Merge branch 'feat/jