@commercetools-backend/express 21.0.0 → 21.3.0

package/README.md

@@ -41,7 +41,7 @@ app.use((request, response, next) => {
 
 - `audience` (_string_): The public-facing URL of your API server. The value should only contain the origin URL (protocol, hostname, port), the request path is inferred from the incoming request.
 
-- `issuer` (_string_): Either a cloud identifier or a valid URL to the Merchant Center API Gateway. The cloud identifier maps to the Merchant Center API URL of the related [cloud region](https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#cloud-regions).
+- `issuer` (_string_): Either a cloud identifier or a valid URL to the Merchant Center API Gateway. The cloud identifier maps to the Merchant Center API URL of the related [cloud region](https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#cloud-regions).
 
   - `gcp-au`: `https://mc-api.australia-southeast1.gcp.commercetools.com`
   - `gcp-eu`: `https://mc-api.europe-west1.gcp.commercetools.com`

package/dist/commercetools-backend-express.cjs.dev.js

@@ -86,7 +86,7 @@ var writeSessionContext = function writeSessionContext(request) {
 }; // Given a cloud identifier, try to map it to one of the supported
 // environments and return the MC API URL for that environment.
 // The URL points to the new hostnames.
-// https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#hostnames
+// https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#hostnames
 
 
 var mapCloudIdentifierToIssuer = function mapCloudIdentifierToIssuer(issuer) {
@@ -111,7 +111,6 @@ var mapCloudIdentifierToIssuer = function mapCloudIdentifierToIssuer(issuer) {
   }
 }; // Given a cloud identifier, try to map it to a legacy hostname.
 // This is for backwards compatibility.
-// https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#legacy-hostnames
 
 
 var mapToLegacyIssuer = function mapToLegacyIssuer(cloudIdentifier) {
@@ -132,7 +131,7 @@ var throwIfIssuerIsNotAValidUrl = function throwIfIssuerIsNotAValidUrl(issuer) {
   try {
     new _URL__default["default"](issuer);
   } catch (error) {
-    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#hostnames."));
+    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#hostnames."));
   }
 }; // Validates required option values.
 
@@ -200,10 +199,18 @@ function createSessionAuthVerifier(options) {
               if (proxyForwardVersion === 'v1') {
                 // Fall back to legacy issuer domains
                 issuer = (_mapToLegacyIssuer = mapToLegacyIssuer(cloudIdentifierHeader)) !== null && _mapToLegacyIssuer !== void 0 ? _mapToLegacyIssuer : issuer;
-              } // @ts-ignore: the node HTTP request does not know about `originalUrl`
+              }
 
+              requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
 
-              requestUrlPath = (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
+              if (requestUrlPath) {
+                _context3.next = 7;
+                break;
+              }
+
+              throw new Error('Invalid request URI path. Please make sure that the `request` object has either a property `originalUrl` or `url`. If not, you should implement the `getRequestUrl` function. More info at https://docs.commercetools.com/custom-applications/concepts/integrate-with-your-own-api#validating-the-json-web-token');
+
+            case 7:
               audience = getConfiguredAudience(options, requestUrlPath);
               return _context3.abrupt("return", new _Promise__default["default"](function (resolve, reject) {
                 expressJwtMiddleware__default["default"]({
@@ -224,7 +231,7 @@ function createSessionAuthVerifier(options) {
                   issuer: issuer,
                   algorithms: ['RS256'] // @ts-ignore: the middleware expects an Express.js Request/Response objects
 
-                })(request, response, function (error) {
+                })(request, response !== null && response !== void 0 ? response : {}, function (error) {
                   if (error) {
                     reject(error);
                   } else {
@@ -236,7 +243,7 @@ function createSessionAuthVerifier(options) {
                 });
               }));
 
-            case 7:
+            case 9:
             case "end":
               return _context3.stop();
           }

package/dist/commercetools-backend-express.cjs.prod.js

@@ -86,7 +86,7 @@ var writeSessionContext = function writeSessionContext(request) {
 }; // Given a cloud identifier, try to map it to one of the supported
 // environments and return the MC API URL for that environment.
 // The URL points to the new hostnames.
-// https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#hostnames
+// https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#hostnames
 
 
 var mapCloudIdentifierToIssuer = function mapCloudIdentifierToIssuer(issuer) {
@@ -111,7 +111,6 @@ var mapCloudIdentifierToIssuer = function mapCloudIdentifierToIssuer(issuer) {
   }
 }; // Given a cloud identifier, try to map it to a legacy hostname.
 // This is for backwards compatibility.
-// https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#legacy-hostnames
 
 
 var mapToLegacyIssuer = function mapToLegacyIssuer(cloudIdentifier) {
@@ -132,7 +131,7 @@ var throwIfIssuerIsNotAValidUrl = function throwIfIssuerIsNotAValidUrl(issuer) {
   try {
     new _URL__default["default"](issuer);
   } catch (error) {
-    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#hostnames."));
+    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#hostnames."));
   }
 }; // Validates required option values.
 
