diff --git a/lib/build/recipe/dashboard/api/analytics.js b/lib/build/recipe/dashboard/api/analytics.js index 4186fb391..d7a770dc1 100644 --- a/lib/build/recipe/dashboard/api/analytics.js +++ b/lib/build/recipe/dashboard/api/analytics.js @@ -63,7 +63,7 @@ async function analyticsPost(_, ___, options, __) { const { apiDomain, websiteDomain, appName } = options.appInfo; const data = { websiteDomain: websiteDomain({ - originalRequest: undefined, + request: undefined, userContext: {}, }).getAsStringDangerous(), apiDomain: apiDomain.getAsStringDangerous(), diff --git a/lib/build/recipe/emailpassword/utils.js b/lib/build/recipe/emailpassword/utils.js index 0e3d60cc5..830ae2ef9 100644 --- a/lib/build/recipe/emailpassword/utils.js +++ b/lib/build/recipe/emailpassword/utils.js @@ -216,7 +216,7 @@ function getPasswordResetLink(input) { return ( input.appInfo .websiteDomain({ - originalRequest: __1.getRequestFromUserContext(input.userContext), + request: __1.getRequestFromUserContext(input.userContext), userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/build/recipe/emailverification/utils.js b/lib/build/recipe/emailverification/utils.js index 7c81f3d63..82c1e1fb4 100644 --- a/lib/build/recipe/emailverification/utils.js +++ b/lib/build/recipe/emailverification/utils.js @@ -68,7 +68,7 @@ function getEmailVerifyLink(input) { return ( input.appInfo .websiteDomain({ - originalRequest: __1.getRequestFromUserContext(input.userContext), + request: __1.getRequestFromUserContext(input.userContext), userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/build/recipe/passwordless/api/implementation.js b/lib/build/recipe/passwordless/api/implementation.js index 76f1cb9de..e0755d3b3 100644 --- a/lib/build/recipe/passwordless/api/implementation.js +++ b/lib/build/recipe/passwordless/api/implementation.js @@ -226,7 +226,7 @@ function getAPIImplementation() { magicLink = input.options.appInfo .websiteDomain({ - originalRequest: input.options.req, + request: input.options.req, userContext: input.userContext, }) .getAsStringDangerous() + @@ -361,7 +361,7 @@ function getAPIImplementation() { magicLink = input.options.appInfo .websiteDomain({ - originalRequest: input.options.req, + request: input.options.req, userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/build/recipe/passwordless/recipe.js b/lib/build/recipe/passwordless/recipe.js index 7b861f1d2..79d52c1f3 100644 --- a/lib/build/recipe/passwordless/recipe.js +++ b/lib/build/recipe/passwordless/recipe.js @@ -132,7 +132,7 @@ class Recipe extends recipeModule_1.default { let magicLink = appInfo .websiteDomain({ - originalRequest: __1.getRequestFromUserContext(input.userContext), + request: __1.getRequestFromUserContext(input.userContext), userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/build/recipe/session/types.d.ts b/lib/build/recipe/session/types.d.ts index 2c3f78948..d59f14c69 100644 --- a/lib/build/recipe/session/types.d.ts +++ b/lib/build/recipe/session/types.d.ts @@ -90,6 +90,15 @@ export declare type TypeNormalisedInput = { cookieSecure: boolean; sessionExpiredStatusCode: number; errorHandlers: NormalisedErrorHandlers; + /** + * This is intentionally kept as a string and not a function because even though the default value of this + * is dependent on the api domain and website domain (which is a function), it is never set to VIA_TOKEN by + * default. + * + * If it was there would be a problem of disableAntiCsrf not being honored correctly when the user calls create + * new session. But because we wither set to VIA_CUSTOM_HEADER or NONE we can leave this as a string and the + * create ne session functions always call the core with the correct value of enableAntiCsrf + */ antiCsrf: "VIA_TOKEN" | "VIA_CUSTOM_HEADER" | "NONE"; getTokenTransferMethod: (input: { req: BaseRequest; diff --git a/lib/build/recipe/session/utils.js b/lib/build/recipe/session/utils.js index 40f0b7c32..cece4d4b9 