@supertokens-plugins/rownd-nodejs 0.3.0-beta.4 → 0.3.0-beta.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bulkMigrate.js +2 -2
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +40 -34
- package/dist/index.mjs +39 -33
- package/dist/setupCoreInstance.js +19 -34
- package/package.json +1 -1
package/dist/bulkMigrate.js
CHANGED
|
@@ -44,7 +44,7 @@ var import_supertokens_node = __toESM(require("supertokens-node"));
|
|
|
44
44
|
|
|
45
45
|
// src/constants.ts
|
|
46
46
|
var GUEST_AUTH_METHOD_ID = "guest";
|
|
47
|
-
var
|
|
47
|
+
var INSTANT_AUTH_METHOD_ID = "instant";
|
|
48
48
|
|
|
49
49
|
// src/rownd-compatibility.ts
|
|
50
50
|
var IDENTITY_USER_DATA_FIELDS = /* @__PURE__ */ new Set([
|
|
@@ -104,7 +104,7 @@ function mapRowndUserToSuperTokens(rowndUser) {
|
|
|
104
104
|
}
|
|
105
105
|
let authLevel = rowndUser.auth_level;
|
|
106
106
|
if (loginMethods.length === 0) {
|
|
107
|
-
const thirdPartyId = authLevel === GUEST_AUTH_METHOD_ID ? GUEST_AUTH_METHOD_ID :
|
|
107
|
+
const thirdPartyId = authLevel === GUEST_AUTH_METHOD_ID ? GUEST_AUTH_METHOD_ID : INSTANT_AUTH_METHOD_ID;
|
|
108
108
|
if (!authLevel) authLevel = thirdPartyId;
|
|
109
109
|
loginMethods.push({
|
|
110
110
|
recipeId: "thirdparty",
|
package/dist/index.d.mts
CHANGED
|
@@ -801,7 +801,7 @@ declare const PLUGIN_SDK_VERSION: string[];
|
|
|
801
801
|
declare const HANDLE_BASE_PATH = "/plugin/rownd";
|
|
802
802
|
declare const PUBLIC_TENANT_ID = "public";
|
|
803
803
|
declare const GUEST_AUTH_METHOD_ID = "guest";
|
|
804
|
-
declare const
|
|
804
|
+
declare const INSTANT_AUTH_METHOD_ID = "instant";
|
|
805
805
|
declare const ROWND_JWT_CLAIMS: {
|
|
806
806
|
readonly AppUserId: "https://auth.rownd.io/app_user_id";
|
|
807
807
|
readonly IsVerifiedUser: "https://auth.rownd.io/is_verified_user";
|
|
@@ -832,4 +832,4 @@ declare const _default: {
|
|
|
832
832
|
init: (config: RowndPluginConfig) => supertokens_node.SuperTokensPlugin;
|
|
833
833
|
};
|
|
834
834
|
|
|
835
|
-
export {
|
|
835
|
+
export { DEFAULT_ROWND_SCHEMA, GUEST_AUTH_METHOD_ID, HANDLE_BASE_PATH, HUB_LOGIN_PAGE_PATH, HUB_VERIFY_EMAIL_PAGE_PATH, INSTANT_AUTH_METHOD_ID, type IRowndClient, type MigrationResponse, PLUGIN_ID, PLUGIN_SDK_VERSION, PLUGIN_VERSION, PUBLIC_TENANT_ID, ROWND_JWT_CLAIMS, ROWND_PLUGIN_ERROR_MESSAGES, type RowndAppConfigInput, type RowndAuthConfig, type RowndBranding, type RowndClientDomains, type RowndCustomContent, type RowndLegal, type RowndPluginConfig, RowndPluginError, type RowndPluginErrorType, type RowndPluginNormalisedConfig, type RowndProfileConfig, type RowndSchema, type RowndSchemaField, type RowndSignInMethod, type RowndSubBrandConfigInput, type RowndTelemetryClient, type RowndTelemetryConfig, type RowndTelemetryEvent, type RowndUser, type RowndUserMetadata, type SuperTokensUserImport, _default as default, getRowndClient, init, setRowndClient };
|
package/dist/index.d.ts
CHANGED
|
@@ -801,7 +801,7 @@ declare const PLUGIN_SDK_VERSION: string[];
|
|
|
801
801
|
declare const HANDLE_BASE_PATH = "/plugin/rownd";
|
|
802
802
|
declare const PUBLIC_TENANT_ID = "public";
|
|
803
803
|
declare const GUEST_AUTH_METHOD_ID = "guest";
|
|
804
|
-
declare const
|
|
804
|
+
declare const INSTANT_AUTH_METHOD_ID = "instant";
|
|
805
805
|
declare const ROWND_JWT_CLAIMS: {
|
|
806
806
|
readonly AppUserId: "https://auth.rownd.io/app_user_id";
|
|
807
807
|
readonly IsVerifiedUser: "https://auth.rownd.io/is_verified_user";
