@W-14455649@ - DO NOT MERGE - Spike slas private client v2#1585
@W-14455649@ - DO NOT MERGE - Spike slas private client v2#1585vcua-mobify wants to merge 10 commits into
Conversation
| }, | ||
| "dependencies": { | ||
| "commerce-sdk-isomorphic": "^1.10.4", | ||
| "commerce-sdk-isomorphic": "/Users/vcua/Git/commerce-sdk-isomorphic", |
There was a problem hiding this comment.
This PR needs the changes in SalesforceCommerceCloud/commerce-sdk-isomorphic#138 to work
There was a problem hiding this comment.
FYI if anyone wants to run this PR locally, you'll need to update this line to point to your own copy of commerce-sdk-isomorphic. Specifically, pull in the PR: SalesforceCommerceCloud/commerce-sdk-isomorphic#138.
Also, in your copy of commerce-sdk-isomorphic, build it first by running:
yarn install
yarn run renderTemplates
yarn build:lib
| return await this.queueRequest( | ||
| () => helpers.loginGuestUser(this.client, {redirectURI: this.redirectURI}), | ||
| //() => helpers.loginGuestUser(this.client, {redirectURI: this.redirectURI}), | ||
| () => helpers.loginGuestUserPrivateClient(this.client,{redirectURI: this.redirectURI}), |
There was a problem hiding this comment.
This consumes a change made in commerce-sdk-isomorphic to skip the /authorize call when logging in as a guest
| "express": "^4.18.2", | ||
| "header-case": "1.0.1", | ||
| "http-proxy-middleware": "0.21.0", | ||
| "http-proxy-middleware": "^2.0.6", |
There was a problem hiding this comment.
I updated this dependency for the purposes of this spike. Upgrading required minimal changes and did not seem to have broken anything.
| }) | ||
| ) | ||
|
|
||
| const createSlasHandler = ({clientId, secret, shortCode}) => { |
There was a problem hiding this comment.
The main event happens here. A SLAS request coming from commerce-sdk-react is intercepted and we add the client secret as an auth header to /token calls.
We may want to allow developers to set additional endpoints where this client secret is added (ie. /password/action for password reset).
| interface AuthConfig extends ApiClientConfigParams { | ||
| redirectURI: string | ||
| proxy: string | ||
| slasProxy: string |
There was a problem hiding this comment.
We are setting up a new proxy in ssr.js to insert the client secret. This new slasProxy is how I am consuming that separate proxy at this time
| constructor(config: AuthConfig) { | ||
| this.client = new ShopperLogin({ | ||
| proxy: config.proxy, | ||
| proxy: config.slasProxy, |
There was a problem hiding this comment.
Using the regular config.proxy would send calls to /mobify/proxy/api/ which does not include the logic for inserting the client secret at this time. So I added this new slasProxy for requests that do go need the client secret
|
|
||
| export const DEFAULT_TEST_CONFIG = { | ||
| proxy: `${DEFAULT_TEST_HOST}/mobify/proxy/api`, | ||
| slasProxy: `${DEFAULT_TEST_HOST}`, |
There was a problem hiding this comment.
This is how I am consuming the new proxy set in ssr.js. As mentioned in other comments, it is currently separate from /mobify/proxy/api
| const clientId = process?.env?.SLAS_PRIVATE_CLIENT_ID | ||
| const secret = process?.env?.SLAS_PRIVATE_CLIENT_SECRET | ||
| const shortCode = process?.env?.CC_SHORT_CODE | ||
| const target = `https://${shortCode}.api.commercecloud.salesforce.com` |
There was a problem hiding this comment.
These environment variables are read either from your local terminal or from MRT's env variables
There was a problem hiding this comment.
I was trying out an approach that used a new env-vars.json file to store the client secret but maybe just setting the env var in the terminal is better? This way, there is no risk in accidentally committing a file with the client secret and we don't have to read in a file.
Less logic also as process.env can work locally and on MRT.
| const encodedClientCredential = Buffer.from(`${clientId}:${secret}`).toString( | ||
| 'base64' | ||
| ) | ||
| outGoingReq.setHeader('Authorization', `Basic ${encodedClientCredential}`) |
There was a problem hiding this comment.
We could add a conditional here to only set the secret if it is defined. If it's not defined (ie. we're using a SLAS public client), do nothing.
| const clientId = process?.env?.SLAS_PRIVATE_CLIENT_ID | ||
| const secret = process?.env?.SLAS_PRIVATE_CLIENT_SECRET | ||
| const shortCode = process?.env?.CC_SHORT_CODE |
There was a problem hiding this comment.
These are the same env vars used for Storefront Preview, right? If so, let's keep in mind that most likely the customer will need to use a different api client for their website... a client that does not have access/scope to set the shopper context.
| }, | ||
| "dependencies": { | ||
| "commerce-sdk-isomorphic": "^1.10.4", | ||
| "commerce-sdk-isomorphic": "/Users/vcua/Git/commerce-sdk-isomorphic", |
There was a problem hiding this comment.
FYI if anyone wants to run this PR locally, you'll need to update this line to point to your own copy of commerce-sdk-isomorphic. Specifically, pull in the PR: SalesforceCommerceCloud/commerce-sdk-isomorphic#138.
Also, in your copy of commerce-sdk-isomorphic, build it first by running:
yarn install
yarn run renderTemplates
yarn build:lib
|
stale PR, closed |
3 participants
PR for spiking how we might add private clients to the PWA
WIP
Currently works on local build and MRT
MRT test environment: https://scaffold-pwa-private-client.mobify-storefront.com/
TODO
Unify the proxies. Right now, slas is using a separate proxy from everything else