fix: correct code / type in getTokens call #330
Conversation
☁️ Nx Cloud ReportCI is running/has finished running commands for commit 41f28fe. As they complete they will appear below. Click to see the status, the terminal output, and the build insights. 📂 See all runs for this branch ✅ Successfully ran 5 targetsSent with 💌 from NxCloud. |
|
Your preview environment pr-330-ryanbas21 has been deployed. Preview environment endpoints are available at: |
ryanbas21
force-pushed
the
sdk-fix-token-type
branch
from
3e3c2e2 to
3f84475
Compare
| branches: | ||
| - develop | ||
| - master | ||
| workflow_dispatch: |
There was a problem hiding this comment.
allows this to be run wihtout a pr (mostly for me sanity checking or re reunning things or if we want to cut a release without a pr)
There was a problem hiding this comment.
I had a look at the file separately as it looked odd - l shouldn't the workflow_dispatch key have a value, or some child keys indented below it? At first glance I assumed env: was a child of this but now seeing it without this review block in the way I don't quite understand how this is valid.
There was a problem hiding this comment.
So we don't really pass any inputs into this workflow, so i don't think we need anything. Truthfully im not entirely sure we need this to begin with, i was adding it as a way of running CI without needing a PR up. so if you just need to sanity check things or something odd fails and you want to re run the branch
| - uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
| ssh-key: ${{ secrets.SSH_PUBLIC_KEY }} |
There was a problem hiding this comment.
authenticate clone the repo
| node-version: '16.x' | ||
| scope: '@forgerock' | ||
| - name: Import GPG | ||
| uses: crazy-max/ghaction-import-gpg@v5.2.0 |
There was a problem hiding this comment.
sign the commits. its locked to v5.2.0 as per our old discussion
| - name: Import GPG | ||
| uses: crazy-max/ghaction-import-gpg@v5.2.0 | ||
| with: | ||
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} |
There was a problem hiding this comment.
this is my gpg private key
| "ts-node": "10.9.1", | ||
| "typedoc": "^0.17.7", | ||
| "typescript": "4.8.4", | ||
| "typescript": "4.9.5", |
There was a problem hiding this comment.
satisfies operator and newer ts stuff
There was a problem hiding this comment.
Just wondering we have something for this project like dependabot that we use (whether manual or automated), to identify which of these dependencies need updating and when?
There was a problem hiding this comment.
we have dependabot but not configured or setup really like i did in the other repo
| */ | ||
| const verifier = PKCE.createVerifier(); | ||
| const state = PKCE.createState(); | ||
| const { forceRenew, login, query, ...config } = options; |
There was a problem hiding this comment.
unsure if theres a better way to remove the lint warnings on unused variables but this felt like the cleanest option.
There was a problem hiding this comment.
Ok, think I understand this now after reading through for a little bit. Not sure how we can remove the lint warnings but will have a think. What you're doing makes sense though.
There was a problem hiding this comment.
I think we need to pass query into the authorizeUrlOrptions as well, yeah? It's used here: https://github.com/ForgeRock/forgerock-javascript-sdk/blob/develop/packages/javascript-sdk/src/oauth2-client/index.ts#L53.
There was a problem hiding this comment.
Yes I think you're right, good spot. Yeah it looks like GetTokensOptions defines query on top of ConfigOptions.
There was a problem hiding this comment.
I quickly pulled the code down and ran an e2e test which passes a query parameter into the authorize URL options, and I can confirm that I got a failure on authn-central-login which seems to be caused by the fact that the query param for ACR values is ignored / not added to the request. So I agree with Justin, we need to also pass query into authorizeUrlOptions here.
the options call is a GetTokens but the options we spread in should only be a ConfigOptions. so we can remove the types from the call that are not config options and pass them into authorization url creation
ryanbas21
force-pushed
the
sdk-fix-token-type
branch
from
3f84475 to
abd3e66
Compare
daveadams56
left a comment
daveadams56
left a comment
There was a problem hiding this comment.
Initial look - seems good, I had to think a bit to understand what we are doing here but it makes sense to me now. I'll have a quick think about linting warnings if I get a chance.
| */ | ||
| const verifier = PKCE.createVerifier(); | ||
| const state = PKCE.createState(); | ||
| const { forceRenew, login, query, ...config } = options; |
There was a problem hiding this comment.
Ok, think I understand this now after reading through for a little bit. Not sure how we can remove the lint warnings but will have a think. What you're doing makes sense though.
daveadams56
left a comment
daveadams56
left a comment
There was a problem hiding this comment.
Another pass through this - on the CI side just a quick question about what we're adding to project.json, for my understanding. I also pulled down the code and ran a test that I thought would exercise the options change and test Justin's assertion that we need to pass query in as well. From my perspective we need to add query to the authorizeUrlOptions before this can be merged. Once this is done, I'm happy with this.
| "remote": "origin", | ||
| "push": true, | ||
| "postTargets": ["javascript-sdk:deploy:beta"], | ||
| "postTargets": ["javascript-sdk:deploy:beta", "javascript-sdk:github:beta"], |
There was a problem hiding this comment.
Are you able to explain what we're adding here, with javascript-sdk:github:beta and javascript-sdk:github? It's not obvious to me and would like to know more. Thanks.
There was a problem hiding this comment.
its a post target, so after this runs, it will run that nx target.
| */ | ||
| const verifier = PKCE.createVerifier(); | ||
| const state = PKCE.createState(); | ||
| const { forceRenew, login, query, ...config } = options; |
There was a problem hiding this comment.
I quickly pulled the code down and ran an e2e test which passes a query parameter into the authorize URL options, and I can confirm that I got a failure on authn-central-login which seems to be caused by the fact that the query param for ACR values is ignored / not added to the request. So I agree with Justin, we need to also pass query into authorizeUrlOptions here.
fix query removal from the token index authorize-url
JIRA Ticket
https://bugster.forgerock.org/jira/browse/SDKS-2375
Description
the options call is a GetTokens but the options we spread in should only be a ConfigOptions. so we can remove the types from the call that are not config options and pass them into authorization url creation
Type of Change
Please Delete options that are not relevant
How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
Definition of Done
Check all that apply
Documentation