From 380b77e04aa5d9b4878348d15a6b85402dcae53e Mon Sep 17 00:00:00 2001
From: Carlos Felix <carlos.felix@33across.com>
Date: Fri, 13 Dec 2024 11:39:23 -0600
Subject: [PATCH] Allow to send hashed email via config parameters

---
 modules/33acrossIdSystem.js                | 16 ++--
 modules/33acrossIdSystem.md                |  1 +
 test/spec/modules/33acrossIdSystem_spec.js | 91 ++++++++++++++--------
 3 files changed, 71 insertions(+), 37 deletions(-)

diff --git a/modules/33acrossIdSystem.js b/modules/33acrossIdSystem.js
index ad5906b9b85..fb5a7712f1f 100644
--- a/modules/33acrossIdSystem.js
+++ b/modules/33acrossIdSystem.js
@@ -60,7 +60,7 @@ function calculateResponseObj(response) {
   };
 }
 
-function calculateQueryStringParams(pid, gdprConsentData, enabledStorageTypes) {
+function calculateQueryStringParams({ pid, hem }, gdprConsentData, enabledStorageTypes) {
   const uspString = uspDataHandler.getConsentData();
   const coppaValue = coppaDataHandler.getCoppa();
   const gppConsent = gppDataHandler.getConsentData();
@@ -98,9 +98,9 @@ function calculateQueryStringParams(pid, gdprConsentData, enabledStorageTypes) {
     params.tp = encodeURIComponent(tp);
   }
 
-  const hem = getStoredValue(STORAGE_HEM_KEY, enabledStorageTypes);
-  if (hem) {
-    params.sha256 = encodeURIComponent(hem);
+  const hemParam = hem || getStoredValue(STORAGE_HEM_KEY, enabledStorageTypes);
+  if (hemParam) {
+    params.sha256 = encodeURIComponent(hemParam);
   }
 
   return params;
@@ -194,7 +194,11 @@ export const thirtyThreeAcrossIdSubmodule = {
       return;
     }
 
-    const { pid, storeFpid = DEFAULT_1PID_SUPPORT, storeTpid = DEFAULT_TPID_SUPPORT, apiUrl = API_URL } = params;
+    const {
+      storeFpid = DEFAULT_1PID_SUPPORT,
+      storeTpid = DEFAULT_TPID_SUPPORT, apiUrl = API_URL,
+      ...options
+    } = params;
 
     return {
       callback(cb) {
@@ -235,7 +239,7 @@ export const thirtyThreeAcrossIdSubmodule = {
 
             cb();
           }
-        }, calculateQueryStringParams(pid, gdprConsentData, enabledStorageTypes), {
+        }, calculateQueryStringParams(options, gdprConsentData, enabledStorageTypes), {
           method: 'GET',
           withCredentials: true
         });
diff --git a/modules/33acrossIdSystem.md b/modules/33acrossIdSystem.md
index 713659c39aa..b6b68622344 100644
--- a/modules/33acrossIdSystem.md
+++ b/modules/33acrossIdSystem.md
@@ -51,6 +51,7 @@ The following settings are available in the `params` property in `userSync.userI
 | Param name | Scope | Type | Description | Example |
 | --- | --- | --- | --- | --- |
 | pid | Required | String | Partner ID provided by 33Across | `"0010b00002GYU4eBAH"` |
+| hem | Optional | String | Hashed email address in sha256 format | `"ba4235544d6c91865fbf70fa1bdb70f2d375ded1b2b946b21c675dcbe9968cdc"` |
 | storeFpid | Optional | Boolean | Indicates whether a supplemental first-party ID may be stored to improve addressability, this feature is enabled by default | `true` (default) or `false` |
 | storeTpid | Optional | Boolean | Indicates whether a supplemental third-party ID may be stored to improve addressability, this feature is enabled by default | `true` (default) or `false` |
 
diff --git a/test/spec/modules/33acrossIdSystem_spec.js b/test/spec/modules/33acrossIdSystem_spec.js
index 61de67c605c..93e6a41d928 100644
--- a/test/spec/modules/33acrossIdSystem_spec.js
+++ b/test/spec/modules/33acrossIdSystem_spec.js
@@ -906,20 +906,22 @@ describe('33acrossIdSystem', () => {
       });
     });
 
