From e230029c28dd28867088a057f7d606bf89aa5c1c Mon Sep 17 00:00:00 2001 From: lojzatran Date: Fri, 20 Dec 2024 09:41:14 +0000 Subject: [PATCH] fix(SUPPORT-30038): clone deep the request object --- package.json | 1 + .../sdk-v3/middlewares.test.ts | 55 +++++++++++++++++++ .../sdk-client-v3/src/utils/maskAuthData.ts | 3 +- yarn.lock | 5 ++ 4 files changed, 63 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index a012c85e0..2ce17a778 100644 --- a/package.json +++ b/package.json @@ -44,6 +44,7 @@ "jest-junit": "16.0.0", "jest-watch-typeahead": "2.2.2", "lint-staged": "13.3.0", + "lodash.clonedeep": "^4.5.0", "node-polyfill-webpack-plugin": "^4.0.0", "path-browserify": "^1.0.1", "prettier": "3.3.3", diff --git a/packages/platform-sdk/test/integration-tests/sdk-v3/middlewares.test.ts b/packages/platform-sdk/test/integration-tests/sdk-v3/middlewares.test.ts index 10cdfe3e2..a86aa7e78 100644 --- a/packages/platform-sdk/test/integration-tests/sdk-v3/middlewares.test.ts +++ b/packages/platform-sdk/test/integration-tests/sdk-v3/middlewares.test.ts @@ -187,6 +187,61 @@ describe('Concurrent Modification Middleware', () => { .execute() .catch((e) => e) }) + + // https://commercetools.atlassian.net/browse/SUPPORT-30038 + it('should retry with correct bearer token when maskSensitiveHeaderData is true', async () => { + async function concurrentModificationHandlerFn( + version: number, + request: MiddlewareRequest, + response + ) { + expect(request.headers.Authorization).toMatch(/^Bearer (?!\*+$)([^\s]+)$/) + + // update version + request.body = { + ...(request.body as object), + version, + } + + return JSON.stringify(request.body) + } + + const ctpClientV3 = new ClientBuilderV3() + .withHttpMiddleware({ + ...httpMiddlewareOptionsV3, + maskSensitiveHeaderData: true, + }) + .withConcurrentModificationMiddleware({ concurrentModificationHandlerFn }) + .withClientCredentialsFlow(authMiddlewareOptions) + .build() + + const apiRootV3 = createApiBuilderFromCtpClient(ctpClientV3).withProjectKey( + { + projectKey, + } + ) + + try { + await apiRootV3 + .products() + .withId({ ID: product.id }) + .post({ + body: { + version: +product.version + 1, + actions: [ + { + action: 'changeName', + name: { en: 'test-name' + new Date().getTime() }, + }, + ], + }, + }) + .execute() + } catch (e) { + console.error(e) + throw e + } + }) }) describe('Http clients and http client options', () => { diff --git a/packages/sdk-client-v3/src/utils/maskAuthData.ts b/packages/sdk-client-v3/src/utils/maskAuthData.ts index a29d670c1..a29e01dc2 100644 --- a/packages/sdk-client-v3/src/utils/maskAuthData.ts +++ b/packages/sdk-client-v3/src/utils/maskAuthData.ts @@ -1,7 +1,8 @@ import { MiddlewareRequest } from '../types/types' +import cloneDeep from 'lodash.clonedeep' export default function maskAuthData(request: MiddlewareRequest) { - const _request = Object.assign({}, request) + const _request = cloneDeep(request) if (_request?.headers) { if (_request.headers.Authorization) { _request.headers['Authorization'] = 'Bearer ********' diff --git a/yarn.lock b/yarn.lock index cfbf9bb9b..6cbfce160 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6027,6 +6027,11 @@ lodash.camelcase@^4.3.0: resolved "https://registry.yarnpkg.com/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz#b28aa6288a2b9fc651035c7711f65ab6190331a6" integrity sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA== +lodash.clonedeep@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef" + integrity sha512-H5ZhCF25riFd9uB5UCkVKo61m3S/xZk1x4wA6yp/L3RFP6Z/eHH1ymQcGLo7J3GMPfm0V/7m1tryHuGVxpqEBQ== + lodash.debounce@^4.0.8: version "4.0.8" resolved "https://registry.yarnpkg.com/lodash.debounce/-/lodash.debounce-4.0.8.tgz#82d79bff30a67c4005ffd5e2515300ad9ca4d7af"