|
|
@@ -832,4 +832,4 @@ declare const _default: {
|
|
|
832
832
|
init: (config: RowndPluginConfig) => supertokens_node.SuperTokensPlugin;
|
|
833
833
|
};
|
|
834
834
|
|
|
835
|
-
export {
|
|
835
|
+
export { DEFAULT_ROWND_SCHEMA, GUEST_AUTH_METHOD_ID, HANDLE_BASE_PATH, HUB_LOGIN_PAGE_PATH, HUB_VERIFY_EMAIL_PAGE_PATH, INSTANT_AUTH_METHOD_ID, type IRowndClient, type MigrationResponse, PLUGIN_ID, PLUGIN_SDK_VERSION, PLUGIN_VERSION, PUBLIC_TENANT_ID, ROWND_JWT_CLAIMS, ROWND_PLUGIN_ERROR_MESSAGES, type RowndAppConfigInput, type RowndAuthConfig, type RowndBranding, type RowndClientDomains, type RowndCustomContent, type RowndLegal, type RowndPluginConfig, RowndPluginError, type RowndPluginErrorType, type RowndPluginNormalisedConfig, type RowndProfileConfig, type RowndSchema, type RowndSchemaField, type RowndSignInMethod, type RowndSubBrandConfigInput, type RowndTelemetryClient, type RowndTelemetryConfig, type RowndTelemetryEvent, type RowndUser, type RowndUserMetadata, type SuperTokensUserImport, _default as default, getRowndClient, init, setRowndClient };
|
package/dist/index.js
CHANGED
|
@@ -267,12 +267,12 @@ var require_supports_color = __commonJS({
|
|
|
267
267
|
// src/index.ts
|
|
268
268
|
var index_exports = {};
|
|
269
269
|
__export(index_exports, {
|
|
270
|
-
ANONYMOUS_AUTH_METHOD_ID: () => ANONYMOUS_AUTH_METHOD_ID,
|
|
271
270
|
DEFAULT_ROWND_SCHEMA: () => DEFAULT_ROWND_SCHEMA,
|
|
272
271
|
GUEST_AUTH_METHOD_ID: () => GUEST_AUTH_METHOD_ID,
|
|
273
272
|
HANDLE_BASE_PATH: () => HANDLE_BASE_PATH,
|
|
274
273
|
HUB_LOGIN_PAGE_PATH: () => HUB_LOGIN_PAGE_PATH,
|
|
275
274
|
HUB_VERIFY_EMAIL_PAGE_PATH: () => HUB_VERIFY_EMAIL_PAGE_PATH,
|
|
275
|
+
INSTANT_AUTH_METHOD_ID: () => INSTANT_AUTH_METHOD_ID,
|
|
276
276
|
PLUGIN_ID: () => PLUGIN_ID,
|
|
277
277
|
PLUGIN_SDK_VERSION: () => PLUGIN_SDK_VERSION,
|
|
278
278
|
PLUGIN_VERSION: () => PLUGIN_VERSION,
|
|
@@ -690,7 +690,7 @@ var PLUGIN_SDK_VERSION = ["23.0.0", "23.0.1", ">=23.0.1"];
|
|
|
690
690
|
var HANDLE_BASE_PATH = "/plugin/rownd";
|
|
691
691
|
var PUBLIC_TENANT_ID = "public";
|
|
692
692
|
var GUEST_AUTH_METHOD_ID = "guest";
|
|
693
|
-
var
|
|
693
|
+
var INSTANT_AUTH_METHOD_ID = "instant";
|
|
694
694
|
var ROWND_JWT_CLAIMS = {
|
|
695
695
|
AppUserId: "https://auth.rownd.io/app_user_id",
|
|
696
696
|
IsVerifiedUser: "https://auth.rownd.io/is_verified_user",
|
|
@@ -1408,7 +1408,7 @@ function mapRowndUserToSuperTokens(rowndUser) {
|
|
|
1408
1408
|
}
|
|
1409
1409
|
let authLevel = rowndUser.auth_level;
|
|
1410
1410
|
if (loginMethods.length === 0) {
|
|
1411
|
-
const thirdPartyId = authLevel === GUEST_AUTH_METHOD_ID ? GUEST_AUTH_METHOD_ID :
|
|
1411
|
+
const thirdPartyId = authLevel === GUEST_AUTH_METHOD_ID ? GUEST_AUTH_METHOD_ID : INSTANT_AUTH_METHOD_ID;
|
|
1412
1412
|
if (!authLevel) authLevel = thirdPartyId;
|
|
1413
1413
|
loginMethods.push({
|
|
1414
1414
|
recipeId: "thirdparty",
|
|
@@ -1480,11 +1480,10 @@ function getAnonymousId(userId, user, metadata) {
|
|
|
1480
1480
|
if (typeof originalAnonymousId === "string") {
|
|
1481
1481
|
return originalAnonymousId;
|
|
1482
1482
|
}
|
|
1483
|
-
const
|
|
1484
|
-
return loginMethod.recipeId === "thirdparty" && getThirdPartyId(loginMethod) ===
|
|
1483
|
+
const guestMethod = user?.loginMethods.find((loginMethod) => {
|
|
1484
|
+
return loginMethod.recipeId === "thirdparty" && getThirdPartyId(loginMethod) === GUEST_AUTH_METHOD_ID;
