feat!: Add OAuth2 recipe and introduce shouldTryLinkingWithSessionUser (

#927) * feat: add boilerplate for oauth2 recipe * feat: add a temporary solution to query hydra (until core impl) from recipe funcs * fix: fix temp solution for hydra calls * feat: Add a recipe function to create OAuth2Client (#859) * feat: Add recipe functions to update/delete OAuth2Client (#863) * feat: Add recipe functions to update/delete OAuth2Client * fix: PR changes * feat: Add recipe functions to get OAuth2Clients (#865) * feat: Add recipe functions to update/delete OAuth2Client * fix: PR changes * feat: Add recipe functions to get OAuth2Clients * fix: PR changes --------- Co-authored-by: Mihaly Lengyel <mihaly@lengyel.tech> * feat: add initial oauth2 client apis (#866) * feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * feat!: improve how we handle changing email addresses and users becoming unverified when account linking requires verification (#869) * feat: update email and pw change logic and add more security checks * feat: update error messages * refactor: improve debug logs and clarify conditions * chore: update changelog * chore: empty line from changelog * refactor: remove duplicated check and bypass mapping for already mapped errcodes * chore: update changelog * feat: call isEmailChangeAllowed in pwless updateUser (#875) * feat: call isEmailChangeAllowed in pwless updateUser * test: add updateUser to test-server * chore: remove unnecessary item from changelog * chore: extend changelog to mention exact function names * test: add logging to default overrides in test-server (#876) * fix: circular dependency * fix: fix types in oauth2 index exposed functions * feat: add token building callbacks * test: move the session object and claims to the BE sdk server (#879) * fixes issue of refresh not clearing tokens * adding dev-v18.0.2 tag to this commit to ensure building --------- Co-authored-by: Ankit Tiwari <ankucodes@gmail.com> Co-authored-by: rishabhpoddar <rishabh.poddar@gmail.com> * feat: Add OAuth2Client recipe (#877) * feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * fix: circular dependency * feat: Add OAuth2Client recipe * fix: PR changes * fix: PR changes * fix: PR changes * fix: use correct userContext type --------- Co-authored-by: Mihaly Lengyel <mihaly@lengyel.tech> * fix: Remove internal redirects in the OAuth2 flow (#896) * fix: Remove internal redirects in the OAuth2 flow * fix: PR changes * fix: Prefer exact api path match in the middleware (#892) * feat: Add userInfoGET endpoint (#890) * feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * fix: circular dependency * feat: Add OAuth2Client recipe * fix: PR changes * fix: PR changes * fix: PR changes * feat: Add userInfoGET endpoint * fix: PR changes * fix: PR changes * fix: PR changes --------- Co-authored-by: Mihaly Lengyel <mihaly@lengyel.tech> * feat: add functions to validate oauth2 tokens * feat: rename OAuth2 to OAuth2Provider * feat: expose token validation functions * test: update tests * fix: add userinfo_endpoint properly * feat: removed unnecessary props * fix: add workaround to validate access/idtokens * fix: OAuth2 fixes (#900) * feat: review fixes * feat: remove accessTokenStrategy * test: update tests * feat: OAuth2Client interface changes (#904) * feat: Add token revocation endpoint (#902) * feat: Add token revocation endpoint * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * fix: Add revocation_endpoint * feat: Add token introspection endpoint (#906) * feat: Add token revocation endpoint * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * feat: Add token introspection endpoint * fix: PR changes * fix: Add revocation_endpoint * fix: PR changes * fix: merge issue --------- Co-authored-by: Mihaly Lengyel <mihaly@lengyel.tech> * fix: make clientSecret optional (#908) * fix: revokeToken input check * feat: add shouldTryLinkingWithSessionUser flag to auth apis and make overwriteSessionDuringSignInUp deafult to true (#909) * feat: add shouldTryLinkingWithSessionUser