fix(insights-plugin): prevent authenticated token being set as the us…

…erToken (#1291) * remove auth token * fix tests * fix tab spacing
algolia · Dec 9, 2024 · 08e9cd0 · 08e9cd0
1 parent 893ad5f
commit 08e9cd0
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 123 deletions.
diff --git a/packages/autocomplete-core/src/__tests__/createAutocomplete.test.ts b/packages/autocomplete-core/src/__tests__/createAutocomplete.test.ts
@@ -137,7 +137,7 @@ describe('createAutocomplete', () => {
         insights: { insightsClient },
       });
 
-      expect(insightsClient).toHaveBeenCalledTimes(5);
+      expect(insightsClient).toHaveBeenCalledTimes(3);
       expect(insightsClient).toHaveBeenCalledWith(
         'addAlgoliaAgent',
         'insights-plugin'
@@ -168,7 +168,7 @@ describe('createAutocomplete', () => {
       });
 
       expect(defaultInsightsClient).toHaveBeenCalledTimes(0);
-      expect(userInsightsClient).toHaveBeenCalledTimes(5);
+      expect(userInsightsClient).toHaveBeenCalledTimes(3);
       expect(userInsightsClient).toHaveBeenCalledWith(
         'addAlgoliaAgent',
         'insights-plugin'

diff --git a/packages/autocomplete-js/src/__tests__/autocomplete.test.ts b/packages/autocomplete-js/src/__tests__/autocomplete.test.ts
@@ -753,16 +753,16 @@ See: https://www.algolia.com/doc/ui-libraries/autocomplete/api-reference/autocom
         insights: { insightsClient: defaultInsightsClient },
       });
 
-      expect(defaultInsightsClient).toHaveBeenCalledTimes(5);
+      expect(defaultInsightsClient).toHaveBeenCalledTimes(3);
       expect(userInsightsClient).toHaveBeenCalledTimes(0);
 
       const insightsPlugin = createAlgoliaInsightsPlugin({
         insightsClient: userInsightsClient,
       });
       update({ plugins: [insightsPlugin] });
 
-      expect(defaultInsightsClient).toHaveBeenCalledTimes(5);
-      expect(userInsightsClient).toHaveBeenCalledTimes(5);
+      expect(defaultInsightsClient).toHaveBeenCalledTimes(3);
+      expect(userInsightsClient).toHaveBeenCalledTimes(3);
     });
   });
 });
diff --git a/...es/autocomplete-plugin-algolia-insights/src/__tests__/createAlgoliaInsightsPlugin.test.ts b/...es/autocomplete-plugin-algolia-insights/src/__tests__/createAlgoliaInsightsPlugin.test.ts
@@ -92,7 +92,7 @@ describe('createAlgoliaInsightsPlugin', () => {
 
     createPlayground(createAutocomplete, { plugins: [insightsPlugin] });
 
-    expect(insightsClient).toHaveBeenCalledTimes(5);
+    expect(insightsClient).toHaveBeenCalledTimes(3);
     expect(insightsClient).toHaveBeenCalledWith(
       'addAlgoliaAgent',
       'insights-plugin'
@@ -256,7 +256,7 @@ describe('createAlgoliaInsightsPlugin', () => {
       ]);
     });
 
-    test('forwards `authenticatedUserToken` from Search Insights to Algolia API requests', async () => {
+    test('does not forward `authenticatedUserToken` from Search Insights to Algolia API requests', async () => {
       const insightsPlugin = createAlgoliaInsightsPlugin({ insightsClient });
 
