@commercetools-backend/express 27.5.3 → 27.5.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
+
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
+
|
|
3
5
|
var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
|
|
4
6
|
var _Map = require('@babel/runtime-corejs3/core-js-stable/map');
|
|
5
7
|
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
|
@@ -9,7 +11,7 @@ var _findInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/insta
|
|
|
9
11
|
var _Object$entries = require('@babel/runtime-corejs3/core-js-stable/object/entries');
|
|
10
12
|
var _Array$isArray = require('@babel/runtime-corejs3/core-js-stable/array/is-array');
|
|
11
13
|
|
|
12
|
-
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
14
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { 'default': e }; }
|
|
13
15
|
|
|
14
16
|
var _URL__default = /*#__PURE__*/_interopDefault(_URL);
|
|
15
17
|
var _Map__default = /*#__PURE__*/_interopDefault(_Map);
|
|
@@ -55,7 +57,7 @@ const MC_API_PROXY_HEADERS = {
|
|
|
55
57
|
|
|
56
58
|
const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
57
59
|
var _context;
|
|
58
|
-
const matchingHeader = _findInstanceProperty__default
|
|
60
|
+
const matchingHeader = _findInstanceProperty__default["default"](_context = _Object$entries__default["default"](headers)).call(_context, _ref => {
|
|
59
61
|
let _ref2 = _slicedToArray(_ref, 1),
|
|
60
62
|
key = _ref2[0];
|
|
61
63
|
return headerKey.toLowerCase() === key.toLowerCase();
|
|
@@ -63,7 +65,7 @@ const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
|
63
65
|
if (matchingHeader && matchingHeader.length > 0) {
|
|
64
66
|
const _matchingHeader = _slicedToArray(matchingHeader, 2),
|
|
65
67
|
headerValue = _matchingHeader[1];
|
|
66
|
-
return _Array$isArray__default
|
|
68
|
+
return _Array$isArray__default["default"](headerValue) ? headerValue[0] : headerValue;
|
|
67
69
|
}
|
|
68
70
|
return undefined;
|
|
69
71
|
};
|
|
@@ -126,7 +128,7 @@ const mapToLegacyIssuer = cloudIdentifier => {
|
|
|
126
128
|
// Verifies that the issuer is a valid URL.
|
|
127
129
|
const throwIfIssuerIsNotAValidUrl = issuer => {
|
|
128
130
|
try {
|
|
129
|
-
new _URL__default
|
|
131
|
+
new _URL__default["default"](issuer);
|
|
130
132
|
} catch (error) {
|
|
131
133
|
throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
|
|
132
134
|
}
|
|
@@ -156,7 +158,7 @@ const getConfiguredDefaultIssuer = options => {
|
|
|
156
158
|
// the token validation might fail because of mismatching audiences.
|
|
157
159
|
const getConfiguredAudience = (options, requestPath) => {
|
|
158
160
|
// remove the trailing slash
|
|
159
|
-
const url = new _URL__default
|
|
161
|
+
const url = new _URL__default["default"](`${options.audience.replace(/\/?$/, '')}${requestPath}`);
|
|
160
162
|
switch (options.audiencePolicy) {
|
|
161
163
|
case 'forward-url-origin':
|
|
162
164
|
return url.origin;
|
|
@@ -169,13 +171,13 @@ const getConfiguredAudience = (options, requestPath) => {
|
|
|
169
171
|
}
|
|
170
172
|
}
|
|
171
173
|
};
|
|
172
|
-
const jwksClientByIssuer = new _Map__default
|
|
174
|
+
const jwksClientByIssuer = new _Map__default["default"]();
|
|
173
175
|
function getJwksClientByIssuer(issuer) {
|
|
174
176
|
const client = jwksClientByIssuer.get(issuer);
|
|
175
177
|
if (client) {
|
|
176
178
|
return client;
|
|
177
179
|
}
|
|
178
|
-
const newClient = jose.createRemoteJWKSet(new _URL__default
|
|
180
|
+
const newClient = jose.createRemoteJWKSet(new _URL__default["default"](`/.well-known/jwks.json`, issuer));
|
|
179
181
|
jwksClientByIssuer.set(issuer, newClient);
|
|
180
182
|
return newClient;
|
|
181
183
|
}
|
|
@@ -197,7 +199,7 @@ function createSessionAuthVerifier(options) {
|
|
|
197
199
|
issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
|
|
198
200
|
}
|
|
199
201
|
const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
|
|
200
|
-
if (!requestUrlPath || !_startsWithInstanceProperty__default
|
|
202
|
+
if (!requestUrlPath || !_startsWithInstanceProperty__default["default"](requestUrlPath).call(requestUrlPath, '/')) {
|
|
201
203
|
throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
|
|
202
204
|
}
|
|
203
205
|
const audience = getConfiguredAudience(options, requestUrlPath);
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
+
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
+
|
|
3
5
|
var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
|
|
4
6
|
var _Map = require('@babel/runtime-corejs3/core-js-stable/map');
|
|
5
7
|
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
|
@@ -9,7 +11,7 @@ var _findInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/insta
|
|
|
9
11
|
var _Object$entries = require('@babel/runtime-corejs3/core-js-stable/object/entries');
|
|
10
12
|
var _Array$isArray = require('@babel/runtime-corejs3/core-js-stable/array/is-array');
|
|
11
13
|
|
|
12
|
-
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
14
|
+
function _interopDefault (e) { return e && e.__esModule ? e : { 'default': e }; }
|
|
13
15
|
|
|
14
16
|
var _URL__default = /*#__PURE__*/_interopDefault(_URL);
|
|
15
17
|
var _Map__default = /*#__PURE__*/_interopDefault(_Map);
|
|
@@ -55,7 +57,7 @@ const MC_API_PROXY_HEADERS = {
|
|
|
55
57
|
|
|
56
58
|
const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
57
59
|
var _context;
|
|
58
|
-
const matchingHeader = _findInstanceProperty__default
|
|
60
|
+
const matchingHeader = _findInstanceProperty__default["default"](_context = _Object$entries__default["default"](headers)).call(_context, _ref => {
|
|
59
61
|
let _ref2 = _slicedToArray(_ref, 1),
|
|
60
62
|
key = _ref2[0];
|
|
61
63
|
return headerKey.toLowerCase() === key.toLowerCase();
|
|
@@ -63,7 +65,7 @@ const getHeaderByCaseInsensitiveKey = (headers, headerKey) => {
|
|
|
63
65
|
if (matchingHeader && matchingHeader.length > 0) {
|
|
64
66
|
const _matchingHeader = _slicedToArray(matchingHeader, 2),
|
|
65
67
|
headerValue = _matchingHeader[1];
|
|
66
|
-
return _Array$isArray__default
|
|
68
|
+
return _Array$isArray__default["default"](headerValue) ? headerValue[0] : headerValue;
|
|
67
69
|
}
|
|
68
70
|
return undefined;
|
|
69
71
|
};
|
|
@@ -126,7 +128,7 @@ const mapToLegacyIssuer = cloudIdentifier => {
|
|
|
126
128
|
// Verifies that the issuer is a valid URL.
|
|
127
129
|
const throwIfIssuerIsNotAValidUrl = issuer => {
|
|
128
130
|
try {
|
|
129
|
-
new _URL__default
|
|
131
|
+
new _URL__default["default"](issuer);
|
|
130
132
|
} catch (error) {
|
|
131
133
|
throw new Error(`Invalid issuer URL "${issuer}". Expected a valid URL to the Merchant Center API Gateway, or a cloud identifier to one of the available cloud regions. See https://docs.commercetools.com/merchant-center-customizations/concepts/merchant-center-api#hostnames.`);
|
|
132
134
|
}
|
|
@@ -156,7 +158,7 @@ const getConfiguredDefaultIssuer = options => {
|
|
|
156
158
|
// the token validation might fail because of mismatching audiences.
|
|
157
159
|
const getConfiguredAudience = (options, requestPath) => {
|
|
158
160
|
// remove the trailing slash
|
|
159
|
-
const url = new _URL__default
|
|
161
|
+
const url = new _URL__default["default"](`${options.audience.replace(/\/?$/, '')}${requestPath}`);
|
|
160
162
|
switch (options.audiencePolicy) {
|
|
161
163
|
case 'forward-url-origin':
|
|
162
164
|
return url.origin;
|
|
@@ -169,13 +171,13 @@ const getConfiguredAudience = (options, requestPath) => {
|
|
|
169
171
|
}
|
|
170
172
|
}
|
|
171
173
|
};
|
|
172
|
-
const jwksClientByIssuer = new _Map__default
|
|
174
|
+
const jwksClientByIssuer = new _Map__default["default"]();
|
|
173
175
|
function getJwksClientByIssuer(issuer) {
|
|
174
176
|
const client = jwksClientByIssuer.get(issuer);
|
|
175
177
|
if (client) {
|
|
176
178
|
return client;
|
|
177
179
|
}
|
|
178
|
-
const newClient = jose.createRemoteJWKSet(new _URL__default
|
|
180
|
+
const newClient = jose.createRemoteJWKSet(new _URL__default["default"](`/.well-known/jwks.json`, issuer));
|
|
179
181
|
jwksClientByIssuer.set(issuer, newClient);
|
|
180
182
|
return newClient;
|
|
181
183
|
}
|
|
@@ -197,7 +199,7 @@ function createSessionAuthVerifier(options) {
|
|
|
197
199
|
issuer = mapToLegacyIssuer(cloudIdentifierHeader) ?? issuer;
|
|
198
200
|
}
|
|
199
201
|
const requestUrlPath = options.getRequestUrl ? options.getRequestUrl(request) : request.originalUrl ?? request.url;
|
|
200
|
-
if (!requestUrlPath || !_startsWithInstanceProperty__default
|
|
202
|
+
if (!requestUrlPath || !_startsWithInstanceProperty__default["default"](requestUrlPath).call(requestUrlPath, '/')) {
|
|
201
203
|
throw new Error(`Invalid request URI path "${requestUrlPath}". Please make sure that the "request" object has either a property "originalUrl" or "url". If not, you should implement the "getRequestUrl" function and make sure to return a valid URI path value starting with "/". More info at https://docs.commercetools.com/merchant-center-customizations/concepts/integrate-with-your-own-api#validating-the-json-web-token`);
|
|
202
204
|
}
|
|
203
205
|
const audience = getConfiguredAudience(options, requestUrlPath);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@commercetools-backend/express",
|
|
3
|
-
"version": "27.5.
|
|
3
|
+
"version": "27.5.4",
|
|
4
4
|
"description": "Zero-config HTTP server as Express.js to facilitate development",
|
|
5
5
|
"bugs": "https://github.com/commercetools/merchant-center-application-kit/issues",
|
|
6
6
|
"repository": {
|