Skip to content

Commit

Permalink
ci: experiment with manually runnable ci with pre-set branchnames
Browse files Browse the repository at this point in the history
  • Loading branch information
@porcellus
porcellus committed Sep 26, 2024
1 parent 15691f3 commit a5d4f01
Show file tree
Hide file tree
Showing 5 changed files with 74 additions and 38 deletions.
4 changes: 2 additions & 2 deletions .circleci/forceRunCI.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ branch=`git rev-parse --abbrev-ref HEAD`

cdiCoreMap='{ "5.1": "feat/oauth-provider-base" }'
cdiPluginInterfaceMap='{ "5.1": "feat/oauth-provider-base" }'
fdiNodeMap='{ "3.1": "/feat/oauth2/base" }'
fdiNodeMap='{ "3.1": "feat/oauth2/base" }'
fdiWebsiteMap='{ "3.1": "master" }'
fdiAuthReactMap='{ "3.1": "/feat/oauth2/base" }'
fdiAuthReactMap='{ "3.1": "feat/oauth2/base" }'

data=`jq -cn --arg branch "$branch" \
--arg cdiCoreMap "$cdiCoreMap" \
Expand Down
47 changes: 29 additions & 18 deletions lib/build/recipe/oauth2provider/recipeImplementation.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -703,10 +703,15 @@ function getRecipeInterface(
* CASE 3: `end_session` request with a `logout_verifier` (after accepting the logout request)
* - Redirects to the `post_logout_redirect_uri` or the default logout fallback page.
*/
console.log("input", input.params);
const resp = await querier.sendGetRequest(
new normalisedURLPath_1.default(`/recipe/oauth/sessions/logout`),
input.params,
{
clientId: input.params.client_id,
idTokenHint: input.params.id_token_hint,
postLogoutRedirectUri: input.params.post_logout_redirect_uri,
state: input.params.state,
logoutVerifier: input.params.logout_verifier,
},
input.userContext
);
if ("error" in resp) {
Expand All @@ -716,9 +721,9 @@ function getRecipeInterface(
errorDescription: resp.errorDescription,
};
}
const redirectTo = getUpdatedRedirectTo(appInfo, resp.redirectTo);
const redirectToURL = new URL(redirectTo);
const logoutChallenge = redirectToURL.searchParams.get("logout_challenge");
let redirectTo = getUpdatedRedirectTo(appInfo, resp.redirectTo);
const initialRedirectToURL = new URL(redirectTo);
const logoutChallenge = initialRedirectToURL.searchParams.get("logout_challenge");
// CASE 1 (See above notes)
if (logoutChallenge !== null) {
// Redirect to the frontend to ask for logout confirmation if there is a valid or expired supertokens session
Expand All @@ -732,17 +737,18 @@ function getRecipeInterface(
};
} else {
// Accept the logout challenge immediately as there is no supertokens session
return await this.acceptLogoutRequest({
challenge: logoutChallenge,
userContext: input.userContext,
});
redirectTo = (
await this.acceptLogoutRequest({
challenge: logoutChallenge,
userContext: input.userContext,
})
).redirectTo;
}
}
// CASE 2 or 3 (See above notes)
// TODO: add test for this
// NOTE: If no post_logout_redirect_uri is provided, Hydra redirects to a fallback page.
// In this case, we redirect the user to the /auth page.
if (redirectTo.endsWith("/oauth/fallbacks/logout/callback")) {
if (redirectTo.endsWith("/fallbacks/logout/callback")) {
return {
redirectTo: await this.getFrontendRedirectionURL({
type: "post-logout-fallback",
Expand All @@ -755,21 +761,26 @@ function getRecipeInterface(
acceptLogoutRequest: async function (input) {
const resp = await querier.sendPutRequest(
new normalisedURLPath_1.default(`/recipe/oauth/auth/requests/logout/accept`),
{ challenge: input.challenge },
{},
{ logout_challenge: input.challenge },
input.userContext
);
return {
redirectTo: getUpdatedRedirectTo(appInfo, resp.redirectTo)
// NOTE: This renaming only applies to this endpoint, hence not part of the generic "getUpdatedRedirectTo" function.
.replace("/sessions/logout", "/end_session"),
};
const redirectTo = getUpdatedRedirectTo(appInfo, resp.redirectTo);
if (redirectTo.endsWith("/fallbacks/logout/callback")) {
return {
redirectTo: await this.getFrontendRedirectionURL({
type: "post-logout-fallback",
userContext: input.userContext,
}),
};
}
return { redirectTo };
},
rejectLogoutRequest: async function (input) {
const resp = await querier.sendPutRequest(
new normalisedURLPath_1.default(`/recipe/oauth/auth/requests/logout/reject`),
{},
{ logout_challenge: input.challenge },
{ challenge: input.challenge },
input.userContext
);
if (resp.status != "OK") {
Expand Down
5 changes: 5 additions & 0 deletions lib/build/supertokens.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