|
|
1485
1485
|
});
|
|
1486
|
-
|
|
1487
|
-
return thirdPartyUserId || (hasAnonymousLoginMethod(user) ? `anon_${userId}` : void 0);
|
|
1486
|
+
return guestMethod ? `anon_${user?.id || userId}` : void 0;
|
|
1488
1487
|
}
|
|
1489
1488
|
function buildRowndSessionClaimPayload(input) {
|
|
1490
1489
|
const currentPayload = input.currentPayload ?? {};
|
|
@@ -1501,7 +1500,7 @@ function buildRowndSessionClaimPayload(input) {
|
|
|
1501
1500
|
currentPayload,
|
|
1502
1501
|
input.metadata
|
|
1503
1502
|
);
|
|
1504
|
-
const isAnonymous = currentPayload.is_anonymous === true ||
|
|
1503
|
+
const isAnonymous = currentPayload.is_anonymous === true || [GUEST_AUTH_METHOD_ID, INSTANT_AUTH_METHOD_ID].includes(authLevel);
|
|
1505
1504
|
const anonymousId = getAnonymousId(input.userId, input.user, input.metadata);
|
|
1506
1505
|
const isVerifiedUser = authLevel !== "unverified";
|
|
1507
1506
|
const audience = buildRowndAudience(currentPayload, input.appVariantId);
|
|
@@ -1515,7 +1514,7 @@ function buildRowndSessionClaimPayload(input) {
|
|
|
1515
1514
|
[ROWND_JWT_CLAIMS.AppUserId]: appUserId,
|
|
1516
1515
|
[ROWND_JWT_CLAIMS.AuthLevel]: authLevel,
|
|
1517
1516
|
[ROWND_JWT_CLAIMS.IsVerifiedUser]: isVerifiedUser,
|
|
1518
|
-
[ROWND_JWT_CLAIMS.IsAnonymous]:
|
|
1517
|
+
...isAnonymous ? { [ROWND_JWT_CLAIMS.IsAnonymous]: true } : {},
|
|
1519
1518
|
...anonymousId ? { anonymous_id: anonymousId } : {}
|
|
1520
1519
|
};
|
|
1521
1520
|
}
|
|
@@ -1561,23 +1560,26 @@ function getThirdPartyUserId(method) {
|
|
|
1561
1560
|
return method.thirdParty?.userId;
|
|
1562
1561
|
}
|
|
1563
1562
|
function getGuestAuthLevel(user) {
|
|
1564
|
-
const guestMethod = user?.loginMethods.find(
|
|
1565
|
-
|
|
1566
|
-
}
|
|
1567
|
-
|
|
1568
|
-
|
|
1569
|
-
|
|
1563
|
+
const guestMethod = user?.loginMethods.find((method) => {
|
|
1564
|
+
return method.recipeId === "thirdparty" && getThirdPartyId(method) === GUEST_AUTH_METHOD_ID;
|
|
1565
|
+
});
|
|
1566
|
+
if (guestMethod) {
|
|
1567
|
+
return GUEST_AUTH_METHOD_ID;
|
|
1568
|
+
}
|
|
1569
|
+
const instantMethod = user?.loginMethods.find((method) => {
|
|
1570
|
+
return method.recipeId === "thirdparty" && getThirdPartyId(method) === INSTANT_AUTH_METHOD_ID;
|
|
1570
1571
|
});
|
|
1572
|
+
return instantMethod ? INSTANT_AUTH_METHOD_ID : void 0;
|
|
1571
1573
|
}
|
|
1572
1574
|
function hasOnlyGuestLoginMethods(user) {
|
|
1573
1575
|
return !!user?.loginMethods.length && user.loginMethods.every(isGuestLoginMethod);
|
|
1574
1576
|
}
|
|
1575
1577
|
function isGuestLoginMethod(method) {
|
|
1576
1578
|
const thirdPartyId = getThirdPartyId(method);
|
|
1577
|
-
return method.recipeId === "thirdparty" && (thirdPartyId === GUEST_AUTH_METHOD_ID || thirdPartyId ===
|
|
1579
|
+
return method.recipeId === "thirdparty" && (thirdPartyId === GUEST_AUTH_METHOD_ID || thirdPartyId === INSTANT_AUTH_METHOD_ID);
|
|
1578
1580
|
}
|
|
1579
1581
|
function isGuestAccountInfo(input) {
|
|
1580
|
-
return input?.recipeId === "thirdparty" && (input.thirdParty?.id === GUEST_AUTH_METHOD_ID || input.thirdParty?.id ===
|
|
1582
|
+
return input?.recipeId === "thirdparty" && (input.thirdParty?.id === GUEST_AUTH_METHOD_ID || input.thirdParty?.id === INSTANT_AUTH_METHOD_ID);
|
|
1581
1583
|
}
|
|
1582
1584
|
function doesAccountInfoMatchAuthMethod(user, accountInfo) {
|
|
1583
1585
|
if (!user) {
|
|
@@ -1617,8 +1619,8 @@ function hasVerifiedRealLoginMethod(user) {
