Merge pull request #31 from holaplex/mpw/hydra-plugin-user-id

mpwsh · web-flow · commit e1718997e439 · 2023-03-02T03:25:56.000-03:00
update hydra plugin - expose user id header
diff --git a/charts/hub-gateway/Chart.yaml b/charts/hub-gateway/Chart.yaml
@@ -19,7 +19,7 @@ type: application
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 
-version: "0.7.2"
+version: "0.7.3"
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/charts/hub-gateway/plugins/oauth2.lua b/charts/hub-gateway/plugins/oauth2.lua
@@ -73,7 +73,7 @@ function _M.access(conf, ctx)
 
     if not api_token then
         return 401, json.encode({
-          message = "Authorization header not found" 
+          message = "Authorization header not found"
         })
     end
 
@@ -126,6 +126,34 @@ function _M.access(conf, ctx)
             return data.client_id
         end)
     end
+
+    -- Get kratos user id from hydra client contacts
+    local params = {
+        method = "GET",
+        headers = {
+            ["Accept"] = "application/json"
+        },
+        keepalive = conf.keepalive,
+        ssl_verify = conf.ssl_verify
+    }
+
+    if conf.keepalive then
+        params.keepalive_timeout = conf.keepalive_timeout
+        params.keepalive_pool = conf.keepalive_pool
+    end
+
+    local endpoint = conf.host .. "/admin/clients/" .. data.client_id
+
+    local res, err = httpc:request_uri(endpoint, params)
+
+    local data, err = json.decode(res.body)
+    if not data then
+        return 401, err
+    end
+
+    core.request.set_header(ctx, "X-USER-ID", data.contacts[1])
+    core.response.set_header("X-USER-ID", data.contacts[1])
+
 end
 
 return _M
diff --git a/charts/hub-gateway/plugins/session.lua b/charts/hub-gateway/plugins/session.lua
@@ -76,17 +76,17 @@ function _M.check_schema(conf)
 end
 
 function _M.access(conf, ctx)
-    local headers = core.request.headers()
-
     local session_cookie_name = string.lower(conf.session_cookie_name or "ory_kratos_session")
     local cookie_header = string.lower("cookie_" .. session_cookie_name)
     local cookie_value = ngx.var[cookie_header]
 
-    -- Try to get session token from cookie header and $session_cookie_name 
-    local session_token = headers[session_cookie_name] or cookie_value
+    -- Try to get session token from $session_cookie_name cookie
+    local session_token = cookie_value
 
     if not session_token then
-        return
+        return 401, json.encode({
+          message = "session_cookie not found not found"
+        })
     end
 
     local kratos_cookie = session_cookie_name .. "=" .. session_token
@@ -113,25 +113,34 @@ function _M.access(conf, ctx)
 
     -- block by default when user is not found
     if not res then
-        return
+        return 401, json.encode({
+              message = err
+            })
     end
 
     -- parse the user data
     local data, err = json.decode(res.body)
     if not data then
-        return
+        return 401, json.encode({
+              message = err
+            })
+
     end
 
     -- block if user id is not found
     if not data.id then
-        return
+        return 401, json.encode({
+              message = err
+            })
     end
 
     -- Expose user data response on $kratos_user_data variable
     if conf.expose_user_data then
         local user_data = ngx.encode_base64(res.body)
         if not user_data then
-            return
+            return 401, json.encode({
+              message = "Error while reading user_data"
+            })
         end
         core.ctx.register_var("kratos_user_data", function(ctx)
             return user_data
