@commercetools-backend/express 24.11.0 → 24.12.0

package/dist/commercetools-backend-express.cjs.dev.js

@@ -3,6 +3,7 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 
 var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
+var _concatInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/concat');
 var _Map = require('@babel/runtime-corejs3/core-js-stable/map');
 var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
 var jose = require('jose');
@@ -14,6 +15,7 @@ var _Array$isArray = require('@babel/runtime-corejs3/core-js-stable/array/is-arr
 function _interopDefault (e) { return e && e.__esModule ? e : { 'default': e }; }
 
 var _URL__default = /*#__PURE__*/_interopDefault(_URL);
+var _concatInstanceProperty__default = /*#__PURE__*/_interopDefault(_concatInstanceProperty);
 var _Map__default = /*#__PURE__*/_interopDefault(_Map);
 var _startsWithInstanceProperty__default = /*#__PURE__*/_interopDefault(_startsWithInstanceProperty);
 var _findInstanceProperty__default = /*#__PURE__*/_interopDefault(_findInstanceProperty);
@@ -79,14 +81,14 @@ const getFirstHeaderValueOrThrow = (headers, headerKey, errorMessage) => {
 
 // Assign a session object to the request object.
 const writeSessionContext = (request, verifiedToken) => {
-  const publicClaimForProjectKey = `${verifiedToken.iss}/claims/project_key`;
-  const publicClaimForUserPermissionsKey = `${verifiedToken.iss}/claims/user_permissions`;
+  const publicClaimForProjectKey = "".concat(verifiedToken.iss, "/claims/project_key");
+  const publicClaimForUserPermissionsKey = "".concat(verifiedToken.iss, "/claims/user_permissions");
   request.session = {
     userId: verifiedToken.sub,
     projectKey: verifiedToken[publicClaimForProjectKey]
   };
   const userPermissions = verifiedToken[publicClaimForUserPermissionsKey];
-  if (Boolean(userPermissions?.length)) {
+  if (Boolean(userPermissions === null || userPermissions === void 0 ? void 0 : userPermissions.length)) {
     request.session.userPermissions = userPermissions;
   }
 };
@@ -130,16 +132,16 @@ const throwIfIssuerIsNotAValidUrl = issuer => {
   try {
     new _URL__default["default"](issuer);
   } catch (error) {
-    throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
+    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames."));
   }
 };
 // Validates required option values.
 const validateRequiredValues = options => {
   if (!options.audience) {
-    throw new Error(`Missing required option "audience"`);
+    throw new Error("Missing required option \"audience\"");
   }
   if (!options.issuer) {
-    throw new Error(`Missing required option "issuer"`);
+    throw new Error("Missing required option \"issuer\"");
   }
 };
 // Attempt to parse the given issuer. If the value is a cloud identifier, it will
@@ -157,17 +159,19 @@ const getConfiguredDefaultIssuer = options => {
 // If the request path is `/`, do not append it to the audience, otherwise
 // the token validation might fail because of mismatching audiences.
 const getConfiguredAudience = (options, requestPath) => {
+  var _context;
   // remove the trailing slash
-  const url = new _URL__default["default"](`${options.audience.replace(/\/?$/, '')}${requestPath}`);
+  const url = new _URL__default["default"](_concatInstanceProperty__default["default"](_context = "".concat(options.audience.replace(/\/?$/, ''))).call(_context, requestPath));
   switch (options.audiencePolicy) {
     case 'forward-url-origin':
       return url.origin;
     default:
       {
+        var _context2;
         if (requestPath === '/') {
           return url.origin;
         }
-        return `${url.origin}${url.pathname}`;
+        return _concatInstanceProperty__default["default"](_context2 = "".concat(url.origin)).call(_context2, url.pathname);
       }
   }
 };
@@ -177,7 +181,7 @@ function getJwksClientByIssuer(issuer) {
   if (client) {
     return client;
   }
-  const newClient = jose.createRemoteJWKSet(new _URL__default["default"](`/.well-known/jwks.json`, issuer));
+  const newClient = jose.createRemoteJWKSet(new _URL__default["default"]("/.well-known/jwks.json", issuer));
   jwksClientByIssuer.set(issuer, newClient);
   return newClient;
 }
@@ -187,25 +191,27 @@ function createSessionAuthVerifier(options) {
 