|
|
|
1617
1619
|
});
|
|
1618
1620
|
}
|
|
1619
1621
|
function getEffectiveAuthLevel(user, originalAuthLevel, verifiedData) {
|
|
1620
|
-
if (originalAuthLevel ===
|
|
1621
|
-
return
|
|
1622
|
+
if (originalAuthLevel === INSTANT_AUTH_METHOD_ID) {
|
|
1623
|
+
return INSTANT_AUTH_METHOD_ID;
|
|
1622
1624
|
}
|
|
1623
1625
|
if (hasVerifiedRealLoginMethod(user)) {
|
|
1624
1626
|
return "verified";
|
|
@@ -1720,7 +1722,7 @@ var RowndIsAnonymousClaim = new import_claims.BooleanClaim({
|
|
|
1720
1722
|
fetchValue: async (userId) => {
|
|
1721
1723
|
const user = await import_supertokens_node2.default.getUser(userId);
|
|
1722
1724
|
const effectiveAuthLevel = getEffectiveAuthLevel(user);
|
|
1723
|
-
return effectiveAuthLevel
|
|
1725
|
+
return [GUEST_AUTH_METHOD_ID, INSTANT_AUTH_METHOD_ID].includes(effectiveAuthLevel);
|
|
1724
1726
|
}
|
|
1725
1727
|
});
|
|
1726
1728
|
async function buildRowndSessionClaims(userId, currentPayload = {}, appVariantId) {
|
|
@@ -2116,9 +2118,9 @@ function handleGuestLogin(deps) {
|
|
|
2116
2118
|
const body = parseGuestBody(await getJsonBody(req));
|
|
2117
2119
|
const appVariantId = getRequestedAppVariantIdFromRequest(req);
|
|
2118
2120
|
assertRowndAppVariantIsConfigured(appVariantId);
|
|
2119
|
-
const thirdPartyId = body.authLevel ===
|
|
2120
|
-
const thirdPartyUserId = thirdPartyId ===
|
|
2121
|
-
const authLevel = thirdPartyId ===
|
|
2121
|
+
const thirdPartyId = body.authLevel === INSTANT_AUTH_METHOD_ID ? INSTANT_AUTH_METHOD_ID : GUEST_AUTH_METHOD_ID;
|
|
2122
|
+
const thirdPartyUserId = thirdPartyId === INSTANT_AUTH_METHOD_ID ? `anon_${(0, import_crypto.randomUUID)()}` : guestId;
|
|
2123
|
+
const authLevel = thirdPartyId === INSTANT_AUTH_METHOD_ID ? INSTANT_AUTH_METHOD_ID : GUEST_AUTH_METHOD_ID;
|
|
2122
2124
|
const response = await import_thirdparty.default.manuallyCreateOrUpdateUser(
|
|
2123
2125
|
PUBLIC_TENANT_ID,
|
|
2124
2126
|
thirdPartyId,
|
|
@@ -2141,7 +2143,7 @@ function handleGuestLogin(deps) {
|
|
|
2141
2143
|
{
|
|
2142
2144
|
...buildRowndAudience({}, appVariantId),
|
|
2143
2145
|
auth_level: authLevel,
|
|
2144
|
-
is_anonymous: true,
|
|
2146
|
+
...[GUEST_AUTH_METHOD_ID, INSTANT_AUTH_METHOD_ID].includes(authLevel) ? { is_anonymous: true } : {},
|
|
2145
2147
|
app_user_id: response.user.id
|
|
2146
2148
|
},
|
|
2147
2149
|
{},
|
|
@@ -2199,16 +2201,14 @@ function handleMigrate(deps) {
|
|
|
2199
2201
|
if (!user) {
|
|
2200
2202
|
const stUserImport = mapRowndUserToSuperTokens(rowndUser);
|
|
2201
2203
|
try {
|
|
2202
|
-
|
|
2203
|
-
|
|
2204
|
-
|
|
2205
|
-
)
|
|
2206
|
-
|
|
2207
|
-
if (importedUser.loginMethods[0]?.recipeUserId) {
|
|
2208
|
-
recipeUserId = import_supertokens_node3.default.convertToRecipeUserId(
|
|
2209
|
-
importedUser.loginMethods[0].recipeUserId
|
|
2210
|
-
);
|
|
2204
|
+
await importUser(stUserImport, deps.stConfig.supertokens);
|
|
2205
|
+
clearSuperTokensCoreCallCache(userContext);
|
|
2206
|
+
user = await import_supertokens_node3.default.getUser(rowndUserId, userContext);
|
|
2207
|
+
if (!user) {
|
|
2208
|
+
throw new Error("Imported user could not be resolved");
|
|
2211
2209
|
}
|
|
2210
|
+
superTokensUserId = user.id;
|
|
2211
|
+
recipeUserId = user.loginMethods[0]?.recipeUserId;
|
|
2212
2212
|
} catch (err) {
|
|
2213
2213
|
user = await import_supertokens_node3.default.getUser(rowndUserId, userContext);
|
|
