feat(nextjs,clerk-sdk-node,remix): Add claims attribute to req.auth

clerk · May 4, 2022 · c695529 · c695529
1 parent 7d74384
commit c695529
Show file tree

Hide file tree

Showing 13 changed files with 29 additions and 36 deletions.
diff --git a/packages/backend-core/src/util/createGetToken.ts b/packages/backend-core/src/util/createGetToken.ts
@@ -45,5 +45,6 @@ export const createSignedOutState = () => {
     userId: null,
     user: null,
     getToken: signedOutGetToken,
+    claims: null,
   };
 };
diff --git a/packages/edge/src/vercel-edge/index.ts b/packages/edge/src/vercel-edge/index.ts
@@ -122,7 +122,14 @@ export function withEdgeMiddlewareAuth(
       fetcher: (...args) => ClerkAPI.sessions.getToken(...args),
     });
 
-    const authRequest = injectAuthIntoRequest(req, { user, session, sessionId, userId, getToken });
+    const authRequest = injectAuthIntoRequest(req, {
+      user,
+      session,
+      sessionId,
+      userId,
+      getToken,
+      claims: sessionClaims as Record<string, unknown>,
+    });
     return handler(authRequest, event);
   };
 }
diff --git a/packages/edge/src/vercel-edge/types.ts b/packages/edge/src/vercel-edge/types.ts
@@ -1,6 +1,6 @@
 import type { Session, User } from '@clerk/backend-core';
-import type { NextFetchEvent, NextRequest, NextResponse } from 'next/server';
 import { ServerGetToken } from '@clerk/types';
+import type { NextFetchEvent, NextRequest, NextResponse } from 'next/server';
 
 export type WithEdgeMiddlewareAuthOptions = {
   loadUser?: boolean;
@@ -37,6 +37,7 @@ export type EdgeMiddlewareAuth = {
   sessionId: string | null;
   userId: string | null;
   getToken: ServerGetToken;
+  claims: Record<string, unknown> | null;
 };
 
 export type AuthData = {
@@ -45,4 +46,5 @@ export type AuthData = {
   userId: string | null;
   user: User | undefined | null;
   getToken: ServerGetToken;
+  claims: Record<string, unknown> | null;
 };
diff --git a/packages/edge/src/vercel-edge/utils/getAuthData.ts b/packages/edge/src/vercel-edge/utils/getAuthData.ts
diff --git a/packages/edge/src/vercel-edge/utils/injectAuthIntoRequest.ts b/packages/edge/src/vercel-edge/utils/injectAuthIntoRequest.ts
@@ -3,11 +3,12 @@ import { NextRequest } from 'next/server';
 import { AuthData, RequestWithAuth } from '../types';
 
 export function injectAuthIntoRequest(req: NextRequest, authData: AuthData): RequestWithAuth {
-  const { user, session, userId, sessionId, getToken } = authData;
+  const { user, session, userId, sessionId, getToken, claims } = authData;
   const auth = {
     userId,
     sessionId,
     getToken,
+    claims,
   };
 
   /* Object.assign is used here as NextRequest properties also include Symbols */

diff --git a/packages/gatsby-plugin-clerk/src/ssr/utils.ts b/packages/gatsby-plugin-clerk/src/ssr/utils.ts
@@ -9,6 +9,8 @@ import { GetServerDataPropsWithAuth } from './types';
  */
 export function injectAuthIntoContext(context: GetServerDataProps, authData: AuthData): GetServerDataPropsWithAuth {
   const { user, session, ...auth } = authData || {};
+  // FIXME: Add auth.claims addition
+  // @ts-ignore
   return { ...context, auth, user, session };
 }
 

diff --git a/packages/nextjs/src/middleware/types.ts b/packages/nextjs/src/middleware/types.ts
@@ -24,6 +24,7 @@ export type AuthData = {
   userId: string | null;
   user: User | undefined | null;
   getToken: (...args: any) => Promise<string | null>;
+  claims: Record<string, unknown> | null;
 };
 
 export type ContextWithAuth<Options extends WithServerSideAuthOptions = any> = GetServerSidePropsContext & {

diff --git a/packages/nextjs/src/middleware/utils/getAuthData.ts b/packages/nextjs/src/middleware/utils/getAuthData.ts
@@ -59,7 +59,7 @@ export async function getAuthData(
       loadSession ? sessions.getSession(sessionId) : Promise.resolve(undefined),
     ]);
 
