diff --git a/.changeset/neat-poets-push.md b/.changeset/neat-poets-push.md new file mode 100644 index 00000000000..30e2d9314e1 --- /dev/null +++ b/.changeset/neat-poets-push.md @@ -0,0 +1,5 @@ +--- +'@clerk/clerk-js': patch +--- + +Ensure the token returned from `getToken()` and the token in the session cookie remain in sync. diff --git a/.changeset/pre.json b/.changeset/pre.json index 0d64a5c4e99..8bfe9f25f13 100644 --- a/.changeset/pre.json +++ b/.changeset/pre.json @@ -1,6 +1,6 @@ { "mode": "pre", - "tag": "beta-v5", + "tag": "beta", "initialVersions": { "@clerk/backend": "0.31.3", "@clerk/chrome-extension": "0.4.10", diff --git a/packages/clerk-js/src/core/resources/Session.ts b/packages/clerk-js/src/core/resources/Session.ts index 60860feccf3..6f028e8be32 100644 --- a/packages/clerk-js/src/core/resources/Session.ts +++ b/packages/clerk-js/src/core/resources/Session.ts @@ -160,7 +160,11 @@ export class Session extends BaseResource implements SessionResource { const cachedEntry = skipCache ? undefined : SessionTokenCache.get({ tokenId }, leewayInSeconds); if (cachedEntry) { - return cachedEntry.tokenResolver.then(res => res.getRawString()); + const cachedToken = await cachedEntry.tokenResolver.then(res => res); + if (!template) { + eventBus.dispatch(events.TokenUpdate, { token: cachedToken }); + } + return cachedToken.getRawString(); } const path = template ? `${this.path()}/tokens/${template}` : `${this.path()}/tokens`; const tokenResolver = Token.create(path); diff --git a/packages/nextjs/src/server/authMiddleware.test.ts b/packages/nextjs/src/server/authMiddleware.test.ts index 427dac2bd65..d43f660dae3 100644 --- a/packages/nextjs/src/server/authMiddleware.test.ts +++ b/packages/nextjs/src/server/authMiddleware.test.ts @@ -347,7 +347,6 @@ describe('authMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toEqual('https://www.clerk.com/custom-redirect'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).not.toBeCalled(); expect(afterAuthSpy).not.toBeCalled(); }); @@ -385,7 +384,6 @@ describe('authMiddleware(params)', () => { expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -435,7 +433,6 @@ describe('Dev Browser JWT when redirecting to cross origin', function () { expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -448,7 +445,6 @@ describe('Dev Browser JWT when redirecting to cross origin', function () { expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected&__clerk_db_jwt=test_jwt', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -466,7 +462,6 @@ describe('Dev Browser JWT when redirecting to cross origin', function () { expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); }); diff --git a/packages/nextjs/src/server/authMiddleware.ts b/packages/nextjs/src/server/authMiddleware.ts index d286bb5c4b3..db91cf228ff 100644 --- a/packages/nextjs/src/server/authMiddleware.ts +++ b/packages/nextjs/src/server/authMiddleware.ts @@ -173,7 +173,7 @@ const authMiddleware: AuthMiddleware = (...args: unknown[]) => { return setHeader(NextResponse.next(), constants.Headers.AuthReason, 'skip'); } else if (beforeAuthRes && isRedirect(beforeAuthRes)) { logger.debug('Before auth returned redirect, following redirect'); - return setHeader(beforeAuthRes, constants.Headers.AuthReason, 'redirect'); + return setHeader(beforeAuthRes, constants.Headers.AuthReason, 'before-auth-redirect'); } const requestState = await clerkClient.authenticateRequest( @@ -206,8 +206,7 @@ const authMiddleware: AuthMiddleware = (...args: unknown[]) => { if (isRedirect(finalRes)) { logger.debug('Final response is redirect, following redirect'); - const res = setHeader(finalRes, constants.Headers.AuthReason, 'redirect'); - return serverRedirectWithAuth(clerkRequest, res, options); + return serverRedirectWithAuth(clerkRequest, finalRes, options); } if (options.debug) { diff --git a/packages/nextjs/src/server/clerkMiddleware.test.ts b/packages/nextjs/src/server/clerkMiddleware.test.ts index c683c0f3407..b26e50ec155 100644 --- a/packages/nextjs/src/server/clerkMiddleware.test.ts +++ b/packages/nextjs/src/server/clerkMiddleware.test.ts @@ -211,7 +211,6 @@ describe('clerkMiddleware(params)', () => { expect(signInResp?.status).toEqual(307); expect(signInResp?.headers.get(constants.Headers.Location)).toEqual('https://www.clerk.com/hello'); expect(signInResp?.headers.get('a-custom-header')).toEqual('1'); - expect(signInResp?.headers.get(constants.Headers.AuthReason)).toBeTruthy(); }); describe('auth().redirectToSignIn()', () => { @@ -228,7 +227,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('sign-in'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -246,7 +244,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('sign-in'); expect(new URL(resp!.headers.get('location')!).searchParams.get('redirect_url')).toContain('/protected'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -266,7 +263,6 @@ describe('clerkMiddleware(params)', () => { expect(new URL(resp!.headers.get('location')!).searchParams.get('redirect_url')).toEqual( 'https://www.clerk.com/hello', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -284,7 +280,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('sign-in'); expect(new URL(resp!.headers.get('location')!).searchParams.get('redirect_url')).toBeNull(); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); }); @@ -309,7 +304,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('sign-in'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -398,7 +392,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toEqual('https://www.clerk.com/hello'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(resp?.headers.get(constants.Headers.ClerkRedirectTo)).toEqual('true'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -428,7 +421,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toEqual('https://www.clerk.com/discover'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(resp?.headers.get(constants.Headers.ClerkRedirectTo)).toEqual('true'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -454,7 +446,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('sign-in'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -480,7 +471,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('https://www.clerk.com/unauthenticatedUrl'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(resp?.headers.get(constants.Headers.ClerkRedirectTo)).toEqual('true'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -510,7 +500,6 @@ describe('clerkMiddleware(params)', () => { expect(resp?.status).toEqual(307); expect(resp?.headers.get('location')).toContain('https://www.clerk.com/unauthorizedUrl'); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(resp?.headers.get(constants.Headers.ClerkRedirectTo)).toEqual('true'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -539,7 +528,6 @@ describe('Dev Browser JWT when redirecting to cross origin for page requests', f expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -563,7 +551,6 @@ describe('Dev Browser JWT when redirecting to cross origin for page requests', f expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected&__clerk_db_jwt=test_jwt', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); @@ -589,7 +576,6 @@ describe('Dev Browser JWT when redirecting to cross origin for page requests', f expect(resp?.headers.get('location')).toEqual( 'https://accounts.included.katydid-92.lcl.dev/sign-in?redirect_url=https%3A%2F%2Fwww.clerk.com%2Fprotected', ); - expect(resp?.headers.get('x-clerk-auth-reason')).toEqual('redirect'); expect(clerkClient.authenticateRequest).toBeCalled(); }); }); diff --git a/packages/nextjs/src/server/clerkMiddleware.ts b/packages/nextjs/src/server/clerkMiddleware.ts index 3ee2fba06a0..4d40357d782 100644 --- a/packages/nextjs/src/server/clerkMiddleware.ts +++ b/packages/nextjs/src/server/clerkMiddleware.ts @@ -99,8 +99,7 @@ export const clerkMiddleware: ClerkMiddleware = (...args: unknown[]): any => { } if (isRedirect(handlerResult)) { - const res = setHeader(handlerResult, constants.Headers.AuthReason, 'redirect'); - return serverRedirectWithAuth(clerkRequest, res, options); + return serverRedirectWithAuth(clerkRequest, handlerResult, options); } if (options.debug) {