fix: withXSRFToken instead of withCredentials

2026-01-07 04:20:05 +00:00 · 2025-03-04 16:29:01 +01:00
parent b3b2c1414c
commit 008a9b4ca5
6 changed files with 16204 additions and 7490 deletions
--- a/src/auth/spec/AuthManager.spec.ts
+++ b/src/auth/spec/AuthManager.spec.ts
@@ -159,7 +159,7 @@ describe('AuthManager', () => {
        `/SASLogon/login`,
        loginParams,
        {
-          withCredentials: true,
+          withXSRFToken: true,
          headers: {
            'Content-Type': 'application/x-www-form-urlencoded',
            Accept: '*/*'
@@ -207,7 +207,7 @@ describe('AuthManager', () => {
        `/SASLogon/login`,
        loginParams,
        {
-          withCredentials: true,
+          withXSRFToken: true,
          headers: {
            'Content-Type': 'application/x-www-form-urlencoded',
            Accept: '*/*'
@@ -256,7 +256,7 @@ describe('AuthManager', () => {
        `/SASLogon/login`,
        loginParams,
        {
-          withCredentials: true,
+          withXSRFToken: true,
          headers: {
            'Content-Type': 'application/x-www-form-urlencoded',
            Accept: '*/*'
@@ -539,7 +539,7 @@ describe('AuthManager', () => {
        1,
        `http://test-server.com/identities/users/@currentUser`,
        {
-          withCredentials: true,
+          withXSRFToken: true,
          responseType: 'text',
          transformResponse: undefined,
          headers: {
@@ -573,7 +573,7 @@ describe('AuthManager', () => {
        1,
        `http://test-server.com/SASStoredProcess`,
        {
-          withCredentials: true,
+          withXSRFToken: true,
          responseType: 'text',
          transformResponse: undefined,
          headers: {
@@ -602,7 +602,7 @@ describe('AuthManager', () => {
        1,
        `http://test-server.com/identities/users/@currentUser`,
        {
-          withCredentials: true,
+          withXSRFToken: true,
          responseType: 'text',
          transformResponse: undefined,
          headers: {
@@ -621,7 +621,7 @@ describe('AuthManager', () => {
 })

 const getHeadersJson = {
-  withCredentials: true,
+  withXSRFToken: true,
  headers: {
    'Content-Type': 'application/json',
    Accept: 'application/json'
--- a/src/request/RequestClient.ts
+++ b/src/request/RequestClient.ts
@@ -160,7 +160,7 @@ export class RequestClient implements HttpClient {
    const requestConfig: AxiosRequestConfig = {
      headers,
      responseType: contentType === 'text/plain' ? 'text' : 'json',
-      withCredentials: true
+      withXSRFToken: true
    }

    if (contentType === 'text/plain') {
@@ -207,7 +207,7 @@ export class RequestClient implements HttpClient {
    return this.httpClient
      .post<T>(url, data, {
        headers,
-        withCredentials: true,
+        withXSRFToken: true,
        ...additionalSettings
      })
      .then((response) => {
@@ -234,7 +234,7 @@ export class RequestClient implements HttpClient {
    }

    return this.httpClient
-      .put<T>(url, data, { headers, withCredentials: true })
+      .put<T>(url, data, { headers, withXSRFToken: true })
      .then((response) => {
        throwIfError(response)
        return this.parseResponse<T>(response)
@@ -253,7 +253,7 @@ export class RequestClient implements HttpClient {
    const headers = this.getHeaders(accessToken, 'application/json')

    return this.httpClient
-      .delete<T>(url, { headers, withCredentials: true })
+      .delete<T>(url, { headers, withXSRFToken: true })
      .then((response) => {
        throwIfError(response)
        return this.parseResponse<T>(response)
@@ -271,7 +271,7 @@ export class RequestClient implements HttpClient {
    const headers = this.getHeaders(accessToken, 'application/json')

    return this.httpClient
-      .patch<T>(url, data, { headers, withCredentials: true })
+      .patch<T>(url, data, { headers, withXSRFToken: true })
      .then((response) => {
        throwIfError(response)
        return this.parseResponse<T>(response)
@@ -630,7 +630,7 @@ ${resHeaders}${parsedResBody ? `\n\n${parsedResBody}` : ''}
      // Fetching root and creating CSRF cookie
      await this.httpClient
        .get('/', {
-          withCredentials: true
+          withXSRFToken: true
        })
        .then((response) => {
          const cookie =
--- a/src/request/Sas9RequestClient.ts
+++ b/src/request/Sas9RequestClient.ts
@@ -50,7 +50,7 @@ export class Sas9RequestClient extends RequestClient {
    const requestConfig: AxiosRequestConfig = {
      headers,
      responseType: contentType === 'text/plain' ? 'text' : 'json',
-      withCredentials: true
+      withXSRFToken: true
    }
    if (contentType === 'text/plain') {
      requestConfig.transformResponse = undefined
@@ -103,7 +103,7 @@ export class Sas9RequestClient extends RequestClient {
    }

    return this.httpClient
-      .post<T>(url, data, { headers, withCredentials: true })
+      .post<T>(url, data, { headers, withXSRFToken: true })
      .then(async (response) => {
        if (response.status === 302) {
          return await this.get(
--- a/src/test/RequestClient.spec.ts
+++ b/src/test/RequestClient.spec.ts
@@ -24,7 +24,7 @@ const axiosActual = jest.requireActual('axios')
 jest
  .spyOn(axiosModules, 'createAxiosInstance')
  .mockImplementation((baseURL: string, httpsAgent?: https.Agent) =>
-    axiosActual.create({ baseURL, httpsAgent, withCredentials: true })
+    axiosActual.create({ baseURL, httpsAgent, withXSRFToken: true })
  )

 jest.mock('util', () => {