fix(@whook/oauth2): fix the cookies options

fix #175

packages/whook-oauth2/README.md

@@ -67,21 +67,13 @@ Declare this module types in your `src/whook.d.ts` type definitions:
 
 ```diff
 +import type {
-+  AuthCookiesEnv,
 +  OAuth2Config,
 +} from '@whook/oauth2';
 
 // ...
 
 declare module 'application-services' {
 
-  export interface AppEnvVars
-    extends BaseAppEnvVars,
-      WhookBaseEnv,
-      // (...)
-+      AuthCookiesEnv,
-      WhookSwaggerUIEnv {}
-
   // (...)
 
   export interface AppConfig

packages/whook-oauth2/src/index.ts

@@ -49,7 +49,6 @@ import initAuthCookiesService, {
   AUTH_API_PREFIX,
 } from './services/authCookies.js';
 import type {
-  AuthCookiesEnv,
   AuthCookiesConfig,
   AuthCookiesService,
   AuthCookiesData,
@@ -65,7 +64,6 @@ export type {
   OAuth2GranterService,
   OAuth2Options,
   OAuth2Config,
-  AuthCookiesEnv,
   AuthCookiesConfig,
   AuthCookiesService,
   AuthCookiesData,

packages/whook-oauth2/src/services/authCookies.test.ts

@@ -5,13 +5,11 @@ import type { AuthCookiesConfig } from './authCookies.js';
 describe('authCookies', () => {
   describe('.build()', () => {
     test('should work with new auth data', async () => {
-      const ENV = {};
       const COOKIES: AuthCookiesConfig['COOKIES'] = {
         domain: 'api.example.com',
       };
 
       const authCookies = await initAuthCookies({
-        ENV,
         COOKIES,
       });
 
@@ -29,13 +27,11 @@ describe('authCookies', () => {
     });
 
     test('should allow to reset auth data', async () => {
-      const ENV = {};
       const COOKIES: AuthCookiesConfig['COOKIES'] = {
         domain: 'api.example.com',
       };
 
       const authCookies = await initAuthCookies({
-        ENV,
         COOKIES,
       });
 
@@ -52,30 +48,28 @@ describe('authCookies', () => {
       `);
     });
   });
+
   describe('.parse()', () => {
     test('should work with no cookies', async () => {
-      const ENV = {};
       const COOKIES: AuthCookiesConfig['COOKIES'] = {
         domain: 'api.example.com',
       };
 
       const authCookies = await initAuthCookies({
-        ENV,
         COOKIES,
       });
 
       const result = await authCookies.parse('');
 
       expect(result).toMatchInlineSnapshot(`{}`);
     });
+
     test('should work with cookies', async () => {
-      const ENV = {};
       const COOKIES: AuthCookiesConfig['COOKIES'] = {
         domain: 'api.example.com',
       };
 
       const authCookies = await initAuthCookies({
-        ENV,
         COOKIES,
       });
 

packages/whook-oauth2/src/services/authCookies.ts

@@ -1,30 +1,23 @@
 import ms from 'ms';
-import cookie from 'cookie';
+import cookie, { CookieSerializeOptions } from 'cookie';
 import { autoService } from 'knifecycle';
 import type { BaseAuthenticationData } from '@whook/authorization';
+import { Jsonify } from 'type-fest';
 
 export const AUTH_API_PREFIX = '/auth';
-export const DEFAULT_COOKIES_ENV = {};
 
 export type AuthHandlersConfig<
   AUTHENTICATION_DATA extends BaseAuthenticationData = BaseAuthenticationData,
 > = {
   ROOT_AUTHENTICATION_DATA: AUTHENTICATION_DATA;
 };
 
-export type AuthCookiesEnv = {
-  DEV_MODE?: string;
-};
 export type AuthCookiesConfig = {
-  COOKIES: {
-    domain: string;
-  };
+  COOKIES: Jsonify<Omit<CookieSerializeOptions, 'maxAge' | 'path' | 'expires'>>;
   BASE_PATH?: string;
 };
 
-export type AuthCookiesDependencies = AuthCookiesConfig & {
-  ENV?: AuthCookiesEnv;
-};
+export type AuthCookiesDependencies = AuthCookiesConfig;
 
 export type AuthCookiesData = {
   refresh_token: string;
@@ -42,7 +35,6 @@ export type AuthCookiesService = {
 export default autoService(initAuthCookies);
 
 async function initAuthCookies({
-  ENV = DEFAULT_COOKIES_ENV,
   COOKIES,
   BASE_PATH = '',
 }: AuthCookiesDependencies): Promise<AuthCookiesService> {
@@ -51,17 +43,17 @@ async function initAuthCookies({
       cookie.serialize('access_token', data.access_token || '', {
         path: BASE_PATH + AUTH_API_PREFIX,
         httpOnly: true,
-        domain: ENV.DEV_MODE ? undefined : COOKIES.domain,
-        secure: !ENV.DEV_MODE,
-        ...(ENV.DEV_MODE ? {} : { sameSite: true }),
+        sameSite: true,
+        secure: true,
+        ...COOKIES,
         ...(data.access_token ? {} : { maxAge: 0 }),
       }),
       cookie.serialize('refresh_token', data.refresh_token || '', {
         path: BASE_PATH + AUTH_API_PREFIX,
         httpOnly: true,
-        domain: ENV.DEV_MODE ? undefined : COOKIES.domain,
-        secure: !ENV.DEV_MODE,
-        ...(ENV.DEV_MODE ? {} : { sameSite: true }),
+        sameSite: true,
+        secure: true,
+        ...COOKIES,
         ...(session ? {} : { maxAge: Math.round(ms('100y') / 1000) }),
       }),
     ];