Skip to content
Snippets Groups Projects
Unverified Commit 9930ed8a authored by github-automation-metabase's avatar github-automation-metabase Committed by GitHub
Browse files

feat(sdk): detect if session.id is not a string (#50890) (#51055) 


* feat(sdk): detect if session.id is not a string

* use yup, also validate exp as we use it

Co-authored-by: default avatarNicolò Pretto <info@npretto.com>
parent 489986cf
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
enterprise/frontend/src/embedding-sdk/store/auth.ts
+ 11
2
View file @ 9930ed8a
import * as Yup from "yup";
import type { import type {
EmbeddingSessionToken, EmbeddingSessionToken,
FetchRequestTokenFn, FetchRequestTokenFn,
...@@ -121,8 +123,8 @@ export const refreshTokenAsync = createAsyncThunk( ...@@ -121,8 +123,8 @@ export const refreshTokenAsync = createAsyncThunk(
); );
} }
} }
// Lastly if we don't have an error message or status, check if we actually got the session ID // Lastly if we don't have an error message or status, check if we actually got the session ID and expiration
if (!("id" in session)) { if (!sessionSchema.isValidSync(session)) {
throw new Error( throw new Error(
`The ${source} must return an object with the shape {id:string, exp:number, iat:number, status:string}, got ${safeStringify(session)} instead`, `The ${source} must return an object with the shape {id:string, exp:number, iat:number, status:string}, got ${safeStringify(session)} instead`,
); );
...@@ -170,3 +172,10 @@ export const defaultGetRefreshTokenFn: FetchRequestTokenFn = async url => { ...@@ -170,3 +172,10 @@ export const defaultGetRefreshTokenFn: FetchRequestTokenFn = async url => {
return asText; return asText;
} }
}; };
const sessionSchema = Yup.object({
id: Yup.string().required(),
exp: Yup.number().required(),
// We should also receive `iat` and `status` in the response, but we don't actually need them
// as we don't use them, so we don't throw an error if they are missing
});
enterprise/frontend/src/embedding-sdk/test/sdk-config-errors.unit.spec.tsx
+ 14
0
View file @ 9930ed8a
...@@ -112,6 +112,20 @@ describe("SDK auth errors", () => { ...@@ -112,6 +112,20 @@ describe("SDK auth errors", () => {
); );
}); });
it("should show a message when the auth provider returns the id as an object", async () => {
mockAuthUriProviderResponse({
body: { id: { id: "123" } },
});
await setup(defaultAuthUriConfig);
await waitForRequest(() => getLastAuthProviderApiCall());
await expectErrorMessage(
`The authProviderUri endpoint must return an object with the shape {id:string, exp:number, iat:number, status:string}, got`,
);
});
it("should show a message when fetchRequestToken doesn't return a json object", async () => { it("should show a message when fetchRequestToken doesn't return a json object", async () => {
const config = defineEmbeddingSdkConfig({ const config = defineEmbeddingSdkConfig({
...defaultAuthUriConfig, ...defaultAuthUriConfig,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment