Chi 3523 aselo webchat poc backend #3724
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Conflicts: # lambdas/account-scoped/src/router.ts
…elo_webchat_poc_backend
6 tasks
gpaoloni
reviewed
Dec 11, 2025
Collaborator
There was a problem hiding this comment.
Hard for me to distinguish what is the original React app that we are basing off and what is the custom code being added, so I don't think I can make useful comments on this one
EDIT: Sorry this was intended to go in #3726 🤦♂️
gpaoloni
approved these changes
Dec 12, 2025
Collaborator
gpaoloni
left a comment
gpaoloni
left a comment
There was a problem hiding this comment.
Looks good to me! I tried accessing hrm with the token generated here and it does not grants access
tokenResult {
"_tag": "Result",
"status": "error",
"message": "Invalid token provided",
"error": "Invalid Access Token grants"
}
| }; | ||
| }; | ||
|
|
||
| export const newJsErrorResult = <TError extends Error>( |
Collaborator
There was a problem hiding this comment.
Isn't this the same as newErr({ message: error.message, error })?
Comment on lines
+113
to
+120
| 'webchatAuth/initWebchat': { | ||
| requestPipeline: [], | ||
| handler: initWebchatHandler, | ||
| }, | ||
| 'webchatAuth/refreshToken': { | ||
| requestPipeline: [], | ||
| handler: refreshTokenHandler, | ||
| }, |
Collaborator
There was a problem hiding this comment.
Are these needed in both. here and in ENV_SHORTCODE_ROUTES?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Follows on from #3726 by implementing our own auth backend in the account scoped lambda.
It adds an auth mechanism for endpoints restricted to 'guest' webchat users, and allows routes using the helpline short code (because new webchat hides account SIDs from users)
Checklist
Other Related Issues
None
Verification steps
AFTER YOU MERGE
You are responsible for ensuring the above steps are completed. If you move a ticket into QA without advising what version to test, the QA team will assume the latest tag has the changes. If it does not, the following confusion is on you! :-P