Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/21.0' into feat/add_clientId_sec…
Browse files Browse the repository at this point in the history
…ret_and_refreshTokenRotation_settings
  • Loading branch information
porcellus committed Oct 18, 2024
2 parents d489e1d + 4545368 commit b658593
Show file tree
Hide file tree
Showing 12 changed files with 19 additions and 420 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

- Changes type of value in formField object to be `unknown` instead of `string` to add support for accepting any type of value in form fields.
- Only supporting CDI 5.2, Compatible with Core version >= 10.0
- Changed the default value of `overwriteSessionDuringSignInUp` to true.
- Removed the `overwriteSessionDuringSignInUp` option.
- Added a new `shouldTryLinkingWithSessionUser` to sign in/up related APIs (and the related recipe functions)
- This will default to false on the API
- This will be set to true in function calls if you pass a session, otherwise it is set to false
Expand Down
56 changes: 12 additions & 44 deletions lib/build/authUtils.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion lib/build/recipe/session/recipe.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -54,5 +54,4 @@ export default class SessionRecipe extends RecipeModule {
response: BaseResponse,
userContext: UserContext
) => Promise<import("./types").SessionContainerInterface | undefined>;
getNormalisedOverwriteSessionDuringSignInUp: (req: any) => boolean;
}
8 changes: 0 additions & 8 deletions lib/build/recipe/session/recipe.js
Original file line number Diff line number Diff line change
Expand Up @@ -178,14 +178,6 @@ class SessionRecipe extends recipeModule_1.default {
userContext,
});
};
this.getNormalisedOverwriteSessionDuringSignInUp = (req) => {
var _a;
const supportsFDI31 = utils_2.hasGreaterThanEqualToFDI(req, "3.1");
const res =
(_a = this.config.overwriteSessionDuringSignInUp) !== null && _a !== void 0 ? _a : supportsFDI31;
logger_1.logDebugMessage("getNormalisedOverwriteSessionDuringSignInUp returning: " + res);
return res;
};
this.config = utils_1.validateAndNormaliseUserInput(this, appInfo, config);
const antiCsrfToLog =
typeof this.config.antiCsrfFunctionOrString === "string"
Expand Down
2 changes: 0 additions & 2 deletions lib/build/recipe/session/types.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@ export declare type TypeInput = {
cookieSameSite?: "strict" | "lax" | "none";
cookieDomain?: string;
olderCookieDomain?: string;
overwriteSessionDuringSignInUp?: boolean;
getTokenTransferMethod?: (input: {
req: BaseRequest;
forCreateNewSession: boolean;
Expand Down Expand Up @@ -77,7 +76,6 @@ export declare type TypeNormalisedInput = {
cookieSecure: boolean;
sessionExpiredStatusCode: number;
errorHandlers: NormalisedErrorHandlers;
overwriteSessionDuringSignInUp: boolean | undefined;
antiCsrfFunctionOrString:
| "VIA_TOKEN"
| "VIA_CUSTOM_HEADER"
Expand Down
2 changes: 0 additions & 2 deletions lib/build/recipe/session/utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -230,8 +230,6 @@ function validateAndNormaliseUserInput(recipeInstance, appInfo, config) {
antiCsrfFunctionOrString: antiCsrf,
override,
invalidClaimStatusCode,
overwriteSessionDuringSignInUp:
config === null || config === void 0 ? void 0 : config.overwriteSessionDuringSignInUp,
jwksRefreshIntervalSec:
(_d = config === null || config === void 0 ? void 0 : config.jwksRefreshIntervalSec) !== null &&
_d !== void 0
Expand Down
37 changes: 4 additions & 33 deletions lib/ts/authUtils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ import SessionError from "./recipe/session/error";
import { Error as STError, getUser } from ".";
import { AccountInfoWithRecipeId } from "./recipe/accountlinking/types";
import { BaseRequest, BaseResponse } from "./framework";
import SessionRecipe from "./recipe/session/recipe";
import { logDebugMessage } from "./logger";
import { EmailVerificationClaim } from "./recipe/emailverification";
import SuperTokensError from "./error";
Expand Down Expand Up @@ -276,24 +275,14 @@ export const AuthUtils = {
await MultiFactorAuth.markFactorAsCompleteInSession(respSession!, factorId, userContext);
}
} else {
logDebugMessage(`postAuthChecks checking overwriteSessionDuringSignInUp`);
// If the new user wasn't linked to the current one, we check the config and overwrite the session if required
// If the new user wasn't linked to the current one, we overwrite the session
// Note: we could also get here if MFA is enabled, but the app didn't want to link the user to the session user.
// This is intentional, since the MFA and overwriteSessionDuringSignInUp configs should work independently.
let overwriteSessionDuringSignInUp = SessionRecipe.getInstanceOrThrowError().getNormalisedOverwriteSessionDuringSignInUp(
req
);
if (overwriteSessionDuringSignInUp) {
respSession = await Session.createNewSession(req, res, tenantId, recipeUserId, {}, {}, userContext);
if (mfaInstance !== undefined) {
await MultiFactorAuth.markFactorAsCompleteInSession(respSession!, factorId, userContext);
}
respSession = await Session.createNewSession(req, res, tenantId, recipeUserId, {}, {}, userContext);
if (mfaInstance !== undefined) {
await MultiFactorAuth.markFactorAsCompleteInSession(respSession!, factorId, userContext);
}
}
} else {
// We do not have to care about overwriting the session here, since we either:
// - have overwriteSessionDuringSignInUp true and we didn't even try to load the session because we ignore it anyway
// - have overwriteSessionDuringSignInUp false and we checked in the api imlp that there is no session
logDebugMessage(`postAuthChecks creating session for first factor sign in/up`);
// If there is no input session, we do not need to do anything other checks and create a new session
respSession = await Session.createNewSession(req, res, tenantId, recipeUserId, {}, {}, userContext);
Expand Down Expand Up @@ -1024,10 +1013,6 @@ export const AuthUtils = {
shouldTryLinkingWithSessionUser: boolean | undefined,
userContext: UserContext
) {
const overwriteSessionDuringSignInUp = SessionRecipe.getInstanceOrThrowError().getNormalisedOverwriteSessionDuringSignInUp(
req
);

if (shouldTryLinkingWithSessionUser !== false) {
logDebugMessage(
"loadSessionInAuthAPIIfNeeded: loading session because shouldTryLinkingWithSessionUser is not set to false so we may want to link later"
Expand All @@ -1045,20 +1030,6 @@ export const AuthUtils = {
);
}

if (overwriteSessionDuringSignInUp === false) {
logDebugMessage(
"loadSessionInAuthAPIIfNeeded: loading session in optional mode because overwriteSessionDuringSignInUp is false so if it is not found we will skip session creation"
);
return await Session.getSession(
req,
res,
{
sessionRequired: false,
overrideGlobalClaimValidators: () => [],
},
userContext
);
}
logDebugMessage(
"loadSessionInAuthAPIIfNeeded: skipping session loading because we are not linking and we would overwrite it anyway"
);
Expand Down
9 changes: 1 addition & 8 deletions lib/ts/recipe/session/recipe.ts
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ import OverrideableBuilder from "supertokens-js-override";
import { APIOptions } from ".";
import { logDebugMessage } from "../../logger";
import { resetCombinedJWKS } from "../../combinedRemoteJWKSet";
import { hasGreaterThanEqualToFDI, isTestEnv } from "../../utils";
import { isTestEnv } from "../../utils";

// For Express
export default class SessionRecipe extends RecipeModule {
Expand Down Expand Up @@ -272,11 +272,4 @@ export default class SessionRecipe extends RecipeModule {
userContext,
});
};

getNormalisedOverwriteSessionDuringSignInUp = (req: any) => {
const supportsFDI31 = hasGreaterThanEqualToFDI(req, "3.1");
const res = this.config.overwriteSessionDuringSignInUp ?? supportsFDI31;
logDebugMessage("getNormalisedOverwriteSessionDuringSignInUp returning: " + res);
return res;
};
}
2 changes: 0 additions & 2 deletions lib/ts/recipe/session/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@ export type TypeInput = {
cookieSameSite?: "strict" | "lax" | "none";
cookieDomain?: string;
olderCookieDomain?: string;
overwriteSessionDuringSignInUp?: boolean;

getTokenTransferMethod?: (input: {
req: BaseRequest;
Expand Down Expand Up @@ -102,7 +101,6 @@ export type TypeNormalisedInput = {
cookieSecure: boolean;
sessionExpiredStatusCode: number;
errorHandlers: NormalisedErrorHandlers;
overwriteSessionDuringSignInUp: boolean | undefined;

antiCsrfFunctionOrString:
| "VIA_TOKEN"
Expand Down
1 change: 0 additions & 1 deletion lib/ts/recipe/session/utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -303,7 +303,6 @@ export function validateAndNormaliseUserInput(
antiCsrfFunctionOrString: antiCsrf,
override,
invalidClaimStatusCode,
overwriteSessionDuringSignInUp: config?.overwriteSessionDuringSignInUp,
jwksRefreshIntervalSec: config?.jwksRefreshIntervalSec ?? 3600 * 4,
};
}
Expand Down
Loading

0 comments on commit b658593

Please sign in to comment.