-
Notifications
You must be signed in to change notification settings - Fork 996
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dc-dbau…
…th-mw-auth * 'main' of github.com:redwoodjs/redwood: (21 commits) fix(auth): Handle when authorization header is lowercased (#10442) Update rbac.md - code match (#10405) chore: make crwa e2e test work across branches (#10437) feat: [Auth] Common AuthProvider & use* changes for middleware auth (#10420) fix(cli): only show webpack options for dev if `bundler = "webpack"` (#10359) fix(vercel): specify build env vars as a string (#10436) fix(vercel): write `vercel.json` as a part of setup (#10355) fix(middleware): Handle POST requests in middleware router too (#10418) chore(ci): get ci running on next (#10432) RSC: Explain noExternal vite config option (#10429) chore(web): Fix .d.ts overwrite build issue (#10431) chore(web): .js imports to prep for ESM (#10430) chore(refactor): Split rwjs/forms up into several smaller logical units (#10428) chore(rsc): simplify `noExternals` config (#10220) chore(deps): Update vite to 5.2.8 (#10427) chore(auth): Convert `@redwoodjs/auth` to ESM+CJS dual build (#10417) chore(framework-tools): Warn about missing metafile (#10426) chore(test): Switch rwjs/auth over to vitest (#10423) chore(whatwg-fetch): Switch to importing instead of requiring (#10424) chore(deps): bump undici from 5.28.3 to 5.28.4 in /.github/actions/check_changesets (#10421) ...
- Loading branch information
Showing
89 changed files
with
1,690 additions
and
1,201 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
- fix(vercel): write `vercel.json` as a part of setup (#10355) by @jtoar | ||
|
||
This PR smooths initial deploys to Vercel by writing a `vercel.json` file that specifies an env var that enables Corepack. Users that already successfully deploy to Vercel don't need to introduce this file. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
- fix(cli): only show webpack options for dev if `bundler = "webpack"` (#10359) by @jtoar | ||
|
||
A few flags for `yarn rw dev` don't apply to Vite but are shown nevertheless. One of them, `watchNodeModules`, is legacy at this point. It's only useful for testing out framework changes on a project using webpack. It makes the webpack dev server reload on changes to node_modules. The other, `forward` (aliased `fwd`) isn't fundamentally Webpack specific, but has been broken for quite a while because the fix is nontrivial. It seems better to hide these flags for now, otherwise we're just advertising broken or no-op behavior. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
- fix(middleware): Handle POST requests in middleware router too (#10418) by @dac09 | ||
|
||
Fixes issue with middleware router not accepted POST requests. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
- feat: [Auth] Common AuthProvider & use* changes for middleware auth #10420 by @dac09 and @dthyresson | ||
|
||
* First step of supporting Auth using middleware | ||
* Ensure backwards compatibility with non-SSR auth | ||
|
||
### Breaking Change | ||
|
||
Removes `skipFetchCurrentUser` which was used by the no longer existing nHost auth provider, but could potentially have been used by custom auth. | ||
|
||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
- fix(auth): Handle when authorization header is lowercased (#10442) by @dac09 | ||
Handles when 'authorization' header is lowercased, and adds some extra tests. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,6 +32,7 @@ | |
"memfs", | ||
"opentelemetry", | ||
"pino", | ||
"Pistorius", | ||
"redwoodjs", | ||
"RWJS", | ||
"tailwindcss", | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
70 changes: 70 additions & 0 deletions
70
packages/api/src/auth/__tests__/parseAuthorizationHeader.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
import type { APIGatewayProxyEvent } from 'aws-lambda' | ||
import { test, expect, describe } from 'vitest' | ||
|
||
import { parseAuthorizationHeader } from '../index' | ||
|
||
describe('parseAuthorizationHeader', () => { | ||
test('throws error if Authorization header is not valid', () => { | ||
const invalidHeaders = [ | ||
undefined, | ||
null, | ||
'', | ||
'Bearer', | ||
'Bearer ', | ||
'Bearer token with spaces', | ||
'Token', | ||
'Token ', | ||
'Token token with spaces', | ||
] | ||
|
||
invalidHeaders.forEach((header) => { | ||
expect(() => | ||
// @ts-expect-error That's what we're testing | ||
parseAuthorizationHeader({ headers: { Authorization: header } }), | ||
).toThrowError('The `Authorization` header is not valid.') | ||
}) | ||
}) | ||
|
||
test('returns the schema and token from valid Authorization header', () => { | ||
const validHeaders = [ | ||
'Bearer token', | ||
'Bearer 12345', | ||
'Token token', | ||
'Token 12345', | ||
] | ||
|
||
validHeaders.forEach((header) => { | ||
// We only care about the headers in the event | ||
const result = parseAuthorizationHeader({ | ||
headers: { Authorization: header }, | ||
} as unknown as APIGatewayProxyEvent) | ||
|
||
expect(result).toEqual({ | ||
schema: header.split(' ')[0], | ||
token: header.split(' ')[1], | ||
}) | ||
}) | ||
}) | ||
|
||
test('Handles different lower-casing of the authorization header', () => { | ||
const result = parseAuthorizationHeader({ | ||
headers: { authorization: 'Bearer bazinga' }, | ||
} as unknown as APIGatewayProxyEvent) | ||
|
||
expect(result).toEqual({ | ||
schema: 'Bearer', | ||
token: 'bazinga', | ||
}) | ||
}) | ||
|
||
test('Handles different capital-casing of the Authorization header', () => { | ||
const result = parseAuthorizationHeader({ | ||
headers: { Authorization: 'Bearer bazinga' }, | ||
} as unknown as APIGatewayProxyEvent) | ||
|
||
expect(result).toEqual({ | ||
schema: 'Bearer', | ||
token: 'bazinga', | ||
}) | ||
}) | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
import { renameSync, writeFileSync } from 'node:fs' | ||
|
||
import { build, defaultBuildOptions } from '@redwoodjs/framework-tools' | ||
|
||
// ESM build | ||
await build({ | ||
buildOptions: { | ||
...defaultBuildOptions, | ||
tsconfig: 'tsconfig.build-esm.json', | ||
format: 'esm', | ||
outdir: 'dist/esm', | ||
packages: 'external', | ||
}, | ||
}) | ||
|
||
// CJS build | ||
await build({ | ||
buildOptions: { | ||
...defaultBuildOptions, | ||
tsconfig: 'tsconfig.build.json', | ||
packages: 'external', | ||
}, | ||
}) | ||
|
||
// Because the package.json files has `type: module` the CJS entry file can't | ||
// be named `index.js` because in that case it would be treated as an ESM file. | ||
// By changing it to .cjs it will be treated as a CommonJS file. | ||
renameSync('dist/index.js', 'dist/index.cjs') | ||
|
||
// Place a package.json file with `type: commonjs` in the dist folder so that | ||
// all .js files are treated as CommonJS files. | ||
writeFileSync('dist/package.json', JSON.stringify({ type: 'commonjs' })) | ||
|
||
// Place a package.json file with `type: module` in the dist/esm folder so that | ||
// all .js files are treated as ES Module files. | ||
writeFileSync('dist/esm/package.json', JSON.stringify({ type: 'module' })) |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
declare module 'whatwg-fetch' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.