fix: authentication

Author: nrkruk

package.json

@@ -15,6 +15,7 @@
     "@salesforce/sf-plugins-core": "^11.2.4",
     "@inquirer/select": "^2.4.7",
     "@inquirer/prompts": "^5.3.8",
+    "axios": "^1.7.7",
     "chalk": "^5.3.0",
     "lwc": "7.1.3",
     "lwr": "0.14.2",

src/commands/lightning/dev/site.ts

@@ -67,9 +67,12 @@ export default class LightningDevSite extends SfCommand<void> {
       // Pass the org auth token so LWR can make authenticated requests to core
       const authToken = org.getConnection().accessToken ?? '';
 
+      const networkId = await selectedSite.getNetworkIdByName();
+      const sidToken = await selectedSite.getNewSidToken(networkId);
+
       // Start the dev server
       await expDev({
-        authToken,
+        authToken: sidToken || authToken,
         open: true,
         port: 3000,
         logLevel: 'error',

src/shared/experience/expSite.ts

@@ -7,6 +7,7 @@
 import fs from 'node:fs';
 import path from 'node:path';
 import { Org, SfError } from '@salesforce/core';
+import axios from 'axios';
 
 export type SiteMetadata = {
   bundleName: string;
@@ -225,6 +226,140 @@ export class ExperienceSite {
 
     return resourcePath;
   }
+
+  // TODO cleanup
+  public async getNetworkIdByName(): Promise<string> {
+    const conn = this.org.getConnection();
+    // try {
+    // Query the Network object for the network with the given site name
+    const result = await conn.query<{ Id: string }>(`SELECT Id FROM Network WHERE Name = '${this.siteDisplayName}'`);
+
+    const record = result.records[0];
+    if (record) {
+      let networkId = record.Id;
+      // Subtract the last three characters from the Network ID
+      networkId = networkId.substring(0, networkId.length - 3);
+      return networkId;
+    } else {
+      throw new Error(`Network with name '${this.siteDisplayName}' not found`);
+    }
+    // } catch (error) {
+    //   // console.error('Error fetching Network ID:', error);
+    //   throw error;
+    // }
+  }
+
+  public async getNewSidToken(networkId: string): Promise<string> {
+    // Get the connection and access token from the org
+    const conn = this.org.getConnection();
+    const identity = await conn.identity();
+    if (identity.user_id) {
+      // do something
+    }
+    const orgId = this.org.getOrgId();
+    const orgIdMinus3 = orgId.substring(0, orgId.length - 3);
+    const accessToken = conn.accessToken;
+    const instanceUrl = conn.instanceUrl;
+
+    // Construct the switch URL
+    const switchUrl = `${instanceUrl}/servlet/networks/switch?networkId=${networkId}`;
+
+    // try {
+    // Make the GET request without following redirects
+    if (accessToken) {
+      const cookies = [
+        `sid=${accessToken}`,
+        `oid=${orgIdMinus3}`,
+        // 'sid_Client=s000000uuCPw000000I7xV',
+        // Include other essential cookies if necessary
+        // For example:
+        // `oid=${conn.getAuthInfoFields().orgId}`,
+        // `sid_Client=${conn.userInfo.id}`,
+        // Add any other cookies that might be required
+      ]
+        .join('; ')
+        .trim();
+      let response = await axios.get(switchUrl, {
+        headers: {
+          Cookie: cookies,
+          // Include other headers if necessary
+          // 'User-Agent': 'Your User Agent String',
+          // 'Referer': 'Referer URL if required',
+        },
+        withCredentials: true,
+        maxRedirects: 0, // Prevent axios from following redirects
+        validateStatus: (status) => status >= 200 && status < 400, // Accept 3xx status codes
+      });
+
+      // Extract the Location header
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+      const locationHeader = response.headers['location'];
+
+      if (locationHeader) {
+        // Parse the URL to extract the 'sid' parameter
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
+        const urlObj = new URL(locationHeader);
+        const sid = urlObj.searchParams.get('sid') ?? '';
+        const cookies2 = [
+          '__Secure-has-sid=1',
+          `sid=${sid}`,
+          `oid=${orgIdMinus3}`,
+          // 'sid_Client=s000000uuCPw000000I7xV',
+          // Include other essential cookies if necessary
+          // For example:
+          // `oid=${conn.getAuthInfoFields().orgId}`,
+          // `sid_Client=${conn.userInfo.id}`,
+          // Add any other cookies that might be required
+        ]
+          .join('; ')
+          .trim();
+
+        response = await axios.get(urlObj.toString(), {
+          headers: {
+            Cookie: cookies2,
+            // Include other headers if necessary
+            // 'User-Agent': 'Your User Agent String',
+            // 'Referer': 'Referer URL if required',
+          },
+          withCredentials: true,
+          maxRedirects: 0, // Prevent axios from following redirects
+          validateStatus: (status) => status >= 200 && status < 400, // Accept 3xx status codes
+        });
+        const setCookieHeader = response.headers['set-cookie'];
+        if (setCookieHeader) {
+          // 'set-cookie' can be an array if multiple cookies are set
+          // Find the 'sid' cookie in the set-cookie header
+          const sidCookie = setCookieHeader.find((cookieStr: string) => cookieStr.startsWith('sid='));
+
+          if (sidCookie) {
+            // Extract the sid value from the cookie string
+            const sidMatch = sidCookie.match(/sid=([^;]+)/);
+            if (sidMatch?.[1]) {
+              const sidToken = sidMatch[1];
+              return sidToken;
+            }
+          }
+        } else {
+          // eslint-disable-next-line no-console
+          console.log('error couldnt find set-cookie header for sid token');
+        }
+
+        if (sid) {
+          return sid;
+        } else {
+          throw new Error('SID token not found in Location header');
+        }
+      } else {
+        throw new Error('Location header not found in response');
+      }
+    }
+    return '';
+    // } catch (error) {
+    //   // Handle errors (e.g., network issues, HTTP errors)
+    //   // console.error('Error obtaining new SID token:', error);
+    //   throw error;
+    // }
+  }
 }
 
