Implement a new fix from auth-helper in BrowserAuth

Summary: Handle OPTIONS request that is apperently sometimes sent by browsers (https://github.com/memsql/singlestore-auth-helper/pull/10/files) Test Plan: run the new test Reviewers: pmishchenko-ua, ngupta-ctr Reviewed By: pmishchenko-ua Subscribers: engineering-list JIRA Issues: PLAT-6396 Differential Revision: https://grizzly.internal.memcompute.com/D60100
memsql · Dec 5, 2022 · 60f6f28 · 60f6f28
1 parent f85594e
commit 60f6f28
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 2 deletions.
diff --git a/src/main/java/com/singlestore/jdbc/plugin/credential/browser/TokenWaiterServer.java b/src/main/java/com/singlestore/jdbc/plugin/credential/browser/TokenWaiterServer.java
@@ -105,6 +105,15 @@ public RequestHandler(TokenWaiterServer server) {
 
     public void handle(HttpExchange exchange) throws IOException {
       exchange.getResponseHeaders().set("Access-Control-Allow-Origin", "*");
+
+      // Special case for the OPTIONS request. Just return the Allow header with POST.
+      if (exchange.getRequestMethod().equals("OPTIONS")) {
+        exchange.getResponseHeaders().set("Allow", "POST");
+        exchange.sendResponseHeaders(204, -1);
+        exchange.close();
+        return;
+      }
+
       if (!exchange.getRequestMethod().equals("POST")) {
         error(exchange, 400, "POST expected");
         server.setHandleException(

diff --git a/src/test/java/com/singlestore/jdbc/unit/plugin/BrowserAuthTest.java b/src/test/java/com/singlestore/jdbc/unit/plugin/BrowserAuthTest.java
@@ -15,6 +15,7 @@
 import org.apache.http.HttpResponse;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpOptions;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.HttpClients;
@@ -37,11 +38,19 @@ public void TokenWaiterServerTest()
     TokenWaiterServer server = new TokenWaiterServer();
     String path = server.getListenPath();
     HttpClient httpclient = HttpClients.createDefault();
-    HttpPost httppost = new HttpPost(path);
 
+    HttpOptions httpOptions = new HttpOptions(path);
+    HttpResponse response = httpclient.execute(httpOptions);
+    assertEquals(response.getStatusLine().getStatusCode(), 204);
+    assertNull(response.getEntity());
+    assertEquals(response.getFirstHeader("Access-Control-Allow-Origin").getValue(), "*");
+    assertEquals(response.getFirstHeader("Allow").getValue(), "POST");
+
+    httpclient = HttpClients.createDefault();
+    HttpPost httppost = new HttpPost(path);
     StringEntity entity = new StringEntity(jwt);
     httppost.setEntity(entity);
-    HttpResponse response = httpclient.execute(httppost);
+    response = httpclient.execute(httppost);
 
     assertEquals(response.getStatusLine().getStatusCode(), 204);
     assertNull(response.getEntity());