Skip to content

Commit

Permalink
fix(hermes,grpc-sdk,authentication): redirect requests not setting co…
Browse files Browse the repository at this point in the history 
…okies, invalid setCookies format (#514)
  • Loading branch information
@kon14
kon14 committed Feb 13, 2023
1 parent 39a29ea commit 453c956
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 16 deletions.
4 changes: 2 additions & 2 deletions libraries/grpc-sdk/src/routing/interfaces/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ export type UnparsedRouterResponse =
| {
result?: Indexable;
redirect?: string;
setCookies: Indexable;
removeCookies: Indexable;
setCookies: Cookies[];
removeCookies: Cookies[];
}
| Indexable
| string;
Expand Down
25 changes: 13 additions & 12 deletions libraries/hermes/src/Rest/Rest.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,17 @@ export class RestController extends ConduitRouter {
}
})
.then((r: any) => {
if (r.setCookies && r.setCookies.length) {
r.setCookies.forEach((cookie: Cookie) => {
if (cookie.options.path === '') delete cookie.options.path;
res.cookie(cookie.name, cookie.value, cookie.options);
});
}
if (r.removeCookies && r.removeCookies.length) {
r.removeCookies.forEach((cookie: Cookie) => {
res.clearCookie(cookie.name, cookie.options);
});
}
if (r.redirect) {
res.removeHeader('Authorization');
this._privateHeaders.forEach(h => res.removeHeader(h));
Expand All @@ -207,18 +218,8 @@ export class RestController extends ConduitRouter {
};
}
}
if (r.setCookies && r.setCookies.length) {
r.setCookies.forEach((cookie: Cookie) => {
if (cookie.options.path === '') delete cookie.options.path;
res.cookie(cookie.name, cookie.value, cookie.options);
});
delete result.setCookies;
}
if (r.removeCookies && r.removeCookies.length) {
r.removeCookies.forEach((cookie: Cookie) => {
res.clearCookie(cookie.name, cookie.options);
});
}
delete result.setCookies;
delete result.removeCookies;
if (route.input.action === ConduitRouteActions.GET && caching) {
this.storeInCache(hashKey, result, cacheAge!);
res.setHeader('Cache-Control', `${scope}, max-age=${cacheAge}`);
Expand Down
4 changes: 2 additions & 2 deletions modules/authentication/src/handlers/tokenProvider.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,15 +49,15 @@ export class TokenProvider {
}
return {
redirect: redirectUrlWithParams.toString(),
setCookies: cookies,
setCookies: Object.values(cookies).map(obj => obj),
};
} else {
return {
result: {
accessToken: cookies.accessToken ?? undefined,
refreshToken: cookies.refreshToken ? undefined : refreshToken?.token,
},
setCookies: cookies,
setCookies: Object.values(cookies).map(obj => obj),
};
}
}
Expand Down

0 comments on commit 453c956

Please sign in to comment.