Simplified scheduling-auth-token module's interface

refs https://github.com/TryGhost/Team/issues/694 - Only passing necessary data into the module simplifies it's interface and allows to decouple it further from model layer dependencies - Note, also verified and corrected the return type of the auth token creating method
2025-01-03 08:25:06 +03:00 · 2021-05-24 17:33:14 +04:00 · 2021-05-24 17:33:14 +04:00 · 1ec44431b1
commit 1ec44431b1
parent 90e5af12ae
2 changed files with 20 additions and 6 deletions
--- a/core/server/adapters/scheduling/post-scheduling/index.js
+++ b/core/server/adapters/scheduling/post-scheduling/index.js
@ -17,9 +17,17 @@ const SCHEDULED_RESOURCES = ['post', 'page'];
 */
 _private.normalize = function normalize({model, apiUrl, resourceType, integration}, event = '') {
    const resource = `${resourceType}s`;
-    let publishedAt = (event === 'unscheduled') ? model.previous('published_at') : model.get('published_at');
-    const signedAdminToken = getSignedAdminToken({publishedAt, apiUrl, integration});
+    const publishedAt = (event === 'unscheduled') ? model.previous('published_at') : model.get('published_at');
+    const signedAdminToken = getSignedAdminToken({
+        publishedAt,
+        apiUrl,
+        key: {
+            id: integration.api_keys[0].id,
+            secret: integration.api_keys[0].secret
+        }
+    });
    let url = `${urlUtils.urlJoin(apiUrl, 'schedules', resource, model.get('id'))}/?token=${signedAdminToken}`;
+
    return {
        // NOTE: The scheduler expects a unix timestamp.
        time: moment(publishedAt).valueOf(),
@ -58,6 +66,7 @@ _private.loadScheduledResources = async function () {
 /**
 * @description Initialise post scheduling.
 * @param {Object} options
+ * @param {string} options.apiUrl -
 * @return {*}
 */
 exports.init = async function init(options = {}) {
--- a/core/server/adapters/scheduling/post-scheduling/scheduling-auth-token.js
+++ b/core/server/adapters/scheduling/post-scheduling/scheduling-auth-token.js
@ -4,11 +4,16 @@ const jwt = require('jsonwebtoken');
 /**
 * @description Get signed admin token for making authenticated scheduling requests
 *
- * @return {Promise}
+ * @param {Object} options
+ * @param {string} options.publishedAt - ISO date
+ * @param {string} options.apiUrl - url of the JWT's audience
+ * @param {string} options.key - integration key
+ * @param {string} options.key.id - key ID
+ * @param {string} options.key.secret - key secret
+ *
+ * @return {string} the JSON Web Token
 */
-const getSignedAdminToken = function ({publishedAt, apiUrl, integration}) {
-    let key = integration.api_keys[0];
-
+const getSignedAdminToken = function ({publishedAt, apiUrl, key}) {
    const JWT_OPTIONS = {
        keyid: key.id,
        algorithm: 'HS256',