2214
2214
|
if (!user) {
|
|
@@ -2274,6 +2274,12 @@ function handleMigrate(deps) {
|
|
|
2274
2274
|
}
|
|
2275
2275
|
};
|
|
2276
2276
|
}
|
|
2277
|
+
function clearSuperTokensCoreCallCache(userContext) {
|
|
2278
|
+
const cacheContext = userContext;
|
|
2279
|
+
if (cacheContext._default?.coreCallCache) {
|
|
2280
|
+
cacheContext._default.coreCallCache = {};
|
|
2281
|
+
}
|
|
2282
|
+
}
|
|
2277
2283
|
function handleGetUser() {
|
|
2278
2284
|
return async (_req, _res, session) => {
|
|
2279
2285
|
const user = await getUserById(session.getUserId());
|
|
@@ -2875,12 +2881,12 @@ function validateClientDomainUrl(key, value) {
|
|
|
2875
2881
|
var index_default = { init };
|
|
2876
2882
|
// Annotate the CommonJS export names for ESM import in node:
|
|
2877
2883
|
0 && (module.exports = {
|
|
2878
|
-
ANONYMOUS_AUTH_METHOD_ID,
|
|
2879
2884
|
DEFAULT_ROWND_SCHEMA,
|
|
2880
2885
|
GUEST_AUTH_METHOD_ID,
|
|
2881
2886
|
HANDLE_BASE_PATH,
|
|
2882
2887
|
HUB_LOGIN_PAGE_PATH,
|
|
2883
2888
|
HUB_VERIFY_EMAIL_PAGE_PATH,
|
|
2889
|
+
INSTANT_AUTH_METHOD_ID,
|
|
2884
2890
|
PLUGIN_ID,
|
|
2885
2891
|
PLUGIN_SDK_VERSION,
|
|
2886
2892
|
PLUGIN_VERSION,
|
package/dist/index.mjs
CHANGED
|
@@ -667,7 +667,7 @@ var PLUGIN_SDK_VERSION = ["23.0.0", "23.0.1", ">=23.0.1"];
|
|
|
667
667
|
var HANDLE_BASE_PATH = "/plugin/rownd";
|
|
668
668
|
var PUBLIC_TENANT_ID = "public";
|
|
669
669
|
var GUEST_AUTH_METHOD_ID = "guest";
|
|
670
|
-
var
|
|
670
|
+
var INSTANT_AUTH_METHOD_ID = "instant";
|
|
671
671
|
var ROWND_JWT_CLAIMS = {
|
|
672
672
|
AppUserId: "https://auth.rownd.io/app_user_id",
|
|
673
673
|
IsVerifiedUser: "https://auth.rownd.io/is_verified_user",
|
|
@@ -1385,7 +1385,7 @@ function mapRowndUserToSuperTokens(rowndUser) {
|
|
|
1385
1385
|
}
|
|
1386
1386
|
let authLevel = rowndUser.auth_level;
|
|
1387
1387
|
if (loginMethods.length === 0) {
|
|
1388
|
-
const thirdPartyId = authLevel === GUEST_AUTH_METHOD_ID ? GUEST_AUTH_METHOD_ID :
|
|
1388
|
+
const thirdPartyId = authLevel === GUEST_AUTH_METHOD_ID ? GUEST_AUTH_METHOD_ID : INSTANT_AUTH_METHOD_ID;
|
|
1389
1389
|
if (!authLevel) authLevel = thirdPartyId;
|
|
1390
1390
|
loginMethods.push({
|
|
1391
1391
|
recipeId: "thirdparty",
|
|
@@ -1457,11 +1457,10 @@ function getAnonymousId(userId, user, metadata) {
|
|
|
1457
1457
|
if (typeof originalAnonymousId === "string") {
|
|
1458
1458
|
return originalAnonymousId;
|
|
1459
1459
|
}
|
|
1460
|
-
const
|
|
1461
|
-
return loginMethod.recipeId === "thirdparty" && getThirdPartyId(loginMethod) ===
|
|
1460
|
+
const guestMethod = user?.loginMethods.find((loginMethod) => {
|
|
1461
|
+
return loginMethod.recipeId === "thirdparty" && getThirdPartyId(loginMethod) === GUEST_AUTH_METHOD_ID;
|
|
1462
1462
|
});
|
|
1463
|
-
|
|
1464
|
-
return thirdPartyUserId || (hasAnonymousLoginMethod(user) ? `anon_${userId}` : void 0);
|
|
1463
|
+
return guestMethod ? `anon_${user?.id || userId}` : void 0;
|
|
1465
1464
|
}
|
|
1466
1465
|
function buildRowndSessionClaimPayload(input) {
|
|
1467
1466
|
const currentPayload = input.currentPayload ?? {};
|
|
@@ -1478,7 +1477,7 @@ function buildRowndSessionClaimPayload(input) {
|
|
|
1478
1477
|
currentPayload,
|
|
1479
1478
|
input.metadata
|
|
1480
1479
|
);
|
|
1481
|
-
const isAnonymous = currentPayload.is_anonymous === true ||
|
|
1480
|
+
const isAnonymous = currentPayload.is_anonymous === true || [GUEST_AUTH_METHOD_ID, INSTANT_AUTH_METHOD_ID].includes(authLevel);
