use POST jwt endpoint to send org info

projects/js-upload-api/src/AbstractClient.ts

@@ -74,7 +74,7 @@ export abstract class AbstractClient {
         console.debug('post', {uri, payload});
         const headers = await this.getSecureHeaders(baseHeaders);
         console.debug('post', {headers});
-        const response = await this.postToApi(uri, payload, headers);
+        const response = await (await this.postToApi(uri, payload, headers)).json();
         console.debug('post response', {uri, payload, response});
         return response;
     }
@@ -92,7 +92,7 @@ export abstract class AbstractClient {
             headers,
         });
         console.debug('getToApi', {url, headers});
-        return await response.json();
+        return response;
     }
 
     protected async postToApi(url: string, data: any, headers: any, baseUrl?: string) {
@@ -107,7 +107,7 @@ export abstract class AbstractClient {
                 : JSON.stringify(data),
         })
         console.debug('postToApi', {url, data, headers, response});
-        return await response.json();
+        return response;
     }
 
     protected getBaseHeaders() {

projects/js-upload-api/src/Client.ts

@@ -165,15 +165,16 @@ export class Client extends AbstractClient {
 
         console.debug('getAuthToken', {username: this.username, _password: this._password, host: this.host});
 
-        const response = await this.postToApi(
+        let response = await this.postToApi(
             AUTH_API_ENDPOINT,
             {
                 username: this.username,
                 password: this._password,
                 ...(this.org ? {org_name: this.org} : {}),
             },
             this.getBaseHeaders(),
-        )
+        );
+        response = await response.json();
 
         const tok : string = response.token;
         this._token = tok;
@@ -201,7 +202,7 @@ export class Client extends AbstractClient {
     public async fetchToken(
         username: string, password: string, org?: string, protocol = 'https', host = 'hub.graphistry.com'
     ): Promise<string> {
-        return (await this.postToApi(
+        let response = await this.postToApi(
             AUTH_API_ENDPOINT,
             {
                 username: username,
@@ -210,6 +211,8 @@ export class Client extends AbstractClient {
             },
             this.getBaseHeaders(),
             `${protocol}://${host}/`
-        )).token;
+        );
+        response = await response.json();
+        return response.token;
     }
 }

projects/js-upload-api/src/ClientPkey.ts

@@ -138,6 +138,10 @@ export class ClientPkey extends AbstractClient {
         return false;
     }
 
+    private getPkeyString(id: string, secret: string) {
+        return `PersonalKey ${id}:${secret}`;
+    }
+
     /**
      * Get the authentication token for the current user.
      * By default, reuses current token if available.
@@ -165,12 +169,29 @@ export class ClientPkey extends AbstractClient {
 
         console.debug('getAuthToken', {personalKeyId: this.personalKeyId, personalKeySecret: this._personalKeySecret, host: this.host});
 
-        const response = await this.getToApi(
+        let response = await this.postToApi(
             AUTH_API_ENDPOINT,
             {
-                "Authorization": `PersonalKey ${this.personalKeyId}:${this._personalKeySecret}`,
+                ...(this.org ? {org_name: this.org} : {}),
             },
-        )
+            {
+                "Authorization": this.getPkeyString(this.personalKeyId, this._personalKeySecret),
+                ...this.getBaseHeaders(),
+            }
+        );
+        // fallback to personal-only GET pkey auth if 405 (Method Not Allowed)
+        if(response.status === 405) {
+            if(this.org) {
+                console.warn('Host does not support org auth via pkey, use username/password auth instead');
+            }
+            response = await this.getToApi(
+                AUTH_API_ENDPOINT,
+                {
+                    "Authorization": this.getPkeyString(this.personalKeyId, this._personalKeySecret),
+                }
+            );
+        }
+        response = await response.json();
 
         const tok : string = response.token;
         this._token = tok;
@@ -196,14 +217,34 @@ export class ClientPkey extends AbstractClient {
      * 
      */
     public async fetchToken(
-        personalKeyId: string, personalKeySecret: string, _org?: string, protocol = 'https', host = 'hub.graphistry.com'
+        personalKeyId: string, personalKeySecret: string, org?: string, protocol = 'https', host = 'hub.graphistry.com'
     ): Promise<string> {
-        return (await this.getToApi(
+        let response = await this.postToApi(
             AUTH_API_ENDPOINT,
             {
-                "Authorization": `PersonalKey ${personalKeyId}:${personalKeySecret}`,
+                ...(org ? {org_name: org} : {}),
+            },
+            {
+                "Authorization": this.getPkeyString(personalKeyId, personalKeySecret),
+                ...this.getBaseHeaders(),
             },
             `${protocol}://${host}/`
-        )).token;
+        );
+        // fallback to personal-only GET pkey auth if 405 (Method Not Allowed)
+        if(response.status === 405) {
+            if(org) {
+                console.warn('Host does not support org auth via pkey, use username/password auth instead');
+            }
+            response = await this.getToApi(
+                AUTH_API_ENDPOINT,
+                {
+                    "Authorization": this.getPkeyString(personalKeyId, personalKeySecret),
+                },
+                `${protocol}://${host}/`
+            );
+        }
+        response = await response.json();
+
+        return response.token;
     }
 }