diff --git a/packages/node_modules/@webex/webex-core/src/interceptors/auth.js b/packages/node_modules/@webex/webex-core/src/interceptors/auth.js index 4bcf0109300..3e91efd021c 100644 --- a/packages/node_modules/@webex/webex-core/src/interceptors/auth.js +++ b/packages/node_modules/@webex/webex-core/src/interceptors/auth.js @@ -50,64 +50,59 @@ export default class AuthInterceptor extends Interceptor { } /** - * Determines if the provided options object needs an auth header + * Determines if the provided options object needs an authorization header. + * * @param {Object} options * @returns {Promise} */ requiresCredentials(options) { - if (options.service === 'u2c') { - if (options.resource.includes('limited')) { + // Validate that authorization is necessary. + if (options.addAuthHeader === false) { + return Promise.resolve(false); + } + + // Validate that the services plugin has been loaded before proceeding. + if (!this.webex.internal.services) { + return Promise.resolve(false); + } + + // Destructure webex instance to isolate services plugin. + const {services} = this.webex.internal; + + // Store the current service details if available and destructure details. + const details = services.getServiceFromUrl(options.uri || ''); + const {resource, service, uri} = options; + const {name} = details || {}; + + // Unique validation for the u2c service. + if ((service && service === 'u2c') || (name && name === 'u2c')) { + if ( + (resource && resource.includes('limited')) || + (uri && uri.includes('limited')) + ) { return Promise.resolve(false); } return Promise.resolve(true); } - if (options.uri && (options.uri.includes(this.webex.config.device.preDiscoveryServices.hydra) || - options.uri.includes(this.webex.config.device.preDiscoveryServices.hydraServiceUrl))) { + // Validate that the service exists in the service catalog. + if (details || (service && services.hasService(service))) { return Promise.resolve(true); } - if (!this.webex.internal.device) { - return Promise.resolve(false); + // Validate that the allowed domains can be utilized. + if (!services.validateDomains) { + Promise.resolve(false); } - return this.webex.internal.device.isSpecificService('hydra', options.uri) - .then((isHydra) => { - if (isHydra) { - return true; - } - - if (options.service) { - return this.webex.internal.device.isService(options.service); - } - if (options.uri) { - // If service Url then return or else check if whitelisted - return this.webex.internal.device.isServiceUrl(options.uri) - .then((isServiceUrl) => { - if (isServiceUrl) { - return true; - } - - if (options.addAuthHeader === undefined && this.webex.config.device.validateDomains) { - options.addAuthHeader = true; - } - - // returns true if uri is in whitelistedServiceDomains and is requested - if (options.addAuthHeader) { - const matchingDomains = this.webex.config.device.whitelistedServiceDomains.filter((domain) => options.uri.includes(domain)); - - if (matchingDomains.length) { - return Promise.resolve(true); - } - } - - return false; - }); - } + // Validate that the domain of the uri is allowed. + if (services.hasAllowedDomains() && + (uri && services.isAllowedDomainUrl(uri))) { + return Promise.resolve(true); + } - return false; - }); + return Promise.resolve(false); } /**