@@ -17,6 +17,7 @@ import {
1717 isPersonalAccessToken ,
1818} from "./personalAccessToken.server" ;
1919import { isPublicJWT , validatePublicJwtKey } from "./realtime/jwtAuth.server" ;
20+ import { sanitizeBranchName } from "./upsertBranch.server" ;
2021
2122const ClaimsSchema = z . object ( {
2223 scopes : z . array ( z . string ( ) ) . optional ( ) ,
@@ -261,14 +262,18 @@ function isSecretApiKey(key: string) {
261262 return key . startsWith ( "tr_" ) ;
262263}
263264
265+ export function branchNameFromRequest ( request : Request ) : string | undefined {
266+ return request . headers . get ( "x-trigger-branch" ) ?? undefined ;
267+ }
268+
264269function getApiKeyFromRequest ( request : Request ) : {
265270 apiKey : string | undefined ;
266271 branchName : string | undefined ;
267272} {
268273 const apiKey = getApiKeyFromHeader ( request . headers . get ( "Authorization" ) ) ;
269- const branchHeaderValue = request . headers . get ( "x-trigger-branch" ) ;
274+ const branchName = branchNameFromRequest ( request ) ;
270275
271- return { apiKey, branchName : branchHeaderValue ? branchHeaderValue : undefined } ;
276+ return { apiKey, branchName } ;
272277}
273278
274279function getApiKeyFromHeader ( authorization ?: string | null ) {
@@ -340,7 +345,8 @@ export async function authenticateProjectApiKeyOrPersonalAccessToken(
340345export async function authenticatedEnvironmentForAuthentication (
341346 auth : DualAuthenticationResult ,
342347 projectRef : string ,
343- slug : string
348+ slug : string ,
349+ branch ?: string
344350) : Promise < AuthenticatedEnvironment > {
345351 if ( slug === "staging" ) {
346352 slug = "stg" ;
@@ -362,7 +368,7 @@ export async function authenticatedEnvironmentForAuthentication(
362368 ) ;
363369 }
364370
365- if ( auth . result . environment . slug !== slug ) {
371+ if ( auth . result . environment . slug !== slug && auth . result . environment . branchName !== branch ) {
366372 throw json (
367373 {
368374 error :
@@ -391,22 +397,53 @@ export async function authenticatedEnvironmentForAuthentication(
391397 throw json ( { error : "Project not found" } , { status : 404 } ) ;
392398 }
393399
400+ if ( ! branch ) {
401+ const environment = await prisma . runtimeEnvironment . findFirst ( {
402+ where : {
403+ projectId : project . id ,
404+ slug : slug ,
405+ } ,
406+ include : {
407+ project : true ,
408+ organization : true ,
409+ } ,
410+ } ) ;
411+
412+ if ( ! environment ) {
413+ throw json ( { error : "Environment not found" } , { status : 404 } ) ;
414+ }
415+
416+ return environment ;
417+ }
418+
394419 const environment = await prisma . runtimeEnvironment . findFirst ( {
395420 where : {
396421 projectId : project . id ,
397422 slug : slug ,
423+ branchName : sanitizeBranchName ( branch ) ,
424+ archivedAt : null ,
398425 } ,
399426 include : {
400427 project : true ,
401428 organization : true ,
429+ parentEnvironment : true ,
402430 } ,
403431 } ) ;
404432
405433 if ( ! environment ) {
406- throw json ( { error : "Environment not found" } , { status : 404 } ) ;
434+ throw json ( { error : "Branch not found" } , { status : 404 } ) ;
435+ }
436+
437+ if ( ! environment . parentEnvironment ) {
438+ throw json ( { error : "Branch not associated with a preview environment" } , { status : 400 } ) ;
407439 }
408440
409- return environment ;
441+ return {
442+ ...environment ,
443+ apiKey : environment . parentEnvironment . apiKey ,
444+ organization : environment . organization ,
445+ project : environment . project ,
446+ } ;
410447 }
411448 }
412449}
0 commit comments