expose CallOptions for RPC methods and Middleware

README.md

@@ -111,7 +111,7 @@ authClient
 ### Methods
 ```ts
 // Is
-// (method) Authorizer.Is(params: IsRequest): Promise<boolean>
+// (method) Authorizer.Is(params: IsRequest, options?: CallOptions): Promise<boolean>
 await authClient
   .Is({
     identityContext: identityContext(
@@ -126,7 +126,7 @@ await authClient
   })
 
 // Query
-// (method) Authorizer.Query(params: QueryRequest): Promise<JsonObject>
+// (method) Authorizer.Query(params: QueryRequest, options?: CallOptions): Promise<JsonObject>
 await authClient
   .Query({
     identityContext: identityContext(
@@ -143,7 +143,7 @@ await authClient
 
 
 // DecisionTree
-// (method) Authorizer.DecisionTree(params: DecisionTreeRequest): Promise<{
+// (method) Authorizer.DecisionTree(params: DecisionTreeRequest, options?: CallOptions): Promise<{
 //     path: Path;
 //     pathRoot: string;
 // }>
@@ -162,16 +162,25 @@ await authClient
 
 
 // ListPolicies
-// (method) Authorizer.ListPolicies(params: PlainMessage<ListPoliciesRequest>): Promise<Module[]>
+// (method) Authorizer.ListPolicies(params: PlainMessage<ListPoliciesRequest>, options?: CallOptions): Promise<Module[]>
 await authClient
   .ListPolicies({ policyInstance: policyInstance("todo", "todo") })
 ```
 
+#### Custom Headers
+```ts
+await authClient.ListPolicies(
+  { policyInstance: policyInstance("todo", "todo") },
+  { headers: { customKey: "customValue" } }
+);
+```
+
 ### Middleware
 
 When authorization middleware is configured and attached to a server, it examines incoming requests, extracts authorization parameters like the caller's identity, calls the Aserto authorizers, and rejects messages if their access is denied.
 
 `failWithError`: When set to `true`, will forward errors to `next` instead of ending the response directly.
+`callOptions`: Options for a call.(see: https://github.com/connectrpc/connect-es/blob/v1.5.0/packages/connect/src/call-options.ts#L21-L54)
 
 ```ts
 interface Middleware {
@@ -181,6 +190,7 @@ interface Middleware {
   identityMapper?: IdentityMapper;
   policyMapper?: PolicyMapper;
   failWithError?: boolean;
+  callOptions?: CallOptions;
 }
 
 type Policy = {
@@ -486,7 +496,7 @@ const directoryClient = DirectoryServiceV3({
 
 #### 'object' function
 
-`object({ objectType: "type-name", objectId: "object-id" })`:
+`object({ objectType: "type-name", objectId: "object-id" }, options?: CallOptions)`:
 
 Get an object instance with the type `type-name` and the id `object-id`. For example:
 
@@ -549,7 +559,7 @@ const relation = await directoryClient.relation({
 
 #### 'setObject' function
 
-`setObject({ object: $Object })`:
+`setObject({ object: $Object }, options?: CallOptions)`:
 
 Create an object instance with the specified fields. For example:
 
@@ -569,7 +579,7 @@ const user = await directoryClient.setObject(
 
 #### 'setRelation' function
 
-`setRelation({ relation: Relation })`:
+`setRelation({ relation: Relation }, options?: CallOptions)`:
 
 Create a relation with a specified name between two objects. For example:
 
@@ -585,7 +595,7 @@ const relation = await directoryClient.setRelation({
 
 #### 'deleteObject' function
 
-`deleteObject({ objectType: "type-name", objectId: "object-id", withRelations: false })`:
+`deleteObject({ objectType: "type-name", objectId: "object-id", withRelations: false }, options?: CallOptions)`:
 
 Deletes an object instance with the specified type and key. For example:
 
@@ -616,7 +626,7 @@ You can evaluate graph queries over the directory, to determine whether a subjec
 
 #### 'checkPermission' function
 
-`checkPermission({ objectType: string, objectId: string, permission: string, subjectType: string, subjectId: string, trace: boolean })`:
+`checkPermission({ objectType: string, objectId: string, permission: string, subjectType: string, subjectId: string, trace: boolean }, options?: CallOptions)`:
 
 Check that an `user` object with the key `[email protected]` has the `read` permission in the `admin` group:
 
@@ -632,7 +642,7 @@ const check = await directoryClient.checkPermission({
 
 #### 'checkRelation' function
 
-`checkRelation({ objectType: string, objectId: string, relation: string, subjectType: string, subjectId: string, trace: boolean })`:
+`checkRelation({ objectType: string, objectId: string, relation: string, subjectType: string, subjectId: string, trace: boolean }, options?: CallOptions)`:
 
 Check that `[email protected]` has an `identifier` relation to an object with key `[email protected]` and type `identity`:
 
@@ -773,8 +783,29 @@ await (readAsyncIterable(resp))
 const response = await readAsyncIterable(
   await directoryClient.export({ options: "DATA" })
 )
+
 ```
 
