Merge pull request #108 from sharetribe/fix-scopes

Fix authInfo for tokens that lack scope attribute
sharetribe · Feb 18, 2020 · 61c60e8 · 61c60e8
2 parents 93b122e + 8041db9
commit 61c60e8
Show file tree

Hide file tree

Showing 6 changed files with 78 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,13 @@ adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased] - xxxx-xx-xx
 
+## [v1.9.1] - 2020-02-18
+
+### Fixed
+
+- Handling old API tokens that lack the `scope` attribute in `sdk.authInfo`
+  [108](https://github.com/sharetribe/flex-sdk-js/pull/108)
+
 ## [v1.9.0] - 2020-02-12
 
 ### Added

diff --git a/build/sharetribe-flex-sdk-node.js b/build/sharetribe-flex-sdk-node.js
@@ -8096,14 +8096,31 @@ function () {
         return Promise.resolve().then(tokenStore.getToken).then(function (storedToken) {
           if (storedToken) {
             var tokenScope = storedToken.scope;
-            var scopes = tokenScope.split(' ');
-            var isAnonymous = tokenScope === 'public-read'; // Deprecated attribute, maintained here for client implementations
-            // that rely on this attribute
 
+            if (tokenScope) {
+              var scopes = tokenScope.split(' ');
+
+              var _isAnonymous = tokenScope === 'public-read'; // Deprecated attribute, maintained here for client implementations
+              // that rely on this attribute
+
+
+              var _grantType = _isAnonymous ? 'client_credentials' : 'refresh_token';
+
+              return _objectSpread({}, ctx, {
+                res: {
+                  scopes: scopes,
+                  isAnonymous: _isAnonymous,
+                  grantType: _grantType
+                }
+              });
+            } // Support old tokens that are stored in the client's token store
+            // and possibly do not have the scope attribute
+
+
+            var isAnonymous = !storedToken.refresh_token;
             var grantType = isAnonymous ? 'client_credentials' : 'refresh_token';
             return _objectSpread({}, ctx, {
               res: {
-                scopes: scopes,
                 isAnonymous: isAnonymous,
                 grantType: grantType
               }

diff --git a/build/sharetribe-flex-sdk-web.js b/build/sharetribe-flex-sdk-web.js
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "sharetribe-flex-sdk",
-  "version": "1.9.0",
+  "version": "1.9.1",
   "description": "Sharetribe Flex SDK for JavaScript",
   "main": "build/sharetribe-flex-sdk-node.js",
   "browser": "build/sharetribe-flex-sdk-web.js",

diff --git a/src/interceptors/auth_info.js b/src/interceptors/auth_info.js
@@ -22,14 +22,23 @@ export default class AuthInfo {
         .then(storedToken => {
           if (storedToken) {
             const tokenScope = storedToken.scope;
-            const scopes = tokenScope.split(' ');
-            const isAnonymous = tokenScope === 'public-read';
 
-            // Deprecated attribute, maintained here for client implementations
-            // that rely on this attribute
-            const grantType = isAnonymous ? 'client_credentials' : 'refresh_token';
+            if (tokenScope) {
+              const scopes = tokenScope.split(' ');
+              const isAnonymous = tokenScope === 'public-read';
+
+              // Deprecated attribute, maintained here for client implementations
+              // that rely on this attribute
+              const grantType = isAnonymous ? 'client_credentials' : 'refresh_token';
 
-            return { ...ctx, res: { scopes, isAnonymous, grantType } };
+              return { ...ctx, res: { scopes, isAnonymous, grantType } };
+            }
+
+            // Support old tokens that are stored in the client's token store
+            // and possibly do not have the scope attribute
+            const isAnonymous = !storedToken.refresh_token;
+            const grantType = isAnonymous ? 'client_credentials' : 'refresh_token';
+            return { ...ctx, res: { isAnonymous, grantType } };
           }
 
           return { ...ctx, res: {} };

diff --git a/src/sdk.test.js b/src/sdk.test.js
@@ -685,6 +685,39 @@ describe('new SharetribeSdk', () => {
           )
       );
     });
+
+    it('supports anonymous tokens without scope attribute', () => {
+      const { sdk, sdkTokenStore, adapterTokenStore } = createSdk();
+      const anonToken = adapterTokenStore.createAnonToken();
+      const { scope, ...rest } = anonToken;
+      sdkTokenStore.setToken({ ...rest });
+
+      return report(
+        sdk.authInfo().then(authInfo => {
+          expect(authInfo.grantType).toEqual('client_credentials');
+          expect(authInfo.isAnonymous).toEqual(true);
+          expect(authInfo.scopes).toBeUndefined();
+        })
+      );
+    });
+
+    it('supports access tokens without scope attribute', () => {
+      const { sdk, sdkTokenStore, adapterTokenStore } = createSdk();
+      const accessToken = adapterTokenStore.createTokenWithCredentials(
+        '[email protected]',
+        'secret-joe'
+      );
+      const { scope, ...rest } = accessToken;
+      sdkTokenStore.setToken({ ...rest });
+
+      return report(
+        sdk.authInfo().then(authInfo => {
+          expect(authInfo.grantType).toEqual('refresh_token');
+          expect(authInfo.isAnonymous).toEqual(false);
+          expect(authInfo.scopes).toBeUndefined();
+        })
+      );
+    });
   });
 
   it('allows sending query params in POST request (such as `expand=true`)', () => {