From 66afe54b19502833c113b751ac4dc9a3a136291f Mon Sep 17 00:00:00 2001 From: Nicolas Froidure Date: Tue, 20 Feb 2024 12:19:58 +0100 Subject: [PATCH] fix(@whook/oauth2): fix the cookies options fix #175 --- packages/whook-oauth2/README.md | 8 ------ packages/whook-oauth2/src/index.ts | 2 -- .../src/services/authCookies.test.ts | 10 ++----- .../whook-oauth2/src/services/authCookies.ts | 28 +++++++------------ 4 files changed, 12 insertions(+), 36 deletions(-) diff --git a/packages/whook-oauth2/README.md b/packages/whook-oauth2/README.md index 977e1535..b177e31c 100644 --- a/packages/whook-oauth2/README.md +++ b/packages/whook-oauth2/README.md @@ -67,7 +67,6 @@ Declare this module types in your `src/whook.d.ts` type definitions: ```diff +import type { -+ AuthCookiesEnv, + OAuth2Config, +} from '@whook/oauth2'; @@ -75,13 +74,6 @@ Declare this module types in your `src/whook.d.ts` type definitions: declare module 'application-services' { - export interface AppEnvVars - extends BaseAppEnvVars, - WhookBaseEnv, - // (...) -+ AuthCookiesEnv, - WhookSwaggerUIEnv {} - // (...) export interface AppConfig diff --git a/packages/whook-oauth2/src/index.ts b/packages/whook-oauth2/src/index.ts index e87de95c..36741130 100644 --- a/packages/whook-oauth2/src/index.ts +++ b/packages/whook-oauth2/src/index.ts @@ -49,7 +49,6 @@ import initAuthCookiesService, { AUTH_API_PREFIX, } from './services/authCookies.js'; import type { - AuthCookiesEnv, AuthCookiesConfig, AuthCookiesService, AuthCookiesData, @@ -65,7 +64,6 @@ export type { OAuth2GranterService, OAuth2Options, OAuth2Config, - AuthCookiesEnv, AuthCookiesConfig, AuthCookiesService, AuthCookiesData, diff --git a/packages/whook-oauth2/src/services/authCookies.test.ts b/packages/whook-oauth2/src/services/authCookies.test.ts index 182d6b2b..f65cc884 100644 --- a/packages/whook-oauth2/src/services/authCookies.test.ts +++ b/packages/whook-oauth2/src/services/authCookies.test.ts @@ -5,13 +5,11 @@ import type { AuthCookiesConfig } from './authCookies.js'; describe('authCookies', () => { describe('.build()', () => { test('should work with new auth data', async () => { - const ENV = {}; const COOKIES: AuthCookiesConfig['COOKIES'] = { domain: 'api.example.com', }; const authCookies = await initAuthCookies({ - ENV, COOKIES, }); @@ -29,13 +27,11 @@ describe('authCookies', () => { }); test('should allow to reset auth data', async () => { - const ENV = {}; const COOKIES: AuthCookiesConfig['COOKIES'] = { domain: 'api.example.com', }; const authCookies = await initAuthCookies({ - ENV, COOKIES, }); @@ -52,15 +48,14 @@ describe('authCookies', () => { `); }); }); + describe('.parse()', () => { test('should work with no cookies', async () => { - const ENV = {}; const COOKIES: AuthCookiesConfig['COOKIES'] = { domain: 'api.example.com', }; const authCookies = await initAuthCookies({ - ENV, COOKIES, }); @@ -68,14 +63,13 @@ describe('authCookies', () => { expect(result).toMatchInlineSnapshot(`{}`); }); + test('should work with cookies', async () => { - const ENV = {}; const COOKIES: AuthCookiesConfig['COOKIES'] = { domain: 'api.example.com', }; const authCookies = await initAuthCookies({ - ENV, COOKIES, }); diff --git a/packages/whook-oauth2/src/services/authCookies.ts b/packages/whook-oauth2/src/services/authCookies.ts index dbf3d03e..379c6e4b 100644 --- a/packages/whook-oauth2/src/services/authCookies.ts +++ b/packages/whook-oauth2/src/services/authCookies.ts @@ -1,10 +1,10 @@ import ms from 'ms'; -import cookie from 'cookie'; +import cookie, { CookieSerializeOptions } from 'cookie'; import { autoService } from 'knifecycle'; import type { BaseAuthenticationData } from '@whook/authorization'; +import { Jsonify } from 'type-fest'; export const AUTH_API_PREFIX = '/auth'; -export const DEFAULT_COOKIES_ENV = {}; export type AuthHandlersConfig< AUTHENTICATION_DATA extends BaseAuthenticationData = BaseAuthenticationData, @@ -12,19 +12,12 @@ export type AuthHandlersConfig< ROOT_AUTHENTICATION_DATA: AUTHENTICATION_DATA; }; -export type AuthCookiesEnv = { - DEV_MODE?: string; -}; export type AuthCookiesConfig = { - COOKIES: { - domain: string; - }; + COOKIES: Jsonify>; BASE_PATH?: string; }; -export type AuthCookiesDependencies = AuthCookiesConfig & { - ENV?: AuthCookiesEnv; -}; +export type AuthCookiesDependencies = AuthCookiesConfig; export type AuthCookiesData = { refresh_token: string; @@ -42,7 +35,6 @@ export type AuthCookiesService = { export default autoService(initAuthCookies); async function initAuthCookies({ - ENV = DEFAULT_COOKIES_ENV, COOKIES, BASE_PATH = '', }: AuthCookiesDependencies): Promise { @@ -51,17 +43,17 @@ async function initAuthCookies({ cookie.serialize('access_token', data.access_token || '', { path: BASE_PATH + AUTH_API_PREFIX, httpOnly: true, - domain: ENV.DEV_MODE ? undefined : COOKIES.domain, - secure: !ENV.DEV_MODE, - ...(ENV.DEV_MODE ? {} : { sameSite: true }), + sameSite: true, + secure: true, + ...COOKIES, ...(data.access_token ? {} : { maxAge: 0 }), }), cookie.serialize('refresh_token', data.refresh_token || '', { path: BASE_PATH + AUTH_API_PREFIX, httpOnly: true, - domain: ENV.DEV_MODE ? undefined : COOKIES.domain, - secure: !ENV.DEV_MODE, - ...(ENV.DEV_MODE ? {} : { sameSite: true }), + sameSite: true, + secure: true, + ...COOKIES, ...(session ? {} : { maxAge: Math.round(ms('100y') / 1000) }), }), ];