Revert "feat: Use Basic auth credentials for Advertiser IDSync search"

This reverts commit 1225871.

Author: rmi22186

src/Rokt-Kit.ts

@@ -30,12 +30,7 @@ interface RoktKitSettings {
   loggingUrl?: string;
   errorUrl?: string;
   isLoggingEnabled?: string | boolean;
-  /**
-   * Comma-separated `apiKey,secret` for the advertiser workspace whose
-   * IDSync `/v1/search` endpoint we should query on every onUserIdentified.
-   * Empty/missing/malformed values disable the feature.
-   */
-  advertiserIdSyncCredentials?: string;
+  advertiserIdSyncApiKey?: string;
 }
 
 interface EventAttributeCondition {
@@ -106,7 +101,6 @@ interface AdvertiserIdSyncResult {
 
 type AdvertiserIdSyncSearcher = (
   apiKey: string,
-  secret: string,
   knownIdentities: { email: string },
   callback: (result: AdvertiserIdSyncResult) => void,
 ) => void;
@@ -428,29 +422,6 @@ function isString(value: unknown): value is string {
   return typeof value === 'string';
 }
 
-/**
- * Parse the kit's `advertiserIdSyncCredentials` setting into apiKey and
- * secret components. The setting is a comma-separated string `apiKey,secret`.
- * Returns undefined for any malformed/empty value (including missing
- * comma, more than one comma, or whitespace-only halves) so the caller can
- * gate the feature off cleanly.
- */
-function parseAdvertiserIdSyncCredentials(raw: unknown): { apiKey: string; secret: string } | undefined {
-  if (!isString(raw)) {
-    return undefined;
-  }
-  const parts = raw.split(',');
-  if (parts.length !== 2) {
-    return undefined;
-  }
-  const apiKey = parts[0].trim();
-  const secret = parts[1].trim();
-  if (!apiKey || !secret) {
-    return undefined;
-  }
-  return { apiKey, secret };
-}
-
 function generateIntegrationName(customIntegrationName?: string): string {
   const coreSdkVersion = mp().getVersion();
   const kitVersion = process.env.PACKAGE_VERSION;
@@ -729,7 +700,6 @@ class RoktKit implements KitInterface {
   private _mappedEmailSha256Key?: string;
   private _onboardingExpProvider?: string;
   private _advertiserIdSyncApiKey?: string;
-  private _advertiserIdSyncSecret?: string;
 
   // ---- Private helpers ----
 
@@ -1080,12 +1050,9 @@ class RoktKit implements KitInterface {
       this._mappedEmailSha256Key = kitSettings.hashedEmailUserIdentityType.toLowerCase();
     }
 
-    // advertiserIdSyncCredentials is a comma-separated `apiKey,secret`. We
-    // parse it here so the SDK API stays simple (separate apiKey + secret
-    // arguments). Anything malformed disables the feature.
-    const credentials = parseAdvertiserIdSyncCredentials(kitSettings.advertiserIdSyncCredentials);
-    this._advertiserIdSyncApiKey = credentials?.apiKey;
-    this._advertiserIdSyncSecret = credentials?.secret;
+    this._advertiserIdSyncApiKey = isString(kitSettings.advertiserIdSyncApiKey)
+      ? kitSettings.advertiserIdSyncApiKey
+      : undefined;
 
     const domain = mp().Rokt?.domain;
     const { roktExtensionsQueryParams, legacyRoktExtensions, loadThankYouElement } = extractRoktExtensionConfig(
@@ -1236,8 +1203,7 @@ class RoktKit implements KitInterface {
 
   private searchAdvertiser(filteredUser: FilteredUser): void {
     const apiKey = this._advertiserIdSyncApiKey;
-    const secret = this._advertiserIdSyncSecret;
-    if (!apiKey || !secret) {
+    if (!apiKey) {
       return;
     }
     const searchAdvertiser = mp().Identity?.searchAdvertiser;
@@ -1250,7 +1216,7 @@ class RoktKit implements KitInterface {
       return;
     }
     try {
-      searchAdvertiser(apiKey, secret, { email }, (result: AdvertiserIdSyncResult) => {
+      searchAdvertiser(apiKey, { email }, (result: AdvertiserIdSyncResult) => {
         if (result?.httpCode === 200) {
           this.userAttributes[USER_IDENTIFIED_IN_ADVERTISER_KEY] = true;
         }

