From c75c2b1dd57958a83c970341751b5d3f73538c81 Mon Sep 17 00:00:00 2001
From: TekH <h.tek@digitaldata.works>
Date: Thu, 20 Nov 2025 10:33:54 +0100
Subject: [PATCH] feat(envelope-api.js): append envKey query parameter to all
 outgoing requests

Added automatic injection of the envKey query parameter into all request URLs within sendRequest.
Updated URL handling to use the URL API, ensuring consistent parameter merging and preventing missing envKey issues.
---
 .../wwwroot/js/envelope-api.js                | 117 +++++++++---------
 .../wwwroot/js/envelope-api.min.js            |   2 +-
 2 files changed, 62 insertions(+), 57 deletions(-)

diff --git a/EnvelopeGenerator.Web/wwwroot/js/envelope-api.js b/EnvelopeGenerator.Web/wwwroot/js/envelope-api.js
index 7e6eecd2..cde8c2bb 100644
--- a/EnvelopeGenerator.Web/wwwroot/js/envelope-api.js
+++ b/EnvelopeGenerator.Web/wwwroot/js/envelope-api.js
@@ -1,106 +1,111 @@
 //#region parameters
 const env = Object.freeze({
-  __lazyXsrfToken: new Lazy(() => document.getElementsByName('__RequestVerificationToken')[0].value),
-  get xsrfToken() {
-    return this.__lazyXsrfToken.value;
-  }
+    __lazyXsrfToken: new Lazy(() => document.getElementsByName('__RequestVerificationToken')[0].value),
+    get xsrfToken() {
+        return this.__lazyXsrfToken.value;
+    }
 })
 
 const url = Object.freeze({
-  reject: `/api/annotation/reject`,
-  share: `/api/readonly`
+    reject: `/api/annotation/reject`,
+    share: `/api/readonly`
 });
 //#endregion
 
 //#region request helper methods
 function sendRequest(method, url, body = undefined) {
-  const options = {
-    credentials: 'include',
-    method: method,
-    headers: {
-      'X-XSRF-TOKEN': env.xsrfToken
+    const urlObj = new URL(url, window.location.origin);
+    if (!urlObj.searchParams.has("envKey")) {
+        urlObj.searchParams.set("envKey", ENV_KEY);
+    }
+
+    const options = {
+        credentials: 'include',
+        method: method,
+        headers: {
+            'X-XSRF-TOKEN': env.xsrfToken
+        }
     }
-  }
 
-  if (body !== undefined) {
-    options.body = JSON.stringify(body);
-    options.headers['Content-Type'] = 'application/json';
-  }
+    if (body !== undefined) {
+        options.body = JSON.stringify(body);
+        options.headers['Content-Type'] = 'application/json';
+    }
 
-  return fetch(url, options);
+    return fetch(urlObj, options);
 }
 
 function getRequest(url) {
-  return sendRequest('GET', url);
+    return sendRequest('GET', url);
 }
 
 function getJson(url) {
-  return sendRequest('GET', url).then(res => {
-    if (res.ok)
-      return res.json();
-    throw new Error(`Request failed with status ${res.status}`);
-  });
+    return sendRequest('GET', url).then(res => {
+        if (res.ok)
+            return res.json();
+        throw new Error(`Request failed with status ${res.status}`);
+    });
 }
 
 function postRequest(url, body = undefined) {
-  return sendRequest('POST', url, body);
+    return sendRequest('POST', url, body);
 }
 
 function reload() {
-  window.location.reload();
+    window.location.reload();
 }
 
 function redirect(url) {
-  window.location.href = url;
+    window.location.href = url;
 }
 //#endregion
 
 //#region envelope
 function signEnvelope(annotations) {
-  return postRequest(`/api/annotation`, annotations)
+    return postRequest(`/api/annotation`, annotations)
 }
 
 async function getAnnotationParams(leftInInch = 0, topInInch = 0, inchToPointFactor = 72) {
-  const annotParams = await getJson("/api/Config/Annotations");
-
-  for (var key in annotParams) {
-    var annot = annotParams[key];
-    annot.width *= inchToPointFactor;
-    annot.height *= inchToPointFactor;
-    annot.left += leftInInch - 0.7;
-    annot.left *= inchToPointFactor;
-    annot.top += topInInch - 0.5;
-    annot.top *= inchToPointFactor;
-  }
-
-  return annotParams;
+    const annotParams = await getJson("/api/Config/Annotations");
+
+    for (var key in annotParams) {
+        var annot = annotParams[key];
+        annot.width *= inchToPointFactor;
+        annot.height *= inchToPointFactor;
+        annot.left += leftInInch - 0.7;
+        annot.left *= inchToPointFactor;
+        annot.top += topInInch - 0.5;
+        annot.top *= inchToPointFactor;
+    }
+
+    return annotParams;
 }
 
 function rejectEnvelope(reason) {
-  return postRequest(url.reject, reason);
+    return postRequest(url.reject, reason);
 }
 
 function shareEnvelope(receiverMail, dateValid) {
-  return postRequest(url.share, { receiverMail: receiverMail, dateValid: dateValid });
+    return postRequest(url.share, { receiverMail: receiverMail, dateValid: dateValid });
 }
 //#endregion
 