   // Returns an async HTTP handler.
   return async request => {
+    var _mapCloudIdentifierTo, _request$originalUrl;
     // Get the cloud identifier header, forwarded by the `/proxy/forward-to` endpoint.
-    const cloudIdentifierHeader = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.CLOUD_IDENTIFIER, `Missing "X-MC-API-Cloud-Identifier" header.`);
-    let issuer = options.inferIssuer && cloudIdentifierHeader ? mapCloudIdentifierToIssuer(cloudIdentifierHeader) ?? configuredDefaultIssuer : configuredDefaultIssuer;
+    const cloudIdentifierHeader = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.CLOUD_IDENTIFIER, "Missing \"X-MC-API-Cloud-Identifier\" header.");
+    let issuer = options.inferIssuer && cloudIdentifierHeader ? (_mapCloudIdentifierTo = mapCloudIdentifierToIssuer(cloudIdentifierHeader)) !== null && _mapCloudIdentifierTo !== void 0 ? _mapCloudIdentifierTo : configuredDefaultIssuer : configuredDefaultIssuer;
 
     // Get the `Accept-version` header, forwarded by the `/proxy/forward-to` endpoint.
     // The version should be sent by the client making the request, to use the features of v2.
-    const proxyForwardVersion = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.FORWARD_TO_VERSION, `Missing "X-MC-API-Forward-To-Version" header.`);
+    const proxyForwardVersion = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.FORWARD_TO_VERSION, "Missing \"X-MC-API-Forward-To-Version\" header.");
     if (proxyForwardVersion === 'v1') {
+      var _mapToLegacyIssuer;
       // Fall back to legacy issuer domains
-      issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
+      issuer = (_mapToLegacyIssuer = mapToLegacyIssuer(cloudIdentifierHeader)) !== null && _mapToLegacyIssuer !== void 0 ? _mapToLegacyIssuer : issuer;
     }
-    const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
+    const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
     if (!requestUrlPath || !_startsWithInstanceProperty__default["default"](requestUrlPath).call(requestUrlPath, '/')) {
-      throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
+      throw new Error("Invalid request URI path \"".concat(requestUrlPath, "\". Please make sure that the \"request\" object has either a property \"originalUrl\" or \"url\". If not, you should implement the \"getRequestUrl\" function and make sure to return a valid URI path value starting with \"/\". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token"));
     }
     const audience = getConfiguredAudience(options, requestUrlPath);
     const authorizationHeader = request.headers['authorization'];
     if (typeof authorizationHeader !== 'string') {
-      throw new Error(`Missing "authorization" header`);
+      throw new Error("Missing \"authorization\" header");
     }
     const exchangeToken = authorizationHeader.replace(/^Bearer (.*)$/, '$1');
     const jwksClient = getJwksClientByIssuer(issuer);

package/dist/commercetools-backend-express.cjs.prod.js

@@ -3,6 +3,7 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 
 var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
+var _concatInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/concat');
 var _Map = require('@babel/runtime-corejs3/core-js-stable/map');
 var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
 var jose = require('jose');
@@ -14,6 +15,7 @@ var _Array$isArray = require('@babel/runtime-corejs3/core-js-stable/array/is-arr
 function _interopDefault (e) { return e && e.__esModule ? e : { 'default': e }; }
 
 var _URL__default = /*#__PURE__*/_interopDefault(_URL);
+var _concatInstanceProperty__default = /*#__PURE__*/_interopDefault(_concatInstanceProperty);
 var _Map__default = /*#__PURE__*/_interopDefault(_Map);
 var _startsWithInstanceProperty__default = /*#__PURE__*/_interopDefault(_startsWithInstanceProperty);
 var _findInstanceProperty__default = /*#__PURE__*/_interopDefault(_findInstanceProperty);
@@ -79,14 +81,14 @@ const getFirstHeaderValueOrThrow = (headers, headerKey, errorMessage) => {
 