+
+### Custom Headers
+
+```ts
+// passing custom headers to a request
+const user = await directoryClient.object(
+  {
+    objectType: "user",
+    objectId: "[email protected]",
+  },
+  {
+    headers: {
+      customKey: "customValue",
+    },
+  }
+);
+```
+
+
+
 ## Deprecated Methods
 
 > Note: the `authorizerServiceUrl` option that is used throughout is no longer a URL, but the option name is retained for backward-compatibility. It is now expected to be a hostname that exposes a gRPC binding. Any "https://" prefix is stripped out of the value provided.

__tests__/authorizer/index.test.ts

@@ -35,12 +35,20 @@ describe("Is", () => {
         name: "todo",
       },
     };
-    const result = await authorizer.Is(params);
+    const options = {
+      headers: {
+        customKey: "customValue",
+      },
+    };
+    const result = await authorizer.Is(params, options);
 
-    expect(authorizer.AuthClient.is).toHaveBeenCalledWith({
-      ...params,
-      policyInstance: { ...params.policyInstance, instanceLabel: "todo" },
-    });
+    expect(authorizer.AuthClient.is).toHaveBeenCalledWith(
+      {
+        ...params,
+        policyInstance: { ...params.policyInstance, instanceLabel: "todo" },
+      },
+      options
+    );
 
     expect(result).toBe(true);
 
@@ -66,11 +74,14 @@ describe("Is", () => {
     };
     const result = await authorizer.Is(params);
 
-    expect(authorizer.AuthClient.is).toHaveBeenCalledWith({
-      ...params,
-      resourceContext: Struct.fromJson(params.resourceContext),
-      policyInstance: { ...params.policyInstance, instanceLabel: "todo" },
-    });
+    expect(authorizer.AuthClient.is).toHaveBeenCalledWith(
+      {
+        ...params,
+        resourceContext: Struct.fromJson(params.resourceContext),
+        policyInstance: { ...params.policyInstance, instanceLabel: "todo" },
+      },
+      undefined
+    );
 
     expect(result).toBe(true);
 
@@ -96,11 +107,14 @@ describe("Is", () => {
     };
     const result = await authorizer.Is(params);
 
-    expect(authorizer.AuthClient.is).toHaveBeenCalledWith({
-      ...params,
-      resourceContext: Struct.fromJson(params.resourceContext),
-      policyInstance: { ...params.policyInstance, instanceLabel: "todo" },
-    });
+    expect(authorizer.AuthClient.is).toHaveBeenCalledWith(
+      {
+        ...params,
+        resourceContext: Struct.fromJson(params.resourceContext),
+        policyInstance: { ...params.policyInstance, instanceLabel: "todo" },
+      },
+      undefined
+    );
     expect(result).toBe(true);
 
     mock.mockReset();
@@ -123,7 +137,7 @@ describe("Is", () => {
     };
     const result = await authorizer.Is(params);
 
-    expect(authorizer.AuthClient.is).toHaveBeenCalledWith(params);
+    expect(authorizer.AuthClient.is).toHaveBeenCalledWith(params, undefined);
 
     expect(result).toBe(false);
 
@@ -241,16 +255,19 @@ describe("Query", () => {
       }),
     });
 
-    expect(authorizer.AuthClient.query).toHaveBeenCalledWith({
-      query: "query",
-      input: "input",
-      options: queryOptions({
-        metrics: true,
-        instrument: false,
-        trace: "FULL",
-        traceSummary: false,
-      }),
-    });
+    expect(authorizer.AuthClient.query).toHaveBeenCalledWith(
+      {
+        query: "query",
+        input: "input",
+        options: queryOptions({
+          metrics: true,
+          instrument: false,
+          trace: "FULL",
+          traceSummary: false,
+        }),
+      },
+      undefined
+    );
 
     expect(result).toEqual({ key1: "value1", key2: 2 });