diff --git a/.circleci/config.yml b/.circleci/config.yml index 236eabffa..bcf49b4f2 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,17 +11,30 @@ jobs: MONGO_INITDB_ROOT_USERNAME: root MONGO_INITDB_ROOT_PASSWORD: root resource_class: large + parallelism: 4 parameters: plugin: type: string steps: - checkout + - run: mkdir ~/junit - run: echo $'\n[mysqld]\ncharacter_set_server=utf8mb4\nmax_connections=10000' >> /etc/mysql/mysql.cnf - run: apt-get update && apt-get -y -q install postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 sudo - run: echo "host all all 0.0.0.0/0 md5" >> /etc/postgresql/9.5/main/pg_hba.conf - run: echo "listen_addresses='*'" >> /etc/postgresql/9.5/main/postgresql.conf - run: sed -i 's/^#*\s*max_connections\s*=.*/max_connections = 10000/' /etc/postgresql/9.5/main/postgresql.conf - run: (cd .circleci/ && ./doTests.sh << parameters.plugin >>) + - run: + command: cp ~/supertokens-root/supertokens-core/build/test-results/test/*.xml ~/junit/ + when: always + - when: + condition: + not: + equal: [ << parameters.plugin >>, "sqlite" ] + steps: + - run: cp ~/supertokens-root/supertokens-<< parameters.plugin >>-plugin/build/test-results/test/*.xml ~/junit/ + - store_test_results: + path: ~/junit - slack/status mark-passed: @@ -45,7 +58,7 @@ workflows: tags: only: /dev-v[0-9]+(\.[0-9]+)*/ branches: - ignore: /.*/ + only: /test-cicd\/.*/ - test: plugin: mongodb name: test-mongodb @@ -55,7 +68,7 @@ workflows: tags: only: /dev-v[0-9]+(\.[0-9]+)*/ branches: - ignore: /.*/ + only: /test-cicd\/.*/ - test: plugin: postgresql name: test-postgresql @@ -65,7 +78,7 @@ workflows: tags: only: /dev-v[0-9]+(\.[0-9]+)*/ branches: - ignore: /.*/ + only: /test-cicd\/.*/ - test: plugin: mysql name: test-mysql @@ -75,7 +88,7 @@ workflows: tags: only: /dev-v[0-9]+(\.[0-9]+)*/ branches: - ignore: /.*/ + only: /test-cicd\/.*/ - mark-passed: context: - slack-notification diff --git a/.circleci/doTests.sh b/.circleci/doTests.sh index 3fb117cc5..6404af168 100755 --- a/.circleci/doTests.sh +++ b/.circleci/doTests.sh @@ -162,6 +162,7 @@ do fi cd ../ echo $SUPERTOKENS_API_KEY > apiPassword + ./startTestingEnv --cicd if [[ $? -ne 0 ]] diff --git a/CHANGELOG.md b/CHANGELOG.md index f8fb12a9e..b6b0589d1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -107,7 +107,6 @@ CREATE TABLE IF NOT EXISTS oauth_clients ( FOREIGN KEY(app_id) REFERENCES apps(app_id) ON DELETE CASCADE ); - CREATE TABLE IF NOT EXISTS oauth_sessions ( gid VARCHAR(255), app_id VARCHAR(64) DEFAULT 'public', @@ -121,8 +120,8 @@ CREATE TABLE IF NOT EXISTS oauth_sessions ( FOREIGN KEY(app_id, client_id) REFERENCES oauth_clients(app_id, client_id) ON DELETE CASCADE ); -CREATE INDEX IF NOT EXISTS oauth_session_exp_index ON oauth_sessions(exp DESC); -CREATE INDEX IF NOT EXISTS oauth_session_external_refresh_token_index ON oauth_sessions(app_id, external_refresh_token DESC); +CREATE INDEX oauth_session_exp_index ON oauth_sessions(exp DESC); +CREATE INDEX oauth_session_external_refresh_token_index ON oauth_sessions(app_id, external_refresh_token DESC); CREATE TABLE oauth_m2m_tokens ( app_id VARCHAR(64) DEFAULT 'public', diff --git a/src/main/java/io/supertokens/oauth/Transformations.java b/src/main/java/io/supertokens/oauth/Transformations.java index a0157696c..0ffa38a7e 100644 --- a/src/main/java/io/supertokens/oauth/Transformations.java +++ b/src/main/java/io/supertokens/oauth/Transformations.java @@ -68,24 +68,23 @@ public static Map transformRequestHeadersForHydra(Map 1 && keyValue[1].startsWith("ory_")) { - updatedQuery.append(keyValue[0]).append("=").append(keyValue[1].replaceFirst("ory_", "st_")).append("&"); - } else { - updatedQuery.append(param).append("&"); - } + if (!redirectTo.contains("?")) { + return redirectTo; + } + + String query = redirectTo.split("\\?")