Skip to content

accept fusionfeed jwts #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ccbrown merged 1 commit into from
Jul 16, 2024
Merged

accept fusionfeed jwts #34

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions components/GraphQLExplorerPage/index.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,15 +53,16 @@ export const GraphQLExplorerPage = ({ source: { frontmatter } }: Props) => {
const url = publicRuntimeConfig.fusionFeedUrl + '/v2/graphql';
const subscriptionUrl = publicRuntimeConfig.fusionFeedUrl + '/v2/graphql-ws';
const token = cookie.get('fftoken');
const tokenType = token?.includes('.') ? 'Bearer' : 'token';
Copy link

@ashukur ashukur Jul 16, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

assuming checking for "." here works because we are joining two strings with that as the separator ?

Copy link
Contributor Author

@ccbrown ccbrown Jul 16, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JWTs are always in HEADER.PAYLOAD.SIGNATURE format. And our API keys never have dots. So if it has at least one dot, it's a JWT.

setFetcher(() =>
createGraphiQLFetcher({
headers: {
Authorization: `token ${token}`,
Authorization: `${tokenType} ${token}`,
},
subscriptionUrl,
url,
wsConnectionParams: {
Authorization: `token ${token}`,
Authorization: `${tokenType} ${token}`,
},
}),
);
Expand Down
26 changes: 17 additions & 9 deletions components/RESTExplorerPage/index.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,15 @@ const getToken = () =>
.find((row) => row.startsWith('fftoken='))
?.split('=')[1];

const getAuthorization = () => {
const token = getToken();
if (!token) {
return '';
}
const tokenType = token.includes('.') ? 'Bearer' : 'token';
return `${tokenType} ${token}`;
};

const specUrl = `${publicRuntimeConfig.fusionFeedUrl}/v2/openapi.json`;

export const RESTExplorerPage = (props: Props) => {
Expand All @@ -32,10 +41,9 @@ export const RESTExplorerPage = (props: Props) => {
<button
className={styles['swagger__button']}
onClick={() => {
const token = getToken();
fetch(specUrl, {
headers: {
authorization: `token ${token}`,
authorization: getAuthorization(),
},
})
.then((res) => res.blob())
Expand Down Expand Up @@ -67,17 +75,17 @@ export const RESTExplorerPage = (props: Props) => {
<div className={styles.wrapper}>
<SwaggerUI
onComplete={(sys) => {
const token = getToken();
if (token) {
sys.preauthorizeApiKey('api_key', `token ${token}`);
sys.preauthorizeApiKey('ApiKeyAuth', `token ${token}`);
const auth = getAuthorization();
if (auth) {
sys.preauthorizeApiKey('api_key', auth);
sys.preauthorizeApiKey('ApiKeyAuth', auth);
}
}}
plugins={[SpecDownloadPlugin]}
requestInterceptor={(req) => {
const token = getToken();
if (token && req.url.endsWith('/v2/openapi.json')) {
req.headers['authorization'] = `token ${token}`;
const auth = getAuthorization();
if (auth && req.url.endsWith('/v2/openapi.json')) {
req.headers['authorization'] = auth;
}
return req;
}}
Expand Down
2 changes: 1 addition & 1 deletion lib/fusionfeed.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ export async function validateFusionFeedToken(token: string): Promise<boolean> {
method: 'POST',
headers: {
'Content-Type': 'application/graphql',
Authorization: 'token ' + token,
Authorization: (token.includes('.') ? 'Bearer ' : 'token ') + token,
},
body: '{__typename}',
});
Expand Down