 async function setLanguage(language) {
-  const hasLang = await getJson('/api/localization/lang')
-    .then(langs => langs.includes(language));
-
-  if (hasLang)
-    postRequest(`/api/localization/lang/${language}`)
-      .then(response => {
-        if (response.redirected)
-          redirect(response.url);
-      });
+    const hasLang = await getJson('/api/localization/lang')
+        .then(langs => langs.includes(language));
+
+    if (hasLang)
+        postRequest(`/api/localization/lang/${language}`)
+            .then(response => {
+                if (response.redirected)
+                    redirect(response.url);
+            });
 }
 
 function logout() {
-  return postRequest(`/auth/logout`)
-    .then(res => {
-      if (res.ok)
-        window.location.href = "/";
-    });
+    return postRequest(`/auth/logout`)
+        .then(res => {
+            if (res.ok)
+                window.location.href = "/";
+        });
 }
\ No newline at end of file
diff --git a/EnvelopeGenerator.Web/wwwroot/js/envelope-api.min.js b/EnvelopeGenerator.Web/wwwroot/js/envelope-api.min.js
index 5f46c0f8..49abc921 100644
--- a/EnvelopeGenerator.Web/wwwroot/js/envelope-api.min.js
+++ b/EnvelopeGenerator.Web/wwwroot/js/envelope-api.min.js
@@ -1 +1 @@
-function sendRequest(n,t,i=undefined){const r={credentials:"include",method:n,headers:{"X-XSRF-TOKEN":env.xsrfToken}};return i!==undefined&&(r.body=JSON.stringify(i),r.headers["Content-Type"]="application/json"),fetch(t,r)}function getRequest(n){return sendRequest("GET",n)}function getJson(n){return sendRequest("GET",n).then(n=>{if(n.ok)return n.json();throw new Error(`Request failed with status ${n.status}`);})}function postRequest(n,t=undefined){return sendRequest("POST",n,t)}function reload(){window.location.reload()}function redirect(n){window.location.href=n}function signEnvelope(n){return postRequest(`/api/annotation`,n)}async function getAnnotationParams(n=0,t=0,i=72){var f,r;const u=await getJson("/api/Config/Annotations");for(f in u)r=u[f],r.width*=i,r.height*=i,r.left+=n-.7,r.left*=i,r.top+=t-.5,r.top*=i;return u}function rejectEnvelope(n){return postRequest(url.reject,n)}function shareEnvelope(n,t){return postRequest(url.share,{receiverMail:n,dateValid:t})}async function setLanguage(n){const t=await getJson("/api/localization/lang").then(t=>t.includes(n));t&&postRequest(`/api/localization/lang/${n}`).then(n=>{n.redirected&&redirect(n.url)})}function logout(){return postRequest(`/auth/logout`).then(n=>{n.ok&&(window.location.href="/")})}const env=Object.freeze({__lazyXsrfToken:new Lazy(()=>document.getElementsByName("__RequestVerificationToken")[0].value),get xsrfToken(){return this.__lazyXsrfToken.value}}),url=Object.freeze({reject:`/api/annotation/reject`,share:`/api/readonly`});
\ No newline at end of file
+function sendRequest(n,t,i=undefined){const r=new URL(t,window.location.origin);r.searchParams.has("envKey")||r.searchParams.set("envKey",ENV_KEY);const u={credentials:"include",method:n,headers:{"X-XSRF-TOKEN":env.xsrfToken}};return i!==undefined&&(u.body=JSON.stringify(i),u.headers["Content-Type"]="application/json"),fetch(r,u)}function getRequest(n){return sendRequest("GET",n)}function getJson(n){return sendRequest("GET",n).then(n=>{if(n.ok)return n.json();throw new Error(`Request failed with status ${n.status}`);})}function postRequest(n,t=undefined){return sendRequest("POST",n,t)}function reload(){window.location.reload()}function redirect(n){window.location.href=n}function signEnvelope(n){return postRequest(`/api/annotation`,n)}async function getAnnotationParams(n=0,t=0,i=72){var f,r;const u=await getJson("/api/Config/Annotations");for(f in u)r=u[f],r.width*=i,r.height*=i,r.left+=n-.7,r.left*=i,r.top+=t-.5,r.top*=i;return u}function rejectEnvelope(n){return postRequest(url.reject,n)}function shareEnvelope(n,t){return postRequest(url.share,{receiverMail:n,dateValid:t})}async function setLanguage(n){const t=await getJson("/api/localization/lang").then(t=>t.includes(n));t&&postRequest(`/api/localization/lang/${n}`).then(n=>{n.redirected&&redirect(n.url)})}function logout(){return postRequest(`/auth/logout`).then(n=>{n.ok&&(window.location.href="/")})}const env=Object.freeze({__lazyXsrfToken:new Lazy(()=>document.getElementsByName("__RequestVerificationToken")[0].value),get xsrfToken(){return this.__lazyXsrfToken.value}}),url=Object.freeze({reject:`/api/annotation/reject`,share:`/api/readonly`});
\ No newline at end of file