From d3b7332d9c8a377b3636e98f699043356f8be04e Mon Sep 17 00:00:00 2001 From: Samuel Bodin <1637651+bodinsamuel@users.noreply.github.com> Date: Thu, 7 Nov 2024 12:25:41 +0100 Subject: [PATCH 1/2] feat(api): enforce max cli version --- .../server/lib/middleware/cliVersionCheck.ts | 33 +++++++++++++++++++ packages/server/lib/routes.ts | 3 +- 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/packages/server/lib/middleware/cliVersionCheck.ts b/packages/server/lib/middleware/cliVersionCheck.ts index c9bea6e69f..f95592c441 100644 --- a/packages/server/lib/middleware/cliVersionCheck.ts +++ b/packages/server/lib/middleware/cliVersionCheck.ts @@ -1,3 +1,4 @@ +import { NANGO_VERSION } from '@nangohq/shared'; import { getLogger } from '@nangohq/utils'; import type { Request, Response, NextFunction } from 'express'; @@ -33,3 +34,35 @@ export function cliMinVersion(minVersion: string) { next(); }; } + +export function cliMaxVersion() { + return (req: Request, res: Response, next: NextFunction) => { + const userAgent = req.headers['user-agent']; + if (!userAgent) { + // Could be strictly enforced + next(); + return; + } + + const match = userAgent.match(VERSION_REGEX); + if (!match || match.length <= 1 || !match[1]) { + // Could be strictly enforced + next(); + return; + } + + console.log(match[1], semver.gt(match[1], NANGO_VERSION)); + + if (semver.gt(match[1], NANGO_VERSION)) { + res.status(400).send({ + error: { + code: 'invalid_cli_version', + message: `You are using a SDK version greater than the API version (SDK: ${match[1]}, API: ${NANGO_VERSION})` + } + }); + return; + } + + next(); + }; +} diff --git a/packages/server/lib/routes.ts b/packages/server/lib/routes.ts index 0cf0065acd..d5da730412 100644 --- a/packages/server/lib/routes.ts +++ b/packages/server/lib/routes.ts @@ -103,7 +103,7 @@ import { getConnections } from './controllers/v1/connections/getConnections.js'; import { getPublicConnections } from './controllers/connection/getConnections.js'; import { getConnectionsCount } from './controllers/v1/connections/getConnectionsCount.js'; import { getConnectionRefresh } from './controllers/v1/connections/connectionId/postRefresh.js'; -import { cliMinVersion } from './middleware/cliVersionCheck.js'; +import { cliMaxVersion, cliMinVersion } from './middleware/cliVersionCheck.js'; export const router = express.Router(); @@ -166,6 +166,7 @@ const publicAPICorsHandler = cors({ origin: '*' }); publicAPI.use(publicAPICorsHandler); +publicAPI.use(cliMaxVersion()); publicAPI.options('*', publicAPICorsHandler); // Pre-flight // API routes (Public key auth). From 776b688f8df74ede387924b904643c94feb8eab3 Mon Sep 17 00:00:00 2001 From: Samuel Bodin <1637651+bodinsamuel@users.noreply.github.com> Date: Thu, 7 Nov 2024 16:59:18 +0100 Subject: [PATCH 2/2] review --- packages/server/lib/middleware/cliVersionCheck.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/packages/server/lib/middleware/cliVersionCheck.ts b/packages/server/lib/middleware/cliVersionCheck.ts index f95592c441..f324d27521 100644 --- a/packages/server/lib/middleware/cliVersionCheck.ts +++ b/packages/server/lib/middleware/cliVersionCheck.ts @@ -51,8 +51,6 @@ export function cliMaxVersion() { return; } - console.log(match[1], semver.gt(match[1], NANGO_VERSION)); - if (semver.gt(match[1], NANGO_VERSION)) { res.status(400).send({ error: {