100644 --- a/lib/build/recipe/session/utils.js +++ b/lib/build/recipe/session/utils.js @@ -106,7 +106,7 @@ function validateAndNormaliseUserInput(recipeInstance, appInfo, config) { let protocolOfWebsiteDomain = getURLProtocol( appInfo .websiteDomain({ - originalRequest: undefined, + request: undefined, userContext: {}, }) .getAsStringDangerous() diff --git a/lib/build/types.d.ts b/lib/build/types.d.ts index 378162d04..850261ae9 100644 --- a/lib/build/types.d.ts +++ b/lib/build/types.d.ts @@ -7,7 +7,7 @@ import { RecipeLevelUser } from "./recipe/accountlinking/types"; import { BaseRequest } from "./framework"; export declare type AppInfo = { appName: string; - websiteDomain: string | ((input: { originalRequest: BaseRequest | undefined; userContext: any }) => string); + websiteDomain: string | ((input: { request: BaseRequest | undefined; userContext: any }) => string); websiteBasePath?: string; apiDomain: string; apiBasePath?: string; @@ -15,7 +15,7 @@ export declare type AppInfo = { }; export declare type NormalisedAppinfo = { appName: string; - websiteDomain: (input: { originalRequest: BaseRequest | undefined; userContext: any }) => NormalisedURLDomain; + websiteDomain: (input: { request: BaseRequest | undefined; userContext: any }) => NormalisedURLDomain; apiDomain: NormalisedURLDomain; topLevelAPIDomain: string; topLevelWebsiteDomain: () => string; diff --git a/lib/build/utils.js b/lib/build/utils.js index 48de8dedb..fd036867f 100644 --- a/lib/build/utils.js +++ b/lib/build/utils.js @@ -108,7 +108,7 @@ function normaliseInputAppInfoOrThrowError(appInfo) { const topLevelWebsiteDomain = () => { return getTopLevelDomainForSameSiteResolution( websiteDomainFunction({ - originalRequest: undefined, + request: undefined, userContext: {}, }).getAsStringDangerous() ); diff --git a/lib/ts/recipe/dashboard/api/analytics.ts b/lib/ts/recipe/dashboard/api/analytics.ts index f86f01ece..7f6e35d19 100644 --- a/lib/ts/recipe/dashboard/api/analytics.ts +++ b/lib/ts/recipe/dashboard/api/analytics.ts @@ -74,7 +74,7 @@ export default async function analyticsPost( const { apiDomain, websiteDomain, appName } = options.appInfo; const data = { websiteDomain: websiteDomain({ - originalRequest: undefined, + request: undefined, userContext: {}, }).getAsStringDangerous(), apiDomain: apiDomain.getAsStringDangerous(), diff --git a/lib/ts/recipe/emailpassword/utils.ts b/lib/ts/recipe/emailpassword/utils.ts index c88e4ea06..233885793 100644 --- a/lib/ts/recipe/emailpassword/utils.ts +++ b/lib/ts/recipe/emailpassword/utils.ts @@ -259,7 +259,7 @@ export function getPasswordResetLink(input: { return ( input.appInfo .websiteDomain({ - originalRequest: getRequestFromUserContext(input.userContext), + request: getRequestFromUserContext(input.userContext), userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/ts/recipe/emailverification/utils.ts b/lib/ts/recipe/emailverification/utils.ts index 003eb05c7..8851cd5d1 100644 --- a/lib/ts/recipe/emailverification/utils.ts +++ b/lib/ts/recipe/emailverification/utils.ts @@ -74,7 +74,7 @@ export function getEmailVerifyLink(input: { return ( input.appInfo .websiteDomain({ - originalRequest: getRequestFromUserContext(input.userContext), + request: getRequestFromUserContext(input.userContext), userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/ts/recipe/passwordless/api/implementation.ts b/lib/ts/recipe/passwordless/api/implementation.ts index d21121f12..4d416092f 100644 --- a/lib/ts/recipe/passwordless/api/implementation.ts +++ b/lib/ts/recipe/passwordless/api/implementation.ts @@ -243,7 +243,7 @@ export default function getAPIImplementation(): APIInterface { magicLink = input.options.appInfo .websiteDomain({ - originalRequest: input.options.req, + request: input.options.req, userContext: input.userContext, }) .getAsStringDangerous() + @@ -387,7 +387,7 @@ export default function getAPIImplementation(): APIInterface { magicLink = input.options.appInfo .websiteDomain({ - originalRequest: input.options.req, + request: input.options.req, userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/ts/recipe/passwordless/recipe.ts b/lib/ts/recipe/passwordless/recipe.ts index 849265574..91b142e83 100644 --- a/lib/ts/recipe/passwordless/recipe.ts +++ b/lib/ts/recipe/passwordless/recipe.ts @@ -246,7 +246,7 @@ export default class Recipe extends RecipeModule { let magicLink = appInfo .websiteDomain({ - originalRequest: getRequestFromUserContext(input.userContext), + request: getRequestFromUserContext(input.userContext), userContext: input.userContext, }) .getAsStringDangerous() + diff --git a/lib/ts/recipe/session/types.ts b/lib/ts/recipe/session/types.ts index 91c992279..fe8a60cd8 100644 --- a/lib/ts/recipe/session/types.ts +++ b/lib/ts/recipe/session/types.ts @@ -115,6 +115,15 @@ export type TypeNormalisedInput = { cookieSecure: boolean; sessionExpiredStatusCode: number; errorHandlers: NormalisedErrorHandlers; + /** + * This is intentionally kept as a string and not a function because even though the default value of this + * is dependent on the api domain and website domain (which is a function), it is never set to VIA_TOKEN by + * default. + * + * If it was there would be a problem of disableAntiCsrf not being honored correctly when the user calls create + * new session. But because we wither set to VIA_CUSTOM_HEADER or NONE we can leave this as a string and the + * create ne session functions always call the core with the correct value of enableAntiCsrf + */ antiCsrf: "VIA_TOKEN" | "VIA_CUSTOM_HEADER" | "NONE"; getTokenTransferMethod: (input: { diff --git a/lib/ts/recipe/session/utils.ts b/lib/ts/recipe/session/utils.ts index 5a496a6c1..4356a0f2b 100644 --- a/lib/ts/recipe/session/utils.ts +++ b/lib/ts/recipe/session/utils.ts @@ -140,7 +140,7 @@ export function validateAndNormaliseUserInput( let protocolOfWebsiteDomain = getURLProtocol( appInfo .websiteDomain({ - originalRequest: undefined, + request: undefined, userContext: {}, }) .getAsStringDangerous() diff --git a/lib/ts/types.ts b/lib/ts/types.ts index 0fe57998a..fc1dbdfc2 100644 --- a/lib/ts/types.ts +++ b/lib/ts/types.ts @@ -22,7 +22,7 @@ import { BaseRequest } from "./framework"; export type AppInfo = { appName: string; - websiteDomain: string | ((input: { originalRequest: BaseRequest | undefined; userContext: any }) => string); + websiteDomain: string | ((input: { request: BaseRequest | undefined; userContext: any }) => string); websiteBasePath?: string; apiDomain: string; apiBasePath?: string; @@ -31,7 +31,7 @@ export type AppInfo = { export type NormalisedAppinfo = { appName: string; - websiteDomain: (input: { originalRequest: BaseRequest | undefined; userContext: any }) => NormalisedURLDomain; + websiteDomain: (input: { request: BaseRequest | undefined; userContext: any }) => NormalisedURLDomain; apiDomain: NormalisedURLDomain; topLevelAPIDomain: string; topLevelWebsiteDomain: () => string; diff --git a/lib/ts/utils.ts b/lib/ts/utils.ts index ba4d47c97..b453beaa3 100644 --- a/lib/ts/utils.ts +++ b/lib/ts/utils.ts @@ -59,7 +59,7 @@ export function normaliseInputAppInfoOrThrowError(appInfo: AppInfo): NormalisedA ? new NormalisedURLPath(appInfo.apiGatewayPath) : new NormalisedURLPath(""); - let websiteDomainFunction = (input: { originalRequest: BaseRequest | undefined; userContext: any }) => { + let websiteDomainFunction = (input: { request: BaseRequest | undefined; userContext: any }) => { let domain = appInfo.websiteDomain; if (typeof domain === "function") { domain = domain(input); @@ -72,7 +72,7 @@ export function normaliseInputAppInfoOrThrowError(appInfo: AppInfo): NormalisedA const topLevelWebsiteDomain = () => { return getTopLevelDomainForSameSiteResolution( websiteDomainFunction({ - originalRequest: undefined, + request: undefined, userContext: {}, }).getAsStringDangerous() );