Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Add tenant id to origin if it is a function #730

Closed
wants to merge 3 commits into from
Closed
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Add tenant id to origin function
nkshah2 committed Oct 25, 2023
commit bd4cc447418a1993bbc9af3d936086ffdc89f720
1 change: 1 addition & 0 deletions lib/build/recipe/dashboard/api/analytics.js
Original file line number Diff line number Diff line change
@@ -65,6 +65,7 @@ async function analyticsPost(_, ___, options, __) {
websiteDomain: websiteDomain({
request: undefined,
userContext: {},
tenantId: undefined,
}).getAsStringDangerous(),
apiDomain: apiDomain.getAsStringDangerous(),
appName,
1 change: 1 addition & 0 deletions lib/build/recipe/emailpassword/utils.js
Original file line number Diff line number Diff line change
@@ -217,6 +217,7 @@ function getPasswordResetLink(input) {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.appInfo.websiteBasePath.getAsStringDangerous() +
1 change: 1 addition & 0 deletions lib/build/recipe/emailverification/utils.js
Original file line number Diff line number Diff line change
@@ -69,6 +69,7 @@ function getEmailVerifyLink(input) {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.appInfo.websiteBasePath.getAsStringDangerous() +
2 changes: 2 additions & 0 deletions lib/build/recipe/passwordless/api/implementation.js
Original file line number Diff line number Diff line change
@@ -228,6 +228,7 @@ function getAPIImplementation() {
.getOrigin({
request: input.options.req,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.options.appInfo.websiteBasePath.getAsStringDangerous() +
@@ -363,6 +364,7 @@ function getAPIImplementation() {
.getOrigin({
request: input.options.req,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.options.appInfo.websiteBasePath.getAsStringDangerous() +
1 change: 1 addition & 0 deletions lib/build/recipe/passwordless/recipe.js
Original file line number Diff line number Diff line change
@@ -133,6 +133,7 @@ class Recipe extends recipeModule_1.default {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
appInfo.websiteBasePath.getAsStringDangerous() +
4 changes: 3 additions & 1 deletion lib/build/recipe/session/utils.js
Original file line number Diff line number Diff line change
@@ -109,6 +109,7 @@ function validateAndNormaliseUserInput(recipeInstance, appInfo, config) {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous()
);
@@ -139,10 +140,11 @@ function validateAndNormaliseUserInput(recipeInstance, appInfo, config) {
throw new Error("antiCsrf config must be one of 'NONE' or 'VIA_CUSTOM_HEADER' or 'VIA_TOKEN'");
}
}
let antiCsrf = ({ request, userContext }) => {
let antiCsrf = ({ request, userContext, tenantId }) => {
const sameSite = cookieSameSite({
request,
userContext,
tenantId,
});
if (sameSite === "none") {
return "VIA_CUSTOM_HEADER";
6 changes: 5 additions & 1 deletion lib/build/types.d.ts

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions lib/ts/recipe/dashboard/api/analytics.ts
Original file line number Diff line number Diff line change
@@ -76,6 +76,7 @@ export default async function analyticsPost(
websiteDomain: websiteDomain({
request: undefined,
userContext: {},
tenantId: undefined,
}).getAsStringDangerous(),
apiDomain: apiDomain.getAsStringDangerous(),
appName,
1 change: 1 addition & 0 deletions lib/ts/recipe/emailpassword/utils.ts
Original file line number Diff line number Diff line change
@@ -262,6 +262,7 @@ export function getPasswordResetLink(input: {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.appInfo.websiteBasePath.getAsStringDangerous() +
1 change: 1 addition & 0 deletions lib/ts/recipe/emailverification/utils.ts
Original file line number Diff line number Diff line change
@@ -77,6 +77,7 @@ export function getEmailVerifyLink(input: {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.appInfo.websiteBasePath.getAsStringDangerous() +
2 changes: 2 additions & 0 deletions lib/ts/recipe/passwordless/api/implementation.ts
Original file line number Diff line number Diff line change
@@ -245,6 +245,7 @@ export default function getAPIImplementation(): APIInterface {
.getOrigin({
request: input.options.req,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.options.appInfo.websiteBasePath.getAsStringDangerous() +
@@ -389,6 +390,7 @@ export default function getAPIImplementation(): APIInterface {
.getOrigin({
request: input.options.req,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
input.options.appInfo.websiteBasePath.getAsStringDangerous() +
1 change: 1 addition & 0 deletions lib/ts/recipe/passwordless/recipe.ts
Original file line number Diff line number Diff line change
@@ -249,6 +249,7 @@ export default class Recipe extends RecipeModule {
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous() +
appInfo.websiteBasePath.getAsStringDangerous() +
18 changes: 13 additions & 5 deletions lib/ts/recipe/session/utils.ts
Original file line number Diff line number Diff line change
@@ -141,12 +141,18 @@ export function validateAndNormaliseUserInput(
let cookieSameSite: (input: {
request: BaseRequest | undefined;
userContext: any;
}) => "strict" | "lax" | "none" = (input: { request: BaseRequest | undefined; userContext: any }) => {
tenantId: string | undefined;
}) => "strict" | "lax" | "none" = (input: {
request: BaseRequest | undefined;
userContext: any;
tenantId: string | undefined;
}) => {
let protocolOfWebsiteDomain = getURLProtocol(
appInfo
.getOrigin({
request: input.request,
userContext: input.userContext,
tenantId: input.tenantId,
})
.getAsStringDangerous()
);
@@ -186,13 +192,15 @@ export function validateAndNormaliseUserInput(
| "VIA_TOKEN"
| "VIA_CUSTOM_HEADER"
| "NONE"
| ((input: { request: BaseRequest | undefined; userContext: any }) => "VIA_CUSTOM_HEADER" | "NONE") = ({
request,
userContext,
}) => {
| ((input: {
request: BaseRequest | undefined;
userContext: any;
tenantId: string | undefined;
}) => "VIA_CUSTOM_HEADER" | "NONE") = ({ request, userContext, tenantId }) => {
const sameSite = cookieSameSite({
request,
userContext,
tenantId,
});

if (sameSite === "none") {
6 changes: 5 additions & 1 deletion lib/ts/types.ts
Original file line number Diff line number Diff line change
@@ -32,7 +32,11 @@ export type AppInfo = {

export type NormalisedAppinfo = {
appName: string;
getOrigin: (input: { request: BaseRequest | undefined; userContext: any }) => NormalisedURLDomain;
getOrigin: (input: {
request: BaseRequest | undefined;
userContext: any;
tenantId: string | undefined;
}) => NormalisedURLDomain;
apiDomain: NormalisedURLDomain;
topLevelAPIDomain: string;
getTopLevelWebsiteDomain: (input: { request: BaseRequest | undefined; userContext: any }) => string;