diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e4aa70f2..92651cc18 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [unreleased] +## [0.16.1] - 2023-09-19 + +- Uses `nest_asyncio` patch in event loop - sync to async +- Retry Querier request on `AsyncLibraryNotFoundError` +- Handle AWS Public URLs (ending with `.amazonaws.com`) separately while extracting TLDs for SameSite attribute. ## [0.16.0] - 2023-09-13 @@ -535,6 +540,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 } ``` +## [0.14.10] - 2023-09-31 + +- Uses nest_asyncio patch in event loop - sync to async + +## [0.14.9] - 2023-09-28 + +- Add logic to retry network calls if the core returns status 429 + ## [0.14.8] - 2023-07-07 ## Fixes diff --git a/addDevTag b/addDevTag index 1fd4f670e..cdde45c47 100755 --- a/addDevTag +++ b/addDevTag @@ -1,11 +1,5 @@ #!/bin/bash -# check if we need to merge master into this branch------------ -if [[ $(git log origin/master ^HEAD) ]]; then - echo "You need to merge master into this branch. Exiting" - exit 1 -fi - # get version------------ version=`cat setup.py | grep -e 'version='` while IFS='"' read -ra ADDR; do diff --git a/html/supertokens_python/constants.html b/html/supertokens_python/constants.html index 433530761..43c3751a5 100644 --- a/html/supertokens_python/constants.html +++ b/html/supertokens_python/constants.html @@ -87,4 +87,4 @@

Index

Generated by pdoc 0.10.0.

- \ No newline at end of file + diff --git a/setup.py b/setup.py index ca2400964..7489df509 100644 --- a/setup.py +++ b/setup.py @@ -70,7 +70,7 @@ setup( name="supertokens_python", - version="0.16.0", + version="0.16.1", author="SuperTokens", license="Apache 2.0", author_email="team@supertokens.com", @@ -112,6 +112,7 @@ "twilio==7.9.1", "aiosmtplib==1.1.6", "pkce==1.0.3", + "nest-asyncio==1.5.1", ], python_requires=">=3.7", include_package_data=True, diff --git a/supertokens_python/async_to_sync_wrapper.py b/supertokens_python/async_to_sync_wrapper.py index 4a56ea31b..9c623bf51 100644 --- a/supertokens_python/async_to_sync_wrapper.py +++ b/supertokens_python/async_to_sync_wrapper.py @@ -12,6 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. +import nest_asyncio # type: ignore import asyncio from typing import Any, Coroutine, TypeVar @@ -24,6 +25,7 @@ def check_event_loop(): except RuntimeError as ex: if "There is no current event loop in thread" in str(ex): loop = asyncio.new_event_loop() + nest_asyncio.apply(loop) # type: ignore asyncio.set_event_loop(loop) diff --git a/supertokens_python/constants.py b/supertokens_python/constants.py index 075ff9309..292277329 100644 --- a/supertokens_python/constants.py +++ b/supertokens_python/constants.py @@ -14,7 +14,7 @@ from __future__ import annotations SUPPORTED_CDI_VERSIONS = ["3.0"] -VERSION = "0.16.0" +VERSION = "0.16.1" TELEMETRY = "/telemetry" USER_COUNT = "/users/count" USER_DELETE = "/user/remove" diff --git a/supertokens_python/utils.py b/supertokens_python/utils.py index a79d182c1..1b8afd85b 100644 --- a/supertokens_python/utils.py +++ b/supertokens_python/utils.py @@ -299,8 +299,13 @@ def get_top_level_domain_for_same_site_resolution(url: str) -> str: if hostname.startswith("localhost") or is_an_ip_address(hostname): return "localhost" + parsed_url: Any = extract(hostname, include_psl_private_domains=True) if parsed_url.domain == "": # type: ignore + # We need to do this because of https://github.com/supertokens/supertokens-python/issues/394 + if hostname.endswith(".amazonaws.com") and parsed_url.suffix == hostname: + return hostname + raise Exception( "Please make sure that the apiDomain and websiteDomain have correct values" ) diff --git a/tests/test_config.py b/tests/test_config.py index 521827f99..2df57fe59 100644 --- a/tests/test_config.py +++ b/tests/test_config.py @@ -736,3 +736,67 @@ async def test_samesite_invalid_config(): ) else: assert False, "Exception not raised" + + +@mark.asyncio +async def test_cookie_samesite_with_ec2_public_url(): + start_st() + init( + supertokens_config=SupertokensConfig("http://localhost:3567"), + app_info=InputAppInfo( + app_name="SuperTokens Demo", + api_domain="https://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3001", + website_domain="https://blog.supertokens.com", + api_base_path="/", + ), + framework="fastapi", + recipe_list=[ + session.init(get_token_transfer_method=lambda _, __, ___: "cookie") + ], + ) + + # domain name isn't provided so browser decides to use the same host + # which will be ec2-xx-yyy-zzz-0.compute-1.amazonaws.com + assert SessionRecipe.get_instance().config.cookie_domain is None + assert SessionRecipe.get_instance().config.cookie_same_site == "none" + assert SessionRecipe.get_instance().config.cookie_secure is True + + reset() + + init( + supertokens_config=SupertokensConfig("http://localhost:3567"), + app_info=InputAppInfo( + app_name="SuperTokens Demo", + api_domain="http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3001", + website_domain="http://ec2-aa-bbb-ccc-0.compute-1.amazonaws.com:3000", + api_base_path="/", + ), + framework="fastapi", + recipe_list=[ + session.init(get_token_transfer_method=lambda _, __, ___: "cookie") + ], + ) + + assert SessionRecipe.get_instance().config.cookie_domain is None + assert SessionRecipe.get_instance().config.cookie_same_site == "none" + assert SessionRecipe.get_instance().config.cookie_secure is False + + reset() + + init( + supertokens_config=SupertokensConfig("http://localhost:3567"), + app_info=InputAppInfo( + app_name="SuperTokens Demo", + api_domain="http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3001", + website_domain="http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3000", + api_base_path="/", + ), + framework="fastapi", + recipe_list=[ + session.init(get_token_transfer_method=lambda _, __, ___: "cookie") + ], + ) + + assert SessionRecipe.get_instance().config.cookie_domain is None + assert SessionRecipe.get_instance().config.cookie_same_site == "lax" + assert SessionRecipe.get_instance().config.cookie_secure is False diff --git a/tests/test_utils.py b/tests/test_utils.py index 28b822539..db41552d2 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -3,7 +3,11 @@ import pytest import threading -from supertokens_python.utils import humanize_time, is_version_gte +from supertokens_python.utils import ( + humanize_time, + is_version_gte, + get_top_level_domain_for_same_site_resolution, +) from supertokens_python.utils import RWMutex from tests.utils import is_subset @@ -171,3 +175,25 @@ def balance_is_valid(): expected_balance -= 10 * 5 # 10 threads withdrawing 5 each actual_balance, _ = account.get_stats() assert actual_balance == expected_balance, "Incorrect account balance" + + +@pytest.mark.parametrize( + "url,res", + [ + ("http://localhost:3001", "localhost"), + ( + "https://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com", + "ec2-xx-yyy-zzz-0.compute-1.amazonaws.com", + ), + ( + "https://foo.vercel.com", + "vercel.com", + ), + ( + "https://blog.supertokens.com", + "supertokens.com", + ), + ], +) +def test_tld_for_same_site(url: str, res: str): + assert get_top_level_domain_for_same_site_resolution(url) == res