Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Misc changes #645

Merged
merged 28 commits into from
Apr 24, 2023
Merged

fix: Misc changes #645

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
3c74882
fix: api implementations
sattvikc Apr 19, 2023
75a8ceb
Merge branch 'multi-tenant-config' into multitenant-multitenancy
sattvikc Apr 19, 2023
001c2cf
fix: after merge
sattvikc Apr 19, 2023
a767b35
fix: test fix
sattvikc Apr 19, 2023
c2e6194
fix: test fix
sattvikc Apr 19, 2023
51f7166
fix: working cud tests
sattvikc Apr 19, 2023
cd7655f
fix: db config protection
sattvikc Apr 19, 2023
edebc10
fix: add user to tenant
sattvikc Apr 19, 2023
628c7e7
fix: tests
sattvikc Apr 20, 2023
c4bc8fa
fix: pr comment
sattvikc Apr 20, 2023
f1f8883
fix: cleanup
sattvikc Apr 20, 2023
4d09a73
fix: input parsing
sattvikc Apr 20, 2023
77f609a
fix: PR comments
sattvikc Apr 20, 2023
290eba6
fix: remove DeletionInProgressException
sattvikc Apr 20, 2023
30c0d5f
fix: removeUserIdFromTenant
sattvikc Apr 20, 2023
1ffb44a
fix: protected fields
sattvikc Apr 20, 2023
7f242cb
fix: pr comment
sattvikc Apr 20, 2023
fe33560
fix: more tests and fixes
sattvikc Apr 20, 2023
ff1a7d3
fix: fixed validation
sattvikc Apr 20, 2023
f546f85
fix: remove api permission checks
sattvikc Apr 20, 2023
535822a
fix: fixed permission logic and added tests
sattvikc Apr 21, 2023
d27aa77
fix: thirdparty config tests and fixes
sattvikc Apr 21, 2023
bc033e5
fix: thirdparty config tests and fixes
sattvikc Apr 21, 2023
b66faa6
fix: tests
sattvikc Apr 21, 2023
4c06319
fix: config api
sattvikc Apr 21, 2023
96bc16f
fix: active users
sattvikc Apr 21, 2023
b06405a
fix: test only code in production
sattvikc Apr 21, 2023
dd44425
Merge branch 'multi-tenant-config' into misc-changes
sattvikc Apr 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions src/main/java/io/supertokens/utils/Utils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -337,12 +337,12 @@ public static JsonObject addLegacySigningKeyInfos(AppIdentifier appIdentifier, M
TenantOrAppNotFoundException {
if (Config.getConfig(appIdentifier.getAsPublicTenantIdentifier(), main).getAccessTokenSigningKeyDynamic()) {
result.addProperty("jwtSigningPublicKey",
new Utils.PubPriKey(SigningKeys.getInstance(main).getLatestIssuedDynamicKey().value).publicKey);
new Utils.PubPriKey(SigningKeys.getInstance(appIdentifier, main).getLatestIssuedDynamicKey().value).publicKey);
result.addProperty("jwtSigningPublicKeyExpiryTime",
SigningKeys.getInstance(main).getDynamicSigningKeyExpiryTime());
SigningKeys.getInstance(appIdentifier, main).getDynamicSigningKeyExpiryTime());

if (addKeyList) {
List<KeyInfo> keys = SigningKeys.getInstance(main).getDynamicKeys();
List<KeyInfo> keys = SigningKeys.getInstance(appIdentifier, main).getDynamicKeys();

JsonArray jwtSigningPublicKeyListJSON = new JsonArray();
for (KeyInfo keyInfo : keys) {
Expand All @@ -356,7 +356,7 @@ public static JsonObject addLegacySigningKeyInfos(AppIdentifier appIdentifier, M
result.add("jwtSigningPublicKeyList", jwtSigningPublicKeyListJSON);
}
} else {
JWTSigningKeyInfo keyInfo = SigningKeys.getInstance(main)
JWTSigningKeyInfo keyInfo = SigningKeys.getInstance(appIdentifier, main)
.getStaticKeyForAlgorithm(JWTSigningKey.SupportedAlgorithms.RS256);
result.addProperty("jwtSigningPublicKey", new Utils.PubPriKey(keyInfo.keyString).publicKey);
result.addProperty("jwtSigningPublicKeyExpiryTime", 10L * 365 * 24 * 3600 * 1000);
Expand Down
12 changes: 12 additions & 0 deletions src/main/java/io/supertokens/webserver/api/core/ConfigAPI.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@
import com.google.gson.JsonObject;
import io.supertokens.Main;
import io.supertokens.cliOptions.CLIOptions;
import io.supertokens.multitenancy.exception.BadPermissionException;
import io.supertokens.pluginInterface.multitenancy.TenantIdentifier;
import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
import io.supertokens.webserver.InputParser;
import io.supertokens.webserver.WebserverAPI;

