@commercetools-backend/express 27.5.2 → 27.5.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,7 +1,5 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
-
|
|
5
3
|
var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
|
|
6
4
|
var _Map = require('@babel/runtime-corejs3/core-js-stable/map');
|
|
7
5
|
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
|
@@ -11,7 +9,7 @@ var _findInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/insta
|
|
|
11
9
|
var _Object$entries = require('@babel/runtime-corejs3/core-js-stable/object/entries');
|
|
12
10
|
var _Array$isArray = require('@babel/runtime-corejs3/core-js-stable/array/is-array');
|
|
13
11
|
|
|
14
|
-
function _interopDefault (e) { return e && e.__esModule ? e : {
|
|
12
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
15
13
|
|
|
16
14
|
var _URL__default = /*#__PURE__*/_interopDefault(_URL);
|
|
17
15
|
var _Map__default = /*#__PURE__*/_interopDefault(_Map);
|
|
@@ -57,7 +55,7 @@ const MC_API_PROXY_HEADERS = {
|
|
|
57
55
|
|
|
58
56
|
const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
59
57
|
var _context;
|
|
60
|
-
const matchingHeader = _findInstanceProperty__default
|
|
58
|
+
const matchingHeader = _findInstanceProperty__default.default(_context = _Object$entries__default.default(headers)).call(_context, _ref => {
|
|
61
59
|
let _ref2 = _slicedToArray(_ref, 1),
|
|
62
60
|
key = _ref2[0];
|
|
63
61
|
return headerKey.toLowerCase() === key.toLowerCase();
|
|
@@ -65,7 +63,7 @@ const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
|
65
63
|
if (matchingHeader && matchingHeader.length > 0) {
|
|
66
64
|
const _matchingHeader = _slicedToArray(matchingHeader, 2),
|
|
67
65
|
headerValue = _matchingHeader[1];
|
|
68
|
-
return _Array$isArray__default
|
|
66
|
+
return _Array$isArray__default.default(headerValue) ? headerValue[0] : headerValue;
|
|
69
67
|
}
|
|
70
68
|
return undefined;
|
|
71
69
|
};
|
|
@@ -128,7 +126,7 @@ const mapToLegacyIssuer = cloudIdentifier => {
|
|
|
128
126
|
// Verifies that the issuer is a valid URL.
|
|
129
127
|
const throwIfIssuerIsNotAValidUrl = issuer => {
|
|
130
128
|
try {
|
|
131
|
-
new _URL__default
|
|
129
|
+
new _URL__default.default(issuer);
|
|
132
130
|
} catch (error) {
|
|
133
131
|
throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
|
|
134
132
|
}
|
|
@@ -158,7 +156,7 @@ const getConfiguredDefaultIssuer = options => {
|
|
|
158
156
|
// the token validation might fail because of mismatching audiences.
|
|
159
157
|
const getConfiguredAudience = (options, requestPath) => {
|
|
160
158
|
// remove the trailing slash
|
|
161
|
-
const url = new _URL__default
|
|
159
|
+
const url = new _URL__default.default(`${options.audience.replace(/\/?$/, '')}${requestPath}`);
|
|
162
160
|
switch (options.audiencePolicy) {
|
|
163
161
|
case 'forward-url-origin':
|
|
164
162
|
return url.origin;
|
|
@@ -171,13 +169,13 @@ const getConfiguredAudience = (options, requestPath) => {
|
|
|
171
169
|
}
|
|
172
170
|
}
|
|
173
171
|
};
|
|
174
|
-
const jwksClientByIssuer = new _Map__default
|
|
172
|
+
const jwksClientByIssuer = new _Map__default.default();
|
|
175
173
|
function getJwksClientByIssuer(issuer) {
|
|
176
174
|
const client = jwksClientByIssuer.get(issuer);
|
|
177
175
|
if (client) {
|
|
178
176
|
return client;
|
|
179
177
|
}
|
|
180
|
-
const newClient = jose.createRemoteJWKSet(new _URL__default
|
|
178
|
+
const newClient = jose.createRemoteJWKSet(new _URL__default.default(`/.well-known/jwks.json`, issuer));
|
|
181
179
|
jwksClientByIssuer.set(issuer, newClient);
|
|
182
180
|
return newClient;
|
|
183
181
|
}
|
|
@@ -199,7 +197,7 @@ function createSessionAuthVerifier(options) {
|
|
|
199
197
|
issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
|
|
200
198
|
}
|
|
201
199
|
const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
|
|
202
|
-
if (!requestUrlPath || !_startsWithInstanceProperty__default
|
|
200
|
+
if (!requestUrlPath || !_startsWithInstanceProperty__default.default(requestUrlPath).call(requestUrlPath, '/')) {
|
|
203
201
|
throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
|
|
204
202
|
}
|
|
205
203
|
const audience = getConfiguredAudience(options, requestUrlPath);
|
|
@@ -1,7 +1,5 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
-
|
|
5
3
|
var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