flag * feat: add tryLinkingWithSessionUser, forceFreshAuth and small test fixes * fix: test server compatible with 1.17/2.0 (#897) * fix: test server compatible with 1.17 * fix: pr comments * fix: mfa claim * fix: version and changelog * fix: using version function for comparision * fix: circle ci scripts * fix: circle ci testing * fix: circle ci testing * fix: circle ci testing * fix: test server * fix: circle ci restore * adding dev-v20.0.1 tag to this commit to ensure building * fix: config (#905) * adding dev-v20.0.1 tag to this commit to ensure building * feat: prompt param fixing * refactors an exception case * feat: validate max_age * fix: make shouldDoAutomaticAccountLinking properly get the primary user when linking to oldest user (#907) * adding dev-v20.0.2 tag to this commit to ensure building * feat: make shouldTryLinkingWithSessionUser optional in FDI3.1 * feat: fix tryLinkingImplementation and change degault for overwriteSessionDuringSignInUp --------- Co-authored-by: Sattvik Chakravarthy <sattvik@supertokens.com> Co-authored-by: Sattvik Chakravarthy <sattvik@gmail.com> Co-authored-by: rishabhpoddar <rishabh.poddar@gmail.com> * feat: add shouldTryRefresh plus self-review and test related fixes * feat: Add APIs for rp-initiated logout (#911) * feat: Add APIs for rp-initiated logout * fix: PR changes * fix: PR changes * feat: integrate with OAuth2 core impl (#926) * WIP * WIP * feat: clean up earlier debugging changes * feat: expose new revoke functions + update tests * feat: make the frontend redirection urls overrideable * feat: update how oauth token payloads work * fix: Add changes to support unknown type in formField values (#928) * Add changes to support unknown type in formField values * Update email/password invalid type error message to be same as go/python sdk * Add tests for invalid email/password in signup API * Add tests for invalid email/password in token reset and reset API * Update some errors to indicate unreachable errors * Run build to generate build files * Add detail about breaking change regarding formField value type change to unknown * feat: make loginGET return the redirection link as a JSON response instead * ci: add option to run the CI scripts manually (#929) * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * ci: experiment with manually runnable ci with pre-set branchnames * fix: test fixing * ci: experiment with manually runnable ci with pre-set branchnames * test: make integration test server more stable * ci: update ci runner script * fix: adding hydra to circleci * ci: add missing branch mapping * fix: force script * fix: update ci config * fix: update ci config * fix: update script * fix: update script * fix: update script * fix: ory image --------- Co-authored-by: Sattvik Chakravarthy <sattvik@gmail.com> * feat: make the issuer overrideable + fix new status * fix: fix handling of CLIENT_NOT_FOUND_ERROR * feat: error consistency improvements * feat: error consistency improvements * refactor: some cleanup and error handling * fix: set the jwks cacheMaxAge in MS * test: add more debug options into ci * feat: added more debug logging * fix: fix the session loading logic in auth apis * ci: improve forceRunCI mac compatibility * ci: add missing env var to test script * feat: detect email_change_not_allowed earlier to fix tests * Revert "feat: detect email_change_not_allowed earlier to fix tests" This reverts commit 47df0a2. * feat: self-review fixes and general cleanup * feat: add emails and phoneNumbers as arrays into the id token as well * feat!: separating the OpenId recipe from the Session recipe --------- Co-authored-by: Ankit Tiwari <ankucodes@gmail.com> Co-authored-by: rishabhpoddar <rishabh.poddar@gmail.com> Co-authored-by: Sattvik Chakravarthy <sattvik@supertokens.com> Co-authored-by: Sattvik Chakravarthy <sattvik@gmail.com> Co-authored-by: Deepjyoti <deepjyoti@supertokens.com>
supertokens · Oct 3, 2024 · 561ca5a · 561ca5a
1 parent d3a7b28
commit 561ca5a
Show file tree

Hide file tree

Showing 264 changed files with 12,208 additions and 7,793 deletions.
diff --git a/.circleci/authReact.sh b/.circleci/authReact.sh
@@ -23,59 +23,94 @@ done <<< "$version"
 
 coreDriverVersion=`echo $coreDriverArray | jq ". | last"`
 coreDriverVersion=`echo $coreDriverVersion | tr -d '"'`
-coreFree=`curl -s -X GET \
-"https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=node" \
--H 'api-version: 1'`
-if [[ `echo $coreFree | jq .core` == "null" ]]
+coreFree="null"
+
+if [ -f cdi-core-map.json ]
 then
-    echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
-    exit 1
+    cat cdi-core-map.json
+    echo "coreDriverVersion: $coreDriverVersion"
+
+    coreBranchName=`cat cdi-core-map.json | jq -r '.["'$coreDriverVersion'"]'`
+    if [ "$coreBranchName" != "null" ]
+    then
+        coreFree=$coreDriverVersion
+    fi
+fi
+
+if [ "$coreFree" == "null" ]
+then
+    coreFree=`curl -s -X GET \
+    "https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=node" \
+    -H 'api-version: 1'`
+    if [[ `echo $coreFree | jq .core` == "null" ]]
+    then
+        echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
+        exit 1
+    fi
+    coreFree=$(echo $coreFree | jq .core | tr -d '"')
 fi
-coreFree=$(echo $coreFree | jq .core | tr -d '"')
 
 frontendDriverVersion=$1
 frontendDriverVersion=`echo $frontendDriverVersion | tr -d '"'`
 
-nodeVersionXY=`curl -s -X GET \
-"https://api.supertokens.io/0/frontend-driver-interface/dependency/driver/latest?password=$SUPERTOKENS_API_KEY&mode=DEV&version=$frontendDriverVersion&driverName=node&frontendName=auth-react" \
--H 'api-version: 1'`
-if [[ `echo $nodeVersionXY | jq .driver` == "null" ]]
+nodeTag="null"
+if [ -f fdi-node-map.json ]
 then
-    echo "fetching latest X.Y version for driver given frontend-driver-interface X.Y version: $frontendDriverVersion gave response: $nodeVersionXY. Please make sure all relevant drivers have been pushed."
-    exit 1
+    nodeTag=`cat fdi-node-map.json | jq '.["'$frontendDriverVersion'"]' | tr -d '"'`
 fi
-nodeVersionXY=$(echo $nodeVersionXY | jq .driver | tr -d '"')
 
-nodeInfo=`curl -s -X GET \
-"https://api.supertokens.io/0/driver/latest?password=$SUPERTOKENS_API_KEY&mode=DEV&version=$nodeVersionXY&name=node" \
--H 'api-version: 0'`
-if [[ `echo $nodeInfo | jq .tag` == "null" ]]
+if [ "$nodeTag" == "null" ]
 then
-    echo "fetching latest X.Y.Z version for driver, X.Y version: $nodeVersionXY gave response: $nodeInfo"
-    exit 1
+    nodeVersionXY=`curl -s -X GET \
+    "https://api.supertokens.io/0/frontend-driver-interface/dependency/driver/latest?password=$SUPERTOKENS_API_KEY&mode=DEV&version=$frontendDriverVersion&driverName=node&frontendName=auth-react" \
+    -H 'api-version: 1'`
+    if [[ `echo $nodeVersionXY | jq .driver` == "null" ]]
+    then
+        echo "fetching latest X.Y version for driver given frontend-driver-interface X.Y version: $frontendDriverVersion gave response: $nodeVersionXY. Please make sure all relevant drivers have been pushed."
+        exit 1
+    fi
+    nodeVersionXY=$(echo $nodeVersionXY | jq .driver | tr -d '"')
+
+    nodeInfo=`curl -s -X GET \
+    "https://api.supertokens.io/0/driver/latest?password=$SUPERTOKENS_API_KEY&mode=DEV&version=$nodeVersionXY&name=node" \
+    -H 'api-version: 0'`
+    if [[ `echo $nodeInfo | jq .tag` == "null" ]]
+    then
+        echo "fetching latest X.Y.Z version for driver, X.Y version: $nodeVersionXY gave response: $nodeInfo"
+        exit 1
+    fi
+    nodeTag=$(echo $nodeInfo | jq .tag | tr -d '"')
 fi
-nodeTag=$(echo $nodeInfo | jq .tag | tr -d '"')
 
