From 79b5033728a40a133372dff99d6a3bb34cfc0c92 Mon Sep 17 00:00:00 2001 From: Max Kostow Date: Tue, 29 Mar 2022 22:37:29 -0700 Subject: [PATCH] fix: do not cache Authorization header (and add tests) --- jest.config.js | 1 + src/SupabaseClient.ts | 2 +- test/client.test.ts | 27 +++++++++++++++++++++++++-- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/jest.config.js b/jest.config.js index c5fde889..0f49adfc 100644 --- a/jest.config.js +++ b/jest.config.js @@ -1,6 +1,7 @@ module.exports = { preset: 'ts-jest', testEnvironment: 'node', + clearMocks: true, collectCoverage: false, coverageDirectory: './test/coverage', coverageReporters: ['json', 'html', 'lcov'], diff --git a/src/SupabaseClient.ts b/src/SupabaseClient.ts index a83f20fd..69d47caa 100644 --- a/src/SupabaseClient.ts +++ b/src/SupabaseClient.ts @@ -265,7 +265,7 @@ export default class SupabaseClient { } private _getAuthHeaders(): GenericObject { - const headers: GenericObject = this.headers + const headers: GenericObject = { ...this.headers } const authBearer = this.auth.session()?.access_token ?? this.supabaseKey headers['apikey'] = this.supabaseKey headers['Authorization'] = headers['Authorization'] || `Bearer ${authBearer}` diff --git a/test/client.test.ts b/test/client.test.ts index efe87c31..2775a507 100644 --- a/test/client.test.ts +++ b/test/client.test.ts @@ -16,10 +16,22 @@ test('it should throw an error if no valid params are provided', async () => { expect(() => createClient(URL, '')).toThrowError('supabaseKey is required.') }) -describe('Custom Headers', () => { - const customHeader = { 'X-Test-Header': 'value' } +test('it should not cache Authorization header', async () => { + const checkHeadersSpy = jest.spyOn(SupabaseClient.prototype as any, '_getAuthHeaders') + + supabase.auth.setAuth('token1') + supabase.rpc('') // Calling public method `rpc` calls private method _getAuthHeaders which result we want to test + supabase.auth.setAuth('token2') + supabase.rpc('') // Calling public method `rpc` calls private method _getAuthHeaders which result we want to test + + expect(checkHeadersSpy.mock.results[0].value).toHaveProperty('Authorization', 'Bearer token1') + expect(checkHeadersSpy.mock.results[1].value).toHaveProperty('Authorization', 'Bearer token2') +}) +describe('Custom Headers', () => { test('should have custom header set', () => { + const customHeader = { 'X-Test-Header': 'value' } + const checkHeadersSpy = jest.spyOn(SupabaseClient.prototype as any, '_getAuthHeaders') createClient(URL, KEY, { headers: customHeader }).rpc('') // Calling public method `rpc` calls private method _getAuthHeaders which result we want to test const getHeaders = checkHeadersSpy.mock.results[0].value @@ -27,6 +39,17 @@ describe('Custom Headers', () => { expect(checkHeadersSpy).toBeCalled() expect(getHeaders).toHaveProperty('X-Test-Header', 'value') }) + + test('should allow custom Authorization header', () => { + const customHeader = { Authorization: 'Bearer custom_token' } + supabase.auth.setAuth('override_me') + const checkHeadersSpy = jest.spyOn(SupabaseClient.prototype as any, '_getAuthHeaders') + createClient(URL, KEY, { headers: customHeader }).rpc('') // Calling public method `rpc` calls private method _getAuthHeaders which result we want to test + const getHeaders = checkHeadersSpy.mock.results[0].value + + expect(checkHeadersSpy).toBeCalled() + expect(getHeaders).toHaveProperty('Authorization', 'Bearer custom_token') + }) }) // Socket should close when there are no open connections