diff --git a/packages/core/src/middleware/koa-auth.test.ts b/packages/core/src/middleware/koa-auth.test.ts index 92d9c01f0..3238a4284 100644 --- a/packages/core/src/middleware/koa-auth.test.ts +++ b/packages/core/src/middleware/koa-auth.test.ts @@ -41,6 +41,19 @@ describe('koaAuth middleware', () => { spy.mockRestore(); }); + it('should read `development-user-id` from headers if not production', async () => { + const mockCtx = { + ...ctx, + request: { + ...ctx.request, + headers: { ...ctx.request.headers, 'development-user-id': 'foo' }, + }, + }; + + await koaAuth()(mockCtx, next); + expect(mockCtx.auth).toEqual('foo'); + }); + it('should set user auth with given sub returned from accessToken', async () => { ctx.request = { ...ctx.request, diff --git a/packages/core/src/middleware/koa-auth.ts b/packages/core/src/middleware/koa-auth.ts index d150c68aa..2076bed31 100644 --- a/packages/core/src/middleware/koa-auth.ts +++ b/packages/core/src/middleware/koa-auth.ts @@ -35,9 +35,10 @@ const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) = const getUserInfoFromRequest = async (request: Request) => { const { isProduction, developmentUserId, oidc } = envSet.values; + const userId = developmentUserId || request.headers['development-user-id']?.toString(); - if (!isProduction && developmentUserId) { - return developmentUserId; + if (!isProduction && userId) { + return userId; } const { publicKey, issuer } = oidc;