|
|
1482
1481
|
const anonymousId = getAnonymousId(input.userId, input.user, input.metadata);
|
|
1483
1482
|
const isVerifiedUser = authLevel !== "unverified";
|
|
1484
1483
|
const audience = buildRowndAudience(currentPayload, input.appVariantId);
|
|
@@ -1492,7 +1491,7 @@ function buildRowndSessionClaimPayload(input) {
|
|
|
1492
1491
|
[ROWND_JWT_CLAIMS.AppUserId]: appUserId,
|
|
1493
1492
|
[ROWND_JWT_CLAIMS.AuthLevel]: authLevel,
|
|
1494
1493
|
[ROWND_JWT_CLAIMS.IsVerifiedUser]: isVerifiedUser,
|
|
1495
|
-
[ROWND_JWT_CLAIMS.IsAnonymous]:
|
|
1494
|
+
...isAnonymous ? { [ROWND_JWT_CLAIMS.IsAnonymous]: true } : {},
|
|
1496
1495
|
...anonymousId ? { anonymous_id: anonymousId } : {}
|
|
1497
1496
|
};
|
|
1498
1497
|
}
|
|
@@ -1538,23 +1537,26 @@ function getThirdPartyUserId(method) {
|
|
|
1538
1537
|
return method.thirdParty?.userId;
|
|
1539
1538
|
}
|
|
1540
1539
|
function getGuestAuthLevel(user) {
|
|
1541
|
-
const guestMethod = user?.loginMethods.find(
|
|
1542
|
-
|
|
1543
|
-
}
|
|
1544
|
-
|
|
1545
|
-
|
|
1546
|
-
|
|
1540
|
+
const guestMethod = user?.loginMethods.find((method) => {
|
|
1541
|
+
return method.recipeId === "thirdparty" && getThirdPartyId(method) === GUEST_AUTH_METHOD_ID;
|
|
1542
|
+
});
|
|
1543
|
+
if (guestMethod) {
|
|
1544
|
+
return GUEST_AUTH_METHOD_ID;
|
|
1545
|
+
}
|
|
1546
|
+
const instantMethod = user?.loginMethods.find((method) => {
|
|
1547
|
+
return method.recipeId === "thirdparty" && getThirdPartyId(method) === INSTANT_AUTH_METHOD_ID;
|
|
1547
1548
|
});
|
|
1549
|
+
return instantMethod ? INSTANT_AUTH_METHOD_ID : void 0;
|
|
1548
1550
|
}
|
|
1549
1551
|
function hasOnlyGuestLoginMethods(user) {
|
|
1550
1552
|
return !!user?.loginMethods.length && user.loginMethods.every(isGuestLoginMethod);
|
|
1551
1553
|
}
|
|
1552
1554
|
function isGuestLoginMethod(method) {
|
|
1553
1555
|
const thirdPartyId = getThirdPartyId(method);
|
|
1554
|
-
return method.recipeId === "thirdparty" && (thirdPartyId === GUEST_AUTH_METHOD_ID || thirdPartyId ===
|
|
1556
|
+
return method.recipeId === "thirdparty" && (thirdPartyId === GUEST_AUTH_METHOD_ID || thirdPartyId === INSTANT_AUTH_METHOD_ID);
|
|
1555
1557
|
}
|
|
1556
1558
|
function isGuestAccountInfo(input) {
|
|
1557
|
-
return input?.recipeId === "thirdparty" && (input.thirdParty?.id === GUEST_AUTH_METHOD_ID || input.thirdParty?.id ===
|
|
1559
|
+
return input?.recipeId === "thirdparty" && (input.thirdParty?.id === GUEST_AUTH_METHOD_ID || input.thirdParty?.id === INSTANT_AUTH_METHOD_ID);
|
|
1558
1560
|
}
|
|
1559
1561
|
function doesAccountInfoMatchAuthMethod(user, accountInfo) {
|
|
1560
1562
|
if (!user) {
|
|
@@ -1594,8 +1596,8 @@ function hasVerifiedRealLoginMethod(user) {
|
|
|
1594
1596
|
});
|
|
1595
1597
|
}
|
|
1596
1598
|
function getEffectiveAuthLevel(user, originalAuthLevel, verifiedData) {
|
|
1597
|
-
if (originalAuthLevel ===
|
|
1598
|
-
return
|
|
1599
|
+
if (originalAuthLevel === INSTANT_AUTH_METHOD_ID) {
|
|
1600
|
+
return INSTANT_AUTH_METHOD_ID;
|
|
1599
1601
|
}
|
|
1600
1602
|
if (hasVerifiedRealLoginMethod(user)) {
|
|
1601
1603
|
return "verified";
|
|
@@ -1697,7 +1699,7 @@ var RowndIsAnonymousClaim = new BooleanClaim({
|
|
|
1697
1699
|
fetchValue: async (userId) => {
|
|
1698
1700
|
const user = await SuperTokens2.getUser(userId);
|
|
1699
1701
|
const effectiveAuthLevel = getEffectiveAuthLevel(user);
|
|
1700
|
-
