fix: check client info

8b15df03 · 雪洛 · 818b0f7d · 8b15df03 · 8b15df03 · 8b15df03
5 changed file
--- a/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/common/utils.js
+++ b/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/common/utils.js
@@ -38,16 +38,6 @@ function isFn (fn) {
  return typeof fn === 'function'
 }

-function checkClientInfo (clientInfo) {
-  const requiredParams = ['appId', 'platform']
-  for (let i = 0; i < requiredParams.length; i++) {
-    if (!clientInfo[requiredParams[i]]) {
-      console.warn('- 如果使用HBuilderX运行本地云函数/云对象功能时出现此提示，请改为使用客户端调用本地云函数方式调试，或更新HBuilderX到3.4.12及以上版本。\n- 如果是缺少clientInfo.appId，请检查项目manifest.json内是否配置了DCloud AppId')
-      throw new Error(`"clientInfo.${requiredParams[i]}" is required.`)
-    }
-  }
-}
-
 // 获取文件后缀，只添加几种图片类型供客服消息接口使用
 const mime2ext = {
  'image/png': 'png',
@@ -196,7 +186,6 @@ module.exports = {
  getType,
  isValidString,
  batchFindObjctValue,
-  checkClientInfo,
  isPlainObject,
  isFn,
  getDistinctArray,

--- a/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/common/validator.js
+++ b/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/common/validator.js
@@ -133,13 +133,15 @@ function validate (value = {}, schema = {}) {
      required,
      type
    } = schemaValue
-    if (!(schemaKey in value)) {
+    // value内未传入了schemaKey或对应值为undefined
+    if (value[schemaKey] === undefined) {
      if (required) {
        return {
          errCode: ERROR.PARAM_REQUIRED,
          errMsgValue: {
            param: schemaKey
-          }
+          },
+          schemaKey
        }
      } else {
        continue
@@ -151,12 +153,70 @@ function validate (value = {}, schema = {}) {
    }
    const validateRes = validateMethod(value[schemaKey])
    if (validateRes) {
+      validateRes.schemaKey = schemaKey
      return validateRes
    }
  }
 }

+function checkClientInfo (clientInfo) {
+  const schema = {
+    uniPlatform: 'string',
+    appId: 'string',
+    deviceId: {
+      required: false,
+      type: 'string'
+    },
+    osName: {
+      required: false,
+      type: 'string'
+    },
+    locale: {
+      required: false,
+      type: 'string'
+    },
+    clientIP: {
+      required: false,
+      type: 'string'
+    },
+    appName: {
+      required: false,
+      type: 'string'
+    },
+    appVersion: {
+      required: false,
+      type: 'string'
+    },
+    appVersionCode: {
+      required: false,
+      type: 'string'
+    },
+    channel: {
+      required: false,
+      type: 'string'
+    },
+    userAgent: {
+      required: false,
+      type: 'string'
+    },
+    uniIdToken: {
+      required: false,
+      type: 'string'
+    }
+  }
+  const validateRes = validate(clientInfo, schema)
+  if (validateRes) {
+    if (validateRes.errCode === ERROR.PARAM_REQUIRED) {
+      console.warn('- 如果使用HBuilderX运行本地云函数/云对象功能时出现此提示，请改为使用客户端调用本地云函数方式调试，或更新HBuilderX到3.4.12及以上版本。\n- 如果是缺少clientInfo.appId，请检查项目manifest.json内是否配置了DCloud AppId')
+      throw new Error(`"clientInfo.${validateRes.schemaKey}" is required.`)
+    } else {
+      throw new Error('Invalid client info')
+    }
+  }
+}
+
 module.exports = {
  validate,
-  validator
+  validator,
+  checkClientInfo
 }
--- a/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/index.obj.js
+++ b/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/index.obj.js
 const uniIdCommon = require('uni-id-common')
 const uniCaptcha = require('uni-captcha')
 const {
-  checkClientInfo,
  getType
 } = require('./common/utils')
+const {
+  checkClientInfo
+} = require('./common/validator')
 const ConfigUtils = require('./lib/utils/config')
 const {
  isUniIdError
@@ -69,9 +71,15 @@ const {
 module.exports = {
  async _before () {
    const clientInfo = this.getClientInfo()
-    // 检查clientInfo，无appId和platform时本云对象无法正常运行
+    /**
+     * 检查clientInfo，无appId和uniPlatform时本云对象无法正常运行
+     * 此外需要保证用到的clientInfo字段均经过类型检查
+     * clientInfo由客户端上传并非完全可信，clientInfo内除clientIP、userAgent、source外均为客户端上传参数
+     * 否则可能会出现一些意料外的情况
+     */
    checkClientInfo(clientInfo)
-    let clientPlatform = clientInfo.platform
+    let clientPlatform = clientInfo.uniPlatform
+    // 统一platform名称
    switch (clientPlatform) {
      case 'app':
      case 'app-plus':

--- a/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lib/utils/verify-code.js
+++ b/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/lib/utils/verify-code.js
@@ -23,7 +23,7 @@ async function setVerifyCode ({
    scene,
    code: code || getVerifyCode(),
    state: 0,
-    ip: this.getClientInfo().CLIENTIP,
+    ip: this.getClientInfo().clientIP,
    created_date: now,
    expired_date: now + expiresIn * 1000
  }

--- a/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/validate.js
+++ b/uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/validate.js
@@ -5,6 +5,7 @@ const {
 module.exports = function (value = {}, schema = {}) {
  const validateRes = validate(value, schema)
  if (validateRes) {
+    delete validateRes.schemaKey
    throw validateRes
  }
 }