fix: cookie support via interceptors

Remove axios-cookiejar-support depdenency.
Add cookie-support.ts for providing interceptors to
interact with tough-cookie.

.secrets.baseline

@@ -3,14 +3,17 @@
     "files": "package-lock.json|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2022-04-04T16:42:23Z",
+  "generated_at": "2022-12-02T15:17:31Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
     },
     {
       "name": "ArtifactoryDetector"
     },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
     {
       "base64_limit": 4.5,
       "name": "Base64HighEntropyString"
@@ -28,6 +31,9 @@
       "ghe_instance": "github.ibm.com",
       "name": "GheDetector"
     },
+    {
+      "name": "GitHubTokenDetector"
+    },
     {
       "hex_limit": 3,
       "name": "HexHighEntropyString"
@@ -48,6 +54,9 @@
     {
       "name": "MailchimpDetector"
     },
+    {
+      "name": "NpmDetector"
+    },
     {
       "name": "PrivateKeyDetector"
     },
@@ -57,6 +66,9 @@
     {
       "name": "SoftlayerDetector"
     },
+    {
+      "name": "SquareOAuthDetector"
+    },
     {
       "name": "StripeDetector"
     },
@@ -534,7 +546,7 @@
       }
     ]
   },
-  "version": "0.13.1+ibm.47.dss",
+  "version": "0.13.1+ibm.55.dss",
   "word_list": {
     "file": null,
     "hash": null

lib/cookie-support.ts

@@ -0,0 +1,75 @@
+/**
+ * (C) Copyright IBM Corp. 2022.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import extend from 'extend';
+import { AxiosRequestConfig, AxiosResponse } from 'axios';
+import { CookieJar } from 'tough-cookie';
+import logger from './logger';
+
+export class CookieInterceptor {
+  private readonly cookieJar: CookieJar;
+
+  constructor(cookieJar: CookieJar | boolean) {
+    if (cookieJar) {
+      if (cookieJar === true) {
+        logger.debug('CookieInterceptor: creating new CookieJar');
+        this.cookieJar = new CookieJar();
+      } else {
+        logger.debug('CookieInterceptor: using supplied CookieJar');
+        this.cookieJar = cookieJar;
+      }
+    } else {
+      throw new Error('Must supply a cookie jar or true.');
+    }
+  }
+
+  public async requestInterceptor(config: AxiosRequestConfig) {
+    logger.debug('CookieInterceptor: intercepting request');
+    if (config && config.url) {
+      logger.debug(`CookieInterceptor: getting cookies for: ${config.url}`);
+      const cookieHeaderValue = await this.cookieJar.getCookieString(config.url);
+      if (cookieHeaderValue) {
+        logger.debug('CookieInterceptor: setting cookie header');
+        const cookieHeader = { cookie: cookieHeaderValue };
+        config.headers = extend(true, {}, config.headers, cookieHeader);
+      } else {
+        logger.debug(`CookieInterceptor: no cookies for: ${config.url}`);
+      }
+    } else {
+      logger.debug('CookieInterceptor: no request URL.');
+    }
+    return config;
+  }
+
+  public async responseInterceptor(response: AxiosResponse) {
+    logger.debug('CookieInterceptor: intercepting response.');
+    if (response && response.headers) {
+      logger.debug('CookieInterceptor: checking for set-cookie headers.');
+      const cookies: string[] = response.headers['set-cookie'];
+      if (cookies) {
+        logger.debug('CookieInterceptor: setting cookies in jar.');
+        cookies.forEach(async (cookie: string) => {
+          await this.cookieJar.setCookie(cookie, response.request.url);
+        });
+      } else {
+        logger.debug('CookieInterceptor: no set-cookie headers.');
+      }
+    } else {
+      logger.debug('CookieInterceptor: no response headers.');
+    }
+    return response;
+  }
+}

lib/request-wrapper.ts

@@ -1,7 +1,7 @@
 /* eslint-disable class-methods-use-this */
 
 /**
- * (C) Copyright IBM Corp. 2014, 2021.
+ * (C) Copyright IBM Corp. 2014, 2022.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,16 +18,13 @@
 
 import axios, { AxiosInstance, AxiosRequestConfig } from 'axios';
 import * as rax from 'retry-axios';
-
-import { wrapper as axiosCookieJarSupport } from 'axios-cookiejar-support';
 import extend from 'extend';
 import FormData from 'form-data';
 import { OutgoingHttpHeaders } from 'http';
 import { Agent } from 'https';
 import isStream from 'isstream';
 import { stringify } from 'querystring';
 import { gzipSync } from 'zlib';
-import { CookieJar } from 'tough-cookie';
 import {
   buildRequestFileObject,
   isEmptyObject,
@@ -37,6 +34,7 @@ import {
 } from './helper';
 import logger from './logger';
 import { streamToPromise } from './stream-to-promise';
+import { CookieInterceptor } from './cookie-support';
 
 /**
  * Retry configuration options.
@@ -103,16 +101,13 @@ export class RequestWrapper {
 
     // if a cookie jar is provided, wrap the axios instance and update defaults
     if (axiosOptions.jar) {
-      axiosCookieJarSupport(this.axiosInstance);
-
-      // axios-cookiejar-support < 2.x accepted a boolean
-      // some SDKs might be using that, so create a default
-      // CookieJar if detecting true.
-      if (axiosOptions.jar === true) {
-        this.axiosInstance.defaults.jar = new CookieJar();
-      } else {
-        this.axiosInstance.defaults.jar = axiosOptions.jar;
-      }
+      const cookieInterceptor = new CookieInterceptor(axiosOptions.jar);
+      this.axiosInstance.interceptors.request.use((config) =>
+        cookieInterceptor.requestInterceptor(config)
+      );
+      this.axiosInstance.interceptors.response.use((response) =>
+        cookieInterceptor.responseInterceptor(response)
+      );
     }
 
     // get retry config properties and conditionally enable retries

package.json

@@ -77,7 +77,6 @@
     "@types/node": "~10.14.19",
     "@types/tough-cookie": "^4.0.0",
     "axios": "1.2.0",
-    "axios-cookiejar-support": "4.0.3",
     "camelcase": "^5.3.1",
     "debug": "^4.1.1",
     "dotenv": "^6.2.0",