fix: test fixes (#630)

* fix: test fixes

* fix: claims build

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: tests

* fix: cleanup

* fix: tests

* fix: tests

* fix: pr comments

lib/build/recipe/dashboard/utils.d.ts

@@ -1,7 +1,5 @@
 // @ts-nocheck
 import { BaseRequest, BaseResponse } from "../../framework";
-import NormalisedURLPath from "../../normalisedURLPath";
-import { HTTPMethod } from "../../types";
 import {
     EmailPasswordUser,
     PasswordlessUser,
@@ -11,8 +9,6 @@ import {
     TypeNormalisedInput,
 } from "./types";
 export declare function validateAndNormaliseUserInput(config?: TypeInput): TypeNormalisedInput;
-export declare function isApiPath(path: NormalisedURLPath, basePath: NormalisedURLPath): boolean;
-export declare function getApiIdIfMatched(path: NormalisedURLPath, method: HTTPMethod): string | undefined;
 export declare function sendUnauthorisedAccess(res: BaseResponse): void;
 export declare function isValidRecipeId(recipeId: string): recipeId is RecipeIdForUser;
 export declare function getUserForRecipeId(

lib/build/recipe/dashboard/utils.js

@@ -50,8 +50,7 @@ var __importDefault =
         return mod && mod.__esModule ? mod : { default: mod };
     };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getApiPathWithDashboardBase = exports.validateApiKey = exports.isRecipeInitialised = exports.getUserForRecipeId = exports.isValidRecipeId = exports.sendUnauthorisedAccess = exports.getApiIdIfMatched = exports.isApiPath = exports.validateAndNormaliseUserInput = void 0;
-const normalisedURLPath_1 = __importDefault(require("../../normalisedURLPath"));
+exports.getApiPathWithDashboardBase = exports.validateApiKey = exports.isRecipeInitialised = exports.getUserForRecipeId = exports.isValidRecipeId = exports.sendUnauthorisedAccess = exports.validateAndNormaliseUserInput = void 0;
 const utils_1 = require("../../utils");
 const constants_1 = require("./constants");
 const recipe_1 = __importDefault(require("../emailpassword/recipe"));
@@ -78,75 +77,6 @@ function validateAndNormaliseUserInput(config) {
     });
 }
 exports.validateAndNormaliseUserInput = validateAndNormaliseUserInput;
-function isApiPath(path, basePath) {
-    const dashboardRecipeBasePath = basePath.appendPath(new normalisedURLPath_1.default(constants_1.DASHBOARD_API));
-    if (!path.startsWith(dashboardRecipeBasePath)) {
-        return false;
-    }
-    let pathWithoutDashboardPath = path.getAsStringDangerous().split(constants_1.DASHBOARD_API)[1];
-    if (pathWithoutDashboardPath.charAt(0) === "/") {
-        pathWithoutDashboardPath = pathWithoutDashboardPath.substring(1, pathWithoutDashboardPath.length);
-    }
-    if (pathWithoutDashboardPath.split("/")[0] === "api") {
-        return true;
-    }
-    return false;
-}
-exports.isApiPath = isApiPath;
-function getApiIdIfMatched(path, method) {
-    if (path.getAsStringDangerous().endsWith(constants_1.VALIDATE_KEY_API) && method === "post") {
-        return constants_1.VALIDATE_KEY_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.SIGN_IN_API) && method === "post") {
-        return constants_1.SIGN_IN_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.SIGN_OUT_API) && method === "post") {
-        return constants_1.SIGN_OUT_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USERS_LIST_GET_API) && method === "get") {
-        return constants_1.USERS_LIST_GET_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USERS_COUNT_API) && method === "get") {
-        return constants_1.USERS_COUNT_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_API)) {
-        if (method === "get" || method === "delete" || method === "put") {
-            return constants_1.USER_API;
-        }
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_EMAIL_VERIFY_API)) {
-        if (method === "get" || method === "put") {
-            return constants_1.USER_EMAIL_VERIFY_API;
-        }
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_METADATA_API)) {
-        if (method === "get" || method === "put") {
-            return constants_1.USER_METADATA_API;
-        }
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_SESSIONS_API)) {
-        if (method === "get" || method === "post") {
-            return constants_1.USER_SESSIONS_API;
-        }
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_PASSWORD_API) && method === "put") {
-        return constants_1.USER_PASSWORD_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_EMAIL_VERIFY_TOKEN_API) && method === "post") {
-        return constants_1.USER_EMAIL_VERIFY_TOKEN_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.USER_PASSWORD_API) && method === "put") {
-        return constants_1.USER_PASSWORD_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.SEARCH_TAGS_API) && method === "get") {
-        return constants_1.SEARCH_TAGS_API;
-    }
-    if (path.getAsStringDangerous().endsWith(constants_1.DASHBOARD_ANALYTICS_API) && method === "post") {
-        return constants_1.DASHBOARD_ANALYTICS_API;
-    }
-    return undefined;
-}
-exports.getApiIdIfMatched = getApiIdIfMatched;
 function sendUnauthorisedAccess(res) {
     utils_1.sendNon200ResponseWithMessage(res, "Unauthorised access", 401);
 }