 // Assign a session object to the request object.
 const writeSessionContext = (request, verifiedToken) => {
-  const publicClaimForProjectKey = `${verifiedToken.iss}/claims/project_key`;
-  const publicClaimForUserPermissionsKey = `${verifiedToken.iss}/claims/user_permissions`;
+  const publicClaimForProjectKey = "".concat(verifiedToken.iss, "/claims/project_key");
+  const publicClaimForUserPermissionsKey = "".concat(verifiedToken.iss, "/claims/user_permissions");
   request.session = {
     userId: verifiedToken.sub,
     projectKey: verifiedToken[publicClaimForProjectKey]
   };
   const userPermissions = verifiedToken[publicClaimForUserPermissionsKey];
-  if (Boolean(userPermissions?.length)) {
+  if (Boolean(userPermissions === null || userPermissions === void 0 ? void 0 : userPermissions.length)) {
     request.session.userPermissions = userPermissions;
   }
 };
@@ -130,16 +132,16 @@ const throwIfIssuerIsNotAValidUrl = issuer => {
   try {
     new _URL__default["default"](issuer);
   } catch (error) {
-    throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
+    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames."));
   }
 };
 // Validates required option values.
 const validateRequiredValues = options => {
   if (!options.audience) {
-    throw new Error(`Missing required option "audience"`);
+    throw new Error("Missing required option \"audience\"");
   }
   if (!options.issuer) {
-    throw new Error(`Missing required option "issuer"`);
+    throw new Error("Missing required option \"issuer\"");
   }
 };
 // Attempt to parse the given issuer. If the value is a cloud identifier, it will
@@ -157,17 +159,19 @@ const getConfiguredDefaultIssuer = options => {
 // If the request path is `/`, do not append it to the audience, otherwise
 // the token validation might fail because of mismatching audiences.
 const getConfiguredAudience = (options, requestPath) => {
+  var _context;
   // remove the trailing slash
-  const url = new _URL__default["default"](`${options.audience.replace(/\/?$/, '')}${requestPath}`);
+  const url = new _URL__default["default"](_concatInstanceProperty__default["default"](_context = "".concat(options.audience.replace(/\/?$/, ''))).call(_context, requestPath));
   switch (options.audiencePolicy) {
     case 'forward-url-origin':
       return url.origin;
     default:
       {
+        var _context2;
         if (requestPath === '/') {
           return url.origin;
         }
-        return `${url.origin}${url.pathname}`;
+        return _concatInstanceProperty__default["default"](_context2 = "".concat(url.origin)).call(_context2, url.pathname);
       }
   }
 };
@@ -177,7 +181,7 @@ function getJwksClientByIssuer(issuer) {
   if (client) {
     return client;
   }
-  const newClient = jose.createRemoteJWKSet(new _URL__default["default"](`/.well-known/jwks.json`, issuer));
+  const newClient = jose.createRemoteJWKSet(new _URL__default["default"]("/.well-known/jwks.json", issuer));
   jwksClientByIssuer.set(issuer, newClient);
   return newClient;
 }
@@ -187,25 +191,27 @@ function createSessionAuthVerifier(options) {
 
   // Returns an async HTTP handler.
   return async request => {
+    var _mapCloudIdentifierTo, _request$originalUrl;
     // Get the cloud identifier header, forwarded by the `/proxy/forward-to` endpoint.
-    const cloudIdentifierHeader = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.CLOUD_IDENTIFIER, `Missing "X-MC-API-Cloud-Identifier" header.`);
-    let issuer = options.inferIssuer && cloudIdentifierHeader ? mapCloudIdentifierToIssuer(cloudIdentifierHeader) ?? configuredDefaultIssuer : configuredDefaultIssuer;
+    const cloudIdentifierHeader = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.CLOUD_IDENTIFIER, "Missing \"X-MC-API-Cloud-Identifier\" header.");
+    let issuer = options.inferIssuer && cloudIdentifierHeader ? (_mapCloudIdentifierTo = mapCloudIdentifierToIssuer(cloudIdentifierHeader)) !== null && _mapCloudIdentifierTo !== void 0 ? _mapCloudIdentifierTo : configuredDefaultIssuer : configuredDefaultIssuer;
 
