Merge pull request #646 from snyk/fix/artifactory-validation-text-not…

…-json fix:validate urls returning non json response
snyk · Oct 17, 2023 · 81d863d · 81d863d
2 parents 31b2e8a + 1a5e113
commit 81d863d
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 2 deletions.
diff --git a/lib/client/utils/credentials.ts b/lib/client/utils/credentials.ts
@@ -2,6 +2,7 @@ import { log as logger } from '../../logs/logger';
 import version from '../../common/utils/version';
 import { sanitise } from '../../logs/logger';
 import { makeRequestToDownstream } from '../../common/http/request';
+import { isJson } from '../../common/utils/json';
 
 const credsFromHeader = (s) => {
   if (s.indexOf(' ') >= 0) {
@@ -101,7 +102,10 @@ export const checkCredentials = async (
 
       logger.error(data, response && response.body, 'Systemcheck failed');
     } else {
-      const parsedBodyResponse = JSON.parse(response.body || {});
+      const parsedBodyResponse = isJson(response.headers)
+        ? JSON.parse(response.body)
+        : response.body;
+
       // const responseToReturn = response
       response.body = parsedBodyResponse;
       if (process.env.JEST_WORKER_ID) {
@@ -117,7 +121,6 @@ export const checkCredentials = async (
     if (process.env.JEST_WORKER_ID) {
       data['testError'] = error;
     }
-
     data['ok'] = false;
     data['error'] = error;
   }

diff --git a/test/functional/systemcheck.test.ts b/test/functional/systemcheck.test.ts
@@ -69,6 +69,34 @@ describe('broker client systemcheck endpoint', () => {
     ).not.toBeTruthy();
   });
 
+  it('good validation url, custom endpoint, no authorization, no json response', async () => {
+    bc = await createBrokerClient({
+      brokerServerUrl: `http://localhost:${bs.port}`,
+      brokerToken: 'broker-token-12345',
+      type: 'client',
+      brokerClientValidationUrl: `http://localhost:${tws.port}/echo/textresponse`,
+      brokerSystemcheckPath: '/custom-systemcheck',
+    });
+    await waitForBrokerClientConnection(bs);
+
+    const response = await axiosClient.get(
+      `http://localhost:${bc.port}/custom-systemcheck`,
+    );
+    expect(response.data).toBeInstanceOf(Array);
+    const systemCheckBody = response.data[0];
+    expect(response.status).toEqual(200);
+    expect(systemCheckBody).toStrictEqual({
+      brokerClientValidationMethod: 'GET',
+      brokerClientValidationTimeoutMs: expect.any(Number),
+      brokerClientValidationUrl: `http://localhost:${tws.port}/echo/textresponse`,
+      brokerClientValidationUrlStatusCode: 200,
+      maskedCredentials: null,
+      ok: true,
+      testResponse: expect.any(Object),
+    });
+    expect(systemCheckBody.testResponse.body).toEqual('OK');
+  });
+
   it('good validation url, authorization header', async () => {
     bc = await createBrokerClient({
       brokerServerUrl: `http://localhost:${bs.port}`,

diff --git a/test/setup/test-web-server.ts b/test/setup/test-web-server.ts
@@ -178,6 +178,15 @@ const applyEchoRoutes = (app: Express) => {
     },
   );
 
+  // mimics functionality of https://httpbin.org/headers
+  echoRouter.get(
+    '/echo/textresponse',
+    (req: express.Request, resp: express.Response) => {
+      resp.status(200);
+      resp.send('OK');
+    },
+  );
+
   echoRouter.post(
     '/echo-headers/:param?',
     (req: express.Request, resp: express.Response) => {