diff --git a/api/__test__/policies.isGithubAuth.spec.js b/api/__test__/policies.isGithubAuth.spec.js index d9d7306..64ad364 100644 --- a/api/__test__/policies.isGithubAuth.spec.js +++ b/api/__test__/policies.isGithubAuth.spec.js @@ -21,29 +21,11 @@ jest.mock('../../config/github', () => ({ })); const testId = '410939550'; -const testOrgName = 'SSOEnabledOrg'; - -process.env.TOKEN_ORGS = testOrgName; -process.env.PERSONAL_ACCESS_TOKEN = 'personalAccessToken123'; const req = { body: { installation: { id: testId - }, - repository: { - full_name: 'testOrg/testRepo' - } - } -}; - -const SSOReq = { - body: { - installation: { - id: testId - }, - repository: { - full_name: testOrgName + '/testRepo' } } }; @@ -68,13 +50,6 @@ describe('isGithubAuth policy', () => { auth: expect.any(Function) }); }); - it('should call Octokit using peronsal access token for SSO Org', () => { - Octokit.mockReset(); - isGithubAuth(SSOReq, res, next); - expect(Octokit).toHaveBeenCalledWith({ - auth: process.env.PERSONAL_ACCESS_TOKEN - }); - }); it('should attach octokitClient to req', () => { Octokit.mockReset(); Octokit.mockImplementation(() => { @@ -92,16 +67,12 @@ describe('isGithubAuth policy', () => { isGithubAuth(req, res, next); expect(next).toHaveBeenCalled(); }); - it('should respond with 401 status when getInstallationAccessToken rejects', async () => { - App.mockImplementation(() => { - return { - getInstallationAccessToken: jest.fn(() => Promise.reject()) - }; - }); - Octokit.mockImplementation(async ({ auth }) => { - return await auth(); + it('should call Octokit using peronsal access token for SSO Org', () => { + Octokit.mockReset(); + process.env.PERSONAL_ACCESS_TOKEN = 'personalAccessToken123'; + isGithubAuth(req, res, next); + expect(Octokit).toHaveBeenCalledWith({ + auth: process.env.PERSONAL_ACCESS_TOKEN }); - await isGithubAuth(req, res, next); - expect(res.status).toHaveBeenCalledWith(401); }); }); diff --git a/api/policies/isGithubAuth.js b/api/policies/isGithubAuth.js index 6430b32..f941b9f 100644 --- a/api/policies/isGithubAuth.js +++ b/api/policies/isGithubAuth.js @@ -21,25 +21,15 @@ try { `); } -function shouldUsePersonalToken(fullName) { - const orgName = fullName.split('/')[0]; - if (process.env.TOKEN_ORGS) { - const tokenOrgs = process.env.TOKEN_ORGS.split(','); - return tokenOrgs.some(tokenOrgName => tokenOrgName === orgName); - } - return false; -} - module.exports = async function isGithubAuth(req, res, next) { - const { installation, repository, repositories } = req.body; + const PERSONAL_ACCESS_TOKEN = process.env.PERSONAL_ACCESS_TOKEN; + const { installation } = req.body; const app = new App({ id: github.appId, privateKey: cert }); - const repositoryName = (repositories && repositories[0] && repositories[0].full_name) ? repositories[0].full_name : repository.full_name; - // pretier-ignore - const octokitClient = (repository && shouldUsePersonalToken(repositoryName)) - ? new Octokit({ auth: process.env.PERSONAL_ACCESS_TOKEN }) + const octokitClient = PERSONAL_ACCESS_TOKEN + ? new Octokit({ auth: PERSONAL_ACCESS_TOKEN }) : new Octokit({ async auth() { let installationAccessToken;