     // Get the `Accept-version` header, forwarded by the `/proxy/forward-to` endpoint.
     // The version should be sent by the client making the request, to use the features of v2.
-    const proxyForwardVersion = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.FORWARD_TO_VERSION, `Missing "X-MC-API-Forward-To-Version" header.`);
+    const proxyForwardVersion = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.FORWARD_TO_VERSION, "Missing \"X-MC-API-Forward-To-Version\" header.");
     if (proxyForwardVersion === 'v1') {
+      var _mapToLegacyIssuer;
       // Fall back to legacy issuer domains
-      issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
+      issuer = (_mapToLegacyIssuer = mapToLegacyIssuer(cloudIdentifierHeader)) !== null && _mapToLegacyIssuer !== void 0 ? _mapToLegacyIssuer : issuer;
     }
-    const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
+    const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
     if (!requestUrlPath || !_startsWithInstanceProperty__default["default"](requestUrlPath).call(requestUrlPath, '/')) {
-      throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
+      throw new Error("Invalid request URI path \"".concat(requestUrlPath, "\". Please make sure that the \"request\" object has either a property \"originalUrl\" or \"url\". If not, you should implement the \"getRequestUrl\" function and make sure to return a valid URI path value starting with \"/\". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token"));
     }
     const audience = getConfiguredAudience(options, requestUrlPath);
     const authorizationHeader = request.headers['authorization'];
     if (typeof authorizationHeader !== 'string') {
-      throw new Error(`Missing "authorization" header`);
+      throw new Error("Missing \"authorization\" header");
     }
     const exchangeToken = authorizationHeader.replace(/^Bearer (.*)$/, '$1');
     const jwksClient = getJwksClientByIssuer(issuer);

package/dist/commercetools-backend-express.esm.js

@@ -1,4 +1,5 @@
 import _URL from '@babel/runtime-corejs3/core-js-stable/url';
+import _concatInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/concat';
 import _Map from '@babel/runtime-corejs3/core-js-stable/map';
 import _startsWithInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/starts-with';
 import { jwtVerify, createRemoteJWKSet } from 'jose';
@@ -66,14 +67,14 @@ const getFirstHeaderValueOrThrow = (headers, headerKey, errorMessage) => {
 
 // Assign a session object to the request object.
 const writeSessionContext = (request, verifiedToken) => {
-  const publicClaimForProjectKey = `${verifiedToken.iss}/claims/project_key`;
-  const publicClaimForUserPermissionsKey = `${verifiedToken.iss}/claims/user_permissions`;
+  const publicClaimForProjectKey = "".concat(verifiedToken.iss, "/claims/project_key");
+  const publicClaimForUserPermissionsKey = "".concat(verifiedToken.iss, "/claims/user_permissions");
   request.session = {
     userId: verifiedToken.sub,
     projectKey: verifiedToken[publicClaimForProjectKey]
   };
   const userPermissions = verifiedToken[publicClaimForUserPermissionsKey];
-  if (Boolean(userPermissions?.length)) {
+  if (Boolean(userPermissions === null || userPermissions === void 0 ? void 0 : userPermissions.length)) {
     request.session.userPermissions = userPermissions;
   }
 };
@@ -117,16 +118,16 @@ const throwIfIssuerIsNotAValidUrl = issuer => {
   try {
     new _URL(issuer);
   } catch (error) {
-    throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
+    throw new Error("Invalid issuer URL \"".concat(issuer, "\". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames."));
   }
 };
 // Validates required option values.
 const validateRequiredValues = options => {
   if (!options.audience) {
-    throw new Error(`Missing required option "audience"`);
+    throw new Error("Missing required option \"audience\"");
   }
   if (!options.issuer) {
-    throw new Error(`Missing required option "issuer"`);
+    throw new Error("Missing required option \"issuer\"");
   }
 };
 // Attempt to parse the given issuer. If the value is a cloud identifier, it will
@@ -144,17 +145,19 @@ const getConfiguredDefaultIssuer = options => {
 // If the request path is `/`, do not append it to the audience, otherwise
 // the token validation might fail because of mismatching audiences.
 const getConfiguredAudience = (options, requestPath) => {
+  var _context;
   // remove the trailing slash
-  const url = new _URL(`${options.audience.replace(/\/?$/, '')}${requestPath}`);
+  const url = new _URL(_concatInstanceProperty(_context = "".concat(options.audience.replace(/\/?$/, ''))).call(_context, requestPath));
   switch (options.audiencePolicy) {
     case 'forward-url-origin':
       return url.origin;
     default:
       {
+        var _context2;
         if (requestPath === '/') {
           return url.origin;
         }
-        return `${url.origin}${url.pathname}`;
+        return _concatInstanceProperty(_context2 = "".concat(url.origin)).call(_context2, url.pathname);
       }
   }
 };
@@ -164,7 +167,7 @@ function getJwksClientByIssuer(issuer) {
   if (client) {
     return client;
   }
-  const newClient = createRemoteJWKSet(new _URL(`/.well-known/jwks.json`, issuer));
+  const newClient = createRemoteJWKSet(new _URL("/.well-known/jwks.json", issuer));
   jwksClientByIssuer.set(issuer, newClient);
   return newClient;
 }
@@ -174,25 +177,27 @@ function createSessionAuthVerifier(options) {
 
