search

Aeolun / ts-jira-client

A Typescript wrapper for the Jira Rest API
https://aeolun.github.io/ts-jira-client/
MIT License
6 stars 2 forks source link

fix: corrected the strictSSL setting for the jira client #1

Closed Batyodie closed 6 months ago

Batyodie commented 6 months ago

I have found a bug when working in development mode for a real Jira client.

I use ngrok to create https for my node backend. When using your library, I pass strictSSL in the client settings:

 this.jiraRestApi = new JiraApi({
        protocol: 'https',
        host: jiraHost,
        username: jiraUsername,
        password: jiraPassword,
        apiVersion: 2,
        timeout: 5000,
        strictSSL: false,
});

As a result, when a POST request is sent, the request fails with errors.

cause: Error: unable to verify the first certificate
      at TLSSocket.onConnectSecure (node:_tls_wrap:1674:34)
      at TLSSocket.emit (node:events:518:28)
      at TLSSocket._finishInit (node:_tls_wrap:1085:8)
      at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:871:12) {
    code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
  }

When using the classic Jira client, there was no such problem, so I started looking at the sources and discovered the difference

//  Extract from the original client where strictSSL is added
makeRequestHeader(uri, options = {}) {
    return {
      rejectUnauthorized: this.strictSSL,
      method: options.method || 'GET',
      uri,
      json: true,
      ...options
    };
  }
// Your code snippet
 else if ("strictSSL" in options || "ca" in options) {
            this.httpsAgent = new https_1.Agent({ rejectUnauthorized: !options.strictSSL, ca: options.ca });
            this.axios = axios_1.default.create({
                httpsAgent: this.httpsAgent,
            });
        }

Apparently the bug was in a wrong negation(!options.strictSSL), and there was also a bug in the tests that failed to check this script.

this.jiraRestApi = new JiraApi({
        protocol: 'https',
        host: jiraHost,
        username: jiraUsername,
        password: jiraPassword,
        apiVersion: 2,
        timeout: 5000,
        strictSSL: false,
      });
      console.log(this.jiraRestApi.axios.defaults?.httpsAgent.options); //  strictSSL is true

It turns out that when strictSSL is disabled, on the contrary, it is enabled. Fixed this behaviour and added tests.

Aeolun commented 6 months ago

Whoops, yeah. That triple negation there still required me to look at it a bunch before I saw the problem. Thanks for fixing it!

github-actions[bot] commented 6 months ago

:tada: This PR is included in version 1.0.2 :tada:

The release is available on:

Your semantic-release bot :package::rocket: