feat: add iss into access tokens + update/fix tests #546
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rishabhpoddar
suggested changes
Apr 24, 2023
rishabhpoddar
approved these changes
Apr 24, 2023
7 tasks
rishabhpoddar
added a commit
that referenced
this pull request
May 4, 2023
* feat!: rename sessionData handling functions (#519) * feat\!: rename sessionData handling functions * feat: rename sessionData in param and return types to sessionDataInDatabase * feat: access token to jwt (#512) * feat(access token to jwt): initial changes * feat(access_token_to_jwt): initial implementation * refactor: removed unused code/fixed names * test: add/fix tests * fix: implement review comments * chore: deprecate jwt config option * feat: implement review comments * test: update&expand tests * test: expand testing + changelog * feat: re-add openId overrides into session config + moved protected prop filtering * chore: add migration guide to changelog * fix: delete protected props before merging claim updates during assertClaims * fix: more consistent payload handling * fix: update tests and add separate handling for v2 tokens * feat: add new functions based on session ADR 0030 (#520) * feat(access token to jwt): initial changes * feat(access_token_to_jwt): initial implementation * refactor: removed unused code/fixed names * test: add/fix tests * fix: implement review comments * chore: deprecate jwt config option * feat: add new functions based on session ADR 0030 * chore: update CHANGELOG * feat: implement review comments * test: update&expand tests * test: expand testing + changelog * feat: re-add openId overrides into session config + moved protected prop filtering * chore: add migration guide to changelog * fix: delete protected props before merging claim updates during assertClaims * feat: add tests + small fixes/exports * fix: more consistent payload handling * refactor: implement review comments * feat: make the invalid claims response and the return value of getSessionWithoutModifyingResponse match * feat: single override for session handling funcs with&without request * feat: remove useDynamicAccessTokenSigningKey from createNewSession and check it in verify * feat: review comments * refactor: renamed TOKEN_VALIDATION_ERROR to UNAUTHORISED * chore: update changelog * refactor: self-review fixes * feat: make it easy to both throw or build response if claim validation failed * fix: update createJWT in openId and session recipes + CDI version (#538) * refactor: minor cleanup +fixes from other SDKs for access token to jwt (#542) * fix: update createJWT in openId and session recipes + CDI version * docs: add comment to explain the combinedJWKS func * fix: fix migration guide in changelog * refactor: introduce constant for 100 years + fix comment * feat: changed withoutreqres methods to throw instead of returning status + test fixes * feat: rename accessTokenPayload to customClaimsInAccessTokenPayload in session info * Update CHANGELOG.md --------- Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com> * feat: add iss into access tokens + update/fix tests (#546) * fix: type fixes + small test fixes/extension (#547) * feat: add iss into access tokens + update/fix tests * test: further test fixes * fix: fix types of both getSession versions * refactor: smaller cleanup/minor fixes (#556) * feat: add iss into access tokens + update/fix tests * test: further test fixes * fix: fix types of both getSession versions * chore: fix CDI version in changelog * chore: fix typo in changelog * fix: fix access token payload for legacy tokens + minor consistency fixes * docs: update comment to match new interface * chore: update changelog * fix: add missing return * refactor: move v2 specific code to the appropriate branch --------- Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>
rishabhpoddar
added a commit
that referenced
this pull request
Jun 30, 2023
* feat!: rename sessionData handling functions (#519) * feat\!: rename sessionData handling functions * feat: rename sessionData in param and return types to sessionDataInDatabase * feat: access token to jwt (#512) * feat(access token to jwt): initial changes * feat(access_token_to_jwt): initial implementation * refactor: removed unused code/fixed names * test: add/fix tests * fix: implement review comments * chore: deprecate jwt config option * feat: implement review comments * test: update&expand tests * test: expand testing + changelog * feat: re-add openId overrides into session config + moved protected prop filtering * chore: add migration guide to changelog * fix: delete protected props before merging claim updates during assertClaims * fix: more consistent payload handling * fix: update tests and add separate handling for v2 tokens * feat: add new functions based on session ADR 0030 (#520) * feat(access token to jwt): initial changes * feat(access_token_to_jwt): initial implementation * refactor: removed unused code/fixed names * test: add/fix tests * fix: implement review comments * chore: deprecate jwt config option * feat: add new functions based on session ADR 0030 * chore: update CHANGELOG * feat: implement review comments * test: update&expand tests * test: expand testing + changelog * feat: re-add openId overrides into session config + moved protected prop filtering * chore: add migration guide to changelog * fix: delete protected props before merging claim updates during assertClaims * feat: add tests + small fixes/exports * fix: more consistent payload handling * refactor: implement review comments * feat: make the invalid claims response and the return value of getSessionWithoutModifyingResponse match * feat: single override for session handling funcs with&without request * feat: remove useDynamicAccessTokenSigningKey from createNewSession and check it in verify * feat: review comments * refactor: renamed TOKEN_VALIDATION_ERROR to UNAUTHORISED * chore: update changelog * refactor: self-review fixes * feat: make it easy to both throw or build response if claim validation failed * fix: update createJWT in openId and session recipes + CDI version (#538) * refactor: minor cleanup +fixes from other SDKs for access token to jwt (#542) * fix: update createJWT in openId and session recipes + CDI version * docs: add comment to explain the combinedJWKS func * fix: fix migration guide in changelog * refactor: introduce constant for 100 years + fix comment * feat: changed withoutreqres methods to throw instead of returning status + test fixes * feat: rename accessTokenPayload to customClaimsInAccessTokenPayload in session info * Update CHANGELOG.md --------- Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com> * feat: add iss into access tokens + update/fix tests (#546) * fix: type fixes + small test fixes/extension (#547) * feat: add iss into access tokens + update/fix tests * test: further test fixes * fix: fix types of both getSession versions * removes import from url * tries to use node fetch * tries to use node fetch * refactor: replaced node-fetch and axios with cross-fetch * refactor: remove verify-apple-id-token, jsonwebtoken, jwks-rsa deps * build: remove unused deps * refactor: replace co-body and body-parser deps in lib code * fix: fix migration to fetch * fix: fix serialization issue + tests * test: revert merge error * refactor: test fixes * refactor: self-review fixes * fix: fix minor issues from e2e tests * fix: fix apple client secret generation * refactor: fix review comments --------- Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of change
issclaim duringcreateNewSessionRelated issues
Test Plan
(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)
Documentation changes
(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)
Checklist for important updates
coreDriverInterfaceSupported.jsonfile has been updated (if needed)lib/ts/version.tsfrontendDriverInterfaceSupported.jsonfile has been updated (if needed)package.jsonpackage-lock.jsonlib/ts/version.tsnpm run build-prettygit tag) in the formatvX.Y.Z, and then find the latest branch (git branch --all) whoseX.Yis greater than the latest released tag.add-ts-no-check.jsfile to include thatsomeFunc: function () {..}).Remaining TODOs for this PR