       const searchClient = createSearchClient({
@@ -299,89 +299,9 @@ describe('createAlgoliaInsightsPlugin', () => {
       expect(searchClient.search).toHaveBeenCalledTimes(1);
       expect(searchClient.search).toHaveBeenCalledWith([
         expect.objectContaining({
-          params: expect.objectContaining({ userToken: 'customAuthUserToken' }),
-        }),
-      ]);
-    });
-
-    test('uses `authenticatedUserToken` in priority over `userToken`', async () => {
-      const insightsPlugin = createAlgoliaInsightsPlugin({
-        insightsClient,
-        insightsInitParams: {
-          userToken: 'customUserToken',
-        },
-      });
-
-      const searchClient = createSearchClient({
-        search: jest.fn(() =>
-          Promise.resolve(
-            createMultiSearchResponse({
-              hits: [{ objectID: '1' }],
-            })
-          )
-        ),
-      });
-
-      // Setting an authenticated user token should replace the user token
-      insightsClient('setAuthenticatedUserToken', 'customAuthUserToken');
-
-      const playground = createPlayground(createAutocomplete, {
-        plugins: [insightsPlugin],
-        getSources({ query }) {
-          return [
-            {
-              sourceId: 'hits',
-              getItems() {
-                return getAlgoliaResults({
-                  searchClient,
-                  queries: [{ indexName: 'indexName', query }],
-                });
-              },
-              templates: {
-                item({ item }) {
-                  return item.objectID;
-                },
-              },
-            },
-          ];
-        },
-      });
-
-      userEvent.type(playground.inputElement, 'a');
-      await runAllMicroTasks();
-
-      expect(searchClient.search).toHaveBeenCalledTimes(1);
-      expect(searchClient.search).toHaveBeenCalledWith([
-        expect.objectContaining({
-          params: expect.objectContaining({ userToken: 'customAuthUserToken' }),
-        }),
-      ]);
-
-      // Updating a user token should have no effect if there is
-      // an authenticated user token already set
-      insightsClient('setUserToken', 'customUserToken2');
-
-      userEvent.type(playground.inputElement, 'b');
-      await runAllMicroTasks();
-
-      expect(searchClient.search).toHaveBeenCalledTimes(2);
-      expect(searchClient.search).toHaveBeenLastCalledWith([
-        expect.objectContaining({
-          params: expect.objectContaining({ userToken: 'customAuthUserToken' }),
-        }),
-      ]);
-
-      // Removing the authenticated user token should revert to
-      // the latest user token set
-      insightsClient('setAuthenticatedUserToken', undefined);
-
-      userEvent.type(playground.inputElement, 'c');
-      await runAllMicroTasks();
-
-      expect(searchClient.search).toHaveBeenCalledTimes(3);
-      expect(searchClient.search).toHaveBeenLastCalledWith([
-        expect.objectContaining({
-          params: expect.objectContaining({ userToken: 'customUserToken2' }),
+          params: expect.not.objectContaining({
+            userToken: 'customAuthUserToken',
+          }),
         }),
       ]);
     });

diff --git a/packages/autocomplete-plugin-algolia-insights/src/createAlgoliaInsightsPlugin.ts b/packages/autocomplete-plugin-algolia-insights/src/createAlgoliaInsightsPlugin.ts
@@ -183,7 +183,6 @@ export function createAlgoliaInsightsPlugin(
   return {
     name: 'aa.algoliaInsightsPlugin',
     subscribe({ setContext, onSelect, onActive }) {
-      let isAuthenticatedToken = false;
       function setInsightsContext(userToken?: InsightsEvent['userToken']) {
         setContext({
           algoliaInsightsPlugin: {
@@ -206,42 +205,12 @@ export function createAlgoliaInsightsPlugin(
 
       // Handles user token changes
       insightsClient('onUserTokenChange', (userToken) => {
-        if (!isAuthenticatedToken) {
-          setInsightsContext(userToken);
-        }
+        setInsightsContext(userToken);
       });
       insightsClient('getUserToken', null, (_error, userToken) => {
-        if (!isAuthenticatedToken) {
-          setInsightsContext(userToken);
-        }
+        setInsightsContext(userToken);
       });
 
-      // Handles authenticated user token changes
-      insightsClient(
-        'onAuthenticatedUserTokenChange',
-        (authenticatedUserToken) => {
-          if (authenticatedUserToken) {
-            isAuthenticatedToken = true;
-            setInsightsContext(authenticatedUserToken);
-          } else {
-            isAuthenticatedToken = false;
-            insightsClient('getUserToken', null, (_error, userToken) =>
-              setInsightsContext(userToken)
-            );
-          }
-        }
-      );
-      insightsClient(
-        'getAuthenticatedUserToken',
-        null,
-        (_error, authenticatedUserToken) => {
-          if (authenticatedUserToken) {
-            isAuthenticatedToken = true;
-            setInsightsContext(authenticatedUserToken);
-          }
-        }
-      );
-
       onSelect(({ item, state, event, source }) => {
         if (!isAlgoliaInsightsHit(item)) {
           return;