From 9bd21341ed112eeccddfd4718597d9db312c8b4f Mon Sep 17 00:00:00 2001 From: Bryce Kalow Date: Mon, 13 Jan 2025 16:28:16 -0600 Subject: [PATCH] Use proper format values, and pass in body instead of query parmeter --- packages/backend/src/api/endpoints/SessionApi.ts | 8 ++++---- packages/backend/src/api/resources/Deserializer.ts | 3 +++ packages/backend/src/api/resources/index.ts | 1 + packages/backend/src/tokens/request.ts | 2 +- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/packages/backend/src/api/endpoints/SessionApi.ts b/packages/backend/src/api/endpoints/SessionApi.ts index 40decef685..c360ffd446 100644 --- a/packages/backend/src/api/endpoints/SessionApi.ts +++ b/packages/backend/src/api/endpoints/SessionApi.ts @@ -22,7 +22,7 @@ type RefreshTokenParams = { request_originating_ip?: string; request_headers?: Record; suffixed_cookies?: boolean; - format?: 'token' | 'cookies'; + format?: 'token' | 'cookie'; }; export class SessionAPI extends AbstractAPI { @@ -68,16 +68,16 @@ export class SessionAPI extends AbstractAPI { } public async refreshSession(sessionId: string, params: RefreshTokenParams & { format: 'token ' }): Promise; - public async refreshSession(sessionId: string, params: RefreshTokenParams & { format: 'cookies' }): Promise; + public async refreshSession(sessionId: string, params: RefreshTokenParams & { format: 'cookie' }): Promise; public async refreshSession(sessionId: string, params: RefreshTokenParams): Promise; public async refreshSession(sessionId: string, params: RefreshTokenParams): Promise { this.requireId(sessionId); - const { format = 'token', suffixed_cookies, ...restParams } = params; + const { suffixed_cookies, ...restParams } = params; return this.request({ method: 'POST', path: joinPaths(basePath, sessionId, 'refresh'), bodyParams: restParams, - queryParams: { format, suffixed_cookies }, + queryParams: { suffixed_cookies }, }); } } diff --git a/packages/backend/src/api/resources/Deserializer.ts b/packages/backend/src/api/resources/Deserializer.ts index 11a6a36164..067d0ee069 100644 --- a/packages/backend/src/api/resources/Deserializer.ts +++ b/packages/backend/src/api/resources/Deserializer.ts @@ -1,6 +1,7 @@ import { AllowlistIdentifier, Client, + Cookies, DeletedObject, Email, EmailAddress, @@ -72,6 +73,8 @@ function jsonToObject(item: any): any { return AllowlistIdentifier.fromJSON(item); case ObjectType.Client: return Client.fromJSON(item); + case ObjectType.Cookies: + return Cookies.fromJSON(item); case ObjectType.EmailAddress: return EmailAddress.fromJSON(item); case ObjectType.Email: diff --git a/packages/backend/src/api/resources/index.ts b/packages/backend/src/api/resources/index.ts index 20854c5644..49f8daed72 100644 --- a/packages/backend/src/api/resources/index.ts +++ b/packages/backend/src/api/resources/index.ts @@ -1,6 +1,7 @@ export * from './AccountlessApplication'; export * from './AllowlistIdentifier'; export * from './Client'; +export * from './Cookies'; export * from './DeletedObject'; export * from './Email'; export * from './EmailAddress'; diff --git a/packages/backend/src/tokens/request.ts b/packages/backend/src/tokens/request.ts index e9eab75ac1..1ea17f1eb5 100644 --- a/packages/backend/src/tokens/request.ts +++ b/packages/backend/src/tokens/request.ts @@ -274,7 +274,7 @@ ${error.getFullMessage()}`, try { // Perform the actual token refresh. const response = await options.apiClient.sessions.refreshSession(decodeResult.payload.sid, { - format: 'cookies', + format: 'cookie', suffixed_cookies: authenticateContext.usesSuffixedCookies(), expired_token: expiredSessionToken || '', refresh_token: refreshToken || '',