feat: Check cluster customer auth status

inferablehq · Dec 9, 2024 · 7b7aa15 · 7b7aa15
1 parent 9609a90
commit 7b7aa15
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 1 deletion.
diff --git a/control-plane/src/modules/auth/auth.test.ts b/control-plane/src/modules/auth/auth.test.ts
@@ -499,7 +499,9 @@ describe("extractAuthState", () => {
 describe("extractCustomerAuthState", () => {
   let owner: Awaited<ReturnType<typeof createOwner>>;
   beforeEach(async () => {
-    owner = await createOwner();
+    owner = await createOwner({
+      enableCustomerAuth: true,
+    });
     jest.resetAllMocks();
   });
 
@@ -527,6 +529,19 @@ describe("extractCustomerAuthState", () => {
     });
   });
 
+  it("should throw if customer auth is not enabled for cluster", async () => {
+    owner = await createOwner({
+      enableCustomerAuth: false,
+    });
+
+    mockCustomer.verifyCustomerProvidedAuth.mockResolvedValue({
+      someAuthValue: "someValue",
+    });
+
+    await expect(extractCustomerAuthState("abc123", owner.clusterId)).rejects.toThrow("Customer auth is not enabled for this cluster");
+  });
+
+
   describe("isUser", () => {
     it("should throw", async () => {
       mockCustomer.verifyCustomerProvidedAuth.mockResolvedValue({

diff --git a/control-plane/src/modules/auth/auth.ts b/control-plane/src/modules/auth/auth.ts
@@ -370,6 +370,12 @@ export const extractCustomerAuthState = async (
     return undefined;
   }
 
+  if (!cluster.enable_customer_auth) {
+    throw new AuthenticationError(
+      "Customer auth is not enabled for this cluster",
+    );
+  }
+
   const context = await verifyCustomerProvidedAuth({
     token: token,
     clusterId: clusterId,

diff --git a/control-plane/src/modules/cluster.ts b/control-plane/src/modules/cluster.ts
@@ -26,6 +26,7 @@ export const getClusterDetails = async (clusterId: string) => {
       id: data.clusters.id,
       name: data.clusters.name,
       description: data.clusters.description,
+      enable_customer_auth: data.clusters.enable_customer_auth,
       additional_context: data.clusters.additional_context,
       organization_id: data.clusters.organization_id,
       deleted_at: data.clusters.deleted_at,

diff --git a/control-plane/src/modules/test/util.ts b/control-plane/src/modules/test/util.ts
@@ -3,6 +3,7 @@ import * as data from "../data";
 export const createOwner = async (params?: {
   clusterId?: string;
   organizationId?: string;
+  enableCustomerAuth?: boolean;
 }) => {
   const clusterId = params?.clusterId || `test-cluster-${Math.random()}`;
 
@@ -15,6 +16,7 @@ export const createOwner = async (params?: {
       id: clusterId,
       name: clusterId,
       organization_id: organizationId,
+      enable_customer_auth: params?.enableCustomerAuth ?? false,
     })
     .execute();