|
|
6
4
|
var _Map = require('@babel/runtime-corejs3/core-js-stable/map');
|
|
7
5
|
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
|
@@ -11,7 +9,7 @@ var _findInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/insta
|
|
|
11
9
|
var _Object$entries = require('@babel/runtime-corejs3/core-js-stable/object/entries');
|
|
12
10
|
var _Array$isArray = require('@babel/runtime-corejs3/core-js-stable/array/is-array');
|
|
13
11
|
|
|
14
|
-
function _interopDefault (e) { return e && e.__esModule ? e : {
|
|
12
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
15
13
|
|
|
16
14
|
var _URL__default = /*#__PURE__*/_interopDefault(_URL);
|
|
17
15
|
var _Map__default = /*#__PURE__*/_interopDefault(_Map);
|
|
@@ -57,7 +55,7 @@ const MC_API_PROXY_HEADERS = {
|
|
|
57
55
|
|
|
58
56
|
const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
59
57
|
var _context;
|
|
60
|
-
const matchingHeader = _findInstanceProperty__default
|
|
58
|
+
const matchingHeader = _findInstanceProperty__default.default(_context = _Object$entries__default.default(headers)).call(_context, _ref => {
|
|
61
59
|
let _ref2 = _slicedToArray(_ref, 1),
|
|
62
60
|
key = _ref2[0];
|
|
63
61
|
return headerKey.toLowerCase() === key.toLowerCase();
|
|
@@ -65,7 +63,7 @@ const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
|
65
63
|
if (matchingHeader && matchingHeader.length > 0) {
|
|
66
64
|
const _matchingHeader = _slicedToArray(matchingHeader, 2),
|
|
67
65
|
headerValue = _matchingHeader[1];
|
|
68
|
-
return _Array$isArray__default
|
|
66
|
+
return _Array$isArray__default.default(headerValue) ? headerValue[0] : headerValue;
|
|
69
67
|
}
|
|
70
68
|
return undefined;
|
|
71
69
|
};
|
|
@@ -128,7 +126,7 @@ const mapToLegacyIssuer = cloudIdentifier => {
|
|
|
128
126
|
// Verifies that the issuer is a valid URL.
|
|
129
127
|
const throwIfIssuerIsNotAValidUrl = issuer => {
|
|
130
128
|
try {
|
|
131
|
-
new _URL__default
|
|
129
|
+
new _URL__default.default(issuer);
|
|
132
130
|
} catch (error) {
|
|
133
131
|
throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
|
|
134
132
|
}
|
|
@@ -158,7 +156,7 @@ const getConfiguredDefaultIssuer = options => {
|
|
|
158
156
|
// the token validation might fail because of mismatching audiences.
|
|
159
157
|
const getConfiguredAudience = (options, requestPath) => {
|
|
160
158
|
// remove the trailing slash
|
|
161
|
-
const url = new _URL__default
|
|
159
|
+
const url = new _URL__default.default(`${options.audience.replace(/\/?$/, '')}${requestPath}`);
|
|
162
160
|
switch (options.audiencePolicy) {
|
|
163
161
|
case 'forward-url-origin':
|
|
164
162
|
return url.origin;
|
|
@@ -171,13 +169,13 @@ const getConfiguredAudience = (options, requestPath) => {
|
|
|
171
169
|
}
|
|
172
170
|
}
|
|
173
171
|
};
|
|
174
|
-
const jwksClientByIssuer = new _Map__default
|
|
172
|
+
const jwksClientByIssuer = new _Map__default.default();
|
|
175
173
|
function getJwksClientByIssuer(issuer) {
|
|
176
174
|
const client = jwksClientByIssuer.get(issuer);
|
|
177
175
|
if (client) {
|
|
178
176
|
return client;
|
|
179
177
|
}
|
|
180
|
-
const newClient = jose.createRemoteJWKSet(new _URL__default
|
|
178
|
+
const newClient = jose.createRemoteJWKSet(new _URL__default.default(`/.well-known/jwks.json`, issuer));
|
|
181
179
|
jwksClientByIssuer.set(issuer, newClient);
|
|
182
180
|
return newClient;
|
|
183
181
|
}
|
|
@@ -199,7 +197,7 @@ function createSessionAuthVerifier(options) {
|
|
|
199
197
|
issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
|
|
200
198
|
}
|
|
201
199
|
const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
|
|
202
|
-
if (!requestUrlPath || !_startsWithInstanceProperty__default
|
|
200
|
+
if (!requestUrlPath || !_startsWithInstanceProperty__default.default(requestUrlPath).call(requestUrlPath, '/')) {
|
|
203
201
|
throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
|
|
204
202
|
}
|
|
205
203
|
const audience = getConfiguredAudience(options, requestUrlPath);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@commercetools-backend/express",
|
|
3
|
-
"version": "27.5.
|
|
3
|
+
"version": "27.5.3",
|
|
4
4
|
"description": "Zero-config HTTP server as Express.js to facilitate development",
|
|
5
5
|
"bugs": "https://github.com/commercetools/merchant-center-application-kit/issues",
|
|
6
6
|
"repository": {
|