feat: test fixes

supertokens · Oct 25, 2024 · 4a90c0d · 4a90c0d
1 parent aa2fb4f
commit 4a90c0d
Show file tree

Hide file tree

Showing 12 changed files with 32 additions and 0 deletions.
diff --git a/lib/build/recipe/oauth2provider/api/login.js b/lib/build/recipe/oauth2provider/api/login.js
@@ -81,6 +81,10 @@ async function login(apiImplementation, options, userContext) {
             frontendRedirectTo: response.frontendRedirectTo,
         });
     } else if ("statusCode" in response) {
+        // We want to avoid returning a 401 to the frontend, as it may trigger a refresh loop
+        if (response.statusCode === 401) {
+            response.statusCode = 400;
+        }
         utils_1.sendNon200Response(options.res, (_b = response.statusCode) !== null && _b !== void 0 ? _b : 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/build/recipe/oauth2provider/api/loginInfo.js b/lib/build/recipe/oauth2provider/api/loginInfo.js
@@ -42,6 +42,10 @@ async function loginInfoGET(apiImplementation, options, userContext) {
         userContext,
     });
     if ("error" in response) {
+        // We want to avoid returning a 401 to the frontend, as it may trigger a refresh loop
+        if (response.statusCode === 401) {
+            response.statusCode = 400;
+        }
         utils_1.sendNon200Response(options.res, (_b = response.statusCode) !== null && _b !== void 0 ? _b : 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/build/recipe/oauth2provider/api/logout.js b/lib/build/recipe/oauth2provider/api/logout.js
@@ -50,6 +50,10 @@ async function logoutPOST(apiImplementation, options, userContext) {
     if ("status" in response && response.status === "OK") {
         utils_1.send200Response(options.res, response);
     } else if ("statusCode" in response) {
+        // We want to avoid returning a 401 to the frontend, as it may trigger a refresh loop
+        if (response.statusCode === 401) {
+            response.statusCode = 400;
+        }
         utils_1.sendNon200Response(options.res, (_a = response.statusCode) !== null && _a !== void 0 ? _a : 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/build/recipe/oauth2provider/api/revokeToken.js b/lib/build/recipe/oauth2provider/api/revokeToken.js
@@ -43,6 +43,7 @@ async function revokeTokenPOST(apiImplementation, options, userContext) {
         userContext,
     });
     if ("statusCode" in response && response.statusCode !== 200) {
+        // We do not need to normalize as this is not expected to be called by frontends where interception is enabled
         utils_1.sendNon200Response(options.res, (_a = response.statusCode) !== null && _a !== void 0 ? _a : 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/build/recipe/oauth2provider/api/token.js b/lib/build/recipe/oauth2provider/api/token.js
@@ -28,6 +28,7 @@ async function tokenPOST(apiImplementation, options, userContext) {
         userContext,
     });
     if ("error" in response) {
+        // We do not need to normalize as this is not expected to be called by frontends where interception is enabled
         utils_1.sendNon200Response(options.res, (_a = response.statusCode) !== null && _a !== void 0 ? _a : 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/build/recipe/oauth2provider/recipeImplementation.js b/lib/build/recipe/oauth2provider/recipeImplementation.js
@@ -294,6 +294,7 @@ function getRecipeInterface(
                 new normalisedURLPath_1.default(`/recipe/oauth/auth`),
                 {
                     params: Object.assign(Object.assign({}, input.params), { scope: scopes.join(" ") }),
+                    iss: await recipe_2.default.getIssuer(input.userContext),
                     cookies: input.cookies,
                     session: payloads,
                 },

diff --git a/lib/ts/recipe/oauth2provider/api/login.ts b/lib/ts/recipe/oauth2provider/api/login.ts
@@ -82,6 +82,11 @@ export default async function login(
             frontendRedirectTo: response.frontendRedirectTo,
         });
     } else if ("statusCode" in response) {
+        // We want to avoid returning a 401 to the frontend, as it may trigger a refresh loop
+        if (response.statusCode === 401) {
+            response.statusCode = 400;
+        }
+
         sendNon200Response(options.res, response.statusCode ?? 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/ts/recipe/oauth2provider/api/loginInfo.ts b/lib/ts/recipe/oauth2provider/api/loginInfo.ts
@@ -44,6 +44,10 @@ export default async function loginInfoGET(
     });
 
     if ("error" in response) {
+        // We want to avoid returning a 401 to the frontend, as it may trigger a refresh loop
+        if (response.statusCode === 401) {
+            response.statusCode = 400;
+        }
         sendNon200Response(options.res, response.statusCode ?? 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/ts/recipe/oauth2provider/api/logout.ts b/lib/ts/recipe/oauth2provider/api/logout.ts
@@ -54,6 +54,11 @@ export async function logoutPOST(
     if ("status" in response && response.status === "OK") {
         send200Response(options.res, response);
     } else if ("statusCode" in response) {
+        // We want to avoid returning a 401 to the frontend, as it may trigger a refresh loop
+        if (response.statusCode === 401) {
+            response.statusCode = 400;
+        }
+
         sendNon200Response(options.res, response.statusCode ?? 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/ts/recipe/oauth2provider/api/revokeToken.ts b/lib/ts/recipe/oauth2provider/api/revokeToken.ts
@@ -54,6 +54,7 @@ export default async function revokeTokenPOST(
     });
 
     if ("statusCode" in response && response.statusCode !== 200) {
+        // We do not need to normalize as this is not expected to be called by frontends where interception is enabled
         sendNon200Response(options.res, response.statusCode ?? 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/ts/recipe/oauth2provider/api/token.ts b/lib/ts/recipe/oauth2provider/api/token.ts
@@ -36,6 +36,7 @@ export default async function tokenPOST(
     });
 
     if ("error" in response) {
+        // We do not need to normalize as this is not expected to be called by frontends where interception is enabled
         sendNon200Response(options.res, response.statusCode ?? 400, {
             error: response.error,
             error_description: response.errorDescription,

diff --git a/lib/ts/recipe/oauth2provider/recipeImplementation.ts b/lib/ts/recipe/oauth2provider/recipeImplementation.ts
@@ -280,6 +280,7 @@ export default function getRecipeInterface(
                         ...input.params,
                         scope: scopes.join(" "),
                     },
+                    iss: await OpenIdRecipe.getIssuer(input.userContext),
                     cookies: input.cookies,
                     session: payloads,
                 },