From 3b98ecc3e776f1923f86bcea7827e13c3f2b3d23 Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Fri, 3 May 2024 10:34:06 +0200
Subject: [PATCH 1/3] set XSRF header on userprofile request

moves getCylcHeaders to utils/url as a common utility to be applied to all requests
---
 src/graphql/graphiql.js      |  3 ++-
 src/graphql/index.js         | 17 +----------------
 src/services/user.service.js |  7 +++++--
 src/utils/urls.js            | 18 +++++++++++++++++-
 4 files changed, 25 insertions(+), 20 deletions(-)

diff --git a/src/graphql/graphiql.js b/src/graphql/graphiql.js
index 2a512c0e2..a2040d441 100644
--- a/src/graphql/graphiql.js
+++ b/src/graphql/graphiql.js
@@ -18,7 +18,8 @@
 // Code related to GraphiQL
 
 import { parse } from 'graphql'
-import { createGraphQLUrls, getCylcHeaders } from '@/graphql/index'
+import { createGraphQLUrls } from '@/graphql/index'
+import { getCylcHeaders } from '@/utils/urls'
 
 // TODO: https://github.com/apollographql/GraphiQL-Subscriptions-Fetcher/issues/16
 //       the functions hasSubscriptionOperation and graphQLFetcher are both from
diff --git a/src/graphql/index.js b/src/graphql/index.js
index 17ce231af..3d2b35ed1 100644
--- a/src/graphql/index.js
+++ b/src/graphql/index.js
@@ -27,7 +27,7 @@ import { WebSocketLink } from '@apollo/client/link/ws'
 import { setContext } from '@apollo/client/link/context'
 import { SubscriptionClient } from 'subscriptions-transport-ws'
 import { store } from '@/store/index'
-import { createUrl } from '@/utils/urls'
+import { createUrl, getCylcHeaders } from '@/utils/urls'
 
 /** @typedef {import('subscriptions-transport-ws').ClientOptions} ClientOptions */
 
@@ -46,21 +46,6 @@ export function createGraphQLUrls () {
   }
 }
 
-/**
- * Get request headers for use with UI Server requests.
- *
- * - Adds X-XSRFToken header for hubless token based auth.
- */
-export function getCylcHeaders () {
-  const xsrfToken = document.cookie.match('\\b_xsrf=([^;]*)\\b')
-  const cylcHeaders = {}
-  if (Array.isArray(xsrfToken) && xsrfToken.length > 0) {
-    // pick the last match
-    cylcHeaders['X-XSRFToken'] = xsrfToken.splice(-1)
-  }
-  return cylcHeaders
-}
-
 /**
  * Create a subscription client.
  *
diff --git a/src/services/user.service.js b/src/services/user.service.js
index ebaf16d1d..3c5c4e20b 100644
--- a/src/services/user.service.js
+++ b/src/services/user.service.js
@@ -17,7 +17,7 @@
 
 import axios from 'axios'
 import User from '@/model/User.model'
-import { createUrl } from '@/utils/urls'
+import { createUrl, getCylcHeaders } from '@/utils/urls'
 
 class UserService {
   /**
@@ -25,7 +25,10 @@ class UserService {
    * @returns {Promise<*>} - a promise that dispatches Vuex action
    */
   getUserProfile () {
-    return axios.get(createUrl('userprofile')).then(({ data }) => {
+    return axios.get(
+      createUrl('userprofile'),
+      { headers: getCylcHeaders() },
+    ).then(({ data }) => {
       return new User(
         data.name,
         data.groups,
diff --git a/src/utils/urls.js b/src/utils/urls.js
index 7b92ee05f..877406262 100644
--- a/src/utils/urls.js
+++ b/src/utils/urls.js
@@ -72,6 +72,22 @@ function createUrl (path, websockets = false, baseOnly = false) {
   return normalize(url)
 }
 
+/**
+ * Get request headers for use with UI Server requests.
+ *
+ * - Adds X-XSRFToken header cookie-based auth.
+ */
+function getCylcHeaders () {
+  const xsrfToken = document.cookie.match('\\b_xsrf=([^;]*)\\b')
+  const cylcHeaders = {}
+  if (Array.isArray(xsrfToken) && xsrfToken.length > 0) {
+    // pick the last match
+    cylcHeaders['X-XSRFToken'] = xsrfToken.splice(-1)
+  }
+  return cylcHeaders
+}
+
 export {
-  createUrl
+  createUrl,
+  getCylcHeaders,
 }

From b0d93463cdb79f036ee16359bc2724c7c696ea9a Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Fri, 3 May 2024 10:46:22 +0200
Subject: [PATCH 2/3] add myself to contributors

---
 CONTRIBUTING.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 5e30dd035..69c8e59e5 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -60,6 +60,7 @@ below.
  - Jamie Allen
  - Christopher Bennett
  - Mark Dawson
+ - Min RK
 <!-- end-shortlog -->
 
 (All contributors are identifiable with email addresses in the git version

From 26a117de465288458dd686422ebb95034ddc5ed2 Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Fri, 3 May 2024 10:54:56 +0200
Subject: [PATCH 3/3] add changelog entry for 1778

---
 changes.d/1778.fix | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changes.d/1778.fix

diff --git a/changes.d/1778.fix b/changes.d/1778.fix
new file mode 100644
index 000000000..b8d3bcbf2
--- /dev/null
+++ b/changes.d/1778.fix
@@ -0,0 +1 @@
+Compatibility with JupyterHub 4.1 XSRF changes
\ No newline at end of file