Upgrade @hapi/hoek to revert hack introduced in hapi v20 upgrade (#87113) (#87130)

Author: watson

package.json

@@ -113,7 +113,7 @@
     "@hapi/good-squeeze": "6.0.0",
     "@hapi/h2o2": "^9.0.2",
     "@hapi/hapi": "^20.0.3",
-    "@hapi/hoek": "^9.1.0",
+    "@hapi/hoek": "^9.1.1",
     "@hapi/inert": "^6.0.3",
     "@hapi/podium": "^4.1.1",
     "@hapi/statehood": "^7.0.3",

src/core/server/http/http_server.ts

@@ -16,7 +16,7 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-import { Server, ServerRoute } from '@hapi/hapi';
+import { Server } from '@hapi/hapi';
 import HapiStaticFiles from '@hapi/inert';
 import url from 'url';
 import uuid from 'uuid';
@@ -167,21 +167,28 @@ export class HttpServer {
     for (const router of this.registeredRouters) {
       for (const route of router.getRoutes()) {
         this.log.debug(`registering route handler for [${route.path}]`);
+        // Hapi does not allow payload validation to be specified for 'head' or 'get' requests
+        const validate = isSafeMethod(route.method) ? undefined : { payload: true };
         const { authRequired, tags, body = {}, timeout } = route.options;
         const { accepts: allow, maxBytes, output, parse } = body;
 
         const kibanaRouteOptions: KibanaRouteOptions = {
           xsrfRequired: route.options.xsrfRequired ?? !isSafeMethod(route.method),
         };
 
-        const routeOpts: ServerRoute = {
+        this.server.route({
           handler: route.handler,
           method: route.method,
           path: route.path,
           options: {
             auth: this.getAuthOption(authRequired),
             app: kibanaRouteOptions,
             tags: tags ? Array.from(tags) : undefined,
+            // TODO: This 'validate' section can be removed once the legacy platform is completely removed.
+            // We are telling Hapi that NP routes can accept any payload, so that it can bypass the default
+            // validation applied in ./http_tools#getServerOptions
+            // (All NP routes are already required to specify their own validation in order to access the payload)
+            validate,
             // @ts-expect-error Types are outdated and doesn't allow `payload.multipart` to be `true`
             payload: [allow, maxBytes, output, parse, timeout?.payload].some((x) => x !== undefined)
               ? {
@@ -197,22 +204,7 @@ export class HttpServer {
               socket: timeout?.idleSocket ?? this.config!.socketTimeout,
             },
           },
-        };
-
-        // Hapi does not allow payload validation to be specified for 'head' or 'get' requests
-        if (!isSafeMethod(route.method)) {
-          // TODO: This 'validate' section can be removed once the legacy platform is completely removed.
-          // We are telling Hapi that NP routes can accept any payload, so that it can bypass the default
-          // validation applied in ./http_tools#getServerOptions
-          // (All NP routes are already required to specify their own validation in order to access the payload)
-          // TODO: Move the setting of the validate option back up to being set at `routeOpts` creation-time once
-          // https://github.com/hapijs/hoek/pull/365 is merged and released in @hapi/hoek v9.1.1. At that point I
-          // imagine the ts-error below will go away as well.
-          // @ts-expect-error "Property 'validate' does not exist on type 'RouteOptions'" <-- ehh?!? yes it does!
-          routeOpts.options!.validate = { payload: true };
-        }
-
-        this.server.route(routeOpts);
+        });
       }
     }
 

yarn.lock

@@ -1970,10 +1970,10 @@
     "@hapi/hoek" "9.x.x"
     "@hapi/validate" "1.x.x"
 
-"@hapi/hoek@9.x.x", "@hapi/hoek@^9.0.0", "@hapi/hoek@^9.0.4", "@hapi/hoek@^9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@hapi/hoek/-/hoek-9.1.0.tgz#6c9eafc78c1529248f8f4d92b0799a712b6052c6"
-  integrity sha512-i9YbZPN3QgfighY/1X1Pu118VUz2Fmmhd6b2n0/O8YVgGGfw0FbUYoA97k7FkpGJ+pLCFEDLUmAPPV4D1kpeFw==
+"@hapi/hoek@9.x.x", "@hapi/hoek@^9.0.0", "@hapi/hoek@^9.0.4", "@hapi/hoek@^9.1.1":
+  version "9.1.1"
+  resolved "https://registry.yarnpkg.com/@hapi/hoek/-/hoek-9.1.1.tgz#9daf5745156fd84b8e9889a2dc721f0c58e894aa"
+  integrity sha512-CAEbWH7OIur6jEOzaai83jq3FmKmv4PmX1JYfs9IrYcGEVI/lyL1EXJGCj7eFVJ0bg5QR8LMxBlEtA+xKiLpFw==
 
 "@hapi/inert@^6.0.3":
   version "6.0.3"