Allow to pass mobile header in SAML login route

wazo-platform · Jul 18, 2024 · b718084 · b718084
1 parent 38685d4
commit b718084
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 4 deletions.
diff --git a/src/__tests__/api-client.test.ts b/src/__tests__/api-client.test.ts
@@ -131,7 +131,6 @@ describe('With correct API results', () => {
         body: JSON.stringify({ saml_session_id: samlSessionId }),
         signal: expect.any(Object),
         headers: {
-          'X-Auth-Token': token,
           'Content-Type': 'application/json',
           Accept: 'application/json',
         },
@@ -140,6 +139,27 @@ describe('With correct API results', () => {
     });
   });
 
+  describe('samlLogIn mobile test', () => {
+    it('should retrieve user token', async () => {
+      const samlSessionId = 'a1b2C3d4';
+      const result = await client.auth.samlLogIn(samlSessionId, { mobile: true });
+
+      expect(result).toBeInstanceOf(Session);
+      expect(result?.token).toBe(1);
+      expect(global.fetch).toBeCalledWith(`https://${server}/api/auth/${authVersion}/token`, {
+        method: 'post',
+        body: JSON.stringify({ saml_session_id: samlSessionId }),
+        signal: expect.any(Object),
+        headers: {
+          'Content-Type': 'application/json',
+          'Wazo-Session-Type': 'mobile',
+          Accept: 'application/json',
+        },
+        agent: null,
+      });
+    });
+  });
+
   describe('logOut test', () => {
     it('should delete the specified token', async () => {
       const oldToken = 123;

diff --git a/src/api/auth.ts b/src/api/auth.ts
@@ -32,7 +32,7 @@ export interface AuthD {
   authenticate: (token: Token) => Promise<Session | null | undefined>;
   logIn(params: LoginParams): Promise<Session | null | undefined> ;
   logOut: (token: Token) => Promise<LogoutResponse>;
-  samlLogIn: (samlSessionId: string) => Promise<Session | null | undefined>;
+  samlLogIn: (samlSessionId: string, options? : { mobile?: boolean }) => Promise<Session | null | undefined>;
   initiateIdpAuthentication(domain: string, redirectUrl: string): Promise<any>;
   refreshToken: (refreshToken: string, backend: string, expiration: number, isMobile?: boolean, tenantId?: string, domainName?: string) => Promise<Session | null | undefined>;
   deleteRefreshToken: (clientId: string) => Promise<boolean>;
@@ -116,7 +116,13 @@ export default ((client: ApiRequester, baseUrl: string): AuthD => ({
   },
 
   logOut: (token: Token): Promise<LogoutResponse> => client.delete(`${baseUrl}/token/${token}`, null, {}, ApiRequester.successResponseParser),
-  samlLogIn: async (samlSessionId: string): Promise<Session | null | undefined> => {
+
+  samlLogIn: async (samlSessionId: string, options : { mobile?: boolean } = {}): Promise<Session | null | undefined> => {
+    const headers: Record<string, any> = {
+      Accept: 'application/json',
+      'Content-Type': 'application/json',
+    };
+
     const body: SamlLoginBody = {
       saml_session_id: samlSessionId,
     };
@@ -126,8 +132,13 @@ export default ((client: ApiRequester, baseUrl: string): AuthD => ({
       body.client_id = client.clientId;
     }
 
-    return client.post(`${baseUrl}/token`, body).then(Session.parse);
+    if (options.mobile) {
+      headers['Wazo-Session-Type'] = 'mobile';
+    }
+
+    return client.post(`${baseUrl}/token`, body, headers).then(Session.parse);
   },
+
   initiateIdpAuthentication: async (domain: string, redirectUrl: string) => {
     const body = {
       domain,