Skip to content

Commit

Permalink
fix: #1700 cannot set Authorization via extraHeaders
Browse files Browse the repository at this point in the history
  • Loading branch information
pamapa committed Oct 17, 2024
1 parent 77806c7 commit 75cd882
Show file tree
Hide file tree
Showing 2 changed files with 94 additions and 7 deletions.
84 changes: 82 additions & 2 deletions src/JsonService.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ describe("JsonService", () => {
"Custom-Header-1": "this-is-header-1",
"Custom-Header-2": "this-is-header-2",
"acCept" : "application/fake",
"AuthoriZation" : "not good",
"Content-Type": "application/fail",
};
const dynamicExtraHeaders = {
Expand All @@ -26,7 +25,6 @@ describe("JsonService", () => {
return "my-name-is-header-2";
},
"acCept" : () => "nothing",
"AuthoriZation" : () => "not good",
"Content-Type": "application/fail",
};

Expand Down Expand Up @@ -587,4 +585,86 @@ describe("JsonService", () => {
expect(result).toEqual(json);
});
});

describe("_appendExtraHeaders", () => {
it("should add extra static headers", () => {
// arrange
const headers = {
"Accept": "application/json",
};
subject["_extraHeaders"] = {
"foo": "bar",
};

// act
subject["_appendExtraHeaders"](headers);

// assert
expect(headers).toMatchObject({
"Accept": "application/json",
"foo": "bar",
});
});

it("should add extra dynamic headers", () => {
// arrange
const headers = {
"Accept": "application/json",
};
subject["_extraHeaders"] = {
"foo": () => {
return "bar";
},
};

// act
subject["_appendExtraHeaders"](headers);

// assert
expect(headers).toMatchObject({
"Accept": "application/json",
"foo": "bar",
});
});

it("should skip protected special headers", () => {
// arrange
const headers = {
"Accept": "application/json",
};
subject["_extraHeaders"] = {
"foo": "bar",
"accept": "application/xml",
};

// act
subject["_appendExtraHeaders"](headers);

// assert
expect(headers).toMatchObject({
"Accept": "application/json",
"foo": "bar",
});
});

it("should skip override special headers", () => {
// arrange
const headers = {
"Authorization": "Bearer 1",
};
subject["_extraHeaders"] = {
"foo": "bar",
"Authorization": "Bearer 2",
};

// act
subject["_appendExtraHeaders"](headers);

// assert
expect(headers).toMatchObject({
"Authorization": "Bearer 1",
"foo": "bar",
});
});
});
});
17 changes: 12 additions & 5 deletions src/JsonService.ts
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ export class JsonService {
headers["Authorization"] = "Bearer " + token;
}

this.appendExtraHeaders(headers);
this._appendExtraHeaders(headers);

let response: Response;
try {
Expand Down Expand Up @@ -147,7 +147,7 @@ export class JsonService {
headers["Authorization"] = "Basic " + basicAuth;
}

this.appendExtraHeaders(headers);
this._appendExtraHeaders(headers);

let response: Response;
try {
Expand Down Expand Up @@ -194,22 +194,29 @@ export class JsonService {
return json;
}

private appendExtraHeaders(
private _appendExtraHeaders(
headers: Record<string, string>,
): void {
const logger = this._logger.create("appendExtraHeaders");
const customKeys = Object.keys(this._extraHeaders);
const protectedHeaders = [
"authorization",
"accept",
"content-type",
];
const preventOverride = [
"authorization",
];
if (customKeys.length === 0) {
return;
}
customKeys.forEach((headerName) => {
if (protectedHeaders.includes(headerName.toLocaleLowerCase())) {
logger.warn("Protected header could not be overridden", headerName, protectedHeaders);
logger.warn("Protected header could not be set", headerName, protectedHeaders);
return;
}
if (preventOverride.includes(headerName.toLocaleLowerCase()) &&
Object.keys(headers).includes(headerName)) {
logger.warn("Header could not be overridden", headerName, preventOverride);
return;
}
const content = (typeof this._extraHeaders[headerName] === "function") ?
Expand Down

0 comments on commit 75cd882

Please sign in to comment.