Commits

Seb Ruiz committed bc8929e

ACDEV-1070: Do not stomp on context from the header and request body

Comments (0)

Files changed (4)

lib/middleware/authentication.js

 };
 
 function extractJwtFromRequest(req, addon) {
-    var token = req.param('jwt');
+    var token = req.query['jwt'];
 
     // if there was no token in the query-string then fall back to checking the Authorization header
     var authHeader = req.headers["authorization"]; // the header name appears as lower-case

lib/middleware/request.js

 var hostRequest = require('../internal/host-request');
 var authentication = require('./authentication.js');
 var _ = require('lodash');
-var urls = require('url');
 
 module.exports = function (addon) {
 
         // @todo this is a mess and needs to be rewritten with a clear
         //       analysis of what's available in each type of request
 
-        var hostUrl = req.param('xdm_e');
+        var hostUrl = req.query['xdm_e'];
         var params;
 
         if (hostUrl) {
             params = {
                 hostUrl: hostUrl,
-                hostBaseUrl: hostUrl + (req.param('cp') || ''),
-                license: req.param('lic'),
-                timeZone: req.param('tz'),
-                locale: req.param('loc')
+                hostBaseUrl: hostUrl + (req.query['cp'] || ''),
+                license: req.query['lic'],
+                timeZone: req.query['tz'],
+                locale: req.query['loc']
             };
             _.extend(req.session, params);
         } else {
             params = req.session;
         }
 
-        params.userId = req.param('user_id');
-        copyCtxParams(req.headers, params, 'ap-ctx-');
-        copyCtxParams(req.params, params, 'ctx_');
         copyCtxParams(req.query, params, 'ctx_');
+        params.userId = req.query['user_id'];
 
         augmentRequest(params, req, res, next);
     };

lib/middleware/token.js

     }
 
     function getTokenFromRequest(req) {
-        return req.param(TOKEN_KEY_PARAM) || req.header(TOKEN_KEY_HEADER);
+        return req.query[TOKEN_KEY_PARAM] || req.header(TOKEN_KEY_HEADER);
     }
 
     return function (req, res, next) {

test/webhook_test.js

         addon.once('plugin_test_hook', function (event, body, req) {
             assert(event === 'plugin_test_hook');
             assert(body != null && body.foo === 'bar');
-            assert(req && req.param('user_id') === 'admin');
+            assert(req && req.query['user_id'] === 'admin');
             done();
         });