Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] fix: check token for validity before making any requests #881

Closed
wants to merge 1 commit into from
Closed

[WIP] fix: check token for validity before making any requests #881

wants to merge 1 commit into from

Conversation

dkontorovskyy
Copy link
Contributor

  • Ready for review
  • Follows CONTRIBUTING rules
  • Reviewed by Snyk internal team

What does this PR do?

Fix auth error if experimental-dep-graph exists.

If cli was invoked with experimental-dep-graph flag and invalid token, user will get error message
Feature flag 'experimental-dep-graph' is not currently enabled for your org, to enable please contact snyk support, cos token wasn't checked for validity and line https:/snyk/snyk/blob/master/src/cli/commands/monitor/index.ts#L91 will return actually 401 Not Authorised, but because we do isFFSupported.ok and it was undefined, user will see totally unrelated error message.

@dkontorovskyy dkontorovskyy requested a review from a team as a code owner November 26, 2019 11:33
@dkontorovskyy dkontorovskyy self-assigned this Nov 26, 2019
@ghost ghost requested review from gitphill and lwywoo November 26, 2019 11:34
gitphill
gitphill reviewed Nov 26, 2019
View reviewed changes
Copy link
Contributor

@gitphill gitphill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add a test for the issue reported? experimental-dep-graph and invalid token now produces correct error message

src/lib/api-token.ts Outdated
import * as config from './config';
import * as userConfig from './user-config';

export function api() {
// note: config.TOKEN will potentially come via the environment
return config.api || config.TOKEN || userConfig.get('api');
}
async function isTokenValid(token: string) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we have very similar function in src/cli/commands/auth/is-authed.ts - could reuse (use this function there) to avoid duplication?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was looking for this one but haven't found :( Nice catch 👍

src/lib/api-token.ts Outdated

export function apiTokenExists() {
return (response as any).body;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

type the function return object?

@dkontorovskyy
Copy link
Contributor Author

Closing this PR, cos this is not right approach

@dkontorovskyy dkontorovskyy deleted the fix/wrong-auth-error branch November 26, 2019 12:37
This was referenced Sep 15, 2021
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
Open
@MarcelRaschke MarcelRaschke mentioned this pull request Sep 29, 2022
Open
@MarcelRaschke MarcelRaschke mentioned this pull request Oct 22, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Oct 23, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gitphill gitphill gitphill left review comments

@lwywoo lwywoo Awaiting requested review from lwywoo

Assignees

@dkontorovskyy dkontorovskyy

Labels
🐛 bug 🚀 Boost
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dkontorovskyy @gitphill