fix(router): populate profile_id in for the HeaderAuth of v1 (#6936)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
juspay · Dec 26, 2024 · 10a4337 · 10a4337
1 parent d849403
commit 10a4337
Show file tree

Hide file tree

Showing 7 changed files with 29 additions and 11 deletions.
diff --git a/config/deployments/integration_test.toml b/config/deployments/integration_test.toml
@@ -419,7 +419,7 @@ outgoing_enabled = true
 connectors_with_webhook_source_verification_call = "paypal"         # List of connectors which has additional source verification api-call
 
 [unmasked_headers]
-keys = "accept-language,user-agent"
+keys = "accept-language,user-agent,x-profile-id"
 
 [saved_payment_methods]
 sdk_eligible_payment_methods = "card"

diff --git a/config/deployments/production.toml b/config/deployments/production.toml
@@ -435,7 +435,7 @@ outgoing_enabled = true
 connectors_with_webhook_source_verification_call = "paypal"     # List of connectors which has additional source verification api-call
 
 [unmasked_headers]
-keys = "accept-language,user-agent"
+keys = "accept-language,user-agent,x-profile-id"
 
 [saved_payment_methods]
 sdk_eligible_payment_methods = "card"

diff --git a/config/deployments/sandbox.toml b/config/deployments/sandbox.toml
@@ -437,7 +437,7 @@ outgoing_enabled = true
 connectors_with_webhook_source_verification_call = "paypal"        # List of connectors which has additional source verification api-call
 
 [unmasked_headers]
-keys = "accept-language,user-agent"
+keys = "accept-language,user-agent,x-profile-id"
 
 [saved_payment_methods]
 sdk_eligible_payment_methods = "card"

diff --git a/config/development.toml b/config/development.toml
@@ -768,7 +768,7 @@ enabled = true
 file_storage_backend = "file_system"
 
 [unmasked_headers]
-keys = "accept-language,user-agent"
+keys = "accept-language,user-agent,x-profile-id"
 
 [opensearch]
 host = "https://localhost:9200"

diff --git a/config/docker_compose.toml b/config/docker_compose.toml
@@ -609,7 +609,7 @@ source = "logs"
 file_storage_backend = "file_system"
 
 [unmasked_headers]
-keys = "accept-language,user-agent"
+keys = "accept-language,user-agent,x-profile-id"
 
 [opensearch]
 host = "https://opensearch:9200"

diff --git a/crates/router/src/services/authentication.rs b/crates/router/src/services/authentication.rs
@@ -666,6 +666,13 @@ where
             metrics::PARTIAL_AUTH_FAILURE.add(1, &[]);
         };
 
+        let profile_id = HeaderMapStruct::new(request_headers)
+            .get_id_type_from_header_if_present::<id_type::ProfileId>(headers::X_PROFILE_ID)
+            .change_context(errors::ValidationError::IncorrectValueProvided {
+                field_name: "X-Profile-Id",
+            })
+            .change_context(errors::ApiErrorResponse::Unauthorized)?;
+
         let payload = ExtractedPayload::from_headers(request_headers)
             .and_then(|value| {
                 let (algo, secret) = state.get_detached_auth()?;
@@ -687,8 +694,13 @@ where
                     merchant_id: Some(merchant_id),
                     key_id: Some(key_id),
                 } => {
-                    let auth =
-                        construct_authentication_data(state, &merchant_id, request_headers).await?;
+                    let auth = construct_authentication_data(
+                        state,
+                        &merchant_id,
+                        request_headers,
+                        profile_id,
+                    )
+                    .await?;
                     Ok((
                         auth.clone(),
                         AuthenticationType::ApiKey {
@@ -702,8 +714,13 @@ where
                     merchant_id: Some(merchant_id),
                     key_id: None,
                 } => {
-                    let auth =
-                        construct_authentication_data(state, &merchant_id, request_headers).await?;
+                    let auth = construct_authentication_data(
+                        state,
+                        &merchant_id,
+                        request_headers,
+                        profile_id,
+                    )
+                    .await?;
                     Ok((
                         auth.clone(),
                         AuthenticationType::PublishableKey {
@@ -779,6 +796,7 @@ async fn construct_authentication_data<A>(
     state: &A,
     merchant_id: &id_type::MerchantId,
     request_headers: &HeaderMap,
+    profile_id: Option<id_type::ProfileId>,
 ) -> RouterResult<AuthenticationData>
 where
     A: SessionStateInfo + Sync,
@@ -830,7 +848,7 @@ where
         merchant_account: merchant,
         platform_merchant_account,
         key_store,
-        profile_id: None,
+        profile_id,
     };
 
     Ok(auth)

diff --git a/loadtest/config/development.toml b/loadtest/config/development.toml
@@ -396,7 +396,7 @@ client_secret = ""
 partner_id = ""
 
 [unmasked_headers]
-keys = "accept-language,user-agent"
+keys = "accept-language,user-agent,x-profile-id"
 
 [multitenancy]
 enabled = false