 /**

yarn.lock

@@ -6126,6 +6126,15 @@ axe-core@^4.6.2:
   resolved "https://registry.yarnpkg.com/axe-core/-/axe-core-4.10.0.tgz#d9e56ab0147278272739a000880196cdfe113b59"
   integrity sha512-Mr2ZakwQ7XUAjp7pAwQWRhhK8mQQ6JAaNWSjmjxil0R8BPioMtQsTLOolGYkji1rcL++3dCqZA3zWqpT+9Ew6g==
 
+axios@^1.7.7:
+  version "1.7.7"
+  resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.7.tgz#2f554296f9892a72ac8d8e4c5b79c14a91d0a47f"
+  integrity sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==
+  dependencies:
+    follow-redirects "^1.15.6"
+    form-data "^4.0.0"
+    proxy-from-env "^1.1.0"
+
 axobject-query@^3.1.1:
   version "3.2.4"
   resolved "https://registry.yarnpkg.com/axobject-query/-/axobject-query-3.2.4.tgz#6dfba930294ea14d7d2fc68b9d007211baedb94c"
@@ -8695,6 +8704,11 @@ follow-redirects@^1.0.0:
   resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b"
   integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==
 
+follow-redirects@^1.15.6:
+  version "1.15.9"
+  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.9.tgz#a604fa10e443bf98ca94228d9eebcc2e8a2c8ee1"
+  integrity sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==
+
 for-each@^0.3.3:
   version "0.3.3"
   resolved "https://registry.yarnpkg.com/for-each/-/for-each-0.3.3.tgz#69b447e88a0a5d32c3e7084f3f1710034b21376e"
@@ -12991,6 +13005,11 @@ proxy-addr@~2.0.7:
     forwarded "0.2.0"
     ipaddr.js "1.9.1"
 
+proxy-from-env@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2"
+  integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==
+
 psl@^1.1.33:
   version "1.9.0"
   resolved "https://registry.yarnpkg.com/psl/-/psl-1.9.0.tgz#d0df2a137f00794565fcaf3b2c00cd09f8d5a5a7"