Add support to secured endpoints throught Authorization header

sebasjm · sebasjm · commit adea9f0a385a · 2016-10-12T13:19:56.000-03:00
diff --git a/src/CoreManager.js b/src/CoreManager.js
@@ -145,6 +145,7 @@ var config: Config & { [key: string]: mixed } = {
             !process.versions.electron),
   REQUEST_ATTEMPT_LIMIT: 5,
   SERVER_URL: 'https://api.parse.com/1',
+  CREDENTIALS: null, 
   LIVEQUERY_SERVER_URL: null,
   VERSION: 'js' + require('../package.json').version,
   APPLICATION_ID: null,
diff --git a/src/Parse.js b/src/Parse.js
@@ -80,6 +80,14 @@ Object.defineProperty(Parse, 'serverURL', {
     CoreManager.set('SERVER_URL', value);
   }
 });
+Object.defineProperty(Parse, 'credentials', {
+  get() {
+    return CoreManager.get('CREDENTIALS');
+  },
+  set(value) {
+    CoreManager.set('CREDENTIALS', value);
+  }
+});
 Object.defineProperty(Parse, 'liveQueryServerURL', {
   get() {
     return CoreManager.get('LIVEQUERY_SERVER_URL');
diff --git a/src/RESTController.js b/src/RESTController.js
@@ -132,7 +132,9 @@ const RESTController = {
         headers['User-Agent'] = 'Parse/' + CoreManager.get('VERSION') +
           ' (NodeJS ' + process.versions.node + ')';
       }
-
+      if (CoreManager.get('CREDENTIALS')) {
+        headers['Authorization'] = 'Bearer ' + CoreManager.get('CREDENTIALS');
+      }
       xhr.open(method, url, true);
       for (var h in headers) {
         xhr.setRequestHeader(h, headers[h]);
diff --git a/src/__tests__/RESTController-test.js b/src/__tests__/RESTController-test.js
@@ -329,4 +329,24 @@ describe('RESTController', () => {
       'Cannot use the Master Key, it has not been provided.'
     );
   });
+
+  it('sends credentials header when the config flag is set', () => {
+    CoreManager.set('CREDENTIALS', 'some_random_token');
+    var credentialsHeader = function(header){ return "Authorization" === header[0] }
+    var xhr = {
+      setRequestHeader: jest.genMockFn(),
+      open: jest.genMockFn(),
+      send: jest.genMockFn()
+    };
+    RESTController._setXHR(function() { return xhr; });
+    RESTController.request('GET', 'classes/MyObject', {}, {});
+    jest.runAllTicks();
+    expect(xhr.setRequestHeader.mock.calls.filter(credentialsHeader)).toEqual(
+        [["Authorization", "Bearer some_random_token"]]
+    );
+    console.log()
+    CoreManager.set('CREDENTIALS', null); // Clean up
+  });
+
+
 });
