fix: setting up cookie forwarding

GaloyMoney · Oct 20, 2023 · 97a9107 · 97a9107
1 parent 8e7c0ec
commit 97a9107
Show file tree

Hide file tree

Showing 2 changed files with 90 additions and 39 deletions.
diff --git a/apps/consent/app/consent/page.tsx b/apps/consent/app/consent/page.tsx
@@ -9,6 +9,7 @@ import PrimaryButton from "../components/button/primary-button-component";
 import SecondaryButton from "../components/button/secondary-button-component";
 import Heading from "../components/heading";
 import { SubmitValue } from "../index.types";
+import { cookies } from "next/headers";
 
 interface ConsentProps {
   consent_challenge: string;
@@ -32,31 +33,52 @@ const submitForm = async (form: FormData) => {
   if (submitValue === SubmitValue.denyAccess) {
     console.log("User denied access");
     let response;
-    response = await hydraClient.rejectOAuth2ConsentRequest({
-      consentChallenge: consent_challenge,
-      rejectOAuth2Request: {
-        error: "access_denied",
-        error_description: "The resource owner denied the request",
+    response = await hydraClient.rejectOAuth2ConsentRequest(
+      {
+        consentChallenge: consent_challenge,
+        rejectOAuth2Request: {
+          error: "access_denied",
+          error_description: "The resource owner denied the request",
+        },
       },
-    }, { withCredentials: true });
+      {
+        headers: {
+          Cookie: cookies().toString(),
+        },
+      }
+    );
     redirect(response.data.redirect_to);
   }
 
   let responseConfirm;
-  const responseInit = await hydraClient.getOAuth2ConsentRequest({
-    consentChallenge: consent_challenge,
-  }, { withCredentials: true });
+  const responseInit = await hydraClient.getOAuth2ConsentRequest(
+    {
+      consentChallenge: consent_challenge,
+    },
+    {
+      headers: {
+        Cookie: cookies().toString(),
+      },
+    }
+  );
 
   const body = responseInit.data;
-  responseConfirm = await hydraClient.acceptOAuth2ConsentRequest({
-    consentChallenge: consent_challenge,
-    acceptOAuth2ConsentRequest: {
-      grant_scope: grantScope,
-      grant_access_token_audience: body.requested_access_token_audience,
-      remember: remember,
-      remember_for: 3600,
+  responseConfirm = await hydraClient.acceptOAuth2ConsentRequest(
+    {
+      consentChallenge: consent_challenge,
+      acceptOAuth2ConsentRequest: {
+        grant_scope: grantScope,
+        grant_access_token_audience: body.requested_access_token_audience,
+        remember: remember,
+        remember_for: 3600,
+      },
     },
-  }, { withCredentials: true });
+    {
+      headers: {
+        Cookie: cookies().toString(),
+      },
+    }
+  );
   redirect(responseConfirm.data.redirect_to);
 };
 
@@ -69,7 +91,7 @@ const Consent = async ({ searchParams }: { searchParams: ConsentProps }) => {
 
   const data = await hydraClient.getOAuth2ConsentRequest({
     consentChallenge: consent_challenge,
-  }, { withCredentials: true });
+  });
 
   const body = data.data;
   const login_challenge = data.data.login_challenge;
@@ -80,13 +102,20 @@ const Consent = async ({ searchParams }: { searchParams: ConsentProps }) => {
 
   if (body.client?.skip_consent) {
     let response;
-    response = await hydraClient.acceptOAuth2ConsentRequest({
-      consentChallenge: consent_challenge,
-      acceptOAuth2ConsentRequest: {
-        grant_scope: body.requested_scope,
-        grant_access_token_audience: body.requested_access_token_audience,
+    response = await hydraClient.acceptOAuth2ConsentRequest(
+      {
+        consentChallenge: consent_challenge,
+        acceptOAuth2ConsentRequest: {
+          grant_scope: body.requested_scope,
+          grant_access_token_audience: body.requested_access_token_audience,
+        },
       },
-    }, { withCredentials: true });
+      {
+        headers: {
+          Cookie: cookies().toString(),
+        },
+      }
+    );
     redirect(String(response.data.redirect_to));
   }
 

diff --git a/apps/consent/app/login/page.tsx b/apps/consent/app/login/page.tsx
@@ -6,7 +6,6 @@ import InputComponent from "../components/input-component";
 import Card from "../components/card";
 import MainContent from "../components/main-container";
 import Logo from "../components/logo";
-import { cookies } from "next/headers";
 import Link from "next/link";
 import authApi from "@/services/galoy-auth";
 import Heading from "../components/heading";
@@ -18,6 +17,8 @@ import SecondaryButton from "../components/button/secondary-button-component";
 import { LoginType, SubmitValue } from "../index.types";
 import { LoginEmailResponse } from "./email-login.types";
 import { headers } from "next/headers";
+import { cookies } from "next/headers";
+
 //  this page is for login via email
 interface LoginProps {
   login_challenge: string;
@@ -50,13 +51,20 @@ async function submitForm(
 
   if (submitValue === SubmitValue.denyAccess) {
     console.log("User denied access");
-    const response = await hydraClient.rejectOAuth2LoginRequest({
-      loginChallenge: login_challenge,
-      rejectOAuth2Request: {
-        error: "access_denied",
-        error_description: "The resource owner denied the request",
+    const response = await hydraClient.rejectOAuth2LoginRequest(
+      {
+        loginChallenge: login_challenge,
+        rejectOAuth2Request: {
+          error: "access_denied",
+          error_description: "The resource owner denied the request",
+        },
       },
-    }, { withCredentials: true });
+      {
+        headers: {
+          Cookie: cookies().toString(),
+        },
+      }
+    );
     redirect(response.data.redirect_to);
   }
 
@@ -104,19 +112,33 @@ const Login = async ({ searchParams }: { searchParams: LoginProps }) => {
     throw new Error("Invalid Request");
   }
 
-  const { data } = await hydraClient.getOAuth2LoginRequest({
-    loginChallenge: login_challenge,
-  }, { withCredentials: true });
+  const { data } = await hydraClient.getOAuth2LoginRequest(
+    {
+      loginChallenge: login_challenge,
+    },
+    {
+      headers: {
+        Cookie: cookies().toString(),
+      },
+    }
+  );
 
   body = data;
   if (body.skip) {
     let response: OAuth2RedirectTo;
-    const { data } = await hydraClient.acceptOAuth2LoginRequest({
-      loginChallenge: login_challenge,
-      acceptOAuth2LoginRequest: {
-        subject: String(body.subject),
+    const { data } = await hydraClient.acceptOAuth2LoginRequest(
+      {
+        loginChallenge: login_challenge,
+        acceptOAuth2LoginRequest: {
+          subject: String(body.subject),
+        },
       },
-    }, { withCredentials: true });
+      {
+        headers: {
+          Cookie: cookies().toString(),
+        },
+      }
+    );
     response = data;
     redirect(String(response.redirect_to));
   }