fix: avoid pgid errors when a non-anonymous apiToken is available

src/app/core/services/api/api.service.spec.ts

@@ -4,7 +4,7 @@ import { TestBed } from '@angular/core/testing';
 import { Action, Store } from '@ngrx/store';
 import { MockStore, provideMockStore } from '@ngrx/store/testing';
 import { noop } from 'rxjs';
-import { anything, capture, spy, verify } from 'ts-mockito';
+import { anything, capture, instance, mock, spy, verify } from 'ts-mockito';
 
 import { HttpError } from 'ish-core/models/http-error/http-error.model';
 import { Link } from 'ish-core/models/link/link.model';
@@ -19,6 +19,7 @@ import { CoreStoreModule } from 'ish-core/store/core/core-store.module';
 import { serverError } from 'ish-core/store/core/error';
 import { isServerConfigurationLoaded, loadServerConfigSuccess } from 'ish-core/store/core/server-config';
 import { getPGID } from 'ish-core/store/customer/user';
+import { CookiesService } from 'ish-core/utils/cookies/cookies.service';
 
 import { ApiService, unpackEnvelope } from './api.service';
 
@@ -37,6 +38,7 @@ describe('Api Service', () => {
         // https://angular.io/guide/http#testing-http-requests
         imports: [HttpClientTestingModule],
         providers: [
+          { provide: CookiesService, useFactory: () => instance(mock(CookiesService)) },
           provideMockStore({
             selectors: [
               { selector: isServerConfigurationLoaded, value: true },
@@ -197,6 +199,7 @@ describe('Api Service', () => {
       TestBed.configureTestingModule({
         imports: [HttpClientTestingModule],
         providers: [
+          { provide: CookiesService, useFactory: () => instance(mock(CookiesService)) },
           provideMockStore({
             selectors: [
               { selector: isServerConfigurationLoaded, value: true },
@@ -402,6 +405,7 @@ describe('Api Service', () => {
       TestBed.configureTestingModule({
         imports: [HttpClientTestingModule],
         providers: [
+          { provide: CookiesService, useFactory: () => instance(mock(CookiesService)) },
           provideMockStore({
             selectors: [
               { selector: isServerConfigurationLoaded, value: true },
@@ -557,6 +561,7 @@ describe('Api Service', () => {
       TestBed.configureTestingModule({
         // https://angular.io/guide/http#testing-http-requests
         imports: [CoreStoreModule.forTesting(['configuration', 'serverConfig']), HttpClientTestingModule],
+        providers: [{ provide: CookiesService, useFactory: () => instance(mock(CookiesService)) }],
       });
 
       apiService = TestBed.inject(ApiService);
@@ -680,6 +685,7 @@ describe('Api Service', () => {
       TestBed.configureTestingModule({
         imports: [HttpClientTestingModule],
         providers: [
+          { provide: CookiesService, useFactory: () => instance(mock(CookiesService)) },
           provideMockStore({
             selectors: [
               { selector: isServerConfigurationLoaded, value: true },

src/app/core/services/api/api.service.ts

@@ -27,6 +27,8 @@ import {
 import { communicationTimeoutError, serverError } from 'ish-core/store/core/error';
 import { isServerConfigurationLoaded } from 'ish-core/store/core/server-config';
 import { getLoggedInCustomer, getLoggedInUser, getPGID } from 'ish-core/store/customer/user';
+import { ApiTokenCookie } from 'ish-core/utils/api-token/api-token.service';
+import { CookiesService } from 'ish-core/utils/cookies/cookies.service';
 import { whenTruthy } from 'ish-core/utils/operators';
 import { encodeResourceID } from 'ish-core/utils/url-resource-ids';
 
@@ -68,7 +70,7 @@ export class ApiService {
   static TOKEN_HEADER_KEY = 'authentication-token';
   static AUTHORIZATION_HEADER_KEY = 'Authorization';
 
-  constructor(private httpClient: HttpClient, private store: Store) {}
+  constructor(private httpClient: HttpClient, private store: Store, private cookiesService: CookiesService) {}
 
   /**
 -  * sets the request header for the appropriate captcha service
@@ -131,15 +133,29 @@ export class ApiService {
     if (path.startsWith('http://') || path.startsWith('https://')) {
       return of(path);
     }
+
+    // get current apiToken cookie information
+    const apiToken = this.getApiTokenFromCookie();
+
     return combineLatest([
       this.store.pipe(select(getRestEndpoint), whenTruthy()),
       this.getLocale$(options),
       this.getCurrency$(options),
       of('/'),
       of(path.includes('/') ? path.split('/')[0] : path),
       // pgid
-      this.store.pipe(
-        select(getPGID),
+      iif(
+        () => !!apiToken,
+        // when an apiToken is available, then the pgid has to be set when the options are enabled
+        of(true).pipe(
+          withLatestFrom(
+            this.store.pipe(select(getPGID), options?.sendPGID || options?.sendSPGID ? whenTruthy() : identity)
+          ),
+          map(([, pgid]) => pgid)
+        ),
+        // when no apiToken is available, the stream does not to wait for a truthy pgid
+        this.store.pipe(select(getPGID))
+      ).pipe(
         map(pgid => (options?.sendPGID && pgid ? `;pgid=${pgid}` : options?.sendSPGID && pgid ? `;spgid=${pgid}` : ''))
       ),
       // remaining path
@@ -200,6 +216,22 @@ export class ApiService {
     ]);
   }
 
+  /**
+   * retrieve an apiToken when it is assigned to an authenticated user
+   */
+  private getApiTokenFromCookie(): string {
+    const cookieContent = this.cookiesService.get('apiToken');
+    if (cookieContent) {
+      try {
+        const apiTokenCookie: ApiTokenCookie = JSON.parse(cookieContent);
+        return !apiTokenCookie?.isAnonymous ? apiTokenCookie.apiToken : undefined;
+      } catch (err) {
+        // ignore
+      }
+    }
+    return;
+  }
+
   /**
    * http get request
    */

src/app/core/utils/api-token/api-token.service.ts

@@ -49,7 +49,7 @@ import { mapToProperty, whenTruthy } from 'ish-core/utils/operators';
 
 type ApiTokenCookieType = 'user' | 'order' | 'anonymous';
 
-interface ApiTokenCookie {
+export interface ApiTokenCookie {
   apiToken: string;
   type: ApiTokenCookieType;
   isAnonymous?: boolean;