-    context('when a hashed email is present in local storage', () => {
+    context('when a hashed email is provided via configuration options', () => {
       it('should call endpoint with the hashed email included', () => {
         const completeCallback = () => {};
         const { callback } = thirtyThreeAcrossIdSubmodule.getId({
           params: {
-            pid: '12345'
+            pid: '12345',
+            hem: '33acrossIdHmValue+'
           },
           enabledStorageTypes: [ 'html5' ],
           storage: {}
         });
 
+        // Prioritizes the hem given via config options over the one stored in LS.
         sinon.stub(storage, 'getDataFromLocalStorage')
           .withArgs('33acrossIdHm')
-          .returns('33acrossIdHmValue+');
+          .returns('33acrossIdHmValueLS');
 
         callback(completeCallback);
 
@@ -931,45 +933,72 @@ describe('33acrossIdSystem', () => {
       });
     });
 
-    context('when a hashed email is present in cookie storage', () => {
-      it('should call endpoint with the hashed email included', () => {
-        const completeCallback = () => {};
-        const { callback } = thirtyThreeAcrossIdSubmodule.getId({
-          params: {
-            pid: '12345'
-          },
-          enabledStorageTypes: [ 'cookie' ],
-          storage: {}
-        });
+    context('when a hashed email is NOT provided via configuration options', () => {
+      context('but it\'s provided via local storage', () => {
+        it('should call endpoint with the hashed email included', () => {
+          const completeCallback = () => {};
+          const { callback } = thirtyThreeAcrossIdSubmodule.getId({
+            params: {
+              pid: '12345'
+            },
+            enabledStorageTypes: [ 'html5' ],
+            storage: {}
+          });
 
-        sinon.stub(storage, 'getCookie')
-          .withArgs('33acrossIdHm')
-          .returns('33acrossIdHmValue');
+          sinon.stub(storage, 'getDataFromLocalStorage')
+            .withArgs('33acrossIdHm')
+            .returns('33acrossIdHmValue+');
 
-        callback(completeCallback);
+          callback(completeCallback);
 
-        const [request] = server.requests;
+          const [request] = server.requests;
 
-        expect(request.url).to.contain('sha256=33acrossIdHmValue');
+          expect(request.url).to.contain('sha256=33acrossIdHmValue%2B');
 
-        storage.getCookie.restore();
+          storage.getDataFromLocalStorage.restore();
+        });
       });
-    });
 
-    context('when a hashed email is not present in storage', () => {
-      it('should not call endpoint with the hashed email included', () => {
-        const completeCallback = () => {};
-        const { callback } = thirtyThreeAcrossIdSubmodule.getId({
-          params: {
-            pid: '12345'
-          }
+      context('but it\'s provided via cookie storage', () => {
+        it('should call endpoint with the hashed email included', () => {
+          const completeCallback = () => {};
+          const { callback } = thirtyThreeAcrossIdSubmodule.getId({
+            params: {
+              pid: '12345'
+            },
+            enabledStorageTypes: [ 'cookie' ],
+            storage: {}
+          });
+
+          sinon.stub(storage, 'getCookie')
+            .withArgs('33acrossIdHm')
+            .returns('33acrossIdHmValue');
+
+          callback(completeCallback);
+
+          const [request] = server.requests;
+
+          expect(request.url).to.contain('sha256=33acrossIdHmValue');
+
+          storage.getCookie.restore();
         });
+      });
 
-        callback(completeCallback);
+      context('and hashed email is not present in storage', () => {
+        it('should not call endpoint with the hashed email included', () => {
+          const completeCallback = () => {};
+          const { callback } = thirtyThreeAcrossIdSubmodule.getId({
+            params: {
+              pid: '12345'
+            }
+          });
 
-        const [request] = server.requests;
+          callback(completeCallback);
 
-        expect(request.url).not.to.contain('sha256=');
+          const [request] = server.requests;
+
+          expect(request.url).not.to.contain('sha256=');
+        });
       });
     });