Add API key auth

https://feedback.yaak.app/p/header-as-auth-option

Author: gschier

package.json

@@ -10,6 +10,7 @@
     "packages/plugin-runtime",
     "packages/plugin-runtime-types",
     "packages/common-lib",
+    "plugins/auth-apikey",
     "plugins/auth-basic",
     "plugins/auth-bearer",
     "plugins/auth-jwt",

packages/plugin-runtime-types/src/bindings/gen_events.ts

@@ -21,7 +21,12 @@ export type CallHttpAuthenticationResponse = {
  * HTTP headers to add to the request. Existing headers will be replaced, while
  * new headers will be added.
  */
-setHeaders: Array<HttpHeader>, };
+setHeaders?: Array<HttpHeader>, 
+/**
+ * Query parameters to add to the request. Existing params will be replaced, while
+ * new params will be added.
+ */
+setQueryParameters?: Array<HttpHeader>, };
 
 export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
 

packages/plugin-runtime/src/PluginInstance.ts

@@ -253,12 +253,11 @@ export class PluginInstance {
         const auth = this.#mod.authentication;
         if (typeof auth?.onApply === 'function') {
           applyFormInputDefaults(auth.args, payload.values);
-          const result = await auth.onApply(ctx, payload);
           this.#sendPayload(
             windowContext,
             {
               type: 'call_http_authentication_response',
-              setHeaders: result.setHeaders,
+              ...(await auth.onApply(ctx, payload)),
             },
             replyId,
           );
@@ -579,7 +578,7 @@ export class PluginInstance {
             event.windowContext,
             payload,
           );
-          return result.data;
+          return result.data as any;
         },
       },
       store: {

plugins/auth-apikey/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "@yaak/auth-apikey",
+  "displayName": "API Key Authentication",
+  "description": "Authenticate requests using an API key",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-apikey"
+  },
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
+  }
+}

plugins/auth-apikey/src/index.ts

@@ -0,0 +1,53 @@
+import type { PluginDefinition } from '@yaakapp/api';
+
+export const plugin: PluginDefinition = {
+  authentication: {
+    name: 'apikey',
+    label: 'API Key',
+    shortLabel: 'API Key',
+    args: [
+      {
+        type: 'select',
+        name: 'location',
+        label: 'Behavior',
+        defaultValue: 'header',
+        options: [
+          { label: 'Insert Header', value: 'header' },
+          { label: 'Append Query Parameter', value: 'query' },
+        ],
+      },
+      {
+        type: 'text',
+        name: 'key',
+        label: 'Key',
+        dynamic: (_ctx, { values }) => {
+          return values.location === 'query' ? {
+            label: 'Parameter Name',
+            description: 'The name of the query parameter to add to the request',
+          } : {
+            label: 'Header Name',
+            description: 'The name of the header to add to the request',
+          };
+        },
+      },
+      {
+        type: 'text',
+        name: 'value',
+        label: 'API Key',
+        optional: true,
+        password: true,
+      },
+    ],
+    async onApply(_ctx, { values }) {
+      const key = String(values.key ?? '');
+      const value = String(values.value ?? '');
+      const location = String(values.location);
+
+      if (location === 'query') {
+        return { setQueryParameters: [{ name: key, value }] };
+      } else {
+        return { setHeaders: [{ name: key, value }] };
+      }
+    },
+  },
+};

plugins/auth-apikey/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

src-tauri/src/grpc.rs

@@ -69,7 +69,7 @@ pub(crate) async fn build_metadata<R: Runtime>(
             let auth = request.authentication.clone();
             let plugin_req = CallHttpAuthenticationRequest {
                 context_id: format!("{:x}", md5::compute(authentication_context_id)),
-                values: serde_json::from_value(serde_json::to_value(&auth).unwrap()).unwrap(),
+                values: serde_json::from_value(serde_json::to_value(&auth)?)?,
                 method: "POST".to_string(),
                 url: request.url.clone(),
                 headers: metadata
@@ -83,7 +83,7 @@ pub(crate) async fn build_metadata<R: Runtime>(
             let plugin_result = plugin_manager
                 .call_http_authentication(&window, &authentication_type, plugin_req)
                 .await?;
-            for header in plugin_result.set_headers {
+            for header in plugin_result.set_headers.unwrap_or_default() {
                 metadata.insert(header.name, header.value);
             }
         }

src-tauri/src/http_request.rs

@@ -452,10 +452,7 @@ pub async fn send_http_request<R: Runtime>(
         Some(authentication_type) => {
             let req = CallHttpAuthenticationRequest {
                 context_id: format!("{:x}", md5::compute(auth_context_id)),
-                values: serde_json::from_value(
-                    serde_json::to_value(&request.authentication).unwrap(),
-                )
-                .unwrap(),
+                values: serde_json::from_value(serde_json::to_value(&request.authentication)?)?,
                 url: sendable_req.url().to_string(),
                 method: sendable_req.method().to_string(),
                 headers: sendable_req
@@ -482,11 +479,19 @@ pub async fn send_http_request<R: Runtime>(
             };
 
             let headers = sendable_req.headers_mut();
-            for header in plugin_result.set_headers {
-                headers.insert(
-                    HeaderName::from_str(&header.name).unwrap(),
-                    HeaderValue::from_str(&header.value).unwrap(),
-                );
+            for header in plugin_result.set_headers.unwrap_or_default() {
+                match (HeaderName::from_str(&header.name), HeaderValue::from_str(&header.value)) {
+                    (Ok(name), Ok(value)) => {
+                        headers.insert(name, value);
+                    }
+                    _ => continue,
+                };
+            }
+
+            let mut query_pairs = sendable_req.url_mut().query_pairs_mut();
+            for p in plugin_result.set_query_parameters.unwrap_or_default() {
+                println!("Adding query parameter: {:?}", p);
+                query_pairs.append_pair(&p.name, &p.value);
             }
         }
     }

src-tauri/yaak-plugins/bindings/gen_events.ts

@@ -21,7 +21,12 @@ export type CallHttpAuthenticationResponse = {
  * HTTP headers to add to the request. Existing headers will be replaced, while
  * new headers will be added.
  */
-setHeaders: Array<HttpHeader>, };
+setHeaders?: Array<HttpHeader>, 
+/**
+ * Query parameters to add to the request. Existing params will be replaced, while
+ * new params will be added.
+ */
+setQueryParameters?: Array<HttpHeader>, };
 
 export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
 

src-tauri/yaak-plugins/src/events.rs

@@ -649,7 +649,13 @@ pub enum JsonPrimitive {
 pub struct CallHttpAuthenticationResponse {
     /// HTTP headers to add to the request. Existing headers will be replaced, while
     /// new headers will be added.
-    pub set_headers: Vec<HttpHeader>,
+    #[ts(optional)]
+    pub set_headers: Option<Vec<HttpHeader>>,
+
+    /// Query parameters to add to the request. Existing params will be replaced, while
+    /// new params will be added.
+    #[ts(optional)]
+    pub set_query_parameters: Option<Vec<HttpHeader>>,
 }
 
 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]