merges with latest

.circleci/config.yml

@@ -10,7 +10,7 @@ orbs:
 jobs:
     create-test-jobs:
         machine:
-            image: ubuntu-2204:edge
+            image: ubuntu-2204:2022.04.1
         steps:
             - checkout
             - run:

.circleci/config_continue.yml

@@ -27,6 +27,37 @@ jobs:
       - run: make dev-install
       - run: (cd .circleci/ && ./doUnitTests.sh << parameters.cdi-version >>)
       - slack/status
+  test-backend-sdk-testing:
+    docker:
+      - image: rishabhpoddar/supertokens_node_driver_testing_node_20
+    resource_class: large
+    parameters:
+      cdi-version:
+        type: string
+      fdi-version:
+        type: string
+    steps:
+      - checkout
+      - run: update-alternatives --install "/usr/bin/java" "java" "/usr/java/jdk-15.0.1/bin/java" 2
+      - run: update-alternatives --install "/usr/bin/javac" "javac" "/usr/java/jdk-15.0.1/bin/javac" 2
+      - run: echo "127.0.0.1 localhost.org" >> /etc/hosts
+      - run:
+          name: Install latest Python and dependencies
+          command: |
+            apt-get update
+            apt-get install -y software-properties-common lsof
+            add-apt-repository -y ppa:deadsnakes/ppa
+            apt-get update
+            DEBIAN_FRONTEND=noninteractive apt-get install -y python3.11 python3-pip python3.11-dev libffi-dev
+            update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1
+            update-alternatives --set python3 /usr/bin/python3.11
+            python3 --version
+            python3 -m pip install "cython<3.0.0" wheel
+            python3 -m pip install --upgrade pip setuptools
+            python3 -m pip install "pyyaml==5.4.1" --no-build-isolation
+      - run: python3 -m pip install -r dev-requirements.txt
+      - run: (cd .circleci/ && ./doBackendSDKTests.sh << parameters.cdi-version >> << parameters.fdi-version >>)
+      - slack/status
   test-website-fastapi:
     docker:
       - image: rishabhpoddar/supertokens_python_driver_testing
@@ -256,6 +287,20 @@ workflows:
           matrix:
             parameters:
               cdi-version: placeholder
+      - test-backend-sdk-testing:
+          requires:
+              - test-dev-tag-as-not-passed
+          context:
+              - slack-notification
+          filters:
+              tags:
+                  only: /dev-v[0-9]+(\.[0-9]+)*/
+              branches:
+                  only: /test-cicd\/.*/
+          matrix:
+              parameters:
+                  cdi-version: placeholder
+                  fdi-version: placeholder
       - test-website-fastapi:
           requires:
             - test-dev-tag-as-not-passed
@@ -358,6 +403,7 @@ workflows:
       - test-success:
           requires:
             - test-unit
+            - test-backend-sdk-testing
             - test-website-fastapi
             - test-website-flask
             - test-website-django

.circleci/doBackendSDKTests.sh

@@ -0,0 +1,29 @@
+echo "Starting tests for CDI $1";
+
+if [ -z "$SUPERTOKENS_API_KEY" ]; then
+    echo "SUPERTOKENS_API_KEY not set"
+    exit 1
+fi
+
+coreDriverVersion=$1
+coreDriverVersion=`echo $coreDriverVersion | tr -d '"'`
+
+frontendDriverVersion=$2
+
+coreFree=`curl -s -X GET \
+"https://api.supertokens.io/0/core-driver-interface/dependency/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$coreDriverVersion&driverName=python" \
+-H 'api-version: 1'`
+if [[ `echo $coreFree | jq .core` == "null" ]]
+then
+    echo "fetching latest X.Y version for core given core-driver-interface X.Y version: $coreDriverVersion, planType: FREE gave response: $coreFree. Please make sure all relevant cores have been pushed."
+    exit 1
+fi
+coreFree=$(echo $coreFree | jq .core | tr -d '"')
+
+./setupAndTestBackendSDKWithFreeCore.sh $coreFree $coreDriverVersion $frontendDriverVersion
+if [[ $? -ne 0 ]]
+then
+    echo "test failed... exiting!"
+    exit 1
+fi
+rm -rf ../../supertokens-root