-frontendAuthReactVersionXY=`curl -s -X GET \
-"https://api.supertokens.io/0/frontend-driver-interface/dependency/frontend/latest?password=$SUPERTOKENS_API_KEY&frontendName=auth-react&mode=DEV&version=$frontendDriverVersion&driverName=node" \
--H 'api-version: 1'`
-if [[ `echo $frontendAuthReactVersionXY | jq .frontend` == "null" ]]
+frontendAuthReactTag="null"
+if [ -f fdi-auth-react-map.json ]
 then
-    echo "fetching latest X.Y version for frontend given frontend-driver-interface X.Y version: $frontendDriverVersion, name: auth-react gave response: $frontend. Please make sure all relevant frontend libs have been pushed."
-    exit 1
+    frontendAuthReactTag=`cat fdi-auth-react-map.json | jq '.["'$frontendDriverVersion'"]' | tr -d '"'`
 fi
-frontendAuthReactVersionXY=$(echo $frontendAuthReactVersionXY | jq .frontend | tr -d '"')
 
-frontendAuthReactInfo=`curl -s -X GET \
-"https://api.supertokens.io/0/frontend/latest?password=$SUPERTOKENS_API_KEY&mode=DEV&version=$frontendAuthReactVersionXY&name=auth-react" \
--H 'api-version: 0'`
-if [[ `echo $frontendAuthReactInfo | jq .tag` == "null" ]]
+if [ "$frontendAuthReactTag" == "null" ]
 then
-    echo "fetching latest X.Y.Z version for frontend, X.Y version: $frontendAuthReactVersionXY gave response: $frontendAuthReactInfo"
-    exit 1
+    frontendAuthReactVersionXY=`curl -s -X GET \
+    "https://api.supertokens.io/0/frontend-driver-interface/dependency/frontend/latest?password=$SUPERTOKENS_API_KEY&frontendName=auth-react&mode=DEV&version=$frontendDriverVersion&driverName=node" \
+    -H 'api-version: 1'`
+    if [[ `echo $frontendAuthReactVersionXY | jq .frontend` == "null" ]]
+    then
+        echo "fetching latest X.Y version for frontend given frontend-driver-interface X.Y version: $frontendDriverVersion, name: auth-react gave response: $frontend. Please make sure all relevant frontend libs have been pushed."
+        exit 1
+    fi
+    frontendAuthReactVersionXY=$(echo $frontendAuthReactVersionXY | jq .frontend | tr -d '"')
+
+    frontendAuthReactInfo=`curl -s -X GET \
+    "https://api.supertokens.io/0/frontend/latest?password=$SUPERTOKENS_API_KEY&mode=DEV&version=$frontendAuthReactVersionXY&name=auth-react" \
+    -H 'api-version: 0'`
+    if [[ `echo $frontendAuthReactInfo | jq .tag` == "null" ]]
+    then
+        echo "fetching latest X.Y.Z version for frontend, X.Y version: $frontendAuthReactVersionXY gave response: $frontendAuthReactInfo"
+        exit 1
+    fi
+    frontendAuthReactTag=$(echo $frontendAuthReactInfo | jq .tag | tr -d '"')
+    frontendAuthReactVersion=$(echo $frontendAuthReactInfo | jq .version | tr -d '"')
 fi
-frontendAuthReactTag=$(echo $frontendAuthReactInfo | jq .tag | tr -d '"')
-frontendAuthReactVersion=$(echo $frontendAuthReactInfo | jq .version | tr -d '"')
 
 if [[ $frontendDriverVersion == '1.3' || $frontendDriverVersion == '1.8' ]]; then
     # we skip this since the tests for auth-react here are not reliable due to race conditions...

diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -7,6 +7,27 @@ orbs:
     continuation: circleci/continuation@0.1.2
     slack: circleci/slack@3.4.2
     jq: circleci/jq@2.2.0
+
+parameters:
+    force:
+        type: boolean
+        default: false
+    cdi-core-map:
+        type: string
+        default: "{}"
+    cdi-plugin-interface-map:
+        type: string
+        default: "{}"
+    fdi-node-map:
+        type: string
+        default: "{}"
+    fdi-auth-react-map:
+        type: string
+        default: "{}"
+    fdi-website-map:
+        type: string
+        default: "{}"
+
 jobs:
     publish:
         docker:
@@ -36,7 +57,7 @@ jobs:
             - run:
                   name: Generate config
                   command: |
-                      cd .circleci && ./generateConfig.sh
+                      cd .circleci && ./generateConfig.sh << pipeline.parameters.force >> '<< pipeline.parameters.cdi-core-map >>' '<< pipeline.parameters.cdi-plugin-interface-map >>' '<< pipeline.parameters.fdi-node-map >>' '<< pipeline.parameters.fdi-auth-react-map >>' '<< pipeline.parameters.fdi-website-map >>'
             - continuation/continue:
                   configuration_path: .circleci/config_continue.yml # use newly generated config to continue
 
@@ -52,12 +73,7 @@ workflows:
                           only: /v[0-9]+(\.[0-9]+)*/
                       branches:
                           ignore: /.*/
-            - setup:
-                  filters:
-                      tags:
-                          only: /dev-v[0-9]+(\.[0-9]+)*/
-                      branches:
-                          only: /test-cicd\/.*/
+            - setup
             - update-docs:
                   context:
                       - slack-notification

diff --git a/.circleci/config_continue.yml b/.circleci/config_continue.yml
@@ -4,6 +4,27 @@ orbs:
     continuation: circleci/continuation@0.1.2
     slack: circleci/slack@3.4.2
     jq: circleci/jq@2.2.0
+
+parameters:
+    force:
+        type: boolean
+        default: false
+    cdi-core-map:
+        type: string
+        default: "{}"
+    cdi-plugin-interface-map:
+        type: string
+        default: "{}"
+    fdi-node-map:
+        type: string
+        default: "{}"
+    fdi-auth-react-map:
+        type: string
+        default: "{}"
+    fdi-website-map:
+        type: string
+        default: "{}"
+
 jobs:
     test-dev-tag-as-not-passed:
         docker:
@@ -12,16 +33,16 @@ jobs:
             - run: echo "Testing branch << pipeline.git.branch >>"
             - when:
                   condition:
-                      not:
-                          matches:
-                              pattern: "^test-cicd/.*$"
-                              value: << pipeline.git.branch >>
+                      matches:
+                          pattern: "^[0-9]+\\.[0-9]+$" # X.Y branches
+                          value: << pipeline.git.branch >>
                   steps:
                       - checkout
                       - run: (cd .circleci/ && ./markDevTagAsTestNotPassed.sh)
     test-unit:
         docker:
             - image: rishabhpoddar/supertokens_node_driver_testing_node_20
+            - image: rishabhpoddar/oauth-server-cicd
         resource_class: large
         parameters:
             cdi-version:
@@ -39,6 +60,7 @@ jobs:
     test-backend-sdk-testing:
         docker:
             - image: rishabhpoddar/supertokens_node_driver_testing_node_20
+            - image: rishabhpoddar/oauth-server-cicd
         resource_class: large
         parameters:
             cdi-version:
@@ -57,6 +79,7 @@ jobs:
     test-website:
         docker:
             - image: rishabhpoddar/supertokens_website_sdk_testing
+            - image: rishabhpoddar/oauth-server-cicd
         resource_class: large
         parameters:
             fdi-version:
@@ -75,6 +98,7 @@ jobs:
     test-authreact:
         docker:
             - image: rishabhpoddar/supertokens_website_sdk_testing_node_16
+            - image: rishabhpoddar/oauth-server-cicd
         resource_class: large
         parameters:
             fdi-version:
@@ -92,6 +116,12 @@ jobs:
             - store_artifacts:
                   path: test_report/backend.log
                   destination: logs
+            - store_artifacts:
+                  path: test_report/screenshots
+                  destination: screenshots
+            - store_artifacts:
+                  path: test_report/react-logs
+                  destination: react-logs
             - slack/status
     test-success:
         docker:
@@ -100,10 +130,9 @@ jobs:
             - run: echo "Testing passed for branch << pipeline.git.branch >>"
             - when:
                   condition:
-                      not:
-                          matches:
-                              pattern: "^test-cicd/.*$"
-                              value: << pipeline.git.branch >>
+                      matches:
+                          pattern: "^[0-9]+\\.[0-9]+$" # X.Y branches
+                          value: << pipeline.git.branch >>
                   steps:
                       - checkout
                       - run: (cd .circleci/ && ./markAsSuccess.sh)