test/src/tests.spec.ts

@@ -2974,8 +2974,6 @@ describe('Rokt Forwarder', () => {
 
   describe('#advertiserIdSync', () => {
     const ADVERTISER_API_KEY = 'advertiser-key-abc123';
-    const ADVERTISER_API_SECRET = 'advertiser-secret-xyz789';
-    const ADVERTISER_CREDENTIALS = `${ADVERTISER_API_KEY},${ADVERTISER_API_SECRET}`;
 
     function makeUser(overrides: any = {}) {
       return {
@@ -2997,21 +2995,19 @@ describe('Rokt Forwarder', () => {
       (window as any).mParticle.forwarder.userAttributes = {};
     });
 
-    it('should split advertiserIdSyncCredentials into apiKey + secret and forward both, setting userIdentifiedInAdvertiser when 200 returned', async () => {
+    it('should call Identity.searchAdvertiser with the configured api key and set userIdentifiedInAdvertiser when 200 returned', async () => {
       let receivedApiKey: any = null;
-      let receivedSecret: any = null;
       let receivedKnownIdentities: any = null;
       (window as any).mParticle.Identity = {
-        searchAdvertiser: (apiKey: any, secret: any, knownIdentities: any, cb: any) => {
+        searchAdvertiser: (apiKey: any, knownIdentities: any, cb: any) => {
           receivedApiKey = apiKey;
-          receivedSecret = secret;
           receivedKnownIdentities = knownIdentities;
           cb({ httpCode: 200, body: { mpid: '999' } });
         },
       };
 
       await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: ADVERTISER_CREDENTIALS },
+        { accountId: '123456', advertiserIdSyncApiKey: ADVERTISER_API_KEY },
         reportService.cb,
         true,
         null,
@@ -3021,48 +3017,19 @@ describe('Rokt Forwarder', () => {
       (window as any).mParticle.forwarder.onUserIdentified(makeUser());
 
       expect(receivedApiKey).toBe(ADVERTISER_API_KEY);
-      expect(receivedSecret).toBe(ADVERTISER_API_SECRET);
       expect(receivedKnownIdentities).toEqual({ email: 'test@example.com' });
       expect((window as any).mParticle.forwarder.userAttributes.userIdentifiedInAdvertiser).toBe(true);
     });
 
-    it('should trim whitespace around the comma-separated credentials', async () => {
-      let receivedApiKey: any = null;
-      let receivedSecret: any = null;
-      (window as any).mParticle.Identity = {
-        searchAdvertiser: (apiKey: any, secret: any, _knownIdentities: any, cb: any) => {
-          receivedApiKey = apiKey;
-          receivedSecret = secret;
-          cb({ httpCode: 200 });
-        },
-      };
-
-      await (window as any).mParticle.forwarder.init(
-        {
-          accountId: '123456',
-          advertiserIdSyncCredentials: `  ${ADVERTISER_API_KEY}  ,  ${ADVERTISER_API_SECRET}  `,
-        },
-        reportService.cb,
-        true,
-        null,
-        {},
-      );
-
-      (window as any).mParticle.forwarder.onUserIdentified(makeUser());
-
-      expect(receivedApiKey).toBe(ADVERTISER_API_KEY);
-      expect(receivedSecret).toBe(ADVERTISER_API_SECRET);
-    });
-
     it('should not set userIdentifiedInAdvertiser when search returns 404', async () => {
       (window as any).mParticle.Identity = {
-        searchAdvertiser: (_apiKey: any, _secret: any, _knownIdentities: any, cb: any) => {
+        searchAdvertiser: (_apiKey: any, _knownIdentities: any, cb: any) => {
           cb({ httpCode: 404 });
         },
       };
 
       await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: ADVERTISER_CREDENTIALS },
+        { accountId: '123456', advertiserIdSyncApiKey: ADVERTISER_API_KEY },
         reportService.cb,
         true,
         null,
@@ -3074,7 +3041,7 @@ describe('Rokt Forwarder', () => {
       expect((window as any).mParticle.forwarder.userAttributes.userIdentifiedInAdvertiser).toBeUndefined();
     });
 
-    it('should not call searchAdvertiser when advertiserIdSyncCredentials is missing', async () => {
+    it('should not call searchAdvertiser when advertiserIdSyncApiKey is missing', async () => {
       let searchCalled = false;
       (window as any).mParticle.Identity = {
         searchAdvertiser: () => {
@@ -3090,7 +3057,7 @@ describe('Rokt Forwarder', () => {
       expect((window as any).mParticle.forwarder.userAttributes.userIdentifiedInAdvertiser).toBeUndefined();
     });
 
-    it('should not call searchAdvertiser when advertiserIdSyncCredentials is an empty string', async () => {
+    it('should not call searchAdvertiser when advertiserIdSyncApiKey is an empty string', async () => {
       let searchCalled = false;
       (window as any).mParticle.Identity = {
         searchAdvertiser: () => {
@@ -3099,7 +3066,7 @@ describe('Rokt Forwarder', () => {
       };
 
       await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: '' },
+        { accountId: '123456', advertiserIdSyncApiKey: '' },
         reportService.cb,
         true,
         null,
@@ -3112,81 +3079,6 @@ describe('Rokt Forwarder', () => {
       expect((window as any).mParticle.forwarder.userAttributes.userIdentifiedInAdvertiser).toBeUndefined();
     });
 
-    it('should not call searchAdvertiser when advertiserIdSyncCredentials has no comma', async () => {
-      let searchCalled = false;
-      (window as any).mParticle.Identity = {
-        searchAdvertiser: () => {
-          searchCalled = true;
-        },
-      };
-
-      await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: 'no-comma-here' },
-        reportService.cb,
-        true,
-        null,
-        {},
-      );
-
-      (window as any).mParticle.forwarder.onUserIdentified(makeUser());
-
-      expect(searchCalled).toBe(false);
-    });
-
-    it('should not call searchAdvertiser when advertiserIdSyncCredentials has more than one comma', async () => {
-      let searchCalled = false;
-      (window as any).mParticle.Identity = {
-        searchAdvertiser: () => {
-          searchCalled = true;
-        },
-      };
-
-      await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: 'a,b,c' },
-        reportService.cb,
-        true,
-        null,
-        {},
-      );
-
-      (window as any).mParticle.forwarder.onUserIdentified(makeUser());
-
-      expect(searchCalled).toBe(false);
-    });
-
-    it('should not call searchAdvertiser when one half of advertiserIdSyncCredentials is empty', async () => {
-      let searchCalled = false;
-      (window as any).mParticle.Identity = {
-        searchAdvertiser: () => {
-          searchCalled = true;
-        },
-      };
-
-      await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: 'apikey-only,' },
-        reportService.cb,
-        true,
-        null,
-        {},
-      );
-
-      (window as any).mParticle.forwarder.onUserIdentified(makeUser());
-
-      expect(searchCalled).toBe(false);
-
-      await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: ',secret-only' },
-        reportService.cb,
-        true,
-        null,
-        {},
-      );
-
-      (window as any).mParticle.forwarder.onUserIdentified(makeUser());
-
-      expect(searchCalled).toBe(false);
-    });
-
     it('should not call searchAdvertiser when the user has no plain email identity', async () => {
       let searchCalled = false;
       (window as any).mParticle.Identity = {
@@ -3196,7 +3088,7 @@ describe('Rokt Forwarder', () => {
       };
 
       await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: ADVERTISER_CREDENTIALS },
+        { accountId: '123456', advertiserIdSyncApiKey: ADVERTISER_API_KEY },
         reportService.cb,
         true,
         null,
@@ -3215,7 +3107,7 @@ describe('Rokt Forwarder', () => {
       (window as any).mParticle.Identity = {};
 
       await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: ADVERTISER_CREDENTIALS },
+        { accountId: '123456', advertiserIdSyncApiKey: ADVERTISER_API_KEY },
         reportService.cb,
         true,
         null,
@@ -3236,7 +3128,7 @@ describe('Rokt Forwarder', () => {
       };
 
       await (window as any).mParticle.forwarder.init(
-        { accountId: '123456', advertiserIdSyncCredentials: ADVERTISER_CREDENTIALS },
+        { accountId: '123456', advertiserIdSyncApiKey: ADVERTISER_API_KEY },
         reportService.cb,
         true,
         null,