0

I am doing an HTTPS request from a different machine into a node.js (v.13.7.0) server running on Ubuntu 16.04. Before I execute the "important" code on the server, I want to do an authorization check by looking at the OAuth token passed into the server. This requires yet another HTTPS call to a second server to determine the token's validity. Apparently, my code is asynchronous, as the main part of the code is not blocked whilst the inner call to verify the OAuth token (validateToken function) is made. My code is here:

function validateToken(environment, oauthToken) {
    var url = require('url');
    var https = require('https');
    var fs = require('fs');
    var port = 443;

    // This line is from the Node.js HTTPS documentation.

    var options = {
      key: fs.readFileSync('./certificates/client-key.pem'),
      cert: fs.readFileSync('./certificates/client-cert.pem')
    };

    function validateToken(environment, oauthToken) {
       var url = "https://verify-the-token?token=oauthToken";

       https.get(url, (response) => {
          console.log("is token valid? " + response.statusCode);
          return (response.statusCode == 200);
       });
    }

    https.createServer(options, function(request, response) {
       var body = "";
       var queryParam = url.parse(request.url, true).query.command;

       if (queryParam != undefined) {
          authToken = request.headers['fmrauthorization'];
          environment = request.headers['environment'];

          validToken = validateToken(environment, authToken); // This executes, but asynchronously.


          response.setHeader('Content-Length', Buffer.byteLength(body));
          response.setHeader('Content-Type', 'text/plain');

          // Even if validateToken returns 'true', these blocks below will have already executed
          // and evaluated the return value as 'false':

          if (validToken == true) {
             if (queryParam == "run") {

                // Ok, cool. go do important stuff now...

                response.statusCode = 200;
                response.end(body);
             }

             else {
                response.statusCode = 400;
                response.end(body);
             }
          }
          else {
             console.log("Token check returned false.");
             body = "Unauthorized";
             response.statusCode = 401;
             response.end(body);
          }
       }

       else {
          body = "No command received. Please check the request.";
          response.statusCode = 400;
          response.end(body);
       }
    }).listen(port);
    console.log("I'm listening on port " + port);

I've been trying to determine if the arrow operators are inherently asynchronous (the node.js documentation doesn't seem to indicate that, unless I've missed something), or if my implementation of the server itself should be changed. I've also tried async/await on the validateToken() function with no success. Obviously, I'm new to node.js and could use some guidance. Thanks.

BPS
  • 607
  • 8
  • 29
  • It doesn't have anything to do with arrow functions. Https.get accepts a callback function, that makes it asynchronous. Check out this exhaustive StackOverflow post on the topic: https://stackoverflow.com/questions/14220321/how-do-i-return-the-response-from-an-asynchronous-call – Patrick Hund Jan 31 '20 at 13:48
  • use promises or asyn-await instead take a look here https://usefulangle.com/post/170/nodejs-synchronous-http-request – user2222 Jan 31 '20 at 14:18

0 Answers0