jwt token gen to be gated by enable-embedding-sdk (#48637)

fc64d930 · bryan · GitHub · 6024bf01 · fc64d930 · fc64d930
Unverified Commit fc64d930 authored 5 months ago by bryan Committed by GitHub 5 months ago
--- a/enterprise/backend/src/metabase_enterprise/sso/integrations/jwt.clj
+++ b/enterprise/backend/src/metabase_enterprise/sso/integrations/jwt.clj
@@ -8,8 +8,8 @@
   [metabase-enterprise.sso.integrations.sso-settings :as sso-settings]
   [metabase-enterprise.sso.integrations.sso-utils :as sso-utils]
   [metabase.api.common :as api]
-   [metabase.api.common.validation :as validation]
   [metabase.api.session :as api.session]
+   [metabase.embed.settings :as embed.settings]
   [metabase.integrations.common :as integrations.common]
   [metabase.public-settings.premium-features :as premium-features]
   [metabase.server.middleware.session :as mw.session]
@@ -106,7 +106,8 @@

 (defn ^:private generate-response-token
  [session jwt-data]
-  (validation/check-embedding-enabled)
+  (api/check (embed.settings/enable-embedding-sdk)
+             [402 (tru "SDK Embedding is not enabled.")])
  (response/response {:id  (:id session)
                      :exp (:exp jwt-data)
                      :iat (:iat jwt-data)}))

--- a/enterprise/backend/test/metabase_enterprise/sso/integrations/jwt_test.clj
+++ b/enterprise/backend/test/metabase_enterprise/sso/integrations/jwt_test.clj
@@ -346,7 +346,7 @@
 (deftest jwt-token-test
  (testing "should return a session token when token=true"
    (with-jwt-default-setup!
-      (mt/with-temporary-setting-values [enable-embedding-static true]
+      (mt/with-temporary-setting-values [enable-embedding-sdk true]
        (let [jwt-iat-time (buddy-util/now)
              jwt-exp-time (+ (buddy-util/now) 3600)
              jwt-payload  (jwt/sign {:email      "rasta@metabase.com"
@@ -367,7 +367,7 @@

  (testing "should not return a session token when embedding is disabled"
    (with-jwt-default-setup!
-      (mt/with-temporary-setting-values [enable-embedding false]
+      (mt/with-temporary-setting-values [enable-embedding-sdk false]
        (let [jwt-iat-time (buddy-util/now)
              jwt-exp-time (+ (buddy-util/now) 3600)
              jwt-payload  (jwt/sign {:email      "rasta@metabase.com"
@@ -378,14 +378,14 @@
                                      :iat        jwt-iat-time
                                      :exp        jwt-exp-time}
                                     default-jwt-secret)
-              result       (client/client-real-response :get 400 "/auth/sso"
+              result       (client/client-real-response :get 402 "/auth/sso"
                                                        :token true
                                                        :jwt jwt-payload)]
          (is result nil)))))

  (testing "should not return a session token when token=false"
    (with-jwt-default-setup!
-      (mt/with-temporary-setting-values [enable-embedding true]
+      (mt/with-temporary-setting-values [enable-embedding-sdk true]
        (let [jwt-iat-time (buddy-util/now)
              jwt-exp-time (+ (buddy-util/now) 3600)
              jwt-payload  (jwt/sign {:email      "rasta@metabase.com"