feat: add client id secret and refresh token rotation settings + fix …

…CI issues (#953) * feat: add clientId and secret to the returned info about clients and refresh token rotation flag * ci: update ci scripts to add new encryption key prop * ci: re-add params in continuation * chore: fix export definitions for custom framework * feat: remove the OAuth2Client recipe * chore: update changelog + remove unused prop from test server * refactor: small consistency improvements * feat: add email and phonenumber information into oauth access tokens * fix: fetch clientId from the auth header if present * refactor: removed unused const + test consistency fix * feat: test fixes * test: add missing function to test server
supertokens · Oct 26, 2024 · dc4ddc2 · dc4ddc2
1 parent 7c9e78a
commit dc4ddc2
Show file tree

Hide file tree

Showing 61 changed files with 191 additions and 1,670 deletions.
diff --git a/.circleci/config_continue.yml b/.circleci/config_continue.yml
@@ -5,6 +5,26 @@ orbs:
     slack: circleci/[email protected]
     jq: circleci/[email protected]
 
+parameters:
+    force:
+        type: boolean
+        default: false
+    cdi-core-map:
+        type: string
+        default: "{}"
+    cdi-plugin-interface-map:
+        type: string
+        default: "{}"
+    fdi-node-map:
+        type: string
+        default: "{}"
+    fdi-auth-react-map:
+        type: string
+        default: "{}"
+    fdi-website-map:
+        type: string
+        default: "{}"
+
 jobs:
     test-dev-tag-as-not-passed:
         docker:

diff --git a/.circleci/forceRunCI.sh b/.circleci/forceRunCI.sh
@@ -2,11 +2,11 @@ PAT=`cat .pat`
 auth=`echo "${PAT}:" | tr -d '\n' | base64 --wrap=0`
 branch=`git rev-parse --abbrev-ref HEAD`
 
-cdiCoreMap='{ "5.2": "feat/oauth-provider-base" }'
-cdiPluginInterfaceMap='{ "5.2": "feat/oauth-provider-base" }'
-fdiNodeMap='{ "3.1": "21.0", "4.0": "21.0" }'
+cdiCoreMap='{ "5.2": "feat/oauth/remaining-changes" }'
+cdiPluginInterfaceMap='{ "5.2": "feat/oauth/remaining-changes" }'
+fdiNodeMap='{ "3.1": "feat/add_clientId_secret_and_refreshTokenRotation_settings", "4.0": "feat/add_clientId_secret_and_refreshTokenRotation_settings" }'
 fdiWebsiteMap='{ "1.17": "20.1", "1.18": "20.1", "1.19": "20.1", "2.0": "20.1", "3.0": "20.1", "3.1": "20.1", "4.0": "20.1" }'
-fdiAuthReactMap='{ "3.1": "0.49", "4.0": "0.49" }'
+fdiAuthReactMap='{ "3.1": "0.48", "4.0": "0.48" }'
 
 data=`jq -cn --arg branch "$branch" \
   --arg cdiCoreMap "$cdiCoreMap" \

diff --git a/.circleci/setupAndTestBackendSDKWithFreeCore.sh b/.circleci/setupAndTestBackendSDKWithFreeCore.sh
@@ -77,6 +77,7 @@ git checkout $coreTag
 sed -i 's/# oauth_provider_public_service_url:/oauth_provider_public_service_url: "http:\/\/localhost:4444"/' devConfig.yaml
 sed -i 's/# oauth_provider_admin_service_url:/oauth_provider_admin_service_url: "http:\/\/localhost:4445"/' devConfig.yaml
 sed -i 's/# oauth_provider_consent_login_base_url:/oauth_provider_consent_login_base_url: "http:\/\/localhost:3001\/auth"/' devConfig.yaml
+sed -i 's/# oauth_client_secret_encryption_key:/oauth_client_secret_encryption_key: "asdfasdfasdfasdfasdf"/' devConfig.yaml
 
 cd ../supertokens-plugin-interface
 git checkout $pluginInterfaceTag

diff --git a/.circleci/setupAndTestWithAuthReact.sh b/.circleci/setupAndTestWithAuthReact.sh
@@ -73,6 +73,7 @@ git checkout $coreTag
 sed -i 's/# oauth_provider_public_service_url:/oauth_provider_public_service_url: "http:\/\/localhost:4444"/' devConfig.yaml
 sed -i 's/# oauth_provider_admin_service_url:/oauth_provider_admin_service_url: "http:\/\/localhost:4445"/' devConfig.yaml
 sed -i 's/# oauth_provider_consent_login_base_url:/oauth_provider_consent_login_base_url: "http:\/\/localhost:3001\/auth"/' devConfig.yaml
+sed -i 's/# oauth_client_secret_encryption_key:/oauth_client_secret_encryption_key: "asdfasdfasdfasdfasdf"/' devConfig.yaml
 
