diff --git a/axios.js b/axios.js index eb7cbe13..359e3659 100644 --- a/axios.js +++ b/axios.js @@ -38,6 +38,7 @@ function interceptorFunctionRequestFulfilled(config) { } const preRequestIdToken = getIDFromCookie(); const antiCsrfToken = AntiCsrfToken.getToken(preRequestIdToken); + config = Object.assign({}, config, { withCredentials: true }); let configWithAntiCsrf = config; if (antiCsrfToken !== undefined) { configWithAntiCsrf = Object.assign({}, configWithAntiCsrf, { @@ -98,6 +99,7 @@ AuthHttpRequest.doRequest = (httpCall, config, url, prevResponse, prevError, via // to avoid race conditions const preRequestIdToken = getIDFromCookie(); const antiCsrfToken = AntiCsrfToken.getToken(preRequestIdToken); + config = Object.assign({}, config, { withCredentials: true }); let configWithAntiCsrf = config; if (antiCsrfToken !== undefined) { configWithAntiCsrf = Object.assign({}, configWithAntiCsrf, { diff --git a/axios.ts b/axios.ts index a0c1e313..a5a15ebe 100644 --- a/axios.ts +++ b/axios.ts @@ -11,6 +11,10 @@ async function interceptorFunctionRequestFulfilled(config: AxiosRequestConfig) { } const preRequestIdToken = getIDFromCookie(); const antiCsrfToken = AntiCsrfToken.getToken(preRequestIdToken); + config = { + ...config, + withCredentials: true + }; let configWithAntiCsrf: AxiosRequestConfig = config; if (antiCsrfToken !== undefined) { configWithAntiCsrf = { @@ -83,6 +87,10 @@ export default class AuthHttpRequest { // to avoid race conditions const preRequestIdToken = getIDFromCookie(); const antiCsrfToken = AntiCsrfToken.getToken(preRequestIdToken); + config = { + ...config, + withCredentials: true + }; let configWithAntiCsrf: AxiosRequestConfig = config; if (antiCsrfToken !== undefined) { configWithAntiCsrf = { diff --git a/handleSessionExp.js b/handleSessionExp.js index a7db9072..f3a17a2a 100644 --- a/handleSessionExp.js +++ b/handleSessionExp.js @@ -49,7 +49,8 @@ export function onUnauthorisedResponse(refreshTokenUrl, preRequestIdToken) { return { result: "RETRY" }; } let response = yield AuthHttpRequest.originalFetch(refreshTokenUrl, { - method: "post" + method: "post", + credentials: "include" }); if (response.status !== 200) { throw response; diff --git a/handleSessionExp.ts b/handleSessionExp.ts index 8cb1d0e5..8fbe1ab9 100644 --- a/handleSessionExp.ts +++ b/handleSessionExp.ts @@ -26,7 +26,8 @@ export async function onUnauthorisedResponse( return { result: "RETRY" }; } let response = await AuthHttpRequest.originalFetch(refreshTokenUrl, { - method: "post" + method: "post", + credentials: "include" }); if (response.status !== 200) { throw response; diff --git a/index.js b/index.js index ec46d643..6c4ca720 100644 --- a/index.js +++ b/index.js @@ -161,6 +161,7 @@ AuthHttpRequest.doRequest = (httpCall, config, url) => // to avoid race conditions const preRequestIdToken = getIDFromCookie(); const antiCsrfToken = AntiCsrfToken.getToken(preRequestIdToken); + config = Object.assign({}, config, { credentials: "include" }); let configWithAntiCsrf = config; if (antiCsrfToken !== undefined) { configWithAntiCsrf = Object.assign({}, configWithAntiCsrf, { diff --git a/index.ts b/index.ts index 73f6f4db..94e5e392 100644 --- a/index.ts +++ b/index.ts @@ -155,6 +155,10 @@ export default class AuthHttpRequest { // to avoid race conditions const preRequestIdToken = getIDFromCookie(); const antiCsrfToken = AntiCsrfToken.getToken(preRequestIdToken); + config = { + ...config, + credentials: "include" + }; let configWithAntiCsrf: RequestInit | undefined = config; if (antiCsrfToken !== undefined) { configWithAntiCsrf = {