fix(oidc): ensure Origin can be set on call to IDPs

TankerHQ · May 2, 2024 · 6ce042d · 6ce042d
1 parent 89ff21f
commit 6ce042d
Showing 1 changed file with 20 additions and 7 deletions.
diff --git a/packages/core/src/Network/Client.ts b/packages/core/src/Network/Client.ts
@@ -104,12 +104,17 @@ export class Client {
   // Simple _fetch wrapper with:
   //   - proper headers set (sdk info and authorization)
   //   - generic error handling
-  _baseApiCall = async (path: string, authenticated: boolean, init?: RequestInit): Promise<any> => {
-    try {
-      if (!path || path[0] !== '/') {
-        throw new InvalidArgument('"path" should be non empty and start with "/"');
-      }
+  _baseApiCall = (path: string, authenticated: boolean, init?: RequestInit): Promise<any> => {
+    if (!path || path[0] !== '/') {
+      throw new InvalidArgument('"path" should be non empty and start with "/"');
+    }
+    const url = `${this._apiEndpoint}${this._apiRootPath}${path}`;
 
+    return this._basehttpCall(url, authenticated, init);
+  };
+
+  _basehttpCall = async (url: string, authenticated: boolean, init?: RequestInit): Promise<any> => {
+    try {
       const headers = (init?.headers ? init.headers : {}) as Record<string, string>;
       headers['X-Tanker-Instanceid'] = this._instanceId;
       headers['X-Tanker-Sdktype'] = this._sdkType;
@@ -119,7 +124,6 @@ export class Client {
         headers['Authorization'] = `Bearer ${this._accessToken}`; // eslint-disable-line dot-notation
       }
 
-      const url = `${this._apiEndpoint}${this._apiRootPath}${path}`;
 
       const response = await this._fetch(url, { ...init, headers });
 
@@ -448,11 +452,20 @@ export class Client {
   };
 
   oidcSignIn = async (oidcProviderId: string): Promise<OidcAuthorizationCodeVerification> => {
-    const { code, state } = await this._baseApiCall(
+    const resp = await this._baseApiCall(
       `/oidc/${oidcProviderId}/signin?user_id=${urlize(this._userId)}`,
       false,
       { credentials: 'include' },
     );
+
+    const { location } = resp;
+
+    const { code, state } = await this._basehttpCall(
+      location,
+      false,
+      { credentials: 'include' },
+    );
+
     return {
       oidcProviderId,
       oidcAuthorizationCode: code,