fix: use OAUTH token if set for analytics

snyk · Aug 12, 2021 · 14a0b76 · 14a0b76
1 parent fa5bc2e
commit 14a0b76
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 3 deletions.
diff --git a/src/lib/analytics/index.ts b/src/lib/analytics/index.ts
@@ -1,4 +1,5 @@
 const snyk = require('../../lib');
+import { someTokenExists, getAuthHeader } from '../api-token';
 const config = require('../config');
 import { makeRequest } from '../request';
 const debug = require('debug')('snyk');
@@ -66,8 +67,8 @@ export async function postAnalytics(
     debug('analytics', JSON.stringify(analyticsData, null, '  '));
 
     const headers = {};
-    if (snyk.api) {
-      headers['authorization'] = 'token ' + snyk.api;
+    if (someTokenExists()) {
+      headers['authorization'] = getAuthHeader();
     }
 
     const queryStringParams = {};

diff --git a/src/lib/api-token.ts b/src/lib/api-token.ts
@@ -44,3 +44,7 @@ export function getAuthHeader(): string {
   }
   return `token ${api()}`;
 }
+
+export function someTokenExists(): boolean {
+  return Boolean(getOAuthToken() || getDockerToken() || api());
+}
diff --git a/test/jest/acceptance/analytics.spec.ts b/test/jest/acceptance/analytics.spec.ts
@@ -22,7 +22,6 @@ describe('analytics module', () => {
       SNYK_INTEGRATION_NAME: 'JENKINS',
       SNYK_INTEGRATION_VERSION: '1.2.3',
     };
-
     server = fakeServer(baseApi, env.SNYK_TOKEN);
     server.listen(port, () => {
       done();
@@ -300,6 +299,25 @@ describe('analytics module', () => {
     });
   });
 
+  it('uses OAUTH token if set', async () => {
+    const project = await createProjectFromWorkspace('npm-package');
+    const { code } = await runSnykCLI('version', {
+      cwd: project.path(),
+      env: {
+        ...env,
+        SNYK_OAUTH_TOKEN: 'oauth-jwt-token',
+      },
+    });
+    expect(code).toBe(0);
+
+    const lastRequest = server.popRequest();
+    expect(lastRequest).toMatchObject({
+      headers: {
+        authorization: 'Bearer oauth-jwt-token',
+      },
+    });
+  });
+
   it("won't send analytics if disable analytics is set", async () => {
     const { code } = await runSnykCLI(`version`, {
       env: {

diff --git a/test/jest/unit/lib/analytics/index.spec.ts b/test/jest/unit/lib/analytics/index.spec.ts
@@ -0,0 +1,21 @@
+import * as analytics from '../../../../../src/lib/analytics';
+import * as request from '../../../../../src/lib/request';
+import { argsFrom } from './utils';
+import * as apiTokenModule from '../../../../../src/lib/api-token';
+
+describe('analytics module', () => {
+  it('sends anaytics with no token set', async () => {
+    analytics.add('k1', 'v1');
+    const requestSpy = jest.spyOn(request, 'makeRequest');
+    const someTokenExistsSpy = jest.spyOn(apiTokenModule, 'someTokenExists');
+    someTokenExistsSpy.mockReturnValue(false);
+    requestSpy.mockImplementation(jest.fn());
+    await analytics.addDataAndSend({
+      args: argsFrom({}),
+    });
+    expect(requestSpy).toBeCalledTimes(1);
+    expect(requestSpy.mock.calls[0][0]).not.toHaveProperty(
+      'headers.authorization',
+    );
+  });
+});