.circleci/setupAndTestBackendSDKWithFreeCore.sh

@@ -0,0 +1,80 @@
+coreInfo=`curl -s -X GET \
+"https://api.supertokens.io/0/core/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$1" \
+-H 'api-version: 0'`
+if [[ `echo $coreInfo | jq .tag` == "null" ]]
+then
+    echo "fetching latest X.Y.Z version for core, X.Y version: $1, planType: FREE gave response: $coreInfo"
+    exit 1
+fi
+coreTag=$(echo $coreInfo | jq .tag | tr -d '"')
+coreVersion=$(echo $coreInfo | jq .version | tr -d '"')
+
+pluginInterfaceVersionXY=`curl -s -X GET \
+"https://api.supertokens.io/0/core/dependency/plugin-interface/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$1" \
+-H 'api-version: 0'`
+if [[ `echo $pluginInterfaceVersionXY | jq .pluginInterface` == "null" ]]
+then
+    echo "fetching latest X.Y version for plugin-interface, given core X.Y version: $1, planType: FREE gave response: $pluginInterfaceVersionXY"
+    exit 1
+fi
+pluginInterfaceVersionXY=$(echo $pluginInterfaceVersionXY | jq .pluginInterface | tr -d '"')
+
+pluginInterfaceInfo=`curl -s -X GET \
+"https://api.supertokens.io/0/plugin-interface/latest?password=$SUPERTOKENS_API_KEY&planType=FREE&mode=DEV&version=$pluginInterfaceVersionXY" \
+-H 'api-version: 0'`
+if [[ `echo $pluginInterfaceInfo | jq .tag` == "null" ]]
+then
+    echo "fetching latest X.Y.Z version for plugin-interface, X.Y version: $pluginInterfaceVersionXY, planType: FREE gave response: $pluginInterfaceInfo"
+    exit 1
+fi
+pluginInterfaceTag=$(echo $pluginInterfaceInfo | jq .tag | tr -d '"')
+pluginInterfaceVersion=$(echo $pluginInterfaceInfo | jq .version | tr -d '"')
+
+echo "Testing with FREE core: $coreVersion, plugin-interface: $pluginInterfaceVersion"
+
+cd ../../
+git clone [email protected]:supertokens/supertokens-root.git
+cd supertokens-root
+if [[ $2 == "2.0" ]] || [[ $2 == "2.1" ]] || [[ $2 == "2.2" ]]
+then
+    git checkout 36e5af1b9a4e3b07247d0cf333cf82a071a78681
+fi
+echo -e "core,$1\nplugin-interface,$pluginInterfaceVersionXY" > modules.txt
+./loadModules --ssh
+cd supertokens-core
+git checkout $coreTag
+cd ../supertokens-plugin-interface
+git checkout $pluginInterfaceTag
+cd ../
+echo $SUPERTOKENS_API_KEY > apiPassword
+./utils/setupTestEnvLocal
+cd ../project/
+export PYTHONPATH=$PWD:$PYTHONPATH
+
+API_PORT=3030
+ST_CONNECTION_URI=http://localhost:8081
+
+# start test-server
+pushd tests/test-server
+sh setup-for-test.sh
+SUPERTOKENS_ENV=testing API_PORT=$API_PORT ST_CONNECTION_URI=$ST_CONNECTION_URI python3 app.py &
+popd
+
+frontendDriverVersion=$3
+# run tests
+cd ../
+git clone [email protected]:supertokens/backend-sdk-testing.git
+cd backend-sdk-testing
+git checkout $frontendDriverVersion
+npm install
+npm run build
+
+if ! [[ -z "${CIRCLE_NODE_TOTAL}" ]]; then
+    API_PORT=$API_PORT TEST_MODE=testing SUPERTOKENS_CORE_TAG=$coreTag NODE_PORT=8081 INSTALL_PATH=../supertokens-root npx mocha --node-option no-experimental-fetch -r test/fetch-polyfill.mjs --no-config --timeout 500000 $(npx mocha-split-tests -r ./runtime.log -t $CIRCLE_NODE_TOTAL -g $CIRCLE_NODE_INDEX -f 'test/**/*.test.js')
+else
+    API_PORT=$API_PORT TEST_MODE=testing SUPERTOKENS_CORE_TAG=$coreTag NODE_PORT=8081 INSTALL_PATH=../supertokens-root npm test
+fi
+
+# kill test-server
+kill $(lsof -t -i:$API_PORT)
+

CHANGELOG.md

@@ -8,11 +8,112 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
-## [0.24.0] - 2024-07-10
+## [0.24.0] - 2024-07-31
+
+### Changes
+
+-   Adds test server for `backend-sdk-testing`
+-   Sends `websiteDomain` and `apiDomain` to core for telemetry.
+-   `boxyURL` is no more mandatory input in `additionalConfig` while adding boxy-saml provider in thirdParty.
+-   Adds `jwks_refresh_interval_sec` input to `Session.init` to set the default JWKS cache duration. The default is 4 hours.
 