   // Returns an async HTTP handler.
   return async request => {
+    var _mapCloudIdentifierTo, _request$originalUrl;
     // Get the cloud identifier header, forwarded by the `/proxy/forward-to` endpoint.
-    const cloudIdentifierHeader = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.CLOUD_IDENTIFIER, `Missing "X-MC-API-Cloud-Identifier" header.`);
-    let issuer = options.inferIssuer && cloudIdentifierHeader ? mapCloudIdentifierToIssuer(cloudIdentifierHeader) ?? configuredDefaultIssuer : configuredDefaultIssuer;
+    const cloudIdentifierHeader = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.CLOUD_IDENTIFIER, "Missing \"X-MC-API-Cloud-Identifier\" header.");
+    let issuer = options.inferIssuer && cloudIdentifierHeader ? (_mapCloudIdentifierTo = mapCloudIdentifierToIssuer(cloudIdentifierHeader)) !== null && _mapCloudIdentifierTo !== void 0 ? _mapCloudIdentifierTo : configuredDefaultIssuer : configuredDefaultIssuer;
 
     // Get the `Accept-version` header, forwarded by the `/proxy/forward-to` endpoint.
     // The version should be sent by the client making the request, to use the features of v2.
-    const proxyForwardVersion = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.FORWARD_TO_VERSION, `Missing "X-MC-API-Forward-To-Version" header.`);
+    const proxyForwardVersion = getFirstHeaderValueOrThrow(request.headers, MC_API_PROXY_HEADERS.FORWARD_TO_VERSION, "Missing \"X-MC-API-Forward-To-Version\" header.");
     if (proxyForwardVersion === 'v1') {
+      var _mapToLegacyIssuer;
       // Fall back to legacy issuer domains
-      issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
+      issuer = (_mapToLegacyIssuer = mapToLegacyIssuer(cloudIdentifierHeader)) !== null && _mapToLegacyIssuer !== void 0 ? _mapToLegacyIssuer : issuer;
     }
-    const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
+    const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : (_request$originalUrl = request.originalUrl) !== null && _request$originalUrl !== void 0 ? _request$originalUrl : request.url;
     if (!requestUrlPath || !_startsWithInstanceProperty(requestUrlPath).call(requestUrlPath, '/')) {
-      throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
+      throw new Error("Invalid request URI path \"".concat(requestUrlPath, "\". Please make sure that the \"request\" object has either a property \"originalUrl\" or \"url\". If not, you should implement the \"getRequestUrl\" function and make sure to return a valid URI path value starting with \"/\". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token"));
     }
     const audience = getConfiguredAudience(options, requestUrlPath);
     const authorizationHeader = request.headers['authorization'];
     if (typeof authorizationHeader !== 'string') {
-      throw new Error(`Missing "authorization" header`);
+      throw new Error("Missing \"authorization\" header");
     }
     const exchangeToken = authorizationHeader.replace(/^Bearer (.*)$/, '$1');
     const jwksClient = getJwksClientByIssuer(issuer);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@commercetools-backend/express",
-  "version": "24.11.0",
+  "version": "24.12.0",
   "description": "Zero-config HTTP server as Express.js to facilitate development",
   "bugs": "https://github.com/commercetools/merchant-center-application-kit/issues",
   "repository": {