fix(arcgis-rest-request): pass referer

solution to pass the referer via the ArcGISIdentityManager constructor
Esri · Jan 11, 2023 · c950c4a · c950c4a
2 parents ff90826 + 81c2de8
commit c950c4a
Show file tree

Hide file tree

Showing 2 changed files with 116 additions and 8 deletions.
diff --git a/packages/arcgis-rest-request/src/ArcGISIdentityManager.ts b/packages/arcgis-rest-request/src/ArcGISIdentityManager.ts
@@ -64,6 +64,7 @@ export interface ISignInOptions {
   username: string;
   password: string;
   portal?: string;
+  referer?: string;
 }
 
 export type AuthenticationProvider =
@@ -253,6 +254,11 @@ export interface IArcGISIdentityManagerOptions {
    * ```
    */
   server?: string;
+
+  /**
+   * The referer to use when getting the token with `.signIn()`
+   */
+  referer?: string;
 }
 
 /**
@@ -1004,6 +1010,11 @@ export class ArcGISIdentityManager implements IAuthenticationManager {
    */
   public readonly server: string;
 
+  /**
+   * The referer to use when getting the token with `.signIn()`
+   */
+  public readonly referer: string;
+
   /**
    * Hydrated by a call to [getUser()](#getUser-summary).
    */
@@ -1066,6 +1077,7 @@ export class ArcGISIdentityManager implements IAuthenticationManager {
     this.tokenDuration = options.tokenDuration || 20160;
     this.redirectUri = options.redirectUri;
     this.server = options.server;
+    this.referer = options.referer;
 
     this.federatedServers = {};
     this.trustedDomains = [];
@@ -1576,14 +1588,15 @@ export class ArcGISIdentityManager implements IAuthenticationManager {
       password: this.password,
       expiration: this.tokenDuration,
       client: "referer",
-      referer:
-        typeof window !== "undefined" &&
-        typeof window.document !== "undefined" &&
-        window.location &&
-        window.location.origin
-          ? window.location.origin
-          : /* istanbul ignore next */
-            NODEJS_DEFAULT_REFERER_HEADER
+      referer: this.referer
+        ? this.referer
+        : typeof window !== "undefined" &&
+          typeof window.document !== "undefined" &&
+          window.location &&
+          window.location.origin
+        ? window.location.origin
+        : /* istanbul ignore next */
+          NODEJS_DEFAULT_REFERER_HEADER
     };
 
     return (

diff --git a/packages/arcgis-rest-request/test/ArcGISIdentityManager.test.ts b/packages/arcgis-rest-request/test/ArcGISIdentityManager.test.ts
@@ -2720,6 +2720,63 @@ describe("ArcGISIdentityManager", () => {
         });
     });
 
+    it("should use provided referer.", (done) => {
+      const MOCK_USER_SESSION = new ArcGISIdentityManager({
+        username: "jsmith",
+        password: "123456",
+        token: "token",
+        tokenExpires: YESTERDAY,
+        server: "https://fakeserver.com/arcgis",
+        referer: "testreferer"
+      });
+
+      fetchMock.post("https://fakeserver.com/arcgis/rest/info", {
+        currentVersion: 10.61,
+        fullVersion: "10.6.1",
+        authInfo: {
+          isTokenBasedSecurity: true,
+          tokenServicesUrl: "https://fakeserver.com/arcgis/tokens/generateToken"
+        }
+      });
+
+      fetchMock.post("https://fakeserver.com/arcgis/tokens/generateToken", {
+        token: "fresh-token",
+        expires: TOMORROW.getTime(),
+        username: " jsmith"
+      });
+
+      MOCK_USER_SESSION.getToken(
+        "https://fakeserver.com/arcgis/rest/services/Fake/MapServer/"
+      )
+        .then((token) => {
+          expect(token).toBe("fresh-token");
+          const [url, options]: [string, RequestInit] = fetchMock.lastCall(
+            "https://fakeserver.com/arcgis/tokens/generateToken"
+          );
+          expect(url).toBe(
+            "https://fakeserver.com/arcgis/tokens/generateToken"
+          );
+          expect(options.method).toBe("POST");
+          expect(options.body).toContain("f=json");
+          expect(options.body).toContain("username=jsmith");
+          expect(options.body).toContain("password=123456");
+          expect(options.body).toContain("client=referer");
+
+          if (isNode) {
+            expect(options.body).toContain("referer=testreferer");
+          }
+
+          if (isBrowser) {
+            expect(options.body).toContain(`referer=testreferer`);
+          }
+
+          done();
+        })
+        .catch((err) => {
+          fail(err);
+        });
+    });
+
     it("should throw an error if there is an error generating the server token with a username and password.", () => {
       const MOCK_USER_SESSION = new ArcGISIdentityManager({
         username: "jsmith",
@@ -3264,5 +3321,43 @@ describe("ArcGISIdentityManager", () => {
         expect(session.tokenExpires).toEqual(TOMORROW);
       });
     });
+
+    it("should initialize a session from a username and password and pass a referer", (done) => {
+      // we intentionally only mock one response
+      fetchMock.once(
+        "https://www.arcgis.com/sharing/rest/community/self?f=json&token=token",
+        {
+          username: "jsmith",
+          fullName: "John Smith",
+          role: "org_publisher"
+        }
+      );
+
+      fetchMock.postOnce("https://www.arcgis.com/sharing/rest/generateToken", {
+        token: "token",
+        expires: TOMORROW.getTime(),
+        username: " c@sey"
+      });
+
+      return ArcGISIdentityManager.signIn({
+        username: "c@sey",
+        password: "123456",
+        referer: "testreferer"
+      }).then(() => {
+        const [url, options]: [string, RequestInit] = fetchMock.lastCall(
+          "https://www.arcgis.com/sharing/rest/generateToken"
+        );
+
+        if (isNode) {
+          expect(options.body).toContain("referer=testreferer");
+        }
+
+        if (isBrowser) {
+          expect(options.body).toContain(`referer=testreferer`);
+        }
+
+        done();
+      });
+    });
   });
 });