Lowercase all calls to req.headers

rorylshanks · Nov 5, 2024 · 39e08d0 · 39e08d0
1 parent 0923703
commit 39e08d0
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 12 deletions.
diff --git a/lib/http.js b/lib/http.js
@@ -66,7 +66,7 @@ app.use((req, res, next) => {
   if (!requestId) {
     requestId = randomUUID()
   }
-  req.headers["X-Veriflow-Request-Id"] = requestId
+  req.headers["x-veriflow-request-id"] = requestId
   next()
 })
 

diff --git a/lib/sso.js b/lib/sso.js
@@ -28,7 +28,7 @@ function addParamsToUrl(baseUrl, params) {
 async function verifyAuth(req, res) {
     try {
         // First contract a URL object that can be parsed for various functions later, and get the current config
-        var requestUrl = new URL(`${req.headers["X-Forwarded-Proto"]}://${req.headers["X-Forwarded-Host"]}${req.headers["X-Forwarded-Path"] || ""}`)
+        var requestUrl = new URL(`${req.headers["x-forwarded-proto"]}://${req.headers["x-forwarded-host"]}${req.headers["x-forwarded-path"] || ""}`)
         var currentConfig = getConfig()
         // Then get the route-specific configuration for this hostname. Note that currently veriflow only supports per-host routes
         var route = getRouteFromRequest(req)
@@ -99,10 +99,10 @@ async function verifyAuth(req, res) {
         // URL, and redirect them to the AuthN flow for veriflow
 
         let jwtPayload = {
-            protocol: req.headers['X-Forwarded-Proto'] || "http",
-            host: req.headers['X-Forwarded-Host'],
-            path: req.headers['X-Forwarded-Path'],
-            query: req.headers['X-Forwarded-Query']
+            protocol: req.headers['x-forwarded-proto'] || "http",
+            host: req.headers['x-forwarded-host'],
+            path: req.headers['x-forwarded-path'],
+            query: req.headers['x-forwarded-query']
         }
         var redirectBasePath = getRedirectBasepath()
 
@@ -401,10 +401,10 @@ async function externalAuthVerify(req, res) {
             res.status(500).send(html)
             return
         }
-        req.headers["X-Veriflow-Route-Id"] = policy.routeId
-        req.headers["X-Forwarded-Proto"] = parsedUrl.protocol.slice(0, -1)
-        req.headers["X-Forwarded-Host"] = parsedUrl.hostname
-        req.headers["X-Forwarded-Path"] = parsedUrl.pathname
+        req.headers["x-veriflow-route-id"] = policy.routeId
+        req.headers["x-forwarded-proto"] = parsedUrl.protocol.slice(0, -1)
+        req.headers["x-forwarded-post"] = parsedUrl.hostname
+        req.headers["x-forwarded-path"] = parsedUrl.pathname
         req.query.token = parsedUrl.searchParams.get("token")
         req.session.external_auth = true
 

diff --git a/util/config.js b/util/config.js
@@ -56,7 +56,7 @@ function getConfig() {
 
 function getRouteFromRequest(req) {
     var config = getConfig()
-    var routeId = req.headers["X-Veriflow-Route-Id"]
+    var routeId = req.headers["x-veriflow-route-id"]
     if (!routeId) {
         log.error({ message: "No route ID included in request"})
         return null

diff --git a/util/logging.js b/util/logging.js
@@ -5,7 +5,7 @@ const log = pino();
 log.level = 30
 
 log.access = (action, route, user, req) => {
-    let reqId = req.headers["X-Veriflow-Request-Id"]
+    let reqId = req.headers["x-veriflow-request-id"]
     let method = req.get("X-Forwarded-Method")
     let path = req.get("X-Forwarded-Path")
     let query = req.get("X-Forwarded-Query")