Expand Down Expand Up @@ -49,6 +52,15 @@ protected boolean checkAPIKey(HttpServletRequest req) {
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
String pid = InputParser.getQueryParamOrThrowError(req, "pid", false);

try {
TenantIdentifier tenantIdentifier = getTenantIdentifierWithStorageFromRequest(req);
if (!tenantIdentifier.equals(new TenantIdentifier(null, null, null))) {
throw new ServletException(new BadPermissionException("you can call this only from the base connection uri domain, public app and tenant"));
}
} catch (TenantOrAppNotFoundException e) {
throw new ServletException(e);
}

if ((ProcessHandle.current().pid() + "").equals(pid)) {
String path = CLIOptions.get(main).getConfigFilePath() == null
? CLIOptions.get(main).getInstallationPath() + "config.yaml"
Expand Down
4 changes: 1 addition & 3 deletions src/main/java/io/supertokens/webserver/api/emailpassword/SignInAPI.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,9 +72,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
TenantIdentifierWithStorage tenantIdentifierWithStorage = getTenantIdentifierWithStorageFromRequest(req);
UserInfo user = EmailPassword.signIn(tenantIdentifierWithStorage, super.main, normalisedEmail, password);

ActiveUsers.updateLastActive(main, user.id); // use the internal user id

ActiveUsers.updateLastActive(main, user.id); // use the internal user id
ActiveUsers.updateLastActive(tenantIdentifierWithStorage.toAppIdentifierWithStorage(), main, user.id); // use the internal user id

// if a userIdMapping exists, pass the externalUserId to the response
UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(
Expand Down
4 changes: 1 addition & 3 deletions src/main/java/io/supertokens/webserver/api/emailpassword/SignUpAPI.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,9 +72,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
try {
UserInfo user = EmailPassword.signUp(this.getTenantIdentifierWithStorageFromRequest(req), super.main, normalisedEmail, password);

ActiveUsers.updateLastActive(main, user.id);

ActiveUsers.updateLastActive(main, user.id);
ActiveUsers.updateLastActive(this.getAppIdentifierWithStorage(req), main, user.id);

JsonObject result = new JsonObject();
result.addProperty("status", "OK");
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/io/supertokens/webserver/api/passwordless/ConsumeCodeAPI.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
deviceId, deviceIdHash,
userInputCode, linkCode);

ActiveUsers.updateLastActive(main, consumeCodeResponse.user.id);
ActiveUsers.updateLastActive(this.getAppIdentifierWithStorage(req), main, consumeCodeResponse.user.id);

UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(
this.getAppIdentifierWithStorage(req),
Expand Down
8 changes: 4 additions & 4 deletions src/main/java/io/supertokens/webserver/api/session/VerifySessionAPI.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,9 +95,9 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I

if (!super.getVersionFromRequest(req).greaterThanOrEqualTo(SemVer.v2_21)) {
result.addProperty("jwtSigningPublicKey",
new Utils.PubPriKey(SigningKeys.getInstance(main).getLatestIssuedDynamicKey().value).publicKey);
new Utils.PubPriKey(SigningKeys.getInstance(appIdentifier, main).getLatestIssuedDynamicKey().value).publicKey);
result.addProperty("jwtSigningPublicKeyExpiryTime",
SigningKeys.getInstance(main).getDynamicSigningKeyExpiryTime());
SigningKeys.getInstance(appIdentifier, main).getDynamicSigningKeyExpiryTime());

Utils.addLegacySigningKeyInfos(appIdentifier, main, result,
super.getVersionFromRequest(req).betweenInclusive(SemVer.v2_9, SemVer.v2_21));
Expand All @@ -122,9 +122,9 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I

if (!super.getVersionFromRequest(req).greaterThanOrEqualTo(SemVer.v2_21)) {
reply.addProperty("jwtSigningPublicKey", new Utils.PubPriKey(
SigningKeys.getInstance(main).getLatestIssuedDynamicKey().value).publicKey);
SigningKeys.getInstance(appIdentifier, main).getLatestIssuedDynamicKey().value).publicKey);
reply.addProperty("jwtSigningPublicKeyExpiryTime",
SigningKeys.getInstance(main).getDynamicSigningKeyExpiryTime());
SigningKeys.getInstance(appIdentifier, main).getDynamicSigningKeyExpiryTime());

Utils.addLegacySigningKeyInfos(this.getAppIdentifierWithStorage(req), main, reply,
super.getVersionFromRequest(req).betweenInclusive(SemVer.v2_9, SemVer.v2_21));
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/io/supertokens/webserver/api/thirdparty/SignInUpAPI.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
thirdPartyId,
thirdPartyUserId, email, isEmailVerified);

ActiveUsers.updateLastActive(main, response.user.id);
ActiveUsers.updateLastActive(this.getAppIdentifierWithStorage(req), main, response.user.id);

JsonObject result = new JsonObject();
result.addProperty("status", "OK");
Expand Down