From 10a43370e8b6f2f14850a505f89796e7accffcec Mon Sep 17 00:00:00 2001 From: Shankar Singh C <83439957+ShankarSinghC@users.noreply.github.com> Date: Thu, 26 Dec 2024 16:19:20 +0530 Subject: [PATCH] fix(router): populate `profile_id` in for the HeaderAuth of v1 (#6936) Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com> --- config/deployments/integration_test.toml | 2 +- config/deployments/production.toml | 2 +- config/deployments/sandbox.toml | 2 +- config/development.toml | 2 +- config/docker_compose.toml | 2 +- crates/router/src/services/authentication.rs | 28 ++++++++++++++++---- loadtest/config/development.toml | 2 +- 7 files changed, 29 insertions(+), 11 deletions(-) diff --git a/config/deployments/integration_test.toml b/config/deployments/integration_test.toml index dd4938d8d6f8..6283382258a8 100644 --- a/config/deployments/integration_test.toml +++ b/config/deployments/integration_test.toml @@ -419,7 +419,7 @@ outgoing_enabled = true connectors_with_webhook_source_verification_call = "paypal" # List of connectors which has additional source verification api-call [unmasked_headers] -keys = "accept-language,user-agent" +keys = "accept-language,user-agent,x-profile-id" [saved_payment_methods] sdk_eligible_payment_methods = "card" diff --git a/config/deployments/production.toml b/config/deployments/production.toml index 9ad4f90b71f1..3537834fd07e 100644 --- a/config/deployments/production.toml +++ b/config/deployments/production.toml @@ -435,7 +435,7 @@ outgoing_enabled = true connectors_with_webhook_source_verification_call = "paypal" # List of connectors which has additional source verification api-call [unmasked_headers] -keys = "accept-language,user-agent" +keys = "accept-language,user-agent,x-profile-id" [saved_payment_methods] sdk_eligible_payment_methods = "card" diff --git a/config/deployments/sandbox.toml b/config/deployments/sandbox.toml index d2132cd1e400..fcfadb339d9d 100644 --- a/config/deployments/sandbox.toml +++ b/config/deployments/sandbox.toml @@ -437,7 +437,7 @@ outgoing_enabled = true connectors_with_webhook_source_verification_call = "paypal" # List of connectors which has additional source verification api-call [unmasked_headers] -keys = "accept-language,user-agent" +keys = "accept-language,user-agent,x-profile-id" [saved_payment_methods] sdk_eligible_payment_methods = "card" diff --git a/config/development.toml b/config/development.toml index d157894ac766..4c9b8516b5ad 100644 --- a/config/development.toml +++ b/config/development.toml @@ -768,7 +768,7 @@ enabled = true file_storage_backend = "file_system" [unmasked_headers] -keys = "accept-language,user-agent" +keys = "accept-language,user-agent,x-profile-id" [opensearch] host = "https://localhost:9200" diff --git a/config/docker_compose.toml b/config/docker_compose.toml index 3bbb11063505..75699d0a9674 100644 --- a/config/docker_compose.toml +++ b/config/docker_compose.toml @@ -609,7 +609,7 @@ source = "logs" file_storage_backend = "file_system" [unmasked_headers] -keys = "accept-language,user-agent" +keys = "accept-language,user-agent,x-profile-id" [opensearch] host = "https://opensearch:9200" diff --git a/crates/router/src/services/authentication.rs b/crates/router/src/services/authentication.rs index d35e321a7bea..99800b555123 100644 --- a/crates/router/src/services/authentication.rs +++ b/crates/router/src/services/authentication.rs @@ -666,6 +666,13 @@ where metrics::PARTIAL_AUTH_FAILURE.add(1, &[]); }; + let profile_id = HeaderMapStruct::new(request_headers) + .get_id_type_from_header_if_present::(headers::X_PROFILE_ID) + .change_context(errors::ValidationError::IncorrectValueProvided { + field_name: "X-Profile-Id", + }) + .change_context(errors::ApiErrorResponse::Unauthorized)?; + let payload = ExtractedPayload::from_headers(request_headers) .and_then(|value| { let (algo, secret) = state.get_detached_auth()?; @@ -687,8 +694,13 @@ where merchant_id: Some(merchant_id), key_id: Some(key_id), } => { - let auth = - construct_authentication_data(state, &merchant_id, request_headers).await?; + let auth = construct_authentication_data( + state, + &merchant_id, + request_headers, + profile_id, + ) + .await?; Ok(( auth.clone(), AuthenticationType::ApiKey { @@ -702,8 +714,13 @@ where merchant_id: Some(merchant_id), key_id: None, } => { - let auth = - construct_authentication_data(state, &merchant_id, request_headers).await?; + let auth = construct_authentication_data( + state, + &merchant_id, + request_headers, + profile_id, + ) + .await?; Ok(( auth.clone(), AuthenticationType::PublishableKey { @@ -779,6 +796,7 @@ async fn construct_authentication_data( state: &A, merchant_id: &id_type::MerchantId, request_headers: &HeaderMap, + profile_id: Option, ) -> RouterResult where A: SessionStateInfo + Sync, @@ -830,7 +848,7 @@ where merchant_account: merchant, platform_merchant_account, key_store, - profile_id: None, + profile_id, }; Ok(auth) diff --git a/loadtest/config/development.toml b/loadtest/config/development.toml index 64d0526d1476..ec58ab08b878 100644 --- a/loadtest/config/development.toml +++ b/loadtest/config/development.toml @@ -396,7 +396,7 @@ client_secret = "" partner_id = "" [unmasked_headers] -keys = "accept-language,user-agent" +keys = "accept-language,user-agent,x-profile-id" [multitenancy] enabled = false