?: boolean;
     timeout?: number;
+    allowedRedirects?: number;
   }
   export type Url = string;
   export type PublicKey = string;

test/unit/stellar_toml_resolver_test.js

@@ -184,5 +184,65 @@ FEDERATION_SERVER="https://api.stellar.org/federation"
             .then(() => tempServer.close());
         });
     });
+
+    it("rejects redirect response when allowedRedirects is not specified", function (done) {
+      // Unable to create temp server in a browser
+      if (typeof window != "undefined") {
+        return done();
+      }
+
+      let tempServer = http
+        .createServer((req, res) => {
+          res.writeHead(302, { location: "/redirect" });
+          return res.end();
+        })
+        .listen(4444, () => {
+          Resolver.resolve("localhost:4444", {
+            allowHttp: true,
+          })
+            .then((response) => {
+              should.fail();
+            })
+            .catch((e) => {
+              expect(e).to.match(/Maximum number of redirects exceeded/);
+            })
+            .finally(() => {
+              tempServer.close();
+              done();
+            });
+        });
+    });
+
+    it("returns handled redirect when allowedRedirects is specified", function (done) {
+      if (typeof window != "undefined") {
+        return done();
+      }
+
+      let tempServer = http
+        .createServer((req, res) => {
+          if (req.url !== "/redirect") {
+            res.writeHead(302, { location: "/redirect" });
+            return res.end();
+          }
+          res.setHeader("Content-Type", "text/x-toml; charset=UTF-8");
+          res.writeHead(200);
+          res.end(`
+          FEDERATION_SERVER="https://api.stellar.org/federation"
+          `);
+        })
+        .listen(4444, () => {
+          Resolver.resolve("localhost:4444", {
+            allowHttp: true,
+            allowedRedirects: 1,
+          }).then((response) => {
+            expect(response.FEDERATION_SERVER).equals(
+              "https://api.stellar.org/federation",
+            );
+          }).finally(() => {
+            tempServer.close();
+            done();
+          });
+        });
+    });
   });
 });