Merge pull request #149 from mohamed-cds/feat/toggle_xhr_cookie_credentials

nscuro · web-flow · commit 700b14508057 · 2022-05-27T22:21:55.000+02:00
feat: support xhr cross-site cookie credentials
diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh
@@ -8,6 +8,7 @@ if mount | grep '/static/config.json'; then
 else
   # Apply ENV vars to temporary config.json
   jq '.API_BASE_URL = env.API_BASE_URL
+        | .API_WITH_CREDENTIALS = env.API_WITH_CREDENTIALS 
         | .OIDC_ISSUER = env.OIDC_ISSUER
         | .OIDC_CLIENT_ID = env.OIDC_CLIENT_ID
         | .OIDC_SCOPE = env.OIDC_SCOPE
diff --git a/public/static/config.json b/public/static/config.json
@@ -1,5 +1,6 @@
 {
   "API_BASE_URL": "",
+  "API_WITH_CREDENTIALS": "",
   "OIDC_ISSUER": "",
   "OIDC_CLIENT_ID": "",
   "OIDC_SCOPE": "openid email profile",
diff --git a/src/App.vue b/src/App.vue
@@ -38,6 +38,17 @@
 
       setJwtForAjax(getToken());
 
+      // Send XHR cross-site cookie credentials
+      if (this.$api.WITH_CREDENTIALS){
+        this.axios.interceptors.request.use(
+          function(config) {
+            config.withCredentials = true;
+            return config;
+          }
+        );
+        $.ajaxSettings.xhrFields = { withCredentials: true };
+      }
+
       // debug logging of ajax requests/responses
       if (getUrlVar('debug')) {
         $(document).ajaxComplete((event, xhr) => {
diff --git a/src/main.js b/src/main.js
@@ -44,6 +44,10 @@ axios.get(contextPath + "/static/config.json").then(response => {
   } else {
     Vue.prototype.$api.BASE_URL = contextPath;
   }
+
+  // Send XHR cross-site cookie credentials
+  Vue.prototype.$api.WITH_CREDENTIALS = response.data.API_WITH_CREDENTIALS && response.data.API_WITH_CREDENTIALS.toLowerCase() === "true";
+
   // OpenID Connect
   Vue.prototype.$oidc.ISSUER = response.data.OIDC_ISSUER;
   Vue.prototype.$oidc.CLIENT_ID = response.data.OIDC_CLIENT_ID;
diff --git a/src/shared/api.json b/src/shared/api.json
@@ -9,6 +9,7 @@
   "METHOD_PUT": "PUT",
   "METHOD_DELETE": "DELETE",
   "FORCE_PASSWORD_CHANGE": "FORCE_PASSWORD_CHANGE",
+  "WITH_CREDENTIALS": "",
 
   "BASE_URL": "",
   "URL_ABOUT": "api/version",

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"API_BASE_URL": "",`
	`3`	`+ "API_WITH_CREDENTIALS": "",`
`3`	`4`	`"OIDC_ISSUER": "",`
`4`	`5`	`"OIDC_CLIENT_ID": "",`
`5`	`6`	`"OIDC_SCOPE": "openid email profile",`