dataverse-client-javascript/src/core/infra/repositories/apiConfigBuilders.ts at 55bd10cb31b56e384d2ff2db40df5cc10e8f8a7a · IQSS/dataverse-client-javascript · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
import { AxiosRequestConfig } from 'axios'
import { ApiConfig, DataverseApiAuthMechanism } from './ApiConfig'
import { ApiConstants } from './ApiConstants'

export const buildRequestConfig = (
  authRequired: boolean,
  queryParams: object | URLSearchParams,
  contentType: string = ApiConstants.CONTENT_TYPE_APPLICATION_JSON,
  abortSignal?: AbortSignal
): AxiosRequestConfig => {
  const requestConfig: AxiosRequestConfig & { headers: Record<string, unknown> } = {
    params: queryParams,
    headers: {
      'Content-Type': contentType
    },
    ...(abortSignal && { signal: abortSignal })
  }

  // When using multipart/form-data for axios to work properly its better to avoid setting the content-type and let the browser manage it
  if (contentType === ApiConstants.CONTENT_TYPE_MULTIPART_FORM_DATA) {
    requestConfig.headers['Content-Type'] = undefined
  }

  if (!authRequired) {
    return requestConfig
  }

  switch (ApiConfig.dataverseApiAuthMechanism) {
    case DataverseApiAuthMechanism.SESSION_COOKIE:
      /*
        We set { withCredentials: true } to send the JSESSIONID cookie in the requests for API authentication.
        This is required, along with the session auth feature flag enabled in the backend, to be able to authenticate using the JSESSIONID cookie.
        Auth mechanisms like this are configurable to set the one that fits the particular use case of dataverse-client-javascript. (For the SPA MVP, it is the session cookie API auth).
      */
      requestConfig.withCredentials = true
      break
    case DataverseApiAuthMechanism.API_KEY:
      if (typeof ApiConfig.dataverseApiKey !== 'undefined') {
        requestConfig.headers['X-Dataverse-Key'] = ApiConfig.dataverseApiKey
      }
      break

    case DataverseApiAuthMechanism.BEARER_TOKEN: {
      if (!(ApiConfig.bearerTokenLocalStorageKey || ApiConfig.bearerTokenGetFunction)) {
        throw new Error(
          'Bearer token local storage key or get function is not set in the ApiConfig, when using bearer token auth mechanism you must set the bearerTokenLocalStorageKey or bearerTokenGetFunction'
        )
      }

      let token

      if (ApiConfig.bearerTokenLocalStorageKey) {
        token = getLocalStorageItem<string>(ApiConfig.bearerTokenLocalStorageKey)
      } else if (ApiConfig.bearerTokenGetFunction) {
        token = ApiConfig.bearerTokenGetFunction()
      }

      if (token) {
        requestConfig.headers.Authorization = `Bearer ${token}`
      }
      break
    }
  }
  return requestConfig
}

export const buildRequestUrl = (apiEndpoint: string): string => {
  return `${ApiConfig.dataverseApiUrl}${apiEndpoint}`
}

export const getLocalStorageItem = <T>(key: string): T | null => {
  try {
    const item = localStorage.getItem(key)
    return item ? (JSON.parse(item) as T) : null
  } catch (error) {
    console.error(`Error parsing localStorage key "${key}":`, error)
    return null
  }
}