Merge pull request #84 from MeasureAuthoringTool/MAT-7204a

MAT-7204: add waf intercept to axios calls
MeasureAuthoringTool · Jul 1, 2024 · 3c1e294 · 3c1e294
2 parents fed3d56 + fd304b8
commit 3c1e294
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 29 deletions.
diff --git a/src/Config/Config.ts b/src/Config/Config.ts
@@ -1,4 +1,5 @@
 import axios from "axios";
+import { wafIntercept } from "../madie-madie-util";
 
 export interface OktaConfig {
   baseUrl: string;
@@ -32,6 +33,9 @@ export async function getServiceConfig(): Promise<ServiceConfig> {
   ) {
     throw new Error("Invalid Service Config");
   }
+  axios.interceptors.response.use((response) => {
+    return response;
+  }, wafIntercept);
 
   return serviceConfig;
 }
diff --git a/src/api/useOrganizationApi.ts b/src/api/useOrganizationApi.ts
@@ -2,6 +2,7 @@ import axios from "axios";
 import { ServiceConfig, getServiceConfig } from "../Config/Config";
 import useOktaTokens from "../hooks/useOktaTokens";
 import { Organization } from "@madie/madie-models";
+import { wafIntercept } from "../madie-madie-util";
 
 export class OrganizationApi {
   constructor(private getAccessToken: () => string) {}
@@ -35,6 +36,10 @@ export const getServiceUrl = async () => {
   return serviceUrl;
 };
 
+axios.interceptors.response.use((response) => {
+  return response;
+}, wafIntercept);
+
 export default function useOrganizationApi(): OrganizationApi {
   const { getAccessToken } = useOktaTokens();
   return new OrganizationApi(getAccessToken);

diff --git a/src/api/useTerminologyServiceApi.ts b/src/api/useTerminologyServiceApi.ts
@@ -2,6 +2,7 @@ import axios from "axios";
 import { ServiceConfig, getServiceConfig } from "../Config/Config";
 
 import useOktaTokens from "../hooks/useOktaTokens";
+import { wafIntercept } from "../madie-madie-util";
 
 export class TerminologyServiceApi {
   constructor(private getAccessToken: () => string) {}
@@ -55,6 +56,9 @@ export const getServiceUrl = async () => {
 
   return serviceUrl;
 };
+axios.interceptors.response.use((response) => {
+  return response;
+}, wafIntercept);
 
 export default function useTerminologyServiceApi(): TerminologyServiceApi {
   const { getAccessToken } = useOktaTokens();

diff --git a/src/util/axios-instance.ts b/src/util/axios-instance.ts
@@ -0,0 +1,7 @@
+import axios from "axios";
+import wafIntercept from "./wafIntercept";
+
+export const axiosInstance = axios.create();
+axiosInstance.interceptors.response.use((response) => {
+  return response;
+}, wafIntercept);
diff --git a/src/util/wafIntercept.ts b/src/util/wafIntercept.ts
@@ -1,35 +1,28 @@
-import axios from "axios";
 import DOMPurify from "dompurify";
 
-const wafIntercept = () =>
-  axios.interceptors.response.use(
-    (response) => {
-      return response;
-    },
-    (error) => {
-      // Check for WAF block
-      if (
-        error?.response?.status === 403 &&
-        error?.response?.headers["content-type"].includes("text/html") &&
-        JSON.stringify(error.response.data).includes("[email protected]")
-      ) {
-        // eslint-disable-next-line no-console
-        console.log("WAF Interceptor Triggered");
+const wafIntercept = (error) => {
+  // Check for WAF block
+  if (
+    error?.response?.status === 403 &&
+    error?.response?.headers["content-type"].includes("text/html") &&
+    JSON.stringify(error.response.data).includes("[email protected]")
+  ) {
+    // eslint-disable-next-line no-console
+    console.log("WAF Interceptor Triggered");
 
-        const supportID = error.response.data.includes("ID:")
-          ? error.response.data.split("ID:")[1].split("<br>")[0].trim()
-          : "";
-        const body = error.response.data.split("<body>")[1].split("<br>")[0];
-        const purifiedBody = DOMPurify.sanitize(body, { ALLOWED_TAGS: [] });
+    const supportID = error.response.data.includes("ID:")
+      ? error.response.data.split("ID:")[1].split("<br>")[0].trim()
+      : "";
+    const body = error.response.data.split("<body>")[1].split("<br>")[0];
+    const purifiedBody = DOMPurify.sanitize(body, { ALLOWED_TAGS: [] });
 
-        const wafEvent = new CustomEvent("wafReject", {
-          detail: { message: purifiedBody, supportId: supportID },
-        });
-        document.dispatchEvent(wafEvent);
-        throw new Error(purifiedBody); // no tags allowed, removes all HTML tags.
-      }
+    const wafEvent = new CustomEvent("wafReject", {
+      detail: { message: purifiedBody, supportId: supportID },
+    });
+    document.dispatchEvent(wafEvent);
+    throw new Error(purifiedBody); // no tags allowed, removes all HTML tags.
+  }
 
-      return Promise.reject(error);
-    }
-  );
+  return Promise.reject(error);
+};
 export default wafIntercept;