Merge pull request #86 from kinde-oss/feat/hasura

Author: DanielRivers

lib/utils/token/getClaim.test.ts

@@ -0,0 +1,30 @@
+import { describe, expect, it, beforeEach } from "vitest";
+import { getClaim, setActiveStorage } from ".";
+import { createMockAccessToken } from "./testUtils";
+import { MemoryStorage, StorageKeys } from "../../main";
+
+const storage = new MemoryStorage();
+
+describe("getClaim", () => {
+  beforeEach(() => {
+    setActiveStorage(storage);
+  });
+
+  it("when no token", async () => {
+    await storage.setSessionItem(StorageKeys.accessToken, null);
+    const value = await getClaim("test");
+    expect(value).toStrictEqual(null);
+  });
+
+  it("get claim string value", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({ test: "org_123456" }),
+    );
+    const value = await getClaim("test");
+    expect(value).toStrictEqual({
+      name: "test",
+      value: "org_123456",
+    });
+  });
+});

lib/utils/token/getCurrentOrganization.ts

@@ -1,12 +1,16 @@
-import { getClaim } from "./getClaim";
+import { getDecodedToken } from "./getDecodedToken";
 
 /**
  *
  * @param keyName key to get from the token
  * @returns { Promise<string | number | string[] | null> }
  **/
 export const getCurrentOrganization = async (): Promise<string | null> => {
-  return (
-    (await getClaim<{ org_code: string }, string>("org_code"))?.value || null
-  );
+  const decodedToken = await getDecodedToken();
+
+  if (!decodedToken) {
+    return null;
+  }
+
+  return decodedToken.org_code || decodedToken["x-hasura-org-code"];
 };

lib/utils/token/getCurrentOrganizationHasura.test.ts

@@ -0,0 +1,31 @@
+import { describe, expect, it, beforeEach } from "vitest";
+import { MemoryStorage, StorageKeys } from "../../sessionManager";
+import { setActiveStorage, getCurrentOrganization } from ".";
+import { createMockAccessToken } from "./testUtils";
+
+const storage = new MemoryStorage();
+
+describe("getCurrentOrganization", () => {
+  beforeEach(() => {
+    setActiveStorage(storage);
+  });
+  it("when no token", async () => {
+    await storage.setSessionItem(StorageKeys.idToken, null);
+    const idToken = await getCurrentOrganization();
+
+    expect(idToken).toStrictEqual(null);
+  });
+
+  it("with access", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        org_code: null,
+        ["x-hasura-org-code"]: "org_123456",
+      }),
+    );
+    const orgCode = await getCurrentOrganization();
+
+    expect(orgCode).toStrictEqual("org_123456");
+  });
+});

lib/utils/token/getDecodedToken.ts

@@ -1,19 +1,51 @@
-import { jwtDecoder, JWTDecoded } from "@kinde/jwt-decoder";
+import { jwtDecoder, JWTDecoded as JWTBase } from "@kinde/jwt-decoder";
 import { getActiveStorage } from ".";
 import { StorageKeys } from "../../sessionManager";
 /**
  *
  * @param tokenType Type of token to decode
  * @returns { Promise<JWTDecoded | null> }
  */
-export const getDecodedToken = async <
-  T = JWTDecoded & {
-    permissions: string[];
-    org_code: string;
-  },
->(
+
+type JWTExtra = {
+  "x-hasura-permissions": never;
+  "x-hasura-org-code": never;
+  "x-hasura-org-codes": never;
+  "x-hasura-roles": never;
+  "x-hasura-feature-flags": never;
+
+  feature_flags: Record<
+    string,
+    { t: "b" | "i" | "s"; v: string | boolean | number | object }
+  >;
+  permissions: string[];
+  org_code: string;
+  org_codes: string[];
+  roles: string[];
+};
+
+type JWTExtraHasura = {
+  "x-hasura-permissions": string[];
+  "x-hasura-org-code": string;
+  "x-hasura-org-codes": string[];
+  "x-hasura-roles": string[];
+  "x-hasura-feature-flags": Record<
+    string,
+    { t: "b" | "i" | "s"; v: string | boolean | number | object }
+  >;
+
+  feature_flags: never;
+  permissions: never;
+  org_codes: never;
+  org_code: never;
+  roles: never;
+};
+
+type JWTDecoded = JWTBase & (JWTExtra | JWTExtraHasura);
+
+export const getDecodedToken = async <T = JWTDecoded>(
   tokenType: "accessToken" | "idToken" = StorageKeys.accessToken,
-): Promise<T | null> => {
+): Promise<(T & JWTDecoded) | null> => {
   const activeStorage = getActiveStorage();
 
   if (!activeStorage) {
@@ -28,7 +60,7 @@ export const getDecodedToken = async <
     return null;
   }
 
