Skip to content

Commit

Permalink
fix(datastore): handle case when getting auth info for expired token …
Browse files Browse the repository at this point in the history
…users (#13536)

fix: handle case when getting auth info for expired token users

Co-authored-by: Aaron S <94858815+stocaaro@users.noreply.github.com>
  • Loading branch information
itsramiel and stocaaro authored Jul 1, 2024
1 parent b6de5f9 commit 0f5f4cb
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 1 deletion.
28 changes: 28 additions & 0 deletions packages/datastore/__tests__/subscription.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,34 @@ describe('sync engine subscription module', () => {
),
).toEqual(authInfo);
});
test('owner authorization with no token(expired)', () => {
const authRules = [
{
provider: 'userPools',
ownerField: 'owner',
allow: 'owner',
identityClaim: 'cognito:username',
operations: ['create', 'update', 'delete'],
},
];
const model = generateModelWithAuth(authRules);

const authInfo = {
authMode: 'userPool',
isOwner: false,
};

expect(
// @ts-ignore
SubscriptionProcessor.prototype.getAuthorizationInfo(
model,
USER_CREDENTIALS.auth,
'userPool',
undefined,
'userPool',
),
).toEqual(authInfo);
});
test('owner authorization with public subscription', () => {
const authRules = [
{
Expand Down
2 changes: 1 addition & 1 deletion packages/datastore/src/sync/processors/subscription.ts
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ class SubscriptionProcessor {
: [];

oidcOwnerAuthRules.forEach(ownerAuthRule => {
const ownerValue = oidcTokenPayload[ownerAuthRule.identityClaim];
const ownerValue = oidcTokenPayload?.[ownerAuthRule.identityClaim];
const singleOwner =
model.fields[ownerAuthRule.ownerField]?.isArray !== true;
const isOwnerArgRequired =
Expand Down

0 comments on commit 0f5f4cb

Please sign in to comment.