diff --git a/.circleci/configs/hydra.yml b/.circleci/configs/hydra.yml
@@ -0,0 +1,22 @@
+serve:
+    cookies:
+        same_site_mode: Lax
+
+urls:
+    self:
+        issuer: http://localhost:4444
+    consent: http://localhost:3001/auth/oauth/consent
+    login: http://localhost:3001/auth/oauth/login
+    logout: http://localhost:3001/auth/oauth/logout
+
+secrets:
+    system:
+        - youReallyNeedToChangeThis
+
+oidc:
+    subject_identifiers:
+        supported_types:
+            - pairwise
+            - public
+        pairwise:
+            salt: youReallyNeedToChangeThis
diff --git a/.circleci/doBackendSDKTests.sh b/.circleci/doBackendSDKTests.sh
@@ -8,17 +8,33 @@ fi
 coreDriverVersion=$1
 coreDriverVersion=`echo $coreDriverVersion | tr -d '"'`
 
-frontendDriverVersion=$2
+frontendDriverVersion=`echo $2 | tr -d '"'`
 
-coreFree=`curl -s -X GET \
-"https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=node" \
--H 'api-version: 1'`
-if [[ `echo $coreFree | jq .core` == "null" ]]
+coreFree="null"
+if [ -f cdi-core-map.json ]
 then
-    echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
-    exit 1
+    cat cdi-core-map.json
+    echo "coreDriverVersion: $coreDriverVersion"
+
+    coreBranchName=`cat cdi-core-map.json | jq -r '.["'$coreDriverVersion'"]'`
+    if [ "$coreBranchName" != "null" ]
+    then
+        coreFree=$coreDriverVersion
+    fi
+fi
+
+if [ "$coreFree" == "null" ]
+then
+    coreFree=`curl -s -X GET \
+    "https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=node" \
+    -H 'api-version: 1'`
+    if [[ `echo $coreFree | jq .core` == "null" ]]
+    then
+        echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
+        exit 1
+    fi
+    coreFree=$(echo $coreFree | jq .core | tr -d '"')
 fi
-coreFree=$(echo $coreFree | jq .core | tr -d '"')
 
 cd ..
 ./test/testExports.sh

diff --git a/.circleci/doUnitTests.sh b/.circleci/doUnitTests.sh
@@ -8,15 +8,31 @@ fi
 coreDriverVersion=$1
 coreDriverVersion=`echo $coreDriverVersion | tr -d '"'`
 
-coreFree=`curl -s -X GET \
-"https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=node" \
--H 'api-version: 1'`
-if [[ `echo $coreFree | jq .core` == "null" ]]
+coreFree="null"
+if [ -f cdi-core-map.json ]
 then
-    echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
-    exit 1
+    cat cdi-core-map.json
+    echo "coreDriverVersion: $coreDriverVersion"
+
+    coreBranchName=`cat cdi-core-map.json | jq -r '.["'$coreDriverVersion'"]'`
+    if [ "$coreBranchName" != "null" ]
+    then
+        coreFree=$coreDriverVersion
+    fi
+fi
+
+if [ "$coreFree" == "null" ]
+then
+    coreFree=`curl -s -X GET \
+    "https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=node" \
+    -H 'api-version: 1'`
+    if [[ `echo $coreFree | jq .core` == "null" ]]
+    then
+        echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
+        exit 1
+    fi
+    coreFree=$(echo $coreFree | jq .core | tr -d '"')
 fi
-coreFree=$(echo $coreFree | jq .core | tr -d '"')
 
 cd ..
 ./test/testExports.sh