Skip to content

Commit 5cce98d

Browse files
max-kammerermax-kammerer
authored
fix: return client customized error, if present, on auth fail in playground (#8842)
fixes #CORE-1134
1 parent 34dc819 commit 5cce98d

File tree

2 files changed

+46
-2
lines changed

2 files changed

+46
-2
lines changed

packages/cubejs-api-gateway/src/gateway.ts

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2225,10 +2225,15 @@ class ApiGateway {
22252225
if (this.playgroundAuthSecret) {
22262226
const systemCheckAuthFn = this.createCheckAuthSystemFn();
22272227
return async (ctx, authorization) => {
2228+
// TODO: separate two auth workflows
22282229
try {
22292230
await mainCheckAuthFn(ctx, authorization);
2230-
} catch (error) {
2231-
await systemCheckAuthFn(ctx, authorization);
2231+
} catch (mainAuthError) {
2232+
try {
2233+
await systemCheckAuthFn(ctx, authorization);
2234+
} catch (playgroundAuthError) {
2235+
throw mainAuthError;
2236+
}
22322237
}
22332238
};
22342239
}

packages/cubejs-api-gateway/test/auth.test.ts

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -299,6 +299,45 @@ describe('test authorization', () => {
299299
expectSecurityContext(handlerMock.mock.calls[0][0].context.authInfo);
300300
});
301301

302+
test('custom checkAuth with CubejsHandlerError fail in playground', async () => {
303+
const loggerMock = jest.fn(() => {
304+
//
305+
});
306+
307+
const expectSecurityContext = (securityContext) => {
308+
expect(securityContext.uid).toEqual(5);
309+
expect(securityContext.iat).toBeDefined();
310+
expect(securityContext.exp).toBeDefined();
311+
};
312+
313+
const handlerMock = jest.fn((req, res) => {
314+
expectSecurityContext(req.context.securityContext);
315+
expectSecurityContext(req.context.authInfo);
316+
317+
res.status(200).end();
318+
});
319+
320+
const playgroundAuthSecret = 'playgroundSecret';
321+
322+
const token = generateAuthToken({ uid: 5, }, {});
323+
324+
const { app } = createApiGateway(handlerMock, loggerMock, {
325+
playgroundAuthSecret,
326+
checkAuth: async (req: Request, auth?: string) => {
327+
throw new CubejsHandlerError(409, 'Error', 'Custom error');
328+
}
329+
});
330+
331+
const res = await request(app)
332+
.get('/test-auth-fake')
333+
.set('Authorization', `Authorization: ${token}`)
334+
.expect(409);
335+
336+
expect(res.body).toMatchObject({
337+
error: 'Custom error'
338+
});
339+
});
340+
302341
test('custom checkAuth with deprecated authInfo', async () => {
303342
const loggerMock = jest.fn(() => {
304343
//

0 commit comments

Comments
 (0)