Problem Creating a User Via API (Setting Token)

[craiglathrop218]

My developer found an issue with the API when he was trying to create a new user. Here is his explanation below:

In the Api.prototype.request function in file plugins/request.js, util._extend method is used like this: util._extend(options, this.httpOptions);
but this only makes shallow copy of an object - meaning that this.httpOptions.headers is copied as a reference and later in the method there are lines that put options.headers['Content-Length'] = params.length;

So that last line actually modifies this.httpOptions.headers
and for later call to Api.prototype.request the previous headers are used

I had a login as a POST which were setting the headers and then I had just after that PUT which did not set the headers but because POST set the headers then PUT got the previous request headers

The fix was to replace util._extend with a function that makes deep copies of the objects and not shallow copies
installed deep-extend module that provided a short path to make deep copies of objects
util._extend(options, this.httpOptions); went to deepExtend(options, this.httpOptions);

[bhovhannes]

@craiglathrop218, if you've already done a fix, can you come back with pull request? I'll be happy to merge it if all tests will pass :)

[craiglathrop218]

We are actually working in TypeScript and have copied the API code into our program rather than using the package. I haven't had a chance to review the code where the fix was implemented yet. Once I have reviewed it I will try to fix it up and provide it as a pull request.

[bhovhannes]

@craiglathrop218, please try workfront-api v2.0.1 and let us know if the issue still exists.