bug: Path overwriting tenant name

[shawnmclean]

Description

In the DAE extension, if a tenant name begins with the name of a path in the extension such as /login and login-mytenant, the extension will break.

Reproduction

1. Use a shared domain. Such as us.webtask.run instead of {tenant-name}.webtask.run.
2. Use a tenant name that begins with the path of an extension. Such as login-test.
3. Run the extension in the shared domain. (ie . https://us.webtask.run/api/run/loginshawn/auth0-delegated-admin)
4. Url will be overwritten with https://us.webtask.run/api/runshawn/auth0-delegated-admin

Questions

1. The getBaseUrl(req, protocol) and getBasePath(originalUrl, path) will remove the pathname out of the url. Why do we need to do this?
   Assumption: We only want to remove the path from the end of the url? I assume this because the regex uses a $ to remove the last trailing slash.

2. What can go wrong if I modify this code to only remove the path at the end of the original url?
   Assumption: That assumption 1 is right and we do not have pathnames elsewhere in the url to remove.

Changes

1. For the /login paths in this route, we will aim to replace these paths at the end of the url. This will prevent any /login* path elsewhere to be removed, such as a tenant name begining with login.
2. Update CI script to do CD

References

https://auth0team.atlassian.net/browse/ESD-11958

[shawnmclean]

Next steps:

Include this change in the DAE extension and manually test in developer mode.

[shawnmclean]

By pairing with @faroceann, it might turn out that the assumption that we only wanted to remove the /login paths at the end of the url was correct. Since this router being modified only contains those auth endpoints, we are confident that this change will not have any side effects on other endpoints provided by extensions consuming this library.