An origin is always required (#16)

Signed-off-by: Matteo Collina <[email protected]>
platformatic · Feb 5, 2024 · 6f1a2e7 · 6f1a2e7
1 parent cbe9ad6
commit 6f1a2e7
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 26 deletions.
diff --git a/oauth-interceptor.js b/oauth-interceptor.js
@@ -25,24 +25,22 @@ function getTokenState (token) {
 }
 
 function createOAuthInterceptor (options) {
-  let { accessToken } = { ...options }
-  const {
-    refreshToken,
+  const { refreshToken, clientId } = options
+  let {
+    accessToken ,
     retryOnStatusCodes,
-    origins,
-    clientId
-  } = {
-    retryOnStatusCodes: [401],
-    origins: [],
-    refreshToken: '',
-    ...options
-  }
+    origins
+  } = options
+
+  retryOnStatusCodes = retryOnStatusCodes || [401]
+  origins = origins || []
 
   if (!refreshToken) {
     throw new Error('refreshToken is required')
   }
 
-  const { iss, sub } = decode(refreshToken)
+  const decoded = decode(refreshToken)
+  const { iss, sub } = decoded
   if (!iss) throw new Error('refreshToken is invalid: iss is required')
   if (!sub && !clientId) throw new Error('No clientId provided')
 
@@ -61,7 +59,7 @@ function createOAuthInterceptor (options) {
 
   return dispatch => {
     return function Intercept (opts, handler) {
-      if (!opts.oauthRetry && (origins.length > 0 && !origins.includes(opts.origin))) {
+      if (!opts.oauthRetry && !origins.includes(opts.origin)) {
         // do not attempt intercept
         return dispatch(opts, handler)
       }

diff --git a/tests/errors.test.js b/tests/errors.test.js
@@ -41,7 +41,8 @@ test('error when refreshing', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })
@@ -81,7 +82,8 @@ test('after service rejects the token, token service reject token, error request
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })

diff --git a/tests/interceptor.test.js b/tests/interceptor.test.js
@@ -25,13 +25,15 @@ test('attach provided access token to the request', async (t) => {
 
   t.after(() => server.close())
 
+  const origin = `http://localhost:${server.address().port}`
+
   const dispatcher = new Agent({
     interceptors: {
-      Pool: [createOAuthInterceptor({ accessToken, refreshToken })]
+      Pool: [createOAuthInterceptor({ accessToken, refreshToken, origins: [origin] })]
     }
   })
 
-  const { statusCode } = await request(`http://localhost:${server.address().port}`, { dispatcher })
+  const { statusCode } = await request(origin, { dispatcher })
   assert.strictEqual(statusCode, 200)
 })
 
@@ -70,7 +72,8 @@ test('get an access token if no token provided', async (t) => {
       Pool: [createOAuthInterceptor({
         refreshToken,
         retryOnStatusCodes: [401],
-        clientId: 'client-id'
+        clientId: 'client-id',
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })
@@ -115,7 +118,8 @@ test('refresh access token if expired', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })
@@ -167,7 +171,8 @@ test('refresh token within refresh window', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken: oldAccessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })
@@ -211,7 +216,8 @@ test('do not refresh just outside of refresh window', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })
@@ -266,7 +272,8 @@ test('refresh access token if server rejects, retry request', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })
@@ -312,7 +319,8 @@ test('do not intercept request', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        interceptDomains: ['example.com']
+        interceptDomains: ['example.com'],
+        origins: [`localhost:${server.address().port}`]
       })]
     }
   })
@@ -353,7 +361,7 @@ test('request is intercepted', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken,
         refreshToken,
-        interceptDomains: [`localhost:${server.address().port}`]
+        origins: [`localhost:${server.address().port}`]
       })]
     }
   })
@@ -400,7 +408,7 @@ test('token created only once', async (t) => {
 
   const dispatcher = new Agent({
     interceptors: {
-      Pool: [createOAuthInterceptor({ refreshToken })]
+      Pool: [createOAuthInterceptor({ refreshToken, origins: [`http://localhost:${mainServer.address().port}`] })]
     }
   })
 
@@ -565,7 +573,8 @@ test('optimistic refresh', async (t) => {
       Pool: [createOAuthInterceptor({
         accessToken: oldAccessToken,
         refreshToken,
-        retryOnStatusCodes: [401]
+        retryOnStatusCodes: [401],
+        origins: [`http://localhost:${mainServer.address().port}`]
       })]
     }
   })