-    return { sessionId, userId, user, session, getToken };
+    return { sessionId, userId, user, session, getToken, claims: sessionClaims };
   } catch (err) {
     return createSignedOutState();
   }

diff --git a/packages/nextjs/src/middleware/utils/injectAuthIntoRequest.ts b/packages/nextjs/src/middleware/utils/injectAuthIntoRequest.ts
@@ -7,8 +7,8 @@ import { AuthData, ContextWithAuth } from '../types';
  * @internal
  */
 export function injectAuthIntoRequest(ctx: GetServerSidePropsContext, authData: AuthData): ContextWithAuth {
-  const { user, session, userId, sessionId, getToken } = authData;
-  (ctx.req as any).auth = { userId, sessionId, getToken };
+  const { user, session, userId, sessionId, getToken, claims } = authData;
+  (ctx.req as any).auth = { userId, sessionId, getToken, claims };
   (ctx.req as any).user = user;
   (ctx.req as any).session = session;
   return ctx as ContextWithAuth;

diff --git a/packages/remix/src/ssr/getAuthData.ts b/packages/remix/src/ssr/getAuthData.ts
@@ -11,6 +11,7 @@ export type AuthData = {
   userId: string | null;
   user: User | undefined | null;
   getToken: ServerGetToken;
+  claims: Record<string, unknown> | null;
 };
 
 /**
@@ -64,7 +65,7 @@ export async function getAuthData(
       fetcher: (...args) => sessions.getToken(...args),
     });
 
-    return { authData: { sessionId, userId, user, session, getToken } };
+    return { authData: { sessionId, userId, user, session, getToken, claims: sessionClaims } };
   } catch (e) {
     return { authData: createSignedOutState() };
   }

diff --git a/packages/sdk-node/src/Clerk.ts b/packages/sdk-node/src/Clerk.ts
@@ -43,6 +43,7 @@ export type WithAuthProp<T> = T & {
     sessionId: string | null;
     userId: string | null;
     getToken: ServerGetToken;
+    claims: Record<string, unknown> | null;
   };
 };
 
@@ -51,6 +52,7 @@ export type RequireAuthProp<T> = T & {
     sessionId: string;
     userId: string;
     getToken: ServerGetToken;
+    claims: Record<string, unknown>;
   };
 };
 
@@ -290,6 +292,7 @@ export default class Clerk extends ClerkBackendAPI {
               sessionId: sessionClaims?.sid,
               fetcher: (...args) => this.sessions.getToken(...args),
             }),
+            claims: sessionClaims,
           };
 
           return next();
@@ -305,6 +308,7 @@ export default class Clerk extends ClerkBackendAPI {
           userId: null,
           sessionId: null,
           getToken: createSignedOutState().getToken,
+          claims: null,
         };
 
         // Call onError if provided

diff --git a/packages/sdk-node/src/__tests__/middleware.test.ts b/packages/sdk-node/src/__tests__/middleware.test.ts
@@ -32,12 +32,14 @@ const mockAuthProp = {
   getToken: mockGetToken,
   userId: 'user_id',
   sessionId: 'session_id',
+  claims: mockGetAuthStateClaims,
 };
 
 const mockAuthSignedOutProp = {
   getToken: mockGetToken,
   userId: null,
   sessionId: null,
+  claims: null,
 };
 
 const mockToken = jwt.sign(mockGetAuthStateClaims, 'mock-secret');

diff --git a/packages/types/src/ssr.ts b/packages/types/src/ssr.ts
@@ -9,6 +9,7 @@ export type ServerSideAuth = {
   sessionId: string | null;
   userId: string | null;
   getToken: ServerGetToken;
+  claims: Record<string, unknown> | null;
 };
 
 type SsrSessionState<SessionType> =