Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Retrieve the raw request body
See original GitHub issuePlease avoid duplicates
- I checked all open feature requests and none of them matched my request.
Context
I use nock to test that my server correctly sends webhook notifications. The requests are signed using the header x-hub-signature, a header containing a sha256 hash of the binary body data.
Ideally I would like to retrieve the raw body data in order to check that the header is consistent with this data.
Alternatives
As an alternative I can:
- retrieve the body object value
- retrieve the header value
- use
JSON.stringify()andBuffer.from()to recreate the (hopefully) same binary data
let notificationBody;
let signatureHeader;
nock("https://www.example.com", {
reqheaders: {
"x-hub-signature": value => {
signatureHeader = value;
return true;
}
}
})
.post("/callback", body => {
notificationBody = body;
return true;
})
.reply(200);
// and once I sent the request:
const expectedSignature = `sha256=${createHmac("sha256", secret)
.update(Buffer.from(JSON.stringify(notificationBody)))
.digest("hex")}`;
expect(signatureHeader).toEqual(expectedSignature);
But with this approach, I am abusing the reqheaders property and the body function to extract the info, then a lot can go wrong (for example if the JSON isnt formatted the same way in my tested code or if the encoding isnt the same).
I feel that there could be a better way to do that.
If the feature request is accepted, would you be willing to submit a PR?
- yes
Issue Analytics
- State:
- Created 2 years ago
- Comments:6 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I am refactoring the intercept logic right now, you can follow my progress at https://github.com/nock/nock/discussions/2247, the current code is at https://github.com/nock/nock/tree/code-review/modules/intercept-node-http. I had to expose an extra method which does not exist on Node’s native
http.ClientRequestcalled nockGetRequestBodyAsBuffer in order to retrieve the request body for matching purposes.I’m not a big fan of defining a dedicated method but I actually couldn’t figure out how to read the request body for a native
http.ClientRequestobject. My guess is the current workaround innockis there because of the same reason?Once I have the first version ready of the
@nock/intercept-node-httpmodule it would be good to discuss how to use this low level module for clean request body assertions. Then we can adopt that for a futurenockversionThe request body is generated by my tested code, I know most things about it except some details: it will contain a random uuid that I dont know beforehand (but I could probably make it predictable with a mock) + the formatting of the json is considered implementation detail. Technically I know how it’s formatted but I would prefer that my tests dont need to know that.
Of course! I work on a system that will emit webhook requests, it is unrelated to github but it mostly works the same way.
Oh yes, apparently you can do that, but the object doesnt contain the body of the request.
Yeah I agree. I understand that the primary goal of this lib is to define predictable responses to http calls (and it does that very well 👏 ), but sometimes we also want to make assertions on the requests 😅