Skip to content

Commit

Permalink
feat(FakeAuthentication): use headers for fake auth instead of url pa…
Browse files Browse the repository at this point in the history
…rameters CP-677
  • Loading branch information
emuvente committed Dec 11, 2023
1 parent 0e5ffdd commit 33fb71f
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 25 deletions.
27 changes: 22 additions & 5 deletions src/api/Auth0Link.js
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
import { setContext } from '@apollo/client/link/context';
import _set from 'lodash/set';

// Add the user info to the context and add the access token to the authorization header
function getAuthContext(context, user, token) {
_set(context, 'user', user);
context.user = user;
if (token) {
_set(context, 'headers.authorization', `Bearer ${token}`);
context.headers = {
...context.headers,
authorization: `Bearer ${token}`
};
}
return context;
}
Expand All @@ -15,8 +17,23 @@ export default ({ kvAuth0 }) => {
// If auth0 is not enabled, don't add anything to the context
if (!kvAuth0.enabled) return getAuthContext(previousContext);

// If using fake authentication, don't add anything to the context
if (kvAuth0.getFakeAuthCookieValue()) return getAuthContext(previousContext);
// If using fake authentication, just add fake auth headers to the context
try {
const fakeAuthInfo = kvAuth0.getFakeAuthCookieValue();
if (fakeAuthInfo && kvAuth0.fakeAuthAllowed()) {
return {
...previousContext,
headers: {
...previousContext.headers,
'x-fa-user-id': fakeAuthInfo.userId,
'x-fa-scopes': fakeAuthInfo.scopes.join(' '),
'x-fa-app-id': kvAuth0.clientID || 'org.kiva.www',
}
};
}
} catch (e) {
console.error(e);
}

// If we already have user info, and we don't need to check login, just add that to the context
if (kvAuth0.getKivaId() && !kvAuth0.getSyncCookieValue()) {
Expand Down
19 changes: 0 additions & 19 deletions src/api/HttpLink.js
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
import * as Sentry from '@sentry/vue';
import { BatchHttpLink } from '@apollo/client/link/batch-http';
import { HttpLink } from '@apollo/client/link/http';

export default ({
kvAuth0,
uri = '',
fetch,
apolloBatching,
Expand All @@ -21,23 +19,6 @@ export default ({
}
};

// Add Fake Authentication info to the server URI if it is provided and allowed.
try {
const fakeAuthInfo = kvAuth0.getFakeAuthCookieValue();
if (kvAuth0.fakeAuthAllowed() && fakeAuthInfo) {
// add params to uri
const fakeUri = new URL(uri);
fakeUri.searchParams.set('user_id', fakeAuthInfo.userId);
fakeUri.searchParams.set('scopes', fakeAuthInfo.scopes.join(' '));
fakeUri.searchParams.set('app_id', kvAuth0.clientID || 'org.kiva.www');

options.uri = fakeUri.href;
}
} catch (e) {
console.error(e);
Sentry.captureException(e);
}

// Use the regular HttpLink if batching is disabled.
if (!apolloBatching) {
return new HttpLink(options);
Expand Down
1 change: 0 additions & 1 deletion src/api/apollo.js
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@ export default function createApolloClient({
BasketLinkCreator({ cookieStore }),
ContentfulPreviewLink({ cookieStore }),
HttpLinkCreator({
kvAuth0,
uri,
fetch,
apolloBatching: appConfig?.apolloBatching ?? true,
Expand Down

0 comments on commit 33fb71f

Please sign in to comment.