lib/build/recipe/emailpassword/index.d.ts

@@ -71,7 +71,7 @@ export default class Wrapper {
         tenantIdForPasswordPolicy?: string;
     }): Promise<
         | {
-              status: "OK" | "UNKNOWN_USER_ID_ERROR" | "EMAIL_ALREADY_EXISTS_ERROR";
+              status: "OK" | "EMAIL_ALREADY_EXISTS_ERROR" | "UNKNOWN_USER_ID_ERROR";
           }
         | {
               status: "PASSWORD_POLICY_VIOLATED_ERROR";

lib/build/recipe/passwordless/index.d.ts

@@ -98,7 +98,7 @@ export default class Wrapper {
         phoneNumber?: string | null;
         userContext?: any;
     }): Promise<{
-        status: "OK" | "UNKNOWN_USER_ID_ERROR" | "EMAIL_ALREADY_EXISTS_ERROR" | "PHONE_NUMBER_ALREADY_EXISTS_ERROR";
+        status: "OK" | "EMAIL_ALREADY_EXISTS_ERROR" | "UNKNOWN_USER_ID_ERROR" | "PHONE_NUMBER_ALREADY_EXISTS_ERROR";
     }>;
     static revokeAllCodes(
         input:

lib/build/recipe/session/sessionClass.js

@@ -281,7 +281,7 @@ class Session {
     // Any update to this function should also be reflected in the respective JWT version
     fetchAndSetClaim(claim, userContext) {
         return __awaiter(this, void 0, void 0, function* () {
-            const update = yield claim.build(this.getUserId(userContext), userContext);
+            const update = yield claim.build(this.getUserId(userContext), this.getTenantId(), userContext);
             return this.mergeIntoAccessTokenPayload(update, userContext);
         });
     }

lib/build/recipe/session/sessionRequestFunctions.js

@@ -338,7 +338,7 @@ function createNewSessionInRequest({
         const issuer = appInfo.apiDomain.getAsStringDangerous() + appInfo.apiBasePath.getAsStringDangerous();
         let finalAccessTokenPayload = Object.assign(Object.assign({}, accessTokenPayload), { iss: issuer });
         for (const claim of claimsAddedByOtherRecipes) {
-            const update = yield claim.build(userId, userContext);
+            const update = yield claim.build(userId, tenantId, userContext);
             finalAccessTokenPayload = Object.assign(Object.assign({}, finalAccessTokenPayload), update);
         }
         logger_1.logDebugMessage("createNewSession: Access token payload built");

lib/build/recipe/thirdpartyemailpassword/index.d.ts

@@ -100,7 +100,7 @@ export default class Wrapper {
         tenantIdForPasswordPolicy?: string;
     }): Promise<
         | {
-              status: "OK" | "UNKNOWN_USER_ID_ERROR" | "EMAIL_ALREADY_EXISTS_ERROR";
+              status: "OK" | "EMAIL_ALREADY_EXISTS_ERROR" | "UNKNOWN_USER_ID_ERROR";
           }
         | {
               status: "PASSWORD_POLICY_VIOLATED_ERROR";

