-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use fetch middlewares in event-source-polifyll (re: #23015) #24820
Conversation
Signed-off-by: Alex Eftimie <alex.eftimie@getyourguide.com>
Missing ChangesetsThe following package(s) are changed by this PR but do not have a changeset:
See CONTRIBUTING.md for more information about how to add changesets. Changed Packages
|
@aramissennyeydd / @freben pulling you from the original ticket, can you have a look and see if this would be an acceptable approach? I can implement it as an Not yet sure, but I assume if the new My current code looks like this: createApiFactory({
api: fetchApiRef,
deps: {
configApi: configApiRef,
identityApi: identityApiRef,
discoveryApi: discoveryApiRef,
},
factory: ({ configApi, identityApi, discoveryApi }) => {
return createFetchApi({
middleware: [
FetchMiddlewares.resolvePluginProtocol({
discoveryApi,
}),
FetchMiddlewares.injectIdentityAuth({
identityApi,
config: configApi,
header: {
name: 'Backstage-Authorization',
value: (backstageToken) => `Bearer ${backstageToken}`,
}
}),
],
});
},
}), |
Signed-off-by: Alex Eftimie <alex.eftimie@getyourguide.com>
@@ -130,15 +126,14 @@ | |||
|
|||
expect(MockedEventSource).toHaveBeenCalledWith( | |||
'http://backstage:9191/api/techdocs/sync/default/Component/test-component', | |||
{ withCredentials: true, headers: { Authorization: 'Bearer token' } }, | |||
{ withCredentials: true, headers: { authorization: 'Bearer token' } }, |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical
authorization header
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a test
Signed-off-by: Alex Eftimie <alex.eftimie@getyourguide.com>
Signed-off-by: Alex Eftimie <alex.eftimie@getyourguide.com>
Thank you! 👍 Wanna note here as well that I think we should explore #23015 (comment) before making additions to the core APIs |
closing in favor of: #24861 |
Uffizzi Cluster |
PoC to validate this would be the way forward in #23015 (
scaffolder
,techdocs
useevent-source-polyfill
library that only allows headers to be passed but not the entirefetch
implementation)✔️ Checklist
Signed-off-by
line in the message. (more info)