@@ -200,10 +199,18 @@ function createSessionAuthVerifier(options) {
               if (proxyForwardVersion === 'v1') {
                 // Fall back to legacy issuer domains
                 issuer = (_mapToLegacyIssuer = mapToLegacyIssuer(cloudIdentifierHeader)) !== null && _mapToLegacyIssuer !== void 0 ? _mapToLegacyIssuer : issuer;
-              } // @ts-ignore: the node HTTP request does not know about `originalUrl`
+              }
 
+              requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
 
-              requestUrlPath = (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
+              if (requestUrlPath) {
+                _context3.next = 7;
+                break;
+              }
+
+              throw new Error('Invalid request URI path. Please make sure that the `request` object has either a property `originalUrl` or `url`. If not, you should implement the `getRequestUrl` function. More info at https://docs.commercetools.com/custom-applications/concepts/integrate-with-your-own-api#validating-the-json-web-token');
+
+            case 7:
               audience = getConfiguredAudience(options, requestUrlPath);
               return _context3.abrupt("return", new _Promise__default["default"](function (resolve, reject) {
                 expressJwtMiddleware__default["default"]({
@@ -224,7 +231,7 @@ function createSessionAuthVerifier(options) {
                   issuer: issuer,
                   algorithms: ['RS256'] // @ts-ignore: the middleware expects an Express.js Request/Response objects
 
-                })(request, response, function (error) {
+                })(request, response !== null && response !== void 0 ? response : {}, function (error) {
                   if (error) {
                     reject(error);
                   } else {
@@ -236,7 +243,7 @@ function createSessionAuthVerifier(options) {
                 });
               }));
 
-            case 7:
+            case 9:
             case "end":
               return _context3.stop();
           }

package/dist/commercetools-backend-express.esm.js

@@ -64,7 +64,7 @@ var writeSessionContext = function writeSessionContext(request) {
 }; // Given a cloud identifier, try to map it to one of the supported
 // environments and return the MC API URL for that environment.
 // The URL points to the new hostnames.
-// https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#hostnames
+// https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#hostnames
 
 
 var mapCloudIdentifierToIssuer = function mapCloudIdentifierToIssuer(issuer) {
@@ -89,7 +89,6 @@ var mapCloudIdentifierToIssuer = function mapCloudIdentifierToIssuer(issuer) {
   }
 }; // Given a cloud identifier, try to map it to a legacy hostname.
 // This is for backwards compatibility.
-// https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#legacy-hostnames
 
 
 var mapToLegacyIssuer = function mapToLegacyIssuer(cloudIdentifier) {
@@ -110,7 +109,7 @@ var throwIfIssuerIsNotAValidUrl = function throwIfIssuerIsNotAValidUrl(issuer) {
   try {
     new _URL(issuer);
   } catch (error) {
-    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/custom-applications/main-concepts/api-gateway#hostnames."));
+    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/custom-applications/concepts/merchant-center-api#hostnames."));
   }
 }; // Validates required option values.
 
@@ -178,10 +177,18 @@ function createSessionAuthVerifier(options) {
               if (proxyForwardVersion === 'v1') {
                 // Fall back to legacy issuer domains
                 issuer = (_mapToLegacyIssuer = mapToLegacyIssuer(cloudIdentifierHeader)) !== null && _mapToLegacyIssuer !== void 0 ? _mapToLegacyIssuer : issuer;
-              } // @ts-ignore: the node HTTP request does not know about `originalUrl`
+              }
 
+              requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
 
-              requestUrlPath = (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
+              if (requestUrlPath) {
+                _context3.next = 7;
+                break;
+              }
+
+              throw new Error('Invalid request URI path. Please make sure that the `request` object has either a property `originalUrl` or `url`. If not, you should implement the `getRequestUrl` function. More info at https://docs.commercetools.com/custom-applications/concepts/integrate-with-your-own-api#validating-the-json-web-token');
+
+            case 7:
               audience = getConfiguredAudience(options, requestUrlPath);
               return _context3.abrupt("return", new _Promise(function (resolve, reject) {
                 expressJwtMiddleware({
@@ -202,7 +209,7 @@ function createSessionAuthVerifier(options) {
                   issuer: issuer,
                   algorithms: ['RS256'] // @ts-ignore: the middleware expects an Express.js Request/Response objects
 
-                })(request, response, function (error) {
+                })(request, response !== null && response !== void 0 ? response : {}, function (error) {
                   if (error) {
                     reject(error);
                   } else {
@@ -214,7 +221,7 @@ function createSessionAuthVerifier(options) {
                 });
               }));
 
-            case 7:
+            case 9:
             case "end":
               return _context3.stop();
           }

package/dist/declarations/src/auth.d.ts

@@ -1,6 +1,4 @@
-/// <reference types="node" />
-import type { ServerResponse, IncomingMessage } from 'http';
-import type { TSessionMiddlewareOptions } from './types';
-export declare const getConfiguredAudience: (options: TSessionMiddlewareOptions, requestPath: string) => string;
-declare function createSessionAuthVerifier<Request extends IncomingMessage, Response extends ServerResponse>(options: TSessionMiddlewareOptions): (request: Request, response: Response) => Promise<void>;
+import type { TSessionMiddlewareOptions, TBaseRequest } from './types';
+export declare const getConfiguredAudience: <Request_1 extends TBaseRequest>(options: TSessionMiddlewareOptions<Request_1>, requestPath: string) => string;
+declare function createSessionAuthVerifier<Request extends TBaseRequest>(options: TSessionMiddlewareOptions<Request>): (request: Request, response?: unknown) => Promise<void>;
 export { createSessionAuthVerifier };

package/dist/declarations/src/middlewares/session-middleware.d.ts

@@ -1,4 +1,4 @@
-import type { Request, Response, NextFunction } from 'express';
-import type { TSessionMiddlewareOptions } from '../types';
-declare function createSessionMiddleware(options: TSessionMiddlewareOptions): (request: Request, response: Response, next: NextFunction) => Promise<void>;
+import type { Response, NextFunction } from 'express';
+import type { TBaseRequest, TSessionMiddlewareOptions } from '../types';
+declare function createSessionMiddleware<Request extends TBaseRequest>(options: TSessionMiddlewareOptions<Request>): (request: Request, response: Response, next: NextFunction) => Promise<void>;
 export default createSessionMiddleware;

package/dist/declarations/src/types.d.ts

@@ -3,11 +3,17 @@ import { CLOUD_IDENTIFIERS } from './constants';
 export declare type TAudience = string;
 export declare type TIssuer = string;
 export declare type TCloudIdentifier = typeof CLOUD_IDENTIFIERS[keyof typeof CLOUD_IDENTIFIERS];
-export declare type TSessionMiddlewareOptions = {
+export interface TBaseRequest {
+    headers: Record<string, string | string[] | undefined>;
+    url?: string;
+    originalUrl?: string;
+}
+export declare type TSessionMiddlewareOptions<Request extends TBaseRequest> = {
     audience: TAudience;
     issuer: TCloudIdentifier | TIssuer;
     inferIssuer?: boolean;
     jwks?: Omit<ExpressJwtOptions, 'jwksUri'>;
+    getRequestUrl?: (request: Request) => string;
 };
 export declare type TSession = {
     userId: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@commercetools-backend/express",
-  "version": "21.0.0",
+  "version": "21.3.0",
   "description": "Zero-config HTTP server as Express.js to facilitate development",
   "bugs": "https://github.com/commercetools/merchant-center-application-kit/issues",
   "repository": {
@@ -18,15 +18,15 @@
   "module": "dist/commercetools-backend-express.esm.js",
   "files": ["dist", "package.json", "LICENSE", "README.md"],
   "dependencies": {
-    "@babel/runtime": "^7.16.7",
-    "@babel/runtime-corejs3": "^7.16.8",
-    "@types/node": "16.11.21",
-    "express": "4.17.2",
-    "express-jwt": "6.1.0",
+    "@babel/runtime": "^7.17.8",
+    "@babel/runtime-corejs3": "^7.17.8",
+    "@types/node": "16.11.26",
+    "express": "4.17.3",
+    "express-jwt": "6.1.1",
     "jwks-rsa": "2.0.5"
   },
   "devDependencies": {
     "jose": "2.0.5",
-    "msw": "0.36.5"
+    "msw": "0.39.2"
   }
 }