fix: add optional token validations (#164)

asafshen · web-flow · commit 79c0e874c055 · 2023-06-23T00:15:02.000+03:00
## Related Issues descope/etc#2883 ## Description added optional string validations for top level functions that was missing
diff --git a/packages/core-js-sdk/src/sdk/index.ts b/packages/core-js-sdk/src/sdk/index.ts
@@ -17,10 +17,17 @@ import withSaml from './saml';
 import withTotp from './totp';
 import withPassword from './password';
 import { JWTResponse, UserResponse } from './types';
-import { stringNonEmpty, withValidations } from './validations';
+import {
+  stringNonEmpty,
+  withValidations,
+  isStringOrUndefinedValidator,
+} from './validations';
 import withWebauthn from './webauthn';
 
 const withJwtValidations = withValidations(stringNonEmpty('token'));
+const withOptionalTokenValidations = withValidations(
+  isStringOrUndefinedValidator('token')
+);
 
 /** Returns Descope SDK with all available operations */
 export default (httpClient: HttpClient) => ({
@@ -34,18 +41,20 @@ export default (httpClient: HttpClient) => ({
   webauthn: withWebauthn(httpClient),
   password: withPassword(httpClient),
   flow: withFlow(httpClient),
-  refresh: (token?: string) =>
+  refresh: withOptionalTokenValidations((token?: string) =>
     transformResponse<JWTResponse>(
       httpClient.post(apiPaths.refresh, {}, { token })
-    ),
-  logout: (token?: string) =>
-    transformResponse<never>(httpClient.post(apiPaths.logout, {}, { token })),
-  logoutAll: (token?: string) =>
-    transformResponse<never>(
-      httpClient.post(apiPaths.logoutAll, {}, { token })
-    ),
-  me: (token?: string) =>
-    transformResponse<UserResponse>(httpClient.get(apiPaths.me, { token })),
+    )
+  ),
+  logout: withOptionalTokenValidations((token?: string) =>
+    transformResponse<never>(httpClient.post(apiPaths.logout, {}, { token }))
+  ),
+  logoutAll: withOptionalTokenValidations((token?: string) =>
+    transformResponse<never>(httpClient.post(apiPaths.logoutAll, {}, { token }))
+  ),
+  me: withOptionalTokenValidations((token?: string) =>
+    transformResponse<UserResponse>(httpClient.get(apiPaths.me, { token }))
+  ),
   isJwtExpired: withJwtValidations(isJwtExpired),
   getTenants: withJwtValidations(getTenants),
   getJwtPermissions: withJwtValidations(getJwtPermissions),
diff --git a/packages/core-js-sdk/src/sdk/validations/core.ts b/packages/core-js-sdk/src/sdk/validations/core.ts
@@ -6,6 +6,17 @@ export const createValidator =
   (val) =>
     !rule(val) ? msg.replace('{val}', val) : false;
 
+export const createOrValidator =
+  (validators: Validator[], defaultMsg?: string): MakeValidator =>
+  (msg = defaultMsg) =>
+  (val) => {
+    const errors = validators.filter((validator) => validator(val));
+
+    if (errors.length < validators.length) return false;
+
+    return msg ? msg.replace('{val}', val) : errors.join(' OR ');
+  };
+
 export const createValidation = (...validators: Validator[]) => ({
   validate: (val: any) => {
     validators.forEach((validator) => {
diff --git a/packages/core-js-sdk/src/sdk/validations/index.ts b/packages/core-js-sdk/src/sdk/validations/index.ts
@@ -1,9 +1,16 @@
-import { createValidation } from './core';
+import { createOrValidator, createValidation } from './core';
 import { Validator } from './types';
-import { isEmail, isNotEmpty, isPhone, isString } from './validators';
+import {
+  isEmail,
+  isNotEmpty,
+  isPhone,
+  isString,
+  isStringOrUndefined,
+} from './validators';
 