return effectiveAuthLevel
|
|
1702
|
+
return [GUEST_AUTH_METHOD_ID, INSTANT_AUTH_METHOD_ID].includes(effectiveAuthLevel);
|
|
1701
1703
|
}
|
|
1702
1704
|
});
|
|
1703
1705
|
async function buildRowndSessionClaims(userId, currentPayload = {}, appVariantId) {
|
|
@@ -2093,9 +2095,9 @@ function handleGuestLogin(deps) {
|
|
|
2093
2095
|
const body = parseGuestBody(await getJsonBody(req));
|
|
2094
2096
|
const appVariantId = getRequestedAppVariantIdFromRequest(req);
|
|
2095
2097
|
assertRowndAppVariantIsConfigured(appVariantId);
|
|
2096
|
-
const thirdPartyId = body.authLevel ===
|
|
2097
|
-
const thirdPartyUserId = thirdPartyId ===
|
|
2098
|
-
const authLevel = thirdPartyId ===
|
|
2098
|
+
const thirdPartyId = body.authLevel === INSTANT_AUTH_METHOD_ID ? INSTANT_AUTH_METHOD_ID : GUEST_AUTH_METHOD_ID;
|
|
2099
|
+
const thirdPartyUserId = thirdPartyId === INSTANT_AUTH_METHOD_ID ? `anon_${randomUUID()}` : guestId;
|
|
2100
|
+
const authLevel = thirdPartyId === INSTANT_AUTH_METHOD_ID ? INSTANT_AUTH_METHOD_ID : GUEST_AUTH_METHOD_ID;
|
|
2099
2101
|
const response = await ThirdParty.manuallyCreateOrUpdateUser(
|
|
2100
2102
|
PUBLIC_TENANT_ID,
|
|
2101
2103
|
thirdPartyId,
|
|
@@ -2118,7 +2120,7 @@ function handleGuestLogin(deps) {
|
|
|
2118
2120
|
{
|
|
2119
2121
|
...buildRowndAudience({}, appVariantId),
|
|
2120
2122
|
auth_level: authLevel,
|
|
2121
|
-
is_anonymous: true,
|
|
2123
|
+
...[GUEST_AUTH_METHOD_ID, INSTANT_AUTH_METHOD_ID].includes(authLevel) ? { is_anonymous: true } : {},
|
|
2122
2124
|
app_user_id: response.user.id
|
|
2123
2125
|
},
|
|
2124
2126
|
{},
|
|
@@ -2176,16 +2178,14 @@ function handleMigrate(deps) {
|
|
|
2176
2178
|
if (!user) {
|
|
2177
2179
|
const stUserImport = mapRowndUserToSuperTokens(rowndUser);
|
|
2178
2180
|
try {
|
|
2179
|
-
|
|
2180
|
-
|
|
2181
|
-
|
|
2182
|
-
)
|
|
2183
|
-
|
|
2184
|
-
if (importedUser.loginMethods[0]?.recipeUserId) {
|
|
2185
|
-
recipeUserId = SuperTokens3.convertToRecipeUserId(
|
|
2186
|
-
importedUser.loginMethods[0].recipeUserId
|
|
2187
|
-
);
|
|
2181
|
+
await importUser(stUserImport, deps.stConfig.supertokens);
|
|
2182
|
+
clearSuperTokensCoreCallCache(userContext);
|
|
2183
|
+
user = await SuperTokens3.getUser(rowndUserId, userContext);
|
|
2184
|
+
if (!user) {
|
|
2185
|
+
throw new Error("Imported user could not be resolved");
|
|
2188
2186
|
}
|
|
2187
|
+
superTokensUserId = user.id;
|
|
2188
|
+
recipeUserId = user.loginMethods[0]?.recipeUserId;
|
|
2189
2189
|
} catch (err) {
|
|
2190
2190
|
user = await SuperTokens3.getUser(rowndUserId, userContext);
|
|
2191
2191
|
if (!user) {
|
|
@@ -2251,6 +2251,12 @@ function handleMigrate(deps) {
|
|
|
2251
2251
|
}
|
|
2252
2252
|
};
|
|
2253
2253
|
}
|
|
2254
|
+
function clearSuperTokensCoreCallCache(userContext) {
|
|
2255
|
+
const cacheContext = userContext;
|
|
2256
|
+
if (cacheContext._default?.coreCallCache) {
|
|
2257
|
+
cacheContext._default.coreCallCache = {};
|
|
2258
|
+
}
|
|
2259
|
+
}
|
|
2254
2260
|
function handleGetUser() {
|
|
2255
2261
|
return async (_req, _res, session) => {
|
|
2256
2262
|
const user = await getUserById(session.getUserId());
|
|
@@ -2851,12 +2857,12 @@ function validateClientDomainUrl(key, value) {
|
|
|
2851
2857
|
// src/index.ts
|
|
2852
2858
|
var index_default = { init };
|
|
2853
2859
|
export {
|
|
2854
|
-
ANONYMOUS_AUTH_METHOD_ID,
|
|
2855
2860
|
DEFAULT_ROWND_SCHEMA,
|
|
2856
2861
|
