fix: add auth header to local code engine requests as well [HEAD-1017] (

#402)
snyk · Nov 10, 2023 · 0f0fc7e · 0f0fc7e
1 parent c7bfd3b
commit 0f0fc7e
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 4 deletions.
diff --git a/application/config/config.go b/application/config/config.go
@@ -392,6 +392,11 @@ func (c *Config) SetSnykCodeApi(snykCodeApiUrl string) {
 		return
 	}
 	c.snykCodeApiUrl = snykCodeApiUrl
+
+	config := c.engine.GetConfiguration()
+	additionalURLs := config.GetStringSlice(configuration.AUTHENTICATION_ADDITIONAL_URLS)
+	additionalURLs = append(additionalURLs, c.snykCodeApiUrl)
+	config.Set(configuration.AUTHENTICATION_ADDITIONAL_URLS, additionalURLs)
 }
 
 func (c *Config) SetErrorReportingEnabled(enabled bool) { c.isErrorReportingEnabled.Set(enabled) }

diff --git a/go.mod b/go.mod
@@ -23,7 +23,7 @@ require (
 	github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06
 	github.com/segmentio/analytics-go v3.1.0+incompatible
 	github.com/shirou/gopsutil v3.21.11+incompatible
-	github.com/snyk/go-application-framework v0.0.0-20231026115736-80ebca949279
+	github.com/snyk/go-application-framework v0.0.0-20231110103323-3eaa1fdef343
 	github.com/sourcegraph/go-lsp v0.0.0-20200429204803-219e11d77f5d
 	github.com/stretchr/testify v1.8.4
 	github.com/subosito/gotenv v1.6.0

diff --git a/go.sum b/go.sum
@@ -368,8 +368,8 @@ github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeV
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
-github.com/snyk/go-application-framework v0.0.0-20231026115736-80ebca949279 h1:VJUTUqOgXokh48WVjhyP/PD5orijQD3vv8yaprN1UOk=
-github.com/snyk/go-application-framework v0.0.0-20231026115736-80ebca949279/go.mod h1:YGuE2uaW3PG7Q3CcVpCdu/tOFhv5eUjcTNlYIcw6FDo=
+github.com/snyk/go-application-framework v0.0.0-20231110103323-3eaa1fdef343 h1:lfP5avIiuswcx/d/VvTEj2vQ7FQaoeepV2nHIkP82Hw=
+github.com/snyk/go-application-framework v0.0.0-20231110103323-3eaa1fdef343/go.mod h1:YGuE2uaW3PG7Q3CcVpCdu/tOFhv5eUjcTNlYIcw6FDo=
 github.com/snyk/go-httpauth v0.0.0-20230726132335-d454674305a7 h1:m8C34vcouY2vEvow2gV/uAZ0LKiV7vhwC5HI15nUDX4=
 github.com/snyk/go-httpauth v0.0.0-20230726132335-d454674305a7/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=

diff --git a/infrastructure/code/backend_service_pact_test.go b/infrastructure/code/backend_service_pact_test.go
@@ -51,6 +51,7 @@ func TestSnykCodeBackendServicePact(t *testing.T) { // nolint:gocognit // this i
 	testutil.UnitTest(t)
 
 	setupPact(t)
+	config.CurrentConfig().UpdateApiEndpoints("http://localhost")
 	defer pact.Teardown()
 
 	defer func() {
@@ -262,7 +263,6 @@ func setupPact(t *testing.T) {
 	pact.Setup(true)
 
 	t.Setenv("DEEPROXY_API_URL", fmt.Sprintf("http://localhost:%d", pact.Server.Port))
-	config.CurrentConfig().UpdateApiEndpoints("http://localhost")
 	config.CurrentConfig().SetOrganization(orgUUID)
 
 	client = NewHTTPRepository(performance.NewInstrumentor(), error_reporting.NewTestErrorReporter(),
@@ -286,3 +286,42 @@ func getPutPostBodyMatcher() dsl.Matcher {
 func getSnykRequestIdMatcher() dsl.Matcher {
 	return dsl.Regex("fc763eba-0905-41c5-a27f-3934ab26786c", uuidMatcher)
 }
+
+func TestSnykCodeBackendServicePact_LocalCodeEngine(t *testing.T) {
+	testutil.NotOnWindows(t, "we don't have a pact cli")
+	testutil.UnitTest(t)
+
+	setupPact(t)
+	config.CurrentConfig().SetSnykCodeApi(fmt.Sprintf("http://localhost:%d", pact.Server.Port))
+	config.CurrentConfig().SetOrganization(orgUUID)
+	defer pact.Teardown()
+
+	pact.AddInteraction().UponReceiving("Get filters").WithRequest(dsl.Request{
+		Method: "GET",
+		Path:   dsl.String("/filters"),
+		Headers: dsl.MapMatcher{
+			"Content-Type":    dsl.String("application/json"),
+			"snyk-request-id": getSnykRequestIdMatcher(),
+			"Session-Token":   dsl.Regex("token fc763eba-0905-41c5-a27f-3934ab26786c", sessionTokenMatcher),
+			"Authorization":   dsl.Regex("token fc763eba-0905-41c5-a27f-3934ab26786c", sessionTokenMatcher),
+		},
+	}).WillRespondWith(dsl.Response{
+		Status: 200,
+		Headers: dsl.MapMatcher{
+			"Content-Type": dsl.String("application/json"),
+		},
+		Body: dsl.Match(FiltersResponse{}),
+	})
+
+	test := func() error {
+		if _, err := client.GetFilters(context.Background()); err != nil {
+			return err
+		}
+		return nil
+	}
+
+	err := pact.Verify(test)
+
+	assert.NoError(t, err)
+
+}
diff --git a/infrastructure/code/sast_local_engine_test.go b/infrastructure/code/sast_local_engine_test.go
@@ -17,8 +17,10 @@
 package code
 
 import (
+	"slices"
 	"testing"
 
+	"github.com/snyk/go-application-framework/pkg/configuration"
 	"github.com/stretchr/testify/assert"
 
 	"github.com/snyk/snyk-ls/application/config"
@@ -71,5 +73,8 @@ func TestIsLocalEngine(t *testing.T) {
 		mockedSastResponse.LocalCodeEngine.Enabled = true
 		scanner.updateCodeApiLocalEngine(mockedSastResponse)
 		assert.Equal(t, mockedSastResponse.LocalCodeEngine.Url, config.CurrentConfig().SnykCodeApi())
+		additionalAuthUrls := config.CurrentConfig().Engine().GetConfiguration().GetStringSlice(configuration.
+			AUTHENTICATION_ADDITIONAL_URLS)
+		assert.True(t, slices.Contains(additionalAuthUrls, mockedSastResponse.LocalCodeEngine.Url))
 	})
 }