diff --git a/packages/hoppscotch-common/package.json b/packages/hoppscotch-common/package.json index 12ca9d8b..15dc1b64 100644 --- a/packages/hoppscotch-common/package.json +++ b/packages/hoppscotch-common/package.json @@ -35,10 +35,10 @@ "@codemirror/view": "6.25.1", "@hoppscotch/codemirror-lang-graphql": "workspace:^", "@hoppscotch/data": "workspace:^", + "@hoppscotch/httpsnippet": "3.0.6", "@hoppscotch/js-sandbox": "workspace:^", "@hoppscotch/ui": "0.2.0", "@hoppscotch/vue-toasted": "0.1.0", - "@hoppscotch/httpsnippet": "3.0.6", "@lezer/highlight": "1.2.0", "@unhead/vue": "1.8.8", "@urql/core": "4.2.0", @@ -124,6 +124,7 @@ "@types/nprogress": "0.2.3", "@types/paho-mqtt": "1.0.10", "@types/postman-collection": "3.5.10", + "@types/qs": "6.9.12", "@types/splitpanes": "2.2.6", "@types/uuid": "9.0.7", "@types/yargs-parser": "21.0.3", diff --git a/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts b/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts index 7b2aed2b..e2e407fc 100644 --- a/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts +++ b/packages/hoppscotch-common/src/helpers/utils/EffectiveURL.ts @@ -42,6 +42,9 @@ export interface EffectiveHoppRESTRequest extends HoppRESTRequest { * Get headers that can be generated by authorization config of the request * @param req Request to check * @param envVars Currently active environment variables + * @param auth Authorization config to check + * @param parse Whether to parse the template strings + * @param showKeyIfSecret Whether to show the key if the value is a secret * @returns The list of headers */ export const getComputedAuthHeaders = ( @@ -53,7 +56,8 @@ export const getComputedAuthHeaders = ( headers: HoppRESTHeaders }, auth?: HoppRESTRequest["auth"], - parse = true + parse = true, + showKeyIfSecret = false ) => { const request = auth ? { auth: auth ?? { authActive: false } } : req // If Authorization header is also being user-defined, that takes priority @@ -69,10 +73,20 @@ export const getComputedAuthHeaders = ( // TODO: Support a better b64 implementation than btoa ? if (request.auth.authType === "basic") { const username = parse - ? parseTemplateString(request.auth.username, envVars, false, true) + ? parseTemplateString( + request.auth.username, + envVars, + false, + showKeyIfSecret + ) : request.auth.username const password = parse - ? parseTemplateString(request.auth.password, envVars, false, true) + ? parseTemplateString( + request.auth.password, + envVars, + false, + showKeyIfSecret + ) : request.auth.password headers.push({ @@ -93,7 +107,9 @@ export const getComputedAuthHeaders = ( active: true, key: "Authorization", value: `Bearer ${ - parse ? parseTemplateString(token, envVars, false, true) : token + parse + ? parseTemplateString(token, envVars, false, showKeyIfSecret) + : token }`, }) } else if (request.auth.authType === "api-key") { @@ -101,9 +117,14 @@ export const getComputedAuthHeaders = ( if (addTo === "HEADERS" && key) { headers.push({ active: true, - key: parseTemplateString(key, envVars, false, true), + key: parseTemplateString(key, envVars, false, showKeyIfSecret), value: parse - ? parseTemplateString(request.auth.value ?? "", envVars, false, true) + ? parseTemplateString( + request.auth.value ?? "", + envVars, + false, + showKeyIfSecret + ) : request.auth.value ?? "", }) } @@ -157,6 +178,8 @@ export type ComputedHeader = { * For e.g, Authorization headers maybe added if an Auth Mode is defined on REST * @param req The request to check * @param envVars The environment variables active + * @param parse Whether to parse the template strings + * @param showKeyIfSecret Whether to show the key if the value is a secret * @returns The headers that are generated along with the source of that header */ export const getComputedHeaders = ( @@ -167,10 +190,17 @@ export const getComputedHeaders = ( headers: HoppRESTHeaders }, envVars: Environment["variables"], - parse = true + parse = true, + showKeyIfSecret = false ): ComputedHeader[] => { return [ - ...getComputedAuthHeaders(envVars, req, undefined, parse).map((header) => ({ + ...getComputedAuthHeaders( + envVars, + req, + undefined, + parse, + showKeyIfSecret + ).map((header) => ({ source: "auth" as const, header, })), @@ -246,11 +276,13 @@ export const resolvesEnvsInBody = ( if (!body.contentType) return body if (body.contentType === "multipart/form-data") { - if (!body.body) + if (!body.body) { return { - contentType: "", - body: [], + contentType: null, + body: null, } + } + return { contentType: "multipart/form-data", body: body.body.map( @@ -373,7 +405,12 @@ export function getEffectiveRESTRequest( showKeyIfSecret = false ): EffectiveHoppRESTRequest { const effectiveFinalHeaders = pipe( - getComputedHeaders(request, environment.variables).map((h) => h.header), + getComputedHeaders( + request, + environment.variables, + true, + showKeyIfSecret + ).map((h) => h.header), A.concat(request.headers), A.filter((x) => x.active && x.key !== ""), A.map((x) => ({ diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 7acc1c08..adb9da98 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -671,6 +671,9 @@ importers: '@types/postman-collection': specifier: 3.5.10 version: 3.5.10 + '@types/qs': + specifier: 6.9.12 + version: 6.9.12 '@types/splitpanes': specifier: 2.2.6 version: 2.2.6(typescript@5.3.2)