@openstax/ts-utils 1.1.4 → 1.1.6

package/dist/services/apiGateway/index.d.ts

@@ -46,7 +46,7 @@ interface MakeApiGateway<F> {
     <Ru>(config: ConfigProviderForConfig<{
         apiBase: string;
     }>, routes: MapRoutesToConfig<Ru>, authProvider?: {
-        getAuthorizedFetchConfig: () => ConfigForFetch<F>;
+        getAuthorizedFetchConfig: () => Promise<ConfigForFetch<F>>;
     }): MapRoutesToClient<Ru>;
 }
 export declare const createApiGateway: <F extends GenericFetch<import("../../fetch").FetchConfig, Response>>(initializer: {

package/dist/services/apiGateway/index.js

@@ -53,7 +53,7 @@ const makeRouteClient = (initializer, config, route, authProvider) => {
     const routeClient = async ({ params, payload, query, fetchConfig }) => {
         const url = await renderUrl({ params, query });
         const body = payload ? JSON.stringify(payload) : undefined;
-        const baseOptions = (0, __1.merge)((authProvider === null || authProvider === void 0 ? void 0 : authProvider.getAuthorizedFetchConfig()) || {}, fetchConfig || {});
+        const baseOptions = (0, __1.merge)((await (authProvider === null || authProvider === void 0 ? void 0 : authProvider.getAuthorizedFetchConfig())) || {}, fetchConfig || {});
         return initializer.fetch(url, (0, __1.merge)(baseOptions, {
             method: route.method,
             body,

package/dist/services/authProvider/browser.d.ts

@@ -47,20 +47,14 @@ export declare const browserAuthProvider: <C extends string = "auth">({ window,
     /**
      * gets an authorized url for an iframe src. sets params on the url and saves its
      * origin to trust releasing user identity to it
-     *
-     * result unreliable unless `getUser` is resolved first.
      */
     getAuthorizedEmbedUrl: (urlString: string) => string;
     /**
      * gets second argument for `fetch` that has authentication token or cookie
-     *
-     * result unreliable unless `getUser` is resolved first.
      */
-    getAuthorizedFetchConfig: () => FetchConfig;
+    getAuthorizedFetchConfig: () => Promise<FetchConfig>;
     /**
      * loads current user identity. does not reflect changes in identity after being called the first time.
-     *
-     * result unreliable unless `getUser` is resolved first.
      */
     getUser: () => Promise<User | undefined>;
 };

package/dist/services/authProvider/browser.js

@@ -25,8 +25,8 @@ const browserAuthProvider = ({ window, configSpace }) => (configProvider) => {
     };
     window.addEventListener('message', event => {
         if (event.data.type === PostMessageTypes.RequestUser && trustedEmbeds.has(event.origin)) {
-            getUser().then(() => {
-                event.source.postMessage({ type: PostMessageTypes.ReceiveUser, userData }, event.origin);
+            getUserData().then(data => {
+                event.source.postMessage({ type: PostMessageTypes.ReceiveUser, userData: data }, event.origin);
             });
         }
     });
@@ -53,10 +53,16 @@ const browserAuthProvider = ({ window, configSpace }) => (configProvider) => {
     // *note* that this does not actually prevent cookies from being sent on same-origin
     // requests, i'm not sure if its possible to stop browsers from sending cookies in
     // that case
-    const getAuthorizedFetchConfig = () => userData.token ? {
-        headers: { Authorization: `Bearer ${userData.token}` },
-    } : {
-        credentials: 'include',
+    const getAuthorizedFetchConfigFromData = (data) => {
+        const { token } = data;
+        return token ? {
+            headers: { Authorization: `Bearer ${token}` },
+        } : {
+            credentials: 'include',
+        };
+    };
+    const getAuthorizedFetchConfig = async () => {
+        return getAuthorizedFetchConfigFromData(userData.token ? userData : await getUserData());
     };
     /*
      * requests user identity from parent window via postMessage
@@ -83,16 +89,19 @@ const browserAuthProvider = ({ window, configSpace }) => (configProvider) => {
      * requests user identity from accounts api using given token or cookie
      */
     const getFetchUser = async () => {
-        return await window.fetch((await accountsUrl).replace(/\/+$/, '') + '/accounts/api/user', getAuthorizedFetchConfig())
+        return await window.fetch((await accountsUrl).replace(/\/+$/, '') + '/accounts/api/user', getAuthorizedFetchConfigFromData(userData))
             .then(response => response.status === 200 ? response.json() : undefined)
             .then(user => ({ ...userData, user }));
     };
-    const getUser = (0, __1.once)(async () => {
+    const getUserData = (0, __1.once)(async () => {
         userData = authQuery === embeddedQueryValue
             ? await getParentWindowUser()
             : await getFetchUser();
-        return userData.user;
+        return userData;
     });
+    const getUser = async () => {
+        return (await getUserData()).user;
+    };
     return {
         /**
          * adds auth parameters to the url. this is only safe to use when using javascript to navigate
@@ -111,20 +120,14 @@ const browserAuthProvider = ({ window, configSpace }) => (configProvider) => {
         /**
          * gets an authorized url for an iframe src. sets params on the url and saves its
          * origin to trust releasing user identity to it
-         *
-         * result unreliable unless `getUser` is resolved first.
          */
         getAuthorizedEmbedUrl,
         /**
          * gets second argument for `fetch` that has authentication token or cookie
-         *
-         * result unreliable unless `getUser` is resolved first.
          */
         getAuthorizedFetchConfig,
         /**
          * loads current user identity. does not reflect changes in identity after being called the first time.
-         *
-         * result unreliable unless `getUser` is resolved first.
          */
         getUser
     };

