From 16e859e40afead6f2090877dd2a4b93c9bb1a3a1 Mon Sep 17 00:00:00 2001 From: Jessica Lawshe <5312836+lawshe@users.noreply.github.com> Date: Thu, 26 Oct 2023 08:18:05 -0500 Subject: [PATCH] Merge pull request #15429 from overleaf/jel-token-hash-metrics [web] Log mismatched link sharing token hash prefixes GitOrigin-RevId: 5ba690f4209987fccef859c858686c465e972f62 --- .../TokenAccess/TokenAccessHandler.js | 15 ++++++++-- .../TokenAccess/TokenAccessHandlerTests.js | 28 +++++++++++++++++-- 2 files changed, 38 insertions(+), 5 deletions(-) diff --git a/services/web/app/src/Features/TokenAccess/TokenAccessHandler.js b/services/web/app/src/Features/TokenAccess/TokenAccessHandler.js index ee8235158b..705fa21312 100644 --- a/services/web/app/src/Features/TokenAccess/TokenAccessHandler.js +++ b/services/web/app/src/Features/TokenAccess/TokenAccessHandler.js @@ -290,17 +290,28 @@ const TokenAccessHandler = { checkTokenHashPrefix(token, tokenHashPrefix, type) { let hashPrefixStatus + if (tokenHashPrefix) { + tokenHashPrefix = tokenHashPrefix.replace('#', '') + } + if (!tokenHashPrefix) { hashPrefixStatus = 'missing' } else { - const hashPrefix = TokenAccessHandler.createTokenHashPrefix(token) - if (hashPrefix === tokenHashPrefix.replace('#', '')) { + const expectedHashPrefix = TokenAccessHandler.createTokenHashPrefix(token) + if (expectedHashPrefix === tokenHashPrefix) { hashPrefixStatus = 'match' } else { hashPrefixStatus = 'mismatch' } } + if (hashPrefixStatus === 'mismatch') { + logger.info( + { tokenHashPrefix, hashPrefixStatus }, + 'mismatched token hash prefix' + ) + } + Metrics.inc('link-sharing.hash-check', { path: type, status: hashPrefixStatus, diff --git a/services/web/test/unit/src/TokenAccess/TokenAccessHandlerTests.js b/services/web/test/unit/src/TokenAccess/TokenAccessHandlerTests.js index feeb79b16a..ad9633b874 100644 --- a/services/web/test/unit/src/TokenAccess/TokenAccessHandlerTests.js +++ b/services/web/test/unit/src/TokenAccess/TokenAccessHandlerTests.js @@ -654,7 +654,11 @@ describe('TokenAccessHandler', function () { const token = 'zxpxjrwdtsgd' const prefix = this.TokenAccessHandler.createTokenHashPrefix(token) - this.TokenAccessHandler.checkTokenHashPrefix(token, prefix, 'readOnly') + this.TokenAccessHandler.checkTokenHashPrefix( + token, + `#${prefix}`, + 'readOnly' + ) expect(this.Metrics.inc).to.have.been.calledWith( 'link-sharing.hash-check', @@ -667,10 +671,9 @@ describe('TokenAccessHandler', function () { it('sends "mismatch" to metrics when prefix does not match the prefix of the hash of the token', function () { const token = 'zxpxjrwdtsgd' const prefix = this.TokenAccessHandler.createTokenHashPrefix(token) - this.TokenAccessHandler.checkTokenHashPrefix( 'anothertoken', - prefix, + `#${prefix}`, 'readOnly' ) @@ -681,6 +684,10 @@ describe('TokenAccessHandler', function () { status: 'mismatch', } ) + expect(this.logger.info).to.have.been.calledWith( + { tokenHashPrefix: prefix, hashPrefixStatus: 'mismatch' }, + 'mismatched token hash prefix' + ) }) it('sends "missing" to metrics when prefix is undefined', function () { this.TokenAccessHandler.checkTokenHashPrefix( @@ -689,6 +696,21 @@ describe('TokenAccessHandler', function () { 'readOnly' ) + expect(this.Metrics.inc).to.have.been.calledWith( + 'link-sharing.hash-check', + { + path: 'readOnly', + status: 'missing', + } + ) + }) + it('sends "missing" to metrics when URL hash is sent as "#" only', function () { + this.TokenAccessHandler.checkTokenHashPrefix( + 'anothertoken', + '#', + 'readOnly' + ) + expect(this.Metrics.inc).to.have.been.calledWith( 'link-sharing.hash-check', {