From 3e8c4112f6c52bd94c6499c160c84c413185adb8 Mon Sep 17 00:00:00 2001
From: Josh Romero <rmerqg@amazon.com>
Date: Fri, 4 Aug 2023 23:58:35 +0000
Subject: [PATCH] Add tough-cookie as explicit dev dep and update tests

Partial backport of https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1113

Signed-off-by: Josh Romero <rmerqg@amazon.com>
---
 package.json                                        | 2 ++
 src/core/server/http/cookie_session_storage.test.ts | 6 +++---
 yarn.lock                                           | 5 +++++
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 4de17c32b16b..041119a9a22c 100644
--- a/package.json
+++ b/package.json
@@ -362,6 +362,7 @@
     "@types/tar": "^4.0.3",
     "@types/testing-library__jest-dom": "^5.9.3",
     "@types/testing-library__react-hooks": "^3.4.0",
+    "@types/tough-cookie": "^4.0.1",
     "@types/type-detect": "^4.0.1",
     "@types/uuid": "^3.4.4",
     "@types/vinyl": "^2.0.4",
@@ -486,6 +487,7 @@
     "supertest-as-promised": "^4.0.2",
     "tape": "^5.0.1",
     "topojson-client": "3.0.0",
+    "tough-cookie": "^4.1.3",
     "tree-kill": "^1.2.2",
     "typescript": "4.0.2",
     "ui-select": "0.19.8",
diff --git a/src/core/server/http/cookie_session_storage.test.ts b/src/core/server/http/cookie_session_storage.test.ts
index 7b09f0b629b7..161b85e1b9d7 100644
--- a/src/core/server/http/cookie_session_storage.test.ts
+++ b/src/core/server/http/cookie_session_storage.test.ts
@@ -29,7 +29,7 @@
  * Modifications Copyright OpenSearch Contributors. See
  * GitHub history for details.
  */
-import request from 'request';
+import { parse as parseCookie } from 'tough-cookie';
 import supertest from 'supertest';
 import { REPO_ROOT } from '@osd/dev-utils';
 import { ByteSizeValue } from '@osd/config-schema';
@@ -107,7 +107,7 @@ interface Storage {
 }
 
 function retrieveSessionCookie(cookies: string) {
-  const sessionCookie = request.cookie(cookies);
+  const sessionCookie = parseCookie(cookies);
   if (!sessionCookie) {
     throw new Error('session cookie expected to be defined');
   }
@@ -487,7 +487,7 @@ describe('Cookie based SessionStorage', () => {
           expect(cookies).toHaveLength(1);
 
           const sessionCookie = retrieveSessionCookie(cookies[0]);
-          expect(sessionCookie.extensions).toContain(`SameSite=${sameSite}`);
+          expect(sessionCookie.sameSite).toEqual(sameSite.toLowerCase());
 
           await supertest(innerServer.listener)
             .get('/')
diff --git a/yarn.lock b/yarn.lock
index 094d6825e7cb..856a8fc2f703 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3435,6 +3435,11 @@
   resolved "https://registry.yarnpkg.com/@types/tough-cookie/-/tough-cookie-2.3.5.tgz#9da44ed75571999b65c37b60c9b2b88db54c585d"
   integrity sha512-SCcK7mvGi3+ZNz833RRjFIxrn4gI1PPR3NtuIS+6vMkvmsGjosqTJwRt5bAEFLRz+wtJMWv8+uOnZf2hi2QXTg==
 
+"@types/tough-cookie@^4.0.1":
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/@types/tough-cookie/-/tough-cookie-4.0.2.tgz#6286b4c7228d58ab7866d19716f3696e03a09397"
+  integrity sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw==
+
 "@types/type-detect@^4.0.1":
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/@types/type-detect/-/type-detect-4.0.1.tgz#3b0f5ac82ea630090cbf57c57a1bf5a63a29b9b6"