package/dist/services/authProvider/decryption.js

@@ -25,8 +25,15 @@ const decryptionAuthProvider = (initializer) => (configProvider) => {
     };
     return (request) => {
         let user;
+        const getAuthorizedFetchConfig = async () => {
+            const [token, headers] = (0, _1.getAuthTokenOrCookie)(request, await cookieName);
+            if (!token) {
+                return {};
+            }
+            return { headers };
+        };
         const loadUser = async () => {
-            const token = (0, _1.getAuthTokenOrCookie)(request, await cookieName);
+            const [token] = (0, _1.getAuthTokenOrCookie)(request, await cookieName);
             if (!token) {
                 return undefined;
             }
@@ -44,6 +51,7 @@ const decryptionAuthProvider = (initializer) => (configProvider) => {
             return jwt.sub;
         };
         return {
+            getAuthorizedFetchConfig,
             getUser: async () => {
                 if (!user) {
                     user = await loadUser();

package/dist/services/authProvider/index.d.ts

@@ -1,3 +1,4 @@
+import { FetchConfig } from '../../fetch';
 import { HttpHeaders } from '../../routing';
 export interface User {
     name: string;
@@ -17,6 +18,10 @@ export interface User {
 }
 export declare type AuthProvider = {
     getUser: () => Promise<User | undefined>;
+    /**
+     * gets second argument for `fetch` that has authentication token or cookie
+     */
+    getAuthorizedFetchConfig: () => Promise<FetchConfig>;
 };
 export declare type CookieAuthProviderRequest = {
     headers: HttpHeaders;
@@ -24,14 +29,9 @@ export declare type CookieAuthProviderRequest = {
 };
 export declare type CookieAuthProvider = (request: CookieAuthProviderRequest) => AuthProvider;
 export declare type StubAuthProvider = (user: User | undefined) => AuthProvider;
-export declare const stubAuthProvider: (user?: User | undefined) => {
-    getUser: () => Promise<User | undefined>;
-    getAuthorizedFetchConfig: () => {
-        headers: {
-            Authorization: string;
-        };
-    } | {
-        headers?: undefined;
-    };
-};
-export declare const getAuthTokenOrCookie: (request: CookieAuthProviderRequest, cookieName: string) => string;
+export declare const stubAuthProvider: (user?: User | undefined) => AuthProvider;
+export declare const getAuthTokenOrCookie: (request: CookieAuthProviderRequest, cookieName: string) => [string, {
+    Authorization: string;
+}] | [string, {
+    cookie: string;
+}];

package/dist/services/authProvider/index.js

@@ -5,13 +5,19 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getAuthTokenOrCookie = exports.stubAuthProvider = void 0;
 const cookie_1 = __importDefault(require("cookie"));
+const __1 = require("../..");
 const routing_1 = require("../../routing");
-const stubAuthProvider = (user) => ({ getUser: () => Promise.resolve(user), getAuthorizedFetchConfig: () => (user ? { headers: { Authorization: user.uuid } } : {}) });
+const stubAuthProvider = (user) => ({
+    getUser: () => Promise.resolve(user),
+    getAuthorizedFetchConfig: () => Promise.resolve(user ? { headers: { Authorization: user.uuid } } : {})
+});
 exports.stubAuthProvider = stubAuthProvider;
 const getAuthTokenOrCookie = (request, cookieName) => {
     var _a;
     const authHeader = (0, routing_1.getHeader)(request.headers, 'authorization');
-    return authHeader && authHeader.length >= 8 && authHeader.startsWith('Bearer ') ?
-        authHeader.slice(7) : cookie_1.default.parse(((_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) || '')[cookieName];
+    const cookieValue = cookie_1.default.parse(((_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) || '')[cookieName];
+    return authHeader && authHeader.length >= 8 && authHeader.startsWith('Bearer ')
+        ? (0, __1.tuple)(authHeader.slice(7), { Authorization: authHeader })
+        : (0, __1.tuple)(cookieValue, { cookie: cookie_1.default.serialize(cookieName, cookieValue) });
 };
 exports.getAuthTokenOrCookie = getAuthTokenOrCookie;

package/dist/services/authProvider/subrequest.js

@@ -1,10 +1,6 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.subrequestAuthProvider = void 0;
-const cookie_1 = __importDefault(require("cookie"));
 const config_1 = require("../../config");
 const guards_1 = require("../../guards");
 const _1 = require(".");
@@ -14,19 +10,23 @@ const subrequestAuthProvider = (initializer) => (configProvider) => {
     const accountsUrl = (0, config_1.resolveConfigValue)(config.accountsUrl);
     return (request) => {
         let user;
+        const getAuthorizedFetchConfig = async () => {
+            const [token, headers] = (0, _1.getAuthTokenOrCookie)(request, await cookieName);
+            if (!token) {
+                return {};
+            }
+            return { headers };
+        };
         const loadUser = async () => {
-            const token = (0, _1.getAuthTokenOrCookie)(request, await cookieName);
+            const [token, headers] = (0, _1.getAuthTokenOrCookie)(request, await cookieName);
             if (!token) {
                 return undefined;
             }
-            return initializer.fetch(await accountsUrl, {
-                headers: {
-                    cookie: cookie_1.default.serialize(await cookieName, token)
-                }
-            })
+            return initializer.fetch(await accountsUrl, { headers })
                 .then(response => response.json());
         };
         return {
+            getAuthorizedFetchConfig,
             getUser: async () => {
                 if (!user) {
                     user = await loadUser();