lib/build/recipe/thirdpartypasswordless/index.d.ts

@@ -127,7 +127,7 @@ export default class Wrapper {
         phoneNumber?: string | null;
         userContext?: any;
     }): Promise<{
-        status: "OK" | "UNKNOWN_USER_ID_ERROR" | "EMAIL_ALREADY_EXISTS_ERROR" | "PHONE_NUMBER_ALREADY_EXISTS_ERROR";
+        status: "OK" | "EMAIL_ALREADY_EXISTS_ERROR" | "UNKNOWN_USER_ID_ERROR" | "PHONE_NUMBER_ALREADY_EXISTS_ERROR";
     }>;
     static revokeAllCodes(
         input:

lib/build/recipe/thirdpartypasswordless/types.d.ts

@@ -67,7 +67,7 @@ export declare type TypeInput = (
     smsDelivery?: SmsDeliveryTypeInput<TypePasswordlessSmsDeliveryInput>;
     providers?: ProviderInput[];
     flowType: "USER_INPUT_CODE" | "MAGIC_LINK" | "USER_INPUT_CODE_AND_MAGIC_LINK";
-    getCustomUserInputCode?: (userContext: any) => Promise<string> | string;
+    getCustomUserInputCode?: (tenantId: string, userContext: any) => Promise<string> | string;
     override?: {
         functions?: (
             originalImplementation: RecipeInterface,

lib/ts/recipe/dashboard/utils.ts

@@ -14,25 +14,8 @@
  */
 
 import { BaseRequest, BaseResponse } from "../../framework";
-import NormalisedURLPath from "../../normalisedURLPath";
-import { HTTPMethod } from "../../types";
 import { sendNon200ResponseWithMessage } from "../../utils";
-import {
-    DASHBOARD_API,
-    SEARCH_TAGS_API,
-    SIGN_IN_API,
-    SIGN_OUT_API,
-    USERS_COUNT_API,
-    USERS_LIST_GET_API,
-    USER_API,
-    USER_EMAIL_VERIFY_API,
-    USER_EMAIL_VERIFY_TOKEN_API,
-    USER_METADATA_API,
-    USER_PASSWORD_API,
-    USER_SESSIONS_API,
-    VALIDATE_KEY_API,
-    DASHBOARD_ANALYTICS_API,
-} from "./constants";
+import { DASHBOARD_API } from "./constants";
 import {
     APIInterface,
     EmailPasswordUser,
@@ -68,92 +51,6 @@ export function validateAndNormaliseUserInput(config?: TypeInput): TypeNormalise
     };
 }
 