 /**
  *
+ * Validate that all of the validators passes
  * @params each parameter is an array of validators, those validators will be verified against the wrapped function argument which in the same place
  * @throws if any of the validators fails, an error with the relevant message will be thrown
  */
@@ -21,6 +28,11 @@ export const withValidations =
 export const string = (fieldName: string) => [
   isString(`"${fieldName}" must be a string`),
 ];
+
+export const isStringOrUndefinedValidator = (fieldName: string) => [
+  isStringOrUndefined(`"${fieldName}" must be string or undefined`),
+];
+
 export const stringNonEmpty = (fieldName: string) => [
   isString(`"${fieldName}" must be a string`),
   isNotEmpty(`"${fieldName}" must not be empty`),
diff --git a/packages/core-js-sdk/src/sdk/validations/validators.ts b/packages/core-js-sdk/src/sdk/validations/validators.ts
@@ -1,10 +1,13 @@
 import get from 'lodash.get';
-import { createValidation, createValidator } from './core';
+import { createOrValidator, createValidation, createValidator } from './core';
 import { Validator } from './types';
 
 const regexMatch = (regex: RegExp) => (val: any) => regex.test(val);
 
 const validateString = (val: any) => typeof val === 'string';
+
+const validateUndefined = (val: any) => val === undefined;
+
 const validateEmail = regexMatch(
   /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/
 );
@@ -30,6 +33,17 @@ export const isString = createValidator(
   validateString,
   'Input is not a string'
 );
+
+export const isUndefined = createValidator(
+  validateUndefined,
+  'Input is defined'
+);
+
+export const isStringOrUndefined = createOrValidator(
+  [isString(), isUndefined()],
+  'Input is not a string or undefined'
+);
+
 // export const isPlainObject = createValidator(validatePlainObject, 'Input is not a plain object');
 export const hasPathValue = (path: string, rules: Validator[]) =>
   createValidator(validatePathValue(path, rules))();
diff --git a/packages/core-js-sdk/test/sdk/sdk.test.ts b/packages/core-js-sdk/test/sdk/sdk.test.ts
@@ -14,6 +14,11 @@ describe('sdk', () => {
   });
 
   describe('refresh', () => {
+    it('should throw an error when token is not a string', () => {
+      expect(() => sdk.refresh({ a: 'b' })).toThrow(
+        '"token" must be string or undefined'
+      );
+    });
     it('should send the correct request', () => {
       const httpRespJson = { key: 'val' };
       const httpResponse = {
@@ -102,6 +107,16 @@ describe('sdk', () => {
   });
 
   describe('logout', () => {
+    it('should throw an error when token is not a string', () => {
+      expect(() => sdk.logout({ a: 'b' })).toThrow(
+        '"token" must be string or undefined'
+      );
+    });
+
+    it('should not throw an error when token is undefined', () => {
+      expect(() => sdk.logout()).not.toThrow();
+    });
+
     it('should send the correct request', () => {
       const httpRespJson = { key: 'val' };
       const httpResponse = {
@@ -124,6 +139,11 @@ describe('sdk', () => {
   });
 
   describe('logoutAll', () => {
+    it('should throw an error when token is not a string', () => {
+      expect(() => sdk.logoutAll({ a: 'b' })).toThrow(
+        '"token" must be string or undefined'
+      );
+    });
     it('should send the correct request', () => {
       const httpRespJson = { key: 'val' };
       const httpResponse = {
@@ -146,6 +166,11 @@ describe('sdk', () => {
   });
 
   describe('me', () => {
+    it('should throw an error when token is not a string', () => {
+      expect(() => sdk.me({ a: 'b' })).toThrow(
+        '"token" must be string or undefined'
+      );
+    });
     it('should send the correct request', () => {
       const httpRespJson = { key: 'val' };
       const httpResponse = {
diff --git a/packages/core-js-sdk/test/sdk/webauthn.test.ts b/packages/core-js-sdk/test/sdk/webauthn.test.ts
@@ -173,10 +173,6 @@ describe('webauthn', () => {
 
   describe('signIn', () => {
     describe('start', () => {
-      it('should throw an error when loginId is not a string', () => {
-        expect(sdk.webauthn.signIn.start).toThrow('"loginId" must be a string');
-      });
-
       it('should not throw an error when loginId is empty', () => {
         expect(() => sdk.webauthn.signIn.start('', 'origin')).not.toThrow();
       });
