aboutsummaryrefslogtreecommitdiffstats
path: root/packages/asset-buyer
diff options
context:
space:
mode:
authorfragosti <francesco.agosti93@gmail.com>2018-09-21 22:24:45 +0800
committerfragosti <francesco.agosti93@gmail.com>2018-09-21 22:24:45 +0800
commit1bfaefb240d08eb0a8a5d6743d529604383f6e43 (patch)
tree0e8fa7a2bc46ba2fcd312f213a1686774f7eaffe /packages/asset-buyer
parentc48cf3ab3b74a9082eb30540115534c7432667ac (diff)
downloaddexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.tar
dexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.tar.gz
dexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.tar.bz2
dexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.tar.lz
dexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.tar.xz
dexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.tar.zst
dexon-0x-contracts-1bfaefb240d08eb0a8a5d6743d529604383f6e43.zip
Add order provider response validation
Diffstat (limited to 'packages/asset-buyer')
-rw-r--r--packages/asset-buyer/src/asset_buyer.ts4
-rw-r--r--packages/asset-buyer/src/types.ts1
-rw-r--r--packages/asset-buyer/src/utils/order_provider_response_processor.ts10
3 files changed, 15 insertions, 0 deletions
diff --git a/packages/asset-buyer/src/asset_buyer.ts b/packages/asset-buyer/src/asset_buyer.ts
index 9774a8d39..03f9b5a2b 100644
--- a/packages/asset-buyer/src/asset_buyer.ts
+++ b/packages/asset-buyer/src/asset_buyer.ts
@@ -269,6 +269,10 @@ export class AssetBuyer {
const [targetOrderProviderResponse, feeOrderProviderResponse] = await Promise.all(
_.map(requests, async request => this.orderProvider.getOrdersAsync(request)),
);
+ // since the order provider is an injected dependency, validate that it respects the API
+ // ie. it should only return maker/taker assetDatas that are specified
+ orderProviderResponseProcessor.throwIfInvalidResponse(targetOrderProviderResponse, targetOrderProviderRequest);
+ orderProviderResponseProcessor.throwIfInvalidResponse(feeOrderProviderResponse, feeOrderProviderRequest);
// process the responses into one object
const ordersAndFillableAmounts = await orderProviderResponseProcessor.processAsync(
targetOrderProviderResponse,
diff --git a/packages/asset-buyer/src/types.ts b/packages/asset-buyer/src/types.ts
index 5df8e632a..ee6858525 100644
--- a/packages/asset-buyer/src/types.ts
+++ b/packages/asset-buyer/src/types.ts
@@ -68,6 +68,7 @@ export enum AssetBuyerError {
InsufficientAssetLiquidity = 'INSUFFICIENT_ASSET_LIQUIDITY',
InsufficientZrxLiquidity = 'INSUFFICIENT_ZRX_LIQUIDITY',
NoAddressAvailable = 'NO_ADDRESS_AVAILABLE',
+ InvalidOrderProviderResponse = 'INVALID_ORDER_PROVIDER_RESPONSE',
}
/**
diff --git a/packages/asset-buyer/src/utils/order_provider_response_processor.ts b/packages/asset-buyer/src/utils/order_provider_response_processor.ts
index 79e15c3d8..2f3208a55 100644
--- a/packages/asset-buyer/src/utils/order_provider_response_processor.ts
+++ b/packages/asset-buyer/src/utils/order_provider_response_processor.ts
@@ -7,7 +7,9 @@ import * as _ from 'lodash';
import { constants } from '../constants';
import {
+ AssetBuyerError,
AssetBuyerOrdersAndFillableAmounts,
+ OrderProviderRequest,
OrderProviderResponse,
SignedOrderWithRemainingFillableMakerAssetAmount,
} from '../types';
@@ -20,6 +22,14 @@ interface OrdersAndRemainingFillableMakerAssetAmounts {
}
export const orderProviderResponseProcessor = {
+ throwIfInvalidResponse(response: OrderProviderResponse, request: OrderProviderRequest): void {
+ const { makerAssetData, takerAssetData } = request;
+ _.forEach(response.orders, order => {
+ if (order.makerAssetData !== makerAssetData || order.takerAssetData !== takerAssetData) {
+ throw new Error(AssetBuyerError.InvalidOrderProviderResponse);
+ }
+ });
+ },
/**
* Take the responses for the target orders to buy and fee orders and process them.
* Processing includes: