Skip to content

Commit e40349e

Browse files
vitalir-bgvitalir-bg
committed
feat: allow the sdk to optionally send cookies with the request to custom domains
TICKET: BG-59381
1 parent 6577f2b commit e40349e

3 files changed

Lines changed: 75 additions & 2 deletions

File tree

modules/bitgo/test/unit/local.ts

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,50 @@ describe('Constructor', function () {
4343
bitgo.should.have.property('decrypt');
4444
bitgo.should.have.property('_validate');
4545
});
46+
47+
describe('cookiesPropagationEnabled argument', function () {
48+
it('fail to instantiate with invalid combinations of arguments', function() {
49+
(() => {
50+
new BitGoJS.BitGo({ env: 'testnet', cookiesPropagationEnabled: true } as any);
51+
}).should.throw(/Cookies are only allowed when custom URIs are in use/);
52+
(() => {
53+
new BitGoJS.BitGo({ env: 'custom', customRootURI: 'https://app.bitgo.com', cookiesPropagationEnabled: true } as any);
54+
}).should.throw(/Cookies are only allowed when custom URIs are in use/);
55+
});
56+
57+
it('cookiesPropagationEnabled is enabled explicitly', function() {
58+
const bitgo = new BitGoJS.BitGo({
59+
env: 'custom',
60+
customRootURI: 'https://app.example.local',
61+
cookiesPropagationEnabled: true,
62+
});
63+
64+
bitgo.should.have.property('cookiesPropagationEnabled');
65+
bitgo.cookiesPropagationEnabled.should.equal(true);
66+
});
67+
68+
it('cookiesPropagationEnabled is disabled explicitly', function() {
69+
const bitgo = new BitGoJS.BitGo({
70+
env: 'custom',
71+
customRootURI: 'https://app.example.local',
72+
cookiesPropagationEnabled: false,
73+
});
74+
75+
bitgo.should.have.property('cookiesPropagationEnabled');
76+
bitgo.cookiesPropagationEnabled.should.equal(false);
77+
});
78+
79+
it('cookiesPropagationEnabled is disabled by default', function() {
80+
const bitgo = new BitGoJS.BitGo({
81+
env: 'custom',
82+
customRootURI: 'https://app.example.local',
83+
});
84+
85+
bitgo.should.have.property('cookiesPropagationEnabled');
86+
bitgo.cookiesPropagationEnabled.should.equal(false);
87+
});
88+
});
89+
4690
});
4791

4892
describe('BitGo environment', function () {

modules/sdk-api/src/bitgoAPI.ts

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ import {
2626
defaultConstants,
2727
EncryptOptions,
2828
EnvironmentName,
29+
Environments,
2930
getAddressP2PKH,
3031
getSharedSecret,
3132
GetSharingKeyOptions,
@@ -128,8 +129,10 @@ export class BitGoAPI implements BitGoBase {
128129
protected readonly _clientId?: string;
129130
protected readonly _clientSecret?: string;
130131
protected _validate: boolean;
132+
public readonly cookiesPropagationEnabled: boolean;
131133

132134
constructor(params: BitGoAPIOptions = {}) {
135+
this.cookiesPropagationEnabled = false;
133136
if (
134137
!common.validateParams(
135138
params,
@@ -183,10 +186,23 @@ export class BitGoAPI implements BitGoBase {
183186
if (params.stellarFederationServerUrl) {
184187
common.Environments[env].stellarFederationServerUrl = params.stellarFederationServerUrl;
185188
}
189+
if (
190+
params.customRootURI &&
191+
params.customRootURI !== Environments.prod.uri &&
192+
params.customRootURI !== Environments.test.uri &&
193+
params.cookiesPropagationEnabled
194+
) {
195+
this.cookiesPropagationEnabled = true;
196+
}
186197
} else {
187198
env = params.env || (process.env.BITGO_ENV as EnvironmentName);
188199
}
189200

201+
// if this hasn't been set to true already some conditions are not met
202+
if (params.cookiesPropagationEnabled && !this.cookiesPropagationEnabled) {
203+
throw new Error('Cookies are only allowed when custom URIs are in use');
204+
}
205+
190206
if (params.authVersion !== undefined) {
191207
this._authVersion = params.authVersion;
192208
}
@@ -275,6 +291,18 @@ export class BitGoAPI implements BitGoBase {
275291
});
276292
}
277293

294+
/**
295+
* Get a superagent request for specified http method and URL configured to the SDK configuration
296+
* @param method - http method for the new request
297+
* @param url - URL for the new request
298+
*/
299+
protected getAgentRequest(method: typeof patchedRequestMethods[number], url: string): superagent.SuperAgentRequest {
300+
let req: superagent.SuperAgentRequest = superagent[method](url);
301+
if (this.cookiesPropagationEnabled) {
302+
req = req.withCredentials();
303+
}
304+
return req;
305+
}
278306
/**
279307
* Create a basecoin object
280308
* @param name
@@ -303,7 +331,7 @@ export class BitGoAPI implements BitGoBase {
303331
* @param method
304332
*/
305333
private requestPatch(method: typeof patchedRequestMethods[number], url: string) {
306-
let req: superagent.SuperAgentRequest = superagent[method](url);
334+
let req = this.getAgentRequest(method, url);
307335
if (this._proxy) {
308336
debug('proxying request through %s', this._proxy);
309337
req = req.proxy(this._proxy);
@@ -536,7 +564,7 @@ export class BitGoAPI implements BitGoBase {
536564
// client constants call cannot be authenticated using the normal HMAC validation
537565
// scheme, so we need to use a raw superagent instance to do this request.
538566
// Proxy settings must still be respected however
539-
const resultPromise = superagent.get(this.url('/client/constants'));
567+
const resultPromise = this.getAgentRequest('get', this.url('/client/constants'));
540568
resultPromise.set('BitGo-SDK-Version', this._version);
541569
const result = await (this._proxy ? resultPromise.proxy(this._proxy) : resultPromise);
542570
BitGoAPI._constants[env] = result.body.constants;

modules/sdk-api/src/types.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ export interface BitGoAPIOptions {
2020
useProduction?: boolean;
2121
userAgent?: string;
2222
validate?: boolean;
23+
cookiesPropagationEnabled?: boolean;
2324
}
2425

2526
export interface AccessTokenOptions {

0 commit comments

Comments
 (0)