-  const decodedToken = jwtDecoder<T>(token);
+  const decodedToken = jwtDecoder<T & JWTDecoded>(token);
 
   if (!decodedToken) {
     console.warn("No decoded token found");

lib/utils/token/getFlag.test.ts

@@ -13,6 +13,34 @@ describe("getFlag", () => {
   it("when no token", async () => {
     await storage.setSessionItem(StorageKeys.idToken, null);
     const idToken = await getFlag("test");
+    expect(idToken).toStrictEqual(null);
+  });
+
+  it("when no flags", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        feature_flags: null,
+      }),
+    );
+    const idToken = await getFlag("test");
+
+    expect(idToken).toStrictEqual(null);
+  });
+
+  it("when name missing", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        feature_flags: {
+          test: {
+            v: true,
+            t: "b",
+          },
+        },
+      }),
+    );
+    const idToken = await getFlag();
 
     expect(idToken).toStrictEqual(null);
   });

lib/utils/token/getFlag.ts

@@ -1,23 +1,25 @@
-import { getClaim } from "./getClaim";
+import { getDecodedToken } from ".";
 
 /**
  *
  * @param keyName key to get from the token
  * @returns { Promise<string | number | string[] | null> }
  */
-export const getFlag = async <T = string | boolean | number>(
+export const getFlag = async <T = string | boolean | number | object>(
   name: string,
 ): Promise<T | null> => {
-  const flags = (
-    await getClaim<
-      { feature_flags: string },
-      Record<string, { t: "b" | "i" | "s"; v: T }>
-    >("feature_flags")
-  )?.value;
+  const claims = await getDecodedToken();
 
-  if (name && flags) {
-    const value = flags[name];
-    return value ? value?.v : null;
+  if (!claims) {
+    return null;
   }
-  return null;
+
+  const flags = claims.feature_flags || claims["x-hasura-feature-flags"];
+
+  if (!flags) {
+    return null;
+  }
+
+  const value = flags[name];
+  return (value?.v as T) ?? null;
 };

lib/utils/token/getFlagHasura.test.ts

@@ -0,0 +1,104 @@
+import { describe, expect, it, beforeEach } from "vitest";
+import { MemoryStorage, StorageKeys } from "../../sessionManager";
+import { setActiveStorage, getFlag } from ".";
+import { createMockAccessToken } from "./testUtils";
+
+const storage = new MemoryStorage();
+
+describe("getFlag - Hasura", () => {
+  beforeEach(() => {
+    setActiveStorage(storage);
+  });
+
+  it("when no token", async () => {
+    await storage.setSessionItem(StorageKeys.accessToken, null);
+    const idToken = await getFlag("test");
+
+    expect(idToken).toStrictEqual(null);
+  });
+
+  it("boolean true", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        ["x-hasura-feature-flags"]: {
+          test: {
+            v: true,
+            t: "b",
+          },
+        },
+      }),
+    );
+    const idToken = await getFlag<boolean>("test");
+
+    expect(idToken).toStrictEqual(true);
+  });
+
+  it("boolean false", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        ["x-hasura-feature-flags"]: {
+          test: {
+            v: false,
+            t: "b",
+          },
+        },
+      }),
+    );
+    const idToken = await getFlag<boolean>("test");
+
+    expect(idToken).toStrictEqual(false);
+  });
+
+  it("string", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        ["x-hasura-feature-flags"]: {
+          test: {
+            v: "hello",
+            t: "s",
+          },
+        },
+      }),
+    );
+    const idToken = await getFlag<string>("test");
+
+    expect(idToken).toStrictEqual("hello");
+  });
+
+  it("integer", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        feature_flags: {
+          test: {
+            v: 5,
+            t: "i",
+          },
+        },
+      }),
+    );
+    const idToken = await getFlag<number>("test");
+
+    expect(idToken).toStrictEqual(5);
+  });
+
+  it("no existing flag", async () => {
+    await storage.setSessionItem(
+      StorageKeys.accessToken,
+      createMockAccessToken({
+        ["x-hasura-feature-flags"]: {
+          test: {
+            v: 5,
+            t: "i",
+          },
+        },
+      }),
+    );
+    const idToken = await getFlag<number>("noexist");
+
+    expect(idToken).toStrictEqual(null);
+  });
+});

lib/utils/token/getPermissions.ts

@@ -14,10 +14,11 @@ export const getPermissions = async <T = string>(): Promise<Permissions<T>> => {
       permissions: [],
     };
   }
+  const permissions = token.permissions || token["x-hasura-permissions"] || [];
+  const orgCode = token.org_code || token["x-hasura-org-code"];
 
-  const permissions = token.permissions || [];
   return {
-    orgCode: token.org_code,
+    orgCode,
     permissions: permissions as T[],
   };
 };