-export function isApiPath(path: NormalisedURLPath, basePath: NormalisedURLPath): boolean {
-    const dashboardRecipeBasePath = basePath.appendPath(new NormalisedURLPath(DASHBOARD_API));
-    if (!path.startsWith(dashboardRecipeBasePath)) {
-        return false;
-    }
-
-    let pathWithoutDashboardPath = path.getAsStringDangerous().split(DASHBOARD_API)[1];
-
-    if (pathWithoutDashboardPath.charAt(0) === "/") {
-        pathWithoutDashboardPath = pathWithoutDashboardPath.substring(1, pathWithoutDashboardPath.length);
-    }
-
-    if (pathWithoutDashboardPath.split("/")[0] === "api") {
-        return true;
-    }
-
-    return false;
-}
-
-export function getApiIdIfMatched(path: NormalisedURLPath, method: HTTPMethod): string | undefined {
-    if (path.getAsStringDangerous().endsWith(VALIDATE_KEY_API) && method === "post") {
-        return VALIDATE_KEY_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(SIGN_IN_API) && method === "post") {
-        return SIGN_IN_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(SIGN_OUT_API) && method === "post") {
-        return SIGN_OUT_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(USERS_LIST_GET_API) && method === "get") {
-        return USERS_LIST_GET_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(USERS_COUNT_API) && method === "get") {
-        return USERS_COUNT_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_API)) {
-        if (method === "get" || method === "delete" || method === "put") {
-            return USER_API;
-        }
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_EMAIL_VERIFY_API)) {
-        if (method === "get" || method === "put") {
-            return USER_EMAIL_VERIFY_API;
-        }
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_METADATA_API)) {
-        if (method === "get" || method === "put") {
-            return USER_METADATA_API;
-        }
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_SESSIONS_API)) {
-        if (method === "get" || method === "post") {
-            return USER_SESSIONS_API;
-        }
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_PASSWORD_API) && method === "put") {
-        return USER_PASSWORD_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_EMAIL_VERIFY_TOKEN_API) && method === "post") {
-        return USER_EMAIL_VERIFY_TOKEN_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(USER_PASSWORD_API) && method === "put") {
-        return USER_PASSWORD_API;
-    }
-    if (path.getAsStringDangerous().endsWith(SEARCH_TAGS_API) && method === "get") {
-        return SEARCH_TAGS_API;
-    }
-
-    if (path.getAsStringDangerous().endsWith(DASHBOARD_ANALYTICS_API) && method === "post") {
-        return DASHBOARD_ANALYTICS_API;
-    }
-
-    return undefined;
-}
-
 export function sendUnauthorisedAccess(res: BaseResponse) {
     sendNon200ResponseWithMessage(res, "Unauthorised access", 401);
 }

lib/ts/recipe/session/sessionClass.ts

@@ -232,7 +232,7 @@ export default class Session implements SessionContainerInterface {
 
     // Any update to this function should also be reflected in the respective JWT version
     async fetchAndSetClaim<T>(claim: SessionClaim<T>, userContext?: any): Promise<void> {
-        const update = await claim.build(this.getUserId(userContext), userContext);
+        const update = await claim.build(this.getUserId(userContext), this.getTenantId(), userContext);
         return this.mergeIntoAccessTokenPayload(update, userContext);
     }
 

lib/ts/recipe/session/sessionRequestFunctions.ts

@@ -357,7 +357,7 @@ export async function createNewSessionInRequest({
     };
 
     for (const claim of claimsAddedByOtherRecipes) {
-        const update = await claim.build(userId, userContext);
+        const update = await claim.build(userId, tenantId, userContext);
         finalAccessTokenPayload = {
             ...finalAccessTokenPayload,
             ...update,

lib/ts/recipe/thirdpartypasswordless/types.ts

@@ -88,7 +88,7 @@ export type TypeInput = (
 
     // Override this to override how user input codes are generated
     // By default (=undefined) it is done in the Core
-    getCustomUserInputCode?: (userContext: any) => Promise<string> | string;
+    getCustomUserInputCode?: (tenantId: string, userContext: any) => Promise<string> | string;
     override?: {
         functions?: (
             originalImplementation: RecipeInterface,

lib/ts/recipeModule.ts

@@ -18,7 +18,6 @@ import { NormalisedAppinfo, APIHandled, HTTPMethod } from "./types";
 import NormalisedURLPath from "./normalisedURLPath";
 import { BaseRequest, BaseResponse } from "./framework";
 import { DEFAULT_TENANT_ID } from "./recipe/multitenancy/constants";
-import MultitenancyRecipe from "./recipe/multitenancy/recipe";
 
 export default abstract class RecipeModule {
     private recipeId: string;
@@ -58,6 +57,10 @@ export default abstract class RecipeModule {
             remainingPath = new NormalisedURLPath(match[2]);
         }
 
+        // Multitenancy recipe is an always initialized recipe and needs to be imported this way
+        // so that there is no circular dependency. Otherwise there would be cyclic dependency
+        // between `supertokens.ts` -> `recipeModule.ts` -> `multitenancy/recipe.ts`
+        let MultitenancyRecipe = require("./recipe/multitenancy/recipe").default;
         const mtRecipe = MultitenancyRecipe.getInstanceOrThrowError();
 
         for (let i = 0; i < apisHandled.length; i++) {