 ### Breaking change
 
 -   Removes the default `max_age_in_seconds` value (previously 300 seconds) in EmailVerification Claim. If the claim value is true and `max_age_in_seconds` is not provided, it will not be refetched.
+-   SDK will no longer add `.well-known/openid-configuration` to the `oidc_discovery_endpoint` config in thirdParty providers. If you have specified any custom `oidc_discovery_endpoint` in the thirdparty.init or added to the core, please make sure to update them to include `.well-known/openid-configuration`.
+-   For a non-public tenant, when there are no providers added in the core, the SDK used to fallback to the providers added in the ThirdParty.init. Now, the SDK will not fallback to the providers added in the ThirdParty.init by default. If you require a thirdparty provider to be available for non-public tenants, you can make it available by setting `include_in_non_public_tenants_by_default` for each of the providers. See the migration section below to see how to do this. Note that this only affects non-public tenants when there are no providers added in core.
+
+### Migration
+
+#### Make providers available in non-public tenants by default
+
+To make all the providers added in the ThirdParty.init available for non-public tenants by default,
+
+Before:
+
+```py
+thirdparty.init(
+    sign_in_and_up_feature=thirdparty.SignInAndUpFeature(
+        providers=[
+            thirdparty.ProviderInput(
+                config=thirdparty.ProviderConfig(
+                    third_party_id="google",
+                    # rest of the config
+                )
+            ),
+            thirdparty.ProviderInput(
+                config=thirdparty.ProviderConfig(
+                    third_party_id="github",
+                    # rest of the config
+                )
+            ),
+        ]
+    )
+)
+```
+
+After:
+
+```py
+thirdparty.init(
+    sign_in_and_up_feature=thirdparty.SignInAndUpFeature(
+        providers=[
+            thirdparty.ProviderInput(
+                config=thirdparty.ProviderConfig(
+                    third_party_id="google",
+                    # rest of the config
+                ),
+
+                # Add the following line to make this provider available in non-public tenants by default
+                include_in_non_public_tenants_by_default=True
+            ),
+            thirdparty.ProviderInput(
+                config=thirdparty.ProviderConfig(
+                    third_party_id="github",
+                    # rest of the config
+                ),
+
+                # Add the following line to make this provider available in non-public tenants by default
+                include_in_non_public_tenants_by_default=True
+            ),
+        ]
+    )
+)
+```
+
+#### Migrating `oidc_discover_endpoint` in core (for custom providers only):
+
+For each tenant, do the following
+
+1.  GET `/appid-<appId>/<tenantId>/recipe/multitenancy/tenant/v2`
+
+    You should see the thirdParty providers in the response using `response.thirdParty.providers`
+
+2.  For each config in providers list, if you have `oidcDiscoveryEndpoint` in the config, update it to include `.well-known/openid-configuration` at the end.
+
+Here's a sample code snippet to update the `oidcDiscoveryEndpoint`:
+
+```py
+import supertokens_python.recipe.multitenancy.syncio as multitenancy
+
+def is_custom_provider(third_party_id: str) -> bool:
+    custom_providers = [
+        "custom",
+        # ... all your custom thirdPartyIds
+    ]
+    return third_party_id in custom_providers
+
+
+tenants_res = multitenancy.list_all_tenants()
+
+for tenant in tenants_res.tenants:
+    for provider in tenant.third_party.providers:
+        if is_custom_provider(provider.third_party_id) and provider.oidc_discovery_endpoint:
+            provider.oidc_discovery_endpoint = provider.oidc_discovery_endpoint.rstrip("/")
+            provider.oidc_discovery_endpoint += "/.well-known/openid-configuration"
+
+            multitenancy.create_or_update_third_party_config(tenant.tenant_id, provider)
+```
 
 ## [0.23.1] - 2024-07-09
 

coreDriverInterfaceSupported.json

@@ -1,6 +1,6 @@
 {
   "_comment": "contains a list of core-driver interfaces branch names that this core supports",
   "versions": [
-    "3.0"
+    "3.1"
   ]
 }