49 changes: 31 additions & 18 deletions lib/ts/recipe/oauth2provider/recipeImplementation.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -708,10 +708,15 @@ export default function getRecipeInterface(
* - Redirects to the `post_logout_redirect_uri` or the default logout fallback page.
*/

console.log("input", input.params);
const resp = await querier.sendGetRequest(
new NormalisedURLPath(`/recipe/oauth/sessions/logout`),
input.params,
{
clientId: input.params.client_id,
idTokenHint: input.params.id_token_hint,
postLogoutRedirectUri: input.params.post_logout_redirect_uri,
state: input.params.state,
logoutVerifier: input.params.logout_verifier,
},
input.userContext
);

Expand All @@ -722,10 +727,10 @@ export default function getRecipeInterface(
errorDescription: resp.errorDescription,
};
}
const redirectTo = getUpdatedRedirectTo(appInfo, resp.redirectTo);
let redirectTo = getUpdatedRedirectTo(appInfo, resp.redirectTo);

const redirectToURL = new URL(redirectTo);
const logoutChallenge = redirectToURL.searchParams.get("logout_challenge");
const initialRedirectToURL = new URL(redirectTo);
const logoutChallenge = initialRedirectToURL.searchParams.get("logout_challenge");

// CASE 1 (See above notes)
if (logoutChallenge !== null) {
Expand All @@ -740,19 +745,20 @@ export default function getRecipeInterface(
};
} else {
// Accept the logout challenge immediately as there is no supertokens session
return await this.acceptLogoutRequest({
challenge: logoutChallenge,
userContext: input.userContext,
});
redirectTo = (
await this.acceptLogoutRequest({
challenge: logoutChallenge,
userContext: input.userContext,
})
).redirectTo;
}
}

// CASE 2 or 3 (See above notes)

// TODO: add test for this
// NOTE: If no post_logout_redirect_uri is provided, Hydra redirects to a fallback page.
// In this case, we redirect the user to the /auth page.
if (redirectTo.endsWith("/oauth/fallbacks/logout/callback")) {
if (redirectTo.endsWith("/fallbacks/logout/callback")) {
return {
redirectTo: await this.getFrontendRedirectionURL({
type: "post-logout-fallback",
Expand All @@ -766,22 +772,29 @@ export default function getRecipeInterface(
acceptLogoutRequest: async function (this: RecipeInterface, input) {
const resp = await querier.sendPutRequest(
new NormalisedURLPath(`/recipe/oauth/auth/requests/logout/accept`),
{ challenge: input.challenge },
{},
{ logout_challenge: input.challenge },
input.userContext
);

return {
redirectTo: getUpdatedRedirectTo(appInfo, resp.redirectTo)
// NOTE: This renaming only applies to this endpoint, hence not part of the generic "getUpdatedRedirectTo" function.
.replace("/sessions/logout", "/end_session"),
};
const redirectTo = getUpdatedRedirectTo(appInfo, resp.redirectTo);

if (redirectTo.endsWith("/fallbacks/logout/callback")) {
return {
redirectTo: await this.getFrontendRedirectionURL({
type: "post-logout-fallback",
userContext: input.userContext,
}),
};
}

return { redirectTo };
},
rejectLogoutRequest: async function (this: RecipeInterface, input) {
const resp = await querier.sendPutRequest(
new NormalisedURLPath(`/recipe/oauth/auth/requests/logout/reject`),
{},
{ logout_challenge: input.challenge },
{ challenge: input.challenge },
input.userContext
);

Expand Down
7 changes: 7 additions & 0 deletions lib/ts/supertokens.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,13 @@ export default class SuperTokens {
if (!isTestEnv()) {
throw new Error("calling testing function in non testing env");
}

// We call reset the OAuth2Provider recipe because it is auto-initialized
// and there is no case where we want to reset the SuperTokens instance but not
// the recipes.
let OAuth2ProviderRecipe = require("./recipe/oauth2provider/recipe").default;
OAuth2ProviderRecipe.reset();

Querier.reset();
SuperTokens.instance = undefined;
}
Expand Down

0 comments on commit a5d4f01

Please sign in to comment.