Skip to content

Commit

Permalink
Sessionscope fix (#122)
Browse files Browse the repository at this point in the history
* code changes

* undoes auto changed file
  • Loading branch information
rishabhpoddar authored May 8, 2024
1 parent 636d706 commit aee9134
Show file tree
Hide file tree
Showing 12 changed files with 127 additions and 90 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [unreleased]

## [5.0.0] - 2024-05-08

### Breaking changes

The `shouldDoInterceptionBasedOnUrl` function now returns true:
- If `sessionTokenBackendDomain` is a valid subdomain of the URL's domain. This aligns with the behavior of browsers when sending cookies to subdomains.
- Even if the ports of the URL you are querying are different compared to the `apiDomain`'s port ot the `sessionTokenBackendDomain` port (as long as the hostname is the same, or a subdomain of the `sessionTokenBackendDomain`): https://github.com/supertokens/supertokens-website/issues/217

## [4.1.1] - 2024-03-14

- Support for new FDI version - 1.19
Expand Down
55 changes: 43 additions & 12 deletions TestingApp/test/config.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,7 @@ import { ProcessState } from "supertokens-react-native/lib/build/processState";
import {
normaliseCookieDomainOrThrowError,
normaliseURLPathOrThrowError,
normaliseURLDomainOrThrowError,
shouldDoInterceptionBasedOnUrl
normaliseURLDomainOrThrowError
} from "supertokens-react-native/lib/build/utils";
// jest does not call setupFiles properly with the new react-native init, so doing it this way instead
import "./setup";
Expand Down Expand Up @@ -59,6 +58,9 @@ describe("Config tests", function() {
);
assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "localhost:3000", undefined));
assert(shouldDoInterceptionBasedOnUrl("https://localhost:3000", "https://localhost:3000", undefined));
assert(shouldDoInterceptionBasedOnUrl("https://localhost:3000", "https://localhost:3001", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://localhost:3000", "http://localhost:3001", undefined));
assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "localhost:3001", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://localhost:3000", "http://localhost:3000", undefined));
assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "https://localhost:3000", undefined));
assert(shouldDoInterceptionBasedOnUrl("localhost", "https://localhost", undefined));
Expand All @@ -69,19 +71,29 @@ describe("Config tests", function() {
assert(shouldDoInterceptionBasedOnUrl("127.0.0.1:3000", "https://127.0.0.1:3000", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://127.0.0.1:3000", "https://127.0.0.1:3000", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://127.0.0.1", "https://127.0.0.1", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://localhost.org", "localhost.org", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://localhost.org", "http://localhost.org", undefined));

// true cases with cookieDomain
assert(shouldDoInterceptionBasedOnUrl("api.example.com", "", "api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("http://api.example.com", "", "http://api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("api.example.com", "", ".example.com"));
assert(shouldDoInterceptionBasedOnUrl("api.example.com", "", "example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://api.example.com", "", "http://api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://api.example.com", "", "https://api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".sub.api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "sub.api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com:3000"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "example.com:3000"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "https://sub.api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://api.example.com:3000", "", ".api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("https://api.example.com:3000", "", "api.example.com"));
assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "", "localhost:3000"));
assert(shouldDoInterceptionBasedOnUrl("https://localhost:3000", "", ".localhost:3000"));
assert(shouldDoInterceptionBasedOnUrl("localhost", "", "localhost"));
Expand All @@ -92,32 +104,51 @@ describe("Config tests", function() {
assert(shouldDoInterceptionBasedOnUrl("127.0.0.1:3000", "", "https://127.0.0.1:3000"));
assert(shouldDoInterceptionBasedOnUrl("http://127.0.0.1:3000", "", "https://127.0.0.1:3000"));
assert(shouldDoInterceptionBasedOnUrl("http://127.0.0.1", "", "https://127.0.0.1"));
assert(shouldDoInterceptionBasedOnUrl("http://localhost.org", "", ".localhost.org"));
assert(shouldDoInterceptionBasedOnUrl("http://localhost.org", "", "localhost.org"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".com"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.co.uk:3000", "", ".api.example.co.uk"));
assert(shouldDoInterceptionBasedOnUrl("https://sub1.api.example.co.uk:3000", "", ".api.example.co.uk"));
assert(shouldDoInterceptionBasedOnUrl("https://api.example.co.uk:3000", "", ".api.example.co.uk"));
assert(shouldDoInterceptionBasedOnUrl("https://api.example.co.uk:3000", "", "api.example.co.uk"));
assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "localhost:8080", undefined));
assert(shouldDoInterceptionBasedOnUrl("localhost:3001", "localhost", undefined));
assert(
shouldDoInterceptionBasedOnUrl("https://api.example.com:3002", "https://api.example.com:3001", undefined)
);
assert(shouldDoInterceptionBasedOnUrl("http://localhost.org", "localhost.org:2000", undefined));
assert(shouldDoInterceptionBasedOnUrl("http://localhost.org", "localhost", "localhost.org"));
assert(shouldDoInterceptionBasedOnUrl("localhost", "localhost", "localhost.org"));
assert(shouldDoInterceptionBasedOnUrl("localhost", "", "localhost:8080"));
assert(shouldDoInterceptionBasedOnUrl("http://localhost:80", "", "localhost:8080"));
assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "", "localhost:8080"));
assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com:3001"));
assert(shouldDoInterceptionBasedOnUrl("http://127.0.0.1:3000", "", "https://127.0.0.1:3010"));

// false cases with api
assert(!shouldDoInterceptionBasedOnUrl("localhost:3001", "localhost:3000", undefined));
assert(!shouldDoInterceptionBasedOnUrl("localhost", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("google.com", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("http://google.com", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("https://google.com", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("https://google.com:8080", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("localhost:3001", "example.com", undefined));
assert(!shouldDoInterceptionBasedOnUrl("localhost:3001", "localhost", undefined));
assert(!shouldDoInterceptionBasedOnUrl("https://example.com", "https://api.example.com", undefined));
assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://a.api.example.com", undefined));
assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://a.api.example.com:3000", undefined));
assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://example.com", undefined));
assert(!shouldDoInterceptionBasedOnUrl("https://example.com:3001", "https://api.example.com:3001", undefined));
assert(
!shouldDoInterceptionBasedOnUrl("https://api.example.com:3002", "https://api.example.com:3001", undefined)
);

// false cases with cookieDomain
assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com:3001"));
assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "example.com"));
assert(!shouldDoInterceptionBasedOnUrl("localhost", "", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("google.com", "", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("http://google.com", "", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("https://google.com", "", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("https://google.com:8080", "", "localhost.org"));
assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com:3000", "", ".a.api.example.com"));
assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "localhost"));
assert(!shouldDoInterceptionBasedOnUrl("http://127.0.0.1:3000", "", "https://127.0.0.1:3010"));
assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.co.uk:3000", "", "api.example.co.uk"));
assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.co.uk", "", "api.example.co.uk"));
assert(!shouldDoInterceptionBasedOnUrl("http://localhost.org", "", "localhost"));
assert(!shouldDoInterceptionBasedOnUrl("http://localhost.org", "", ".localhost"));
assert(!shouldDoInterceptionBasedOnUrl("http://localhost.org", "", "localhost:2000"));

// errors in input
try {
Expand Down
55 changes: 27 additions & 28 deletions lib/build/recipeImplementation.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/build/utils.d.ts

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 2 additions & 6 deletions lib/build/utils.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/build/version.d.ts

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/build/version.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit aee9134

Please sign in to comment.