-
Notifications
You must be signed in to change notification settings - Fork 209
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(backend,shared,clerk-js): Support suffixed cookies [CORE-2086] #3506
base: main
Are you sure you want to change the base?
Conversation
🦋 Changeset detectedLatest commit: 3e2faed The changes in this PR will be included in the next version bump. This PR includes changesets to release 15 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
f12aaa0
to
7dcea49
Compare
7dcea49
to
50ca6e3
Compare
50ca6e3
to
6a7c065
Compare
6a7c065
to
976ae21
Compare
return false; | ||
} | ||
const tokenIssuer = data.payload.iss.replace(/https?:\/\//gi, ''); | ||
return this.frontendApi === tokenIssuer; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did we check if this is correct for sites using proxy/domain/satellite?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@colinclerk Yes. The issuer of our tokens is the same as our FapiURL. For the satellite apps, we are using the FapiURL of the primary domain, so this check is valid.
What are you referring to as domain
?
0655a51
to
da8dd2b
Compare
e05b4b2
to
c6335a2
Compare
…cookies This change is required to support setting both suffixed/un-suffixed cookies using part of the publishableKey to support Multiple apps running on the same eTLD+1 domain or localhost. Setting both suffixed/un-suffixed cookies is used to support backwards compatibility.
The optionsAssertions module will include assertion function for options used across our package
…ence in AuthenticateContext
…g client_uat / session
…de@18 missing crypto.subtle
…secure context To avoid bundling the whole crypto-js library we used dynamic imports to load the dependency only if required and subpath imports to allow treeshake add only the required code parts from the crypto-js
864369d
to
3e2faed
Compare
Description
Generate suffixed and un-suffixed
__client_uat
(in dev instance),__session
,__clerk_db_jwt
(In dev instance) cookies from ClerkJS and support reading the either the suffixed or the un-suffixed cookies in the backend SDK using the__client_uat
&__session
cookies.New ClerkJS versions will generate both suffixed and un-suffixed cookies but the backend SDK will consume only 1 of those 2.
Checklist
npm test
runs as expected.npm run build
runs as expected.Type of change