Merge pull request #292 from kinde-oss/fix/hasuramapping

DanielRivers · web-flow · commit 5aee414f0b32 · 2025-02-25T12:23:11.000Z
diff --git a/src/session/getFlag.js b/src/session/getFlag.js
@@ -1,4 +1,5 @@
 import { sessionManager } from "./sessionManager";
+import { FlagDataType } from "@kinde-oss/kinde-typescript-sdk";
 import { kindeClient } from "./kindeServerClient";
 
 /**
@@ -18,14 +19,49 @@ import { kindeClient } from "./kindeServerClient";
 export const getFlagFactory =
   (req, res) => async (code, defaultValue, flagType) => {
     try {
-      const flag = await kindeClient.getFlag(
-        await sessionManager(req, res),
-        code,
-        defaultValue,
-        flagType,
+      const tokenFeatureFlags = await kindeClient.getClaimValue(
+        sessionManager,
+        "feature_flags",
+        "access_token",
+      );
+
+      const tokenHasuraFeatureFlags = await kindeClient.getClaimValue(
+        sessionManager,
+        "x-hasura-feature-flags",
+        "access_token",
       );
 
-      return flag;
+      const featureFlags = {
+        ...tokenFeatureFlags,
+        ...tokenHasuraFeatureFlags,
+      };
+
+      const flag = featureFlags[code];
+
+      if (!flag && defaultValue === undefined) {
+        throw new Error(
+          `Flag ${code} was not found, and no default value has been provided`,
+        );
+      }
+
+      if (flag?.t && flagType && flagType !== flag?.t) {
+        throw new Error(
+          `Flag ${code} is of type ${FlagDataType[flag.t]}, expected type is ${
+            FlagDataType[flagType]
+          }`,
+        );
+      }
+
+      const isDefault = flag?.v === undefined;
+      const response = {
+        is_default: isDefault,
+        value: flag?.v ?? defaultValue,
+        code,
+        type: isDefault ? FlagDataType[flag?.t ?? flagType] : false,
+        defaultValue
+      };
+
+      return response;
     } catch (error) {
       // @ts-ignore
       if (error.message.includes("no default value has been provided")) {
diff --git a/src/session/getPermission.js b/src/session/getPermission.js
@@ -20,6 +20,16 @@ export const getPermissionFactory = (req, res) => async (name) => {
       await sessionManager(req, res),
       name,
     );
+
+    if (!permission.isGranted) {
+      const hasuraPermissions = await kindeClient.getClaimValue(
+        await sessionManager(req, res),
+        "x-hasura-permissions",
+      );
+      if (hasuraPermissions.includes(name)) {
+        return { isGranted: true, orgCode: permission.orgCode };
+      }
+    }
     return permission;
   } catch (error) {
     if (config.isDebugMode) {
diff --git a/src/session/getPermissions.js b/src/session/getPermissions.js
@@ -1,6 +1,7 @@
 import { sessionManager } from "./sessionManager";
 import { kindeClient } from "./kindeServerClient";
 import { config } from "../config/index";
+
 /**
  * @callback getPermissions
  * @returns {Promise<import('../../types').KindePermissions | null>}
@@ -17,6 +18,22 @@ export const getPermissionsFactory = (req, res) => async () => {
     const permissions = await kindeClient.getPermissions(
       await sessionManager(req, res),
     );
+
+    if (!permissions.permissions) {
+      const hasuraPermissions = await kindeClient.getClaimValue(
+        await sessionManager(req, res),
+        "x-hasura-permissions",
+      );
+
+      return {
+        permissions: hasuraPermissions,
+        orgCode: await kindeClient.getClaimValue(
+          await sessionManager(req, res),
+          "x-hasura-org-code",
+        ),
+      };
+    }
+
     return permissions;
   } catch (error) {
     if (config.isDebugMode) {
diff --git a/src/session/getRoles.js b/src/session/getRoles.js
@@ -18,6 +18,16 @@ export const getRolesFactory = (req, res) => async () => {
       await sessionManager(req, res),
       "roles",
     );
+
+    if (!roles) {
+      const hasuraRoles = await kindeClient.getClaimValue(
+        await sessionManager(req, res),
+        "x-hasura-roles",
+      );
+
+      return hasuraRoles;
+    }
+
     return roles;
   } catch (error) {
     if (config.isDebugMode) {
diff --git a/src/session/getUser.ts b/src/session/getUser.ts
@@ -2,7 +2,6 @@ import { NextApiRequest, NextApiResponse } from "next";
 import { KindeAccessToken, KindeIdToken, KindeUser } from "../../types";
 import { config } from "../config/index";
 import { generateUserObject } from "../utils/generateUserObject";
-import { sessionManager } from "./sessionManager";
 import { jwtDecoder } from "@kinde/jwt-decoder";
 import { getAccessToken } from "../utils/getAccessToken";
 import { getIdToken } from "../utils/getIdToken";
diff --git a/src/session/getUserOrganizations.ts b/src/session/getUserOrganizations.ts
@@ -10,11 +10,12 @@ export const getUserOrganizationsFactory =
     try {
       const session = await sessionManager(req, res);
       const userOrgs = await kindeClient.getUserOrganizations(session);
-      const orgNames = (await kindeClient.getClaimValue(
-        session,
-        "organizations",
-        "id_token",
-      )) as { id: string; name: string }[];
+      const orgNames =
+        ((await kindeClient.getClaimValue(
+          session,
+          "organizations",
+          "id_token",
+        )) as { id: string; name: string }[]) ?? [];
 
       const hasuraOrgCodes =
         ((await kindeClient.getClaimValue(
@@ -29,7 +30,6 @@ export const getUserOrganizationsFactory =
           "x-hasura-organizations",
           "id_token",
         )) as { id: string; name: string }[]) ?? [];
-
       return {
         orgCodes: [...userOrgs.orgCodes, ...hasuraOrgCodes],
         orgs: [...orgNames, ...hasuraOrganizations].map((org) => ({
diff --git a/src/utils/generateOrganizationObject.ts b/src/utils/generateOrganizationObject.ts
@@ -13,22 +13,32 @@ const getOrgProperty = (
   idToken: KindeIdToken,
   accessToken: KindeAccessToken,
 ): string | undefined => {
-  const idValue = idToken.organization_properties?.[`kp_org_${key}`]?.v;
-  const accessValue = accessToken.organization_properties?.[`kp_org_${key}`]?.v;
+  const orgIdTokenProperties =
+    idToken.organization_properties ||
+    idToken["x-hasura-organization_properties"] ||
+    {};
+  const orgAccessTokenProperties =
+    accessToken.organization_properties ||
+    accessToken["x-hasura-organization_properties"] ||
+    {};
+  const idValue = orgIdTokenProperties[`kp_org_${key}`]?.v;
+  const accessValue = orgAccessTokenProperties[`kp_org_${key}`]?.v;
   return idValue || accessValue;
 };
 
 export const generateOrganizationObject = (
   idToken: KindeIdToken,
   accessToken: KindeAccessToken,
 ) => {
-  if (!accessToken.org_code) {
+  const orgCode = accessToken.org_code || accessToken["x-hasura-org-code"];
+  const orgName = accessToken.org_name || accessToken["x-hasura-org-name"];
+  if (!orgCode) {
     throw new Error("Missing required organization fields in access token");
   }
 
   return {
-    orgCode: accessToken.org_code,
-    orgName: accessToken.org_name,
+    orgCode,
+    orgName,
     properties: {
       city: getOrgProperty("city", idToken, accessToken),
       industry: getOrgProperty("industry", idToken, accessToken),