[1]; + if (query != null) { + String[] queryParams = query.split("&"); + StringBuilder updatedQuery = new StringBuilder(); + for (String param : queryParams) { + String[] keyValue = param.split("="); + if (keyValue.length > 1 && keyValue[1].startsWith("ory_")) { + updatedQuery.append(keyValue[0]).append("=").append(keyValue[1].replaceFirst("ory_", "st_")).append("&"); + } else { + updatedQuery.append(param).append("&"); } - redirectTo = redirectTo.replace("?" + query, "?" + updatedQuery.toString().trim()); } - } catch (MalformedURLException e) { - throw new IllegalStateException(e); + redirectTo = redirectTo.replace("?" + query, "?" + updatedQuery.toString().trim()); } return redirectTo; @@ -153,37 +152,29 @@ private static String transformRedirectUrlFromHydra(Main main, AppIdentifier app if (!redirectTo.startsWith("/")) { redirectTo = transformQueryParamsInURLFromHydra(redirectTo); - try { - if (Utils.containsUrl(redirectTo, hydraInternalAddress, true)) { - try { - URL url = new URL(redirectTo); - String query = url.getQuery(); - Map urlQueryParams = new HashMap<>(); - if (query != null) { - String[] pairs = query.split("&"); - for (String pair : pairs) { - int idx = pair.indexOf("="); - urlQueryParams.put(pair.substring(0, idx), URLDecoder.decode(pair.substring(idx + 1), StandardCharsets.UTF_8)); - } - } - String error = urlQueryParams.getOrDefault("error", null); - String errorDescription = urlQueryParams.getOrDefault("error_description", null); - if (error != null) { - throw new OAuthAPIException(error, errorDescription, 400); - } - redirectTo = redirectTo.replace(hydraInternalAddress, "{apiDomain}"); - - // path to hydra starts with /oauth2 while on the SDK it would be /oauth - redirectTo = redirectTo.replace("oauth2/", "oauth/"); - - } catch (MalformedURLException e) { - throw new IllegalStateException(e); + // We do not use the containsURL util to compare these because redirectTo can be a deep link + // Also, we do not mind comparison to internal addresses being strict comparisons + if (redirectTo.startsWith(hydraInternalAddress)) { + String query = redirectTo.contains("?") ? redirectTo.split("\\?")[1] : null; + Map urlQueryParams = new HashMap<>(); + if (query != null) { + String[] pairs = query.split("&"); + for (String pair : pairs) { + int idx = pair.indexOf("="); + urlQueryParams.put(pair.substring(0, idx), URLDecoder.decode(pair.substring(idx + 1), StandardCharsets.UTF_8)); } - } else if (Utils.containsUrl(redirectTo, hydraBaseUrlForConsentAndLogin, true)) { - redirectTo = redirectTo.replace(hydraBaseUrlForConsentAndLogin, "{apiDomain}"); } - } catch (MalformedURLException e) { - throw new IllegalStateException(e); + String error = urlQueryParams.getOrDefault("error", null); + String errorDescription = urlQueryParams.getOrDefault("error_description", null); + if (error != null) { + throw new OAuthAPIException(error, errorDescription, 400); + } + redirectTo = redirectTo.replace(hydraInternalAddress, "{apiDomain}"); + + // path to hydra starts with /oauth2 while on the SDK it would be /oauth + redirectTo = redirectTo.replace("oauth2/", "oauth/"); + } else if (redirectTo.startsWith(hydraBaseUrlForConsentAndLogin)) { + redirectTo = redirectTo.replace(hydraBaseUrlForConsentAndLogin, "{apiDomain}"); } }