npm - @adobe/spacecat-shared-http-utils - Versions diffs - 1.13.1 → 1.13.2 - Mend

@adobe/spacecat-shared-http-utils 1.13.1 → 1.13.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md +7 -0
package/package.json +1 -1
package/src/auth/handlers/jwt.js +2 -1
package/src/index.js +1 -2
package/src/auth/handlers/cookie-auth.js +0 -88

package/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,10 @@
+# [@adobe/spacecat-shared-http-utils-v1.13.2](https://github.com/adobe/spacecat-shared/compare/@adobe/spacecat-shared-http-utils-v1.13.1...@adobe/spacecat-shared-http-utils-v1.13.2) (2025-05-21)
+### Bug Fixes
+* merge cookie auth logic with jwt handler ([#751](https://github.com/adobe/spacecat-shared/issues/751)) ([407273b](https://github.com/adobe/spacecat-shared/commit/407273b4e2a2dafe4839ee3e22969f1f648878e8))
 # [@adobe/spacecat-shared-http-utils-v1.13.1](https://github.com/adobe/spacecat-shared/compare/@adobe/spacecat-shared-http-utils-v1.13.0...@adobe/spacecat-shared-http-utils-v1.13.1) (2025-05-20)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@adobe/spacecat-shared-http-utils",
-  "version": "1.13.1",
+  "version": "1.13.2",
   "description": "Shared modules of the Spacecat Services - HTTP Utils",
   "type": "module",
   "engines": {

package/src/auth/handlers/jwt.js CHANGED Viewed

@@ -16,6 +16,7 @@ import { importSPKI, jwtVerify } from 'jose';
 import AbstractHandler from './abstract.js';
 import AuthInfo from '../auth-info.js';
 import { getBearerToken } from './utils/bearer.js';
+import { getCookieValue } from './utils/cookie.js';
 const ALGORITHM_ES256 = 'ES256';
 export const ISSUER = 'https://spacecat.experiencecloud.live';
@@ -59,7 +60,7 @@ export default class JwtHandler extends AbstractHandler {
     try {
       await this.#setup(context);
-      const token = getBearerToken(context);
+      const token = getBearerToken(context) ?? getCookieValue(context, 'sessionToken');
       if (!hasText(token)) {
         this.log('No bearer token provided', 'debug');

package/src/index.js CHANGED Viewed

@@ -16,7 +16,6 @@ import LegacyApiKeyHandler from './auth/handlers/legacy-api-key.js';
 import AdobeImsHandler from './auth/handlers/ims.js';
 import ScopedApiKeyHandler from './auth/handlers/scoped-api-key.js';
 import JwtHandler from './auth/handlers/jwt.js';
-import CookieAuthHandler from './auth/handlers/cookie-auth.js';
 const HEADER_CONTENT_TYPE = 'content-type';
 const HEADER_ERROR = 'x-error';
@@ -113,5 +112,5 @@ export { enrichPathInfo } from './enrich-path-info-wrapper.js';
 export { hashWithSHA256 } from './auth/generate-hash.js';
 export {
-  AdobeImsHandler, CookieAuthHandler, ScopedApiKeyHandler, LegacyApiKeyHandler, JwtHandler,
+  AdobeImsHandler, ScopedApiKeyHandler, LegacyApiKeyHandler, JwtHandler,
 };

package/src/auth/handlers/cookie-auth.js DELETED Viewed

@@ -1,88 +0,0 @@
-/*
- * Copyright 2025 Adobe. All rights reserved.
- * This file is licensed to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License. You may obtain a copy
- * of the License at http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under
- * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
- * OF ANY KIND, either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-import { hasText } from '@adobe/spacecat-shared-utils';
-import { importSPKI, jwtVerify } from 'jose';
-import AbstractHandler from './abstract.js';
-import AuthInfo from '../auth-info.js';
-import { getCookieValue } from './utils/cookie.js';
-const ALGORITHM_ES256 = 'ES256';
-export const ISSUER = 'https://spacecat.experiencecloud.live';
-export default class CookieAuthHandler extends AbstractHandler {
-  constructor(log) {
-    super('cookieAuth', log);
-  }
-  async #setup(context) {
-    const authPublicKeyB64 = context.env?.AUTH_PUBLIC_KEY_B64;
-    if (!hasText(authPublicKeyB64)) {
-      throw new Error('No public key provided');
-    }
-    const authPublicKey = Buffer.from(authPublicKeyB64, 'base64').toString('utf-8');
-    this.authPublicKey = await importSPKI(authPublicKey, ALGORITHM_ES256);
-  }
-  async #validateToken(token) {
-    const verifiedToken = await jwtVerify(
-      token,
-      this.authPublicKey,
-      {
-        algorithms: [ALGORITHM_ES256], // force expected algorithm
-        clockTolerance: 5, // number of seconds to tolerate when checking the nbf and exp claims
-        complete: false, // only return the payload and not headers etc.
-        ignoreExpiration: false, // validate expiration
-        issuer: ISSUER, // validate issuer
-      },
-    );
-    verifiedToken.payload.tenants = verifiedToken.payload.tenants || [];
-    return verifiedToken.payload;
-  }
-  async checkAuth(request, context) {
-    try {
-      await this.#setup(context);
-      const sessionToken = getCookieValue(context, 'sessionToken');
-      if (!hasText(sessionToken)) {
-        this.log('No session token provided', 'debug');
-        return null;
-      }
-      const payload = await this.#validateToken(sessionToken);
-      const scopes = payload.is_admin ? [{ name: 'admin' }] : [];
-      scopes.push(...payload.tenants.map(
-        (tenant) => ({ name: 'user', domains: [tenant.id], subScopes: tenant.subServices }),
-      ));
-      return new AuthInfo()
-        .withType(this.name)
-        .withAuthenticated(true)
-        .withProfile(payload)
-        .withScopes(scopes);
-    } catch (e) {
-      this.log(`Failed to validate token: ${e.message}`, 'error');
-    }
-    return null;
-  }
-}