added validation for endpoint body JSON in API admin and fixed error handling in actual API calls

assets/javascripts/discourse/models/custom-wizard.js.es6

@@ -17,6 +17,7 @@ const wizardProperties = [
 const CustomWizard = Discourse.Model.extend({
   save() {
     return new Ember.RSVP.Promise((resolve, reject) => {
+
       const id = this.get('id');
       if (!id || !id.underscore()) return reject({ error: 'id_required' });
 
@@ -127,6 +128,16 @@ const CustomWizard = Discourse.Model.extend({
             error = 'id_required';
             return;
           }
+          //check if api_body is valid JSON
+          let api_body = a.get('api_body');
+          if (api_body != '') {
+            try {
+              JSON.parse(api_body);
+            } catch (e) {
+              error = 'invalid_api_body';
+              return;
+            }
+          }
 
           a.set('id', id.underscore());
 

config/locales/client.en.yml

@@ -59,6 +59,7 @@ en:
           name_required: "Wizards must have a name."
           steps_required: "Wizards must have at least one step."
           id_required: "All wizards, steps, fields and actions need an id."
+          invalid_api_body: "Request body JSON needs to be a valid JSON."
           type_required: "All fields need a type."
           after_time_need_time: "After time is enabled but no time is set."
           after_time_invalid: "After time is invalid."

lib/api/endpoint.rb

@@ -85,8 +85,11 @@ class CustomWizard::Api::Endpoint
       params[:body] = body
     end
 
+    begin
       response = connection.request(params)
-
+      return JSON.parse(response.body)
-    JSON.parse(response.body)
+    rescue
+      return JSON.parse "[{\"error\":\"API request failed\"}]"
+    end
   end
 end

lib/builder.rb

@@ -408,8 +408,8 @@ class CustomWizard::Builder
 
     result = CustomWizard::Api::Endpoint.request(action['api'], action['api_endpoint'], api_body)
 
-    if result['error']
+    if result[0].has_key? 'error'
-      updater.errors.add(:send_message, result['error'])
+      updater.errors.add(:send_message, result[0]['error'])
     else
       ## add validation callback
     end

lib/test_harness.rb

@@ -0,0 +1,40 @@
+require 'excon'
+# require 'httplog'
+
+class CustomWizard::APITestHarness
+
+  def self.basic
+
+    CustomWizard::Authorization.set_authentication_protocol("chargify", "basic_authentication")
+    CustomWizard::Authorization.set_username("chargify", "W2iA5khmmRso3oySy1KUeJP17ilUuN6OZkgT8PPwk")
+    CustomWizard::Authorization.set_password("chargify", "X")
+    authentication_string = CustomWizard::Authorization.get_header_authorization_string("chargify")
+    puts 'authentication string is ' + authentication_string
+    response = Excon.get(
+      "https://merefield-technology.chargify.com/subscriptions.json",
+      :headers => {
+        "Authorization" => "#{authentication_string}"
+      }
+    )
+    JSON.parse(response.body)
+  end
+
+  def self.oauth_two
+
+    CustomWizard::Authorization.set_authentication_protocol("google", "OAuth2_authentication")
+    CustomWizard::Authorization.set_client_id("chargify", "W2iA5khmmRso3oySy1KUeJP17ilUuN6OZkgT8PPwk")
+    CustomWizard::Authorization.set_client_secret("chargify", "X")
+
+    puts curl
+    authentication_string = CustomWizard::Authorization.get_header_authorization_string("chargify")
+    puts 'authentication string is ' + authentication_string
+    response = Excon.get(
+      "https://merefield-technology.chargify.com/subscriptions.json",
+      :headers => {
+        "Authorization" => "#{authentication_string}"
+      }
+    )
+    JSON.parse(response.body)
+  end
+
+end