feat: add client id and secret as env vars

rsbowers · rsbowers · commit 2a6661e97bfd · 2025-02-26T11:28:42.000-05:00
diff --git a/.env b/.env
diff --git a/.env.example b/.env.example
@@ -1,2 +1,3 @@
+API_CLIENT_ID=
+API_CLIENT_SECRET=
 INTEGRATION_PUBLIC_KEY=
-BASE_API_PATH=
diff --git a/.gitignore b/.gitignore
@@ -17,7 +17,7 @@ node_modules/
 # misc
 package-lock.json
 .DS_Store
-.env
+.env.local
 .serverless
 
 # local dev debugging
diff --git a/README.md b/README.md
@@ -29,7 +29,7 @@ yarn watch
 
 Post requests can then be made via `http://localhost:3000/dev/agnoStack/orders/12345`
 
-## Deployment
+## AWS Deployment
 
 ```bash
 yarn deploy
@@ -41,13 +41,9 @@ All requests must contain the following request headers, provided from agnoStack
 
 - x-organization-id
 - x-providerstack-id
-- x-client-id
-- x-client-secret
 
 ```bash
 curl --location --request POST 'http://localhost:3000/dev/agnoStack/orders/12345' \
 --header 'x-organization-id: YOUR_ORGANIZATION_ID' \
---header 'x-client-id: YOUR_CLIENT_ID' \
---header 'x-client-secret: YOUR_CLIENT_SECRET' \
 --header 'x-providerstack-id: YOUR_PROVIDERSTACK_ID'
 ```
diff --git a/handlers.js b/handlers.js
@@ -4,7 +4,13 @@ const {
   processVerificationResponse,
 } = require('@agnostack/verifyd')
 
-const { BASE_API_PATH, INTEGRATION_PUBLIC_KEY, INTEGRATION_DISABLE_RECRYPTION } = process.env
+const {
+  BASE_API_PATH,
+  API_CLIENT_ID,
+  API_CLIENT_SECRET,
+  INTEGRATION_PUBLIC_KEY,
+  INTEGRATION_DISABLE_RECRYPTION,
+} = process.env
 
 const BASE_HEADERS = {
   'Content-Type': 'application/json',
@@ -31,7 +37,11 @@ const proxy = async (event) => {
     const options = {
       method: 'POST',
       body: JSON.parse(event?.body ?? '{}'),
-      headers: filterHeaders(event?.headers),
+      headers: {
+        ...filterHeaders(event?.headers),
+        'X-Client-Id': API_CLIENT_ID,
+        'X-Client-Secret': API_CLIENT_SECRET,
+      },
     }
 
     const [
diff --git a/serverless.yml b/serverless.yml
@@ -13,14 +13,21 @@ provider:
   name: aws
   runtime: nodejs18.x
   region: us-east-1
+  environment:
+    BASE_API_PATH: https://api-dev.agnostack.io/integration/api
 
 functions:
   proxy:
     handler: handlers.proxy
     events:
       - http:
-          path: /agnoStack/{route+}
+          path: /agnostack/{route+}
           method: post
+          # TODO implement secure authorizer at the API gateway level
+          # authorizer:
+          #   name: proxyAuthorizer
+          #   scopes:
+          #     - https://xyz123.execute-api.us-east-1.amazonaws.com/api
 
 resources:
   Resources:

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
	`1`	`+API_CLIENT_ID=`
	`2`	`+API_CLIENT_SECRET=`
`1`	`3`	`INTEGRATION_PUBLIC_KEY=`
`2`		`-BASE_API_PATH=`