Merge pull request #171 from vtex-apps/feature/get-appkey-cookie

Feature: Get VtexIdclientAutCookie cookie
vtex-apps · Apr 10, 2024 · 4cd53db · 4cd53db
2 parents 40a7a53 + f2455b4
commit 4cd53db
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 4 deletions.
diff --git a/dotnet/GraphQL/Query.cs b/dotnet/GraphQL/Query.cs
@@ -29,7 +29,16 @@ public Query(IWishListService wishListService)
                 resolve: async context =>
                 {
 
-                    Console.WriteLine("viewList");
+                    HttpStatusCode isValidAuthUser = await wishListService.IsValidAuthUser();
+                    if (isValidAuthUser != HttpStatusCode.OK)
+                    {
+                        context.Errors.Add(new ExecutionError(isValidAuthUser.ToString())
+                        {
+                            Code = isValidAuthUser.ToString()
+                        });
+
+                        return null;
+                    }
 
                     string shopperId = context.GetArgument<string>("shopperId");
                     string name = context.GetArgument<string>("name");

diff --git a/dotnet/Services/WishListService.cs b/dotnet/Services/WishListService.cs
@@ -307,17 +307,21 @@ public async Task<ValidatedUser> ValidateUserToken(string token)
         public async Task<HttpStatusCode> IsValidAuthUser()
         {
 
-            if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken) && string.IsNullOrEmpty(_context.Vtex.AdminUserAuthToken))
+            string VtexIdclientAutCookieKey = this._httpContextAccessor.HttpContext.Request.Headers["VtexIdclientAutCookie"];
+
+            if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken) && string.IsNullOrEmpty(_context.Vtex.AdminUserAuthToken) && string.IsNullOrEmpty(VtexIdclientAutCookieKey))
             {
                 return HttpStatusCode.Unauthorized;
             }
-
+            
             ValidatedUser validatedUser = null;
             ValidatedUser validatedAdminUser = null;
+            ValidatedUser validatedKeyApp = null;
 
             try {
                 validatedUser = await ValidateUserToken(_context.Vtex.StoreUserAuthToken);
                 validatedAdminUser = await ValidateUserToken(_context.Vtex.AdminUserAuthToken);
+                validatedKeyApp = await ValidateUserToken(VtexIdclientAutCookieKey);
             }
             catch (Exception ex)
             {
@@ -326,10 +330,12 @@ public async Task<HttpStatusCode> IsValidAuthUser()
                 return HttpStatusCode.BadRequest;
             }
 
+
             bool hasPermission = validatedUser != null && validatedUser.AuthStatus.Equals("Success");
             bool hasAdminPermission = validatedAdminUser != null && validatedAdminUser.AuthStatus.Equals("Success");
+            bool hasPermissionToken = validatedKeyApp != null && validatedKeyApp.AuthStatus.Equals("Success");
 
-            if (!hasPermission && !hasAdminPermission)
+            if (!hasPermission && !hasAdminPermission && !hasPermissionToken)
             {
                 _context.Vtex.Logger.Warn("IsValidAuthUser", null, "User Does Not Have Permission");