-
Notifications
You must be signed in to change notification settings - Fork 235
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(*): Introduce ClerkRequest and refactor clerk/backend types (#2389)
* feat(backend): Drop unused checkCrossOrigin util * feat(backend): Drop createIsomorphicRequest * feat(backend): Replace buildRequestUrl with ClerkRequest A class that extends the native Request class, adds cookies helpers and a normalised clerkUrl that is constructed by using the values found in req.headers so it is able to work reliably when the app is running behind a proxy server. * feat(backend): Introduce AuthenticateContext A class that collects all data required to authenticate a request * feat(backend): Simplify authenticateRequest and types * fix(backend): Fix tests * fix(backend): Export createClerkRequest under /internal * fix(nextjs): Use new backend utils * fix(nextjs): Fix init of clerkRequest
- Loading branch information
1 parent
392b68c
commit ad7bc70
Showing
31 changed files
with
482 additions
and
807 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
116 changes: 116 additions & 0 deletions
116
packages/backend/src/tokens/__tests__/clerkRequest.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,116 @@ | ||
import { createClerkRequest } from '../clerkRequest'; | ||
|
||
export default (QUnit: QUnit) => { | ||
const { module, test: it } = QUnit; | ||
|
||
module('createClerkRequest', () => { | ||
module('cookies', () => { | ||
it('should parse and return cookies', assert => { | ||
const req = createClerkRequest( | ||
new Request('http://localhost:3000', { headers: new Headers({ cookie: 'foo=bar' }) }), | ||
); | ||
assert.equal(req.cookies.get('foo'), 'bar'); | ||
}); | ||
|
||
it('should parse and return cookies with special characters', assert => { | ||
const req = createClerkRequest( | ||
new Request('http://localhost:3000', { headers: new Headers({ cookie: 'foo=%20bar%3B%20baz%3Dqux' }) }), | ||
); | ||
assert.equal(req.cookies.get('foo'), 'bar'); | ||
assert.equal(req.cookies.get('baz'), 'qux'); | ||
}); | ||
|
||
it('should parse and return cookies even if no cookie header exists', assert => { | ||
const req = createClerkRequest(new Request('http://localhost:3000', { headers: new Headers() })); | ||
assert.equal(req.cookies.get('foo'), undefined); | ||
}); | ||
|
||
it('should parse and return cookies even if cookie header is empty', assert => { | ||
const req = createClerkRequest(new Request('http://localhost:3000', { headers: new Headers({ cookie: '' }) })); | ||
assert.equal(req.cookies.get('foo'), undefined); | ||
}); | ||
}); | ||
|
||
module('clerkUrl', () => { | ||
it('should return a clerkUrl', assert => { | ||
const req = createClerkRequest(new Request('http://localhost:3000')); | ||
assert.equal(req.clerkUrl.href, 'http://localhost:3000/'); | ||
}); | ||
|
||
it('without headers', assert => { | ||
const req = new Request('http://localhost:3000/path'); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'http://localhost:3000/path'); | ||
}); | ||
|
||
it('with forwarded proto / host headers', assert => { | ||
const req = new Request('http://localhost:3000/path', { | ||
headers: { 'x-forwarded-host': 'example.com', 'x-forwarded-proto': 'https,http' }, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'https://example.com/path'); | ||
}); | ||
|
||
it('with forwarded proto / host and host headers', assert => { | ||
const req = new Request('http://localhost:3000/path', { | ||
headers: { | ||
'x-forwarded-host': 'example.com', | ||
'x-forwarded-proto': 'https,http', | ||
host: 'example-host.com', | ||
}, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'https://example.com/path'); | ||
}); | ||
|
||
it('with path in request', assert => { | ||
const req = new Request('http://localhost:3000/path'); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'http://localhost:3000/path'); | ||
}); | ||
|
||
it('with query params in request', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar'); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'http://localhost:3000/path?foo=bar'); | ||
}); | ||
|
||
it('with forwarded host (behind a proxy)', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar', { | ||
headers: new Headers({ 'x-forwarded-host': 'example.com' }), | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'http://example.com/path?foo=bar'); | ||
}); | ||
|
||
it('with forwarded host - with multiple values', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar', { | ||
headers: { 'x-forwarded-host': 'example.com,example-2.com' }, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'http://example.com/path?foo=bar'); | ||
}); | ||
|
||
it('with forwarded proto and host', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar', { | ||
headers: { 'x-forwarded-host': 'example.com', 'x-forwarded-proto': 'https' }, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'https://example.com/path?foo=bar'); | ||
}); | ||
|
||
it('with forwarded proto and host - without protocol', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar', { | ||
headers: { 'x-forwarded-host': 'example.com', 'x-forwarded-proto': 'https' }, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'https://example.com/path?foo=bar'); | ||
}); | ||
|
||
it('with forwarded proto and host - without host', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar', { | ||
headers: { 'x-forwarded-host': 'example.com', 'x-forwarded-proto': 'https' }, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'https://example.com/path?foo=bar'); | ||
}); | ||
|
||
it('with forwarded proto and host - without host and protocol', assert => { | ||
const req = new Request('http://localhost:3000/path?foo=bar', { | ||
headers: { 'x-forwarded-host': 'example.com', 'x-forwarded-proto': 'https' }, | ||
}); | ||
assert.equal(createClerkRequest(req).clerkUrl.toString(), 'https://example.com/path?foo=bar'); | ||
}); | ||
}); | ||
}); | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.