5 Replies Latest reply on Oct 28, 2018 10:31 PM by johnsonsmith247

    Osapi not sending required data for Node SDK security middleware?

    jroorda Novice

      I am trying to use the jive.service.security().checkAuthHeaders(req,res) function to check the legitimacy of requests sent to my Node js server.

      checkAuthHeaders calls findCredentials, which looks for and field called jiveUrl in the body of the request by calling:

      var jiveUrl = req.body['jiveUrl'];


      There are two issues with this.

           A) the field jiveUrl does not exist in the body of any call made by osapi, which I have been lead to believe should

           B) referncing the body of the request this way does not work and returns undefined


      This is my route definition:

      app.get("/Application/test",function(req, res) { 
          console.warn("START TEST");


      This is my call from the app:

      function TEMP_test(){
             "authz" : "signed", //security
             "href": server + "/Application/test", //URL target
             "refreshInterval": 0,
             headers: {}


      This is the stack trace from the server:

      TypeError: Cannot read property 'jiveUrl' of undefined
      at Router._dispatch (/home/vcap/app/node_modules/express/lib/router/index.js:170:5)
      at pass (/home/vcap/app/node_modules/express/lib/router/index.js:142:5)
      at findCredentials (/home/vcap/app/node_modules/jive-sdk/jive-sdk-service/lib/security.js:34:27)
      at Object.expressInit [as handle] (/home/vcap/app/node_modules/express/lib/middleware.js:31:5)
      at Object.router (/home/vcap/app/node_modules/express/lib/router/index.js:33:10)
      at next (/home/vcap/app/node_modules/express/node_modules/connect/lib/proto.js:199:15)
      at callbacks (/home/vcap/app/node_modules/express/lib/router/index.js:161:37)
      at param (/home/vcap/app/node_modules/express/lib/router/index.js:135:11)
      at /home/vcap/app/app.js:21:29
      at Object.exports.checkAuthHeaders (/home/vcap/app/node_modules/jive-sdk/jive-sdk-service/lib/security.js:151:9)


      I have tried this using POST instead of GET.

      Is there something that I am required to do that I am missing? Or is this an issue with the Node SDK?