Skip to content

fix: return client customized error, if present, on auth fail in playground #8842

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 22, 2024
Merged

fix: return client customized error, if present, on auth fail in playground #8842

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions packages/cubejs-api-gateway/src/gateway.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2225,10 +2225,15 @@ class ApiGateway {
if (this.playgroundAuthSecret) {
const systemCheckAuthFn = this.createCheckAuthSystemFn();
return async (ctx, authorization) => {
// TODO: separate two auth workflows
try {
await mainCheckAuthFn(ctx, authorization);
} catch (error) {
await systemCheckAuthFn(ctx, authorization);
} catch (mainAuthError) {
try {
await systemCheckAuthFn(ctx, authorization);
} catch (playgroundAuthError) {
throw mainAuthError;
}
}
};
}
Expand Down
39 changes: 39 additions & 0 deletions packages/cubejs-api-gateway/test/auth.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -299,6 +299,45 @@
expectSecurityContext(handlerMock.mock.calls[0][0].context.authInfo);
});

test('custom checkAuth with CubejsHandlerError fail in playground', async () => {
const loggerMock = jest.fn(() => {
//
});

const expectSecurityContext = (securityContext) => {
expect(securityContext.uid).toEqual(5);
expect(securityContext.iat).toBeDefined();
expect(securityContext.exp).toBeDefined();
};

const handlerMock = jest.fn((req, res) => {
expectSecurityContext(req.context.securityContext);
expectSecurityContext(req.context.authInfo);

res.status(200).end();
});

const playgroundAuthSecret = 'playgroundSecret';

const token = generateAuthToken({ uid: 5, }, {});

const { app } = createApiGateway(handlerMock, loggerMock, {
playgroundAuthSecret,
checkAuth: async (req: Request, auth?: string) => {

Check warning on line 326 in packages/cubejs-api-gateway/test/auth.test.ts

View workflow job for this annotation

GitHub Actions / lint 

'req' is defined but never used. Allowed unused args must match /^_.*/u

Check warning on line 326 in packages/cubejs-api-gateway/test/auth.test.ts

View workflow job for this annotation

GitHub Actions / lint 

'auth' is defined but never used. Allowed unused args must match /^_.*/u
throw new CubejsHandlerError(409, 'Error', 'Custom error');
}
});

const res = await request(app)
.get('/test-auth-fake')
.set('Authorization', `Authorization: ${token}`)
.expect(409);

expect(res.body).toMatchObject({
error: 'Custom error'
});
});

test('custom checkAuth with deprecated authInfo', async () => {
const loggerMock = jest.fn(() => {
//
Expand Down
Loading