 cd ../supertokens-plugin-interface
 git checkout $pluginInterfaceTag

diff --git a/.circleci/setupAndTestWithFreeCore.sh b/.circleci/setupAndTestWithFreeCore.sh
@@ -76,6 +76,7 @@ git checkout $coreTag
 sed -i 's/# oauth_provider_public_service_url:/oauth_provider_public_service_url: "http:\/\/localhost:4444"/' devConfig.yaml
 sed -i 's/# oauth_provider_admin_service_url:/oauth_provider_admin_service_url: "http:\/\/localhost:4445"/' devConfig.yaml
 sed -i 's/# oauth_provider_consent_login_base_url:/oauth_provider_consent_login_base_url: "http:\/\/localhost:3001\/auth"/' devConfig.yaml
+sed -i 's/# oauth_client_secret_encryption_key:/oauth_client_secret_encryption_key: "asdfasdfasdfasdfasdf"/' devConfig.yaml
 
 cd ../supertokens-plugin-interface
 git checkout $pluginInterfaceTag

diff --git a/.circleci/setupAndTestWithFrontend.sh b/.circleci/setupAndTestWithFrontend.sh
@@ -73,6 +73,7 @@ git checkout $coreTag
 sed -i 's/# oauth_provider_public_service_url:/oauth_provider_public_service_url: "http:\/\/localhost:4444"/' devConfig.yaml
 sed -i 's/# oauth_provider_admin_service_url:/oauth_provider_admin_service_url: "http:\/\/localhost:4445"/' devConfig.yaml
 sed -i 's/# oauth_provider_consent_login_base_url:/oauth_provider_consent_login_base_url: "http:\/\/localhost:3001\/auth"/' devConfig.yaml
+sed -i 's/# oauth_client_secret_encryption_key:/oauth_client_secret_encryption_key: "asdfasdfasdfasdfasdf"/' devConfig.yaml
 
 cd ../supertokens-plugin-interface
 git checkout $pluginInterfaceTag

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -28,16 +28,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
     -   By setting this to true you can enable MFA flows (trying to connect to the session user)
     -   If set to false, the sign-in/up will be considered a first-factor
     -   Changed APIs:
+        -   `EmailPassword.signInPOST`
+        -   `EmailPassword.signUpPOST`
         -   `ThirdParty.signInUpPOST`
         -   `Passwordless.createCodePOST`
         -   `Passwordless.consumeCodePOST`
-        -   `Passwordless.consumeCodePOST`
+        -   `Passwordless.resendCodePOST`
     -   Changed functions:
+        -   `EmailPassword.signIn`
+        -   `EmailPassword.signUp`
         -   `ThirdParty.signInUp`
         -   `ThirdPary.manuallyCreateOrUpdateUser`
         -   `Passwordless.createCode`
         -   `Passwordless.consumeCode`
--   We no longer try to load the session if `shouldTryLinkingWithSessionUser` is set to false and overwriteSessionDuringSignInUp is set to true or left as the default value.
+-   We no longer try to load the session if `shouldTryLinkingWithSessionUser` is set to false.
 -   Changed the return type of `getOpenIdConfiguration` and `getOpenIdDiscoveryConfigurationGET`, and added the following props:
     -   authorization_endpoint
     -   token_endpoint

diff --git a/lib/build/recipe/oauth2client/api/implementation.d.ts b/lib/build/recipe/oauth2client/api/implementation.d.ts
diff --git a/lib/build/recipe/oauth2client/api/implementation.js b/lib/build/recipe/oauth2client/api/implementation.js
diff --git a/lib/build/recipe/oauth2client/api/signin.d.ts b/lib/build/recipe/oauth2client/api/signin.d.ts
diff --git a/lib/build/recipe/oauth2client/api/signin.js b/lib/build/recipe/oauth2client/api/signin.js
diff --git a/lib/build/recipe/oauth2client/constants.d.ts b/lib/build/recipe/oauth2client/constants.d.ts
diff --git a/lib/build/recipe/oauth2client/constants.js b/lib/build/recipe/oauth2client/constants.js
diff --git a/lib/build/recipe/oauth2client/index.d.ts b/lib/build/recipe/oauth2client/index.d.ts
diff --git a/lib/build/recipe/oauth2client/index.js b/lib/build/recipe/oauth2client/index.js