GUEST_AUTH_METHOD_ID,
|
|
2857
2862
|
HANDLE_BASE_PATH,
|
|
2858
2863
|
HUB_LOGIN_PAGE_PATH,
|
|
2859
2864
|
HUB_VERIFY_EMAIL_PAGE_PATH,
|
|
2865
|
+
INSTANT_AUTH_METHOD_ID,
|
|
2860
2866
|
PLUGIN_ID,
|
|
2861
2867
|
PLUGIN_SDK_VERSION,
|
|
2862
2868
|
PLUGIN_VERSION,
|
|
@@ -37,6 +37,7 @@ __export(setupCoreInstance_exports, {
|
|
|
37
37
|
});
|
|
38
38
|
module.exports = __toCommonJS(setupCoreInstance_exports);
|
|
39
39
|
var import_zod2 = require("zod");
|
|
40
|
+
var import_fs = __toESM(require("fs"));
|
|
40
41
|
|
|
41
42
|
// scripts/scriptUtils.ts
|
|
42
43
|
var fs = __toESM(require("fs/promises"));
|
|
@@ -136,38 +137,6 @@ function formatZodError(error) {
|
|
|
136
137
|
(issue) => `${formatIssuePath(issue.path.filter((segment) => typeof segment === "string" || typeof segment === "number"))}: ${issue.message}`
|
|
137
138
|
).join("\n");
|
|
138
139
|
}
|
|
139
|
-
function parseConfig(rawConfig, configDir = SCRIPT_DIR) {
|
|
140
|
-
const parsed = ConfigSchema.parse(rawConfig);
|
|
141
|
-
const checkpointFile = (0, import_node_path.isAbsolute)(parsed.checkpoint.file) ? parsed.checkpoint.file : (0, import_node_path.resolve)(configDir, parsed.checkpoint.file);
|
|
142
|
-
return {
|
|
143
|
-
limit: parsed.limit,
|
|
144
|
-
checkpoint: {
|
|
145
|
-
file: checkpointFile,
|
|
146
|
-
resume: parsed.checkpoint.resume
|
|
147
|
-
},
|
|
148
|
-
retry: parsed.retry,
|
|
149
|
-
rownd: parsed.rownd,
|
|
150
|
-
supertokens: parsed.supertokens,
|
|
151
|
-
thirdPartyProviders: parsed.thirdPartyProviders
|
|
152
|
-
};
|
|
153
|
-
}
|
|
154
|
-
async function loadConfig(configFilePath) {
|
|
155
|
-
const configFile = await fs.readFile(configFilePath, "utf8");
|
|
156
|
-
return parseConfig((0, import_yaml.parse)(configFile), (0, import_node_path.dirname)(configFilePath));
|
|
157
|
-
}
|
|
158
|
-
function parseRequiredConfigArg(args) {
|
|
159
|
-
for (let i = 0; i < args.length; i += 1) {
|
|
160
|
-
const arg = args[i];
|
|
161
|
-
if (arg === "--config" || arg === "-c") {
|
|
162
|
-
const value = args[i + 1];
|
|
163
|
-
if (!value) {
|
|
164
|
-
throw new Error(`Missing value for ${arg}`);
|
|
165
|
-
}
|
|
166
|
-
return (0, import_node_path.resolve)(value);
|
|
167
|
-
}
|
|
168
|
-
}
|
|
169
|
-
throw new Error("Missing required --config <path>");
|
|
170
|
-
}
|
|
171
140
|
function hasHelpArg(args) {
|
|
172
141
|
return args.includes("--help") || args.includes("-h");
|
|
173
142
|
}
|
|
@@ -270,9 +239,25 @@ async function runCli() {
|
|
|
270
239
|
printHelp();
|
|
271
240
|
return;
|
|
272
241
|
}
|
|
273
|
-
const config =
|
|
242
|
+
const config = {
|
|
243
|
+
limit: 100,
|
|
244
|
+
checkpoint: {
|
|
245
|
+
file: "checkpoint.json",
|
|
246
|
+
resume: false
|
|
247
|
+
},
|
|
248
|
+
retry: {
|
|
249
|
+
maxAttempts: 3,
|
|
250
|
+
initialDelayMs: 1e3
|
|
251
|
+
},
|
|
252
|
+
rownd: {
|
|
253
|
+
appId: "app_cesvgomn94c4mz1j9g16d7tn",
|
|
254
|
+
appKey: "key_ic6r0j87b8owmdc2h2nn3xmp",
|
|
255
|
+
appSecret: "ras_1d15275403b64c1f25d8705c4d95f9049adcd95b8b5a555e",
|
|
256
|
+
pageSize: 100
|
|
257
|
+
}
|
|
258
|
+
};
|
|
274
259
|
const oidcClients = await fetchRowndOidcClients(config);
|
|
275
|
-
|
|
260
|
+
import_fs.default.writeFileSync("oidc-clients.json", JSON.stringify(oidcClients, null, 2));
|
|
276
261
|
console.log("Successfully provisioned SuperTokens infrastructure.");
|
|
277
262
|
}
|
|
278
263
|
if (require.main === module) {
|