supertokens · rishabhpoddar · Apr 5, 2023 · Mar 26, 2023 · Mar 26, 2023 · Mar 26, 2023
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,78 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [1.23.0] - 2023-04-05
+
+- Adds support for plugin inteface version 2.21
+- Adds `use_static_key` into `session_info`
+
+### Migration
+
+
+- If using `access_token_signing_key_dynamic` false:
+  - ```
+    db.session_info.update({},
+      {
+        "$set": {
+          "use_static_key": true
+        }
+      });
+    ```
+  - ```
+    db.key_value.aggregate([
+      {
+        "$match": {
+          _id: "access_token_signing_key_list"
+        }
+      },
+      {
+        $unwind: "$keys"
+      },
+      {
+        $addFields: {
+          _id: {
+            "$concat": [
+              "s-",
+              {
+                $convert: {
+                  input: "$keys.created_at_time",
+                  to: "string"
+                }
+              }
+            ]
+          },
+          "key_string": "$keys.value",
+          "algorithm": "RS256",
+          "created_at": "$keys.created_at_time",
+
+        }
+      },
+      {
+        "$project": {
+          "keys": 0,
+
+        }
+      },
+      {
+        "$merge": {
+          "into": "jwt_signing_keys",
+
+        }
+      }
+    ]);
+    ```
+
+- If using `access_token_signing_key_dynamic` true:
+  - ```
+    db.session_info.update({},
+      {
+        "$set": {
+          "use_static_key": false
+        }
+      });
+    ```
+- Fixed an issue when adding new access token signing key to an empty list
+
 ## [1.22.0] - 2023-03-30
 
 - New plugin version (v2.22)

diff --git a/build.gradle b/build.gradle
@@ -2,7 +2,7 @@ plugins {
     id 'java-library'
 }
 
-version = "1.22.0"
+version = "1.23.0"
 
 repositories {
     mavenCentral()

diff --git a/pluginInterfaceSupported.json b/pluginInterfaceSupported.json
@@ -1,6 +1,6 @@
 {
   "_comment": "contains a list of plugin interfaces branch names that this core supports",
   "versions": [
-    "2.22"
+    "2.23"
   ]
 }
diff --git a/src/main/java/io/supertokens/storage/mongodb/Queries.java b/src/main/java/io/supertokens/storage/mongodb/Queries.java
@@ -217,12 +217,15 @@ static boolean addArrayKeyValue_Transaction(Start start, String key, KeyValueInf
 
             return result.getModifiedCount() == 1;
         } else {
-
             try {
-                collection.insertOne(new Document("_id", key).append("keys", keyList));
+                UpdateResult result = collection.updateOne(
+                        Filters.and(Filters.eq("_id", key), Filters.size("keys", 0)),
+                        // We have to use a pushEach with here, because it allows us to set where we push the value
+                        Updates.pushEach("keys", keyList, new PushOptions().position(0)),
+                        new UpdateOptions().upsert(true));
 
                 // TODO: supposed to call this only if result.wasAcknowledged() is true. Why?
-                return true;
+                return result.getModifiedCount() == 1;
             } catch (MongoException e) {
                 if (!isDuplicateKeyException(e)) {
                     throw e;
@@ -235,14 +238,15 @@ static boolean addArrayKeyValue_Transaction(Start start, String key, KeyValueInf
 
     @SuppressWarnings("unchecked")
     static void createNewSession(Start start, String sessionHandle, String userId, String refreshTokenHash2,
-            JsonObject userDataInDatabase, long expiry, JsonObject userDataInJWT, long createdAtTime) {
+            JsonObject userDataInDatabase, long expiry, JsonObject userDataInJWT, long createdAtTime, boolean useStaticKey) {
         MongoDatabase client = ConnectionPool.getClientConnectedToDatabase(start);
         MongoCollection collection = client.getCollection(Config.getConfig(start).getSessionInfoCollection());
 
         collection.insertOne(new Document("_id", sessionHandle).append("user_id", userId)
                 .append("refresh_token_hash_2", refreshTokenHash2).append("session_data", userDataInDatabase.toString())
                 .append("expires_at", expiry).append("jwt_user_payload", userDataInJWT.toString())
-                .append("created_at_time", createdAtTime).append("last_updated_sign", Utils.getUUID()));
+                .append("created_at_time", createdAtTime).append("last_updated_sign", Utils.getUUID())
+                .append("use_static_key", useStaticKey));
     }
 
     static SessionInfoWithLastUpdated getSessionInfo_Transaction(Start start, String sessionHandle)
@@ -381,7 +385,8 @@ public SessionInfo map(Document result) throws Exception {
                     result.getString("refresh_token_hash_2"),
                     jp.parse(result.getString("session_data")).getAsJsonObject(), result.getLong("expires_at"),
                     jp.parse(result.getString("jwt_user_payload")).getAsJsonObject(),
-                    result.getLong("created_at_time"));
+                    result.getLong("created_at_time"),
+                    Boolean.TRUE.equals(result.getBoolean("use_static_key")));
         }
     }
 
@@ -419,6 +424,7 @@ public SessionInfoWithLastUpdated map(Document result) throws Exception {
                     result.getString("refresh_token_hash_2"),
                     jp.parse(result.getString("session_data")).getAsJsonObject(), result.getLong("expires_at"),
                     jp.parse(result.getString("jwt_user_payload")).getAsJsonObject(), result.getLong("created_at_time"),
+                    Boolean.TRUE.equals(result.getBoolean("use_static_key")),
                     result.getString("last_updated_sign"));
         }
     }

diff --git a/src/main/java/io/supertokens/storage/mongodb/Start.java b/src/main/java/io/supertokens/storage/mongodb/Start.java
@@ -151,11 +151,11 @@ public SessionInfoWithLastUpdated getSessionInfo_Transaction(String sessionHandl
 
     @Override
     public void createNewSession(String sessionHandle, String userId, String refreshTokenHash2,
-            JsonObject userDataInDatabase, long expiry, JsonObject userDataInJWT, long createdAtTime)
+            JsonObject userDataInDatabase, long expiry, JsonObject userDataInJWT, long createdAtTime, boolean useStaticKey)
             throws StorageQueryException {
         try {
             Queries.createNewSession(this, sessionHandle, userId, refreshTokenHash2, userDataInDatabase, expiry,
-                    userDataInJWT, createdAtTime);
+                    userDataInJWT, createdAtTime, useStaticKey);
         } catch (MongoException e) {
             throw new StorageQueryException(e);
         }

diff --git a/src/main/java/io/supertokens/storage/mongodb/queries/JWTSigningQueries.java b/src/main/java/io/supertokens/storage/mongodb/queries/JWTSigningQueries.java
@@ -84,7 +84,7 @@ public JWTSigningKeyInfo map(Document result) throws Exception {
             long createdAt = result.getLong("created_at");
             String algorithm = result.getString("algorithm");
 
-            if (keyString.contains("|")) {
+            if (keyString.contains("|") || keyString.contains(";")) {
                 return new JWTAsymmetricSigningKeyInfo(keyId, createdAt, algorithm, keyString);
             } else {
                 return new JWTSymmetricSigningKeyInfo(keyId, createdAt, algorithm, keyString);

diff --git a/src/test/java/io/supertokens/storage/mongodb/test/KeyValueInfoArrayTest.java b/src/test/java/io/supertokens/storage/mongodb/test/KeyValueInfoArrayTest.java
@@ -31,8 +31,7 @@
 import org.junit.rules.TestRule;
 
 import static junit.framework.TestCase.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.*;
 
 public class KeyValueInfoArrayTest {
     @Rule
@@ -153,4 +152,28 @@ public void checkRemoveAccessTokenSigningKeysBefore() throws InterruptedExceptio
         assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
     }
 
+    @Test
+    public void checkThatAddWorksWorksWithEmptyList() throws InterruptedException, StorageQueryException {
+        String[] args = { "../" };
+        TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
+        assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
+
+        SessionStorage sessionStorage = StorageLayer.getSessionStorage(process.getProcess());
+        if (sessionStorage.getType() != STORAGE_TYPE.NOSQL_1) {
+            return;
+        }
+        SessionNoSQLStorage_1 noSQLSessionStorage_1 = (SessionNoSQLStorage_1) sessionStorage;
+
+        noSQLSessionStorage_1.addAccessTokenSigningKey_Transaction(new KeyValueInfo("key1", 100), null);
+
+        noSQLSessionStorage_1.removeAccessTokenSigningKeysBefore(199);
+
+        assert noSQLSessionStorage_1.addAccessTokenSigningKey_Transaction(new KeyValueInfo("key3", 200), null);
+
+        KeyValueInfo[] allKeys = noSQLSessionStorage_1.getAccessTokenSigningKeys_Transaction();
+        assertEquals(allKeys.length, 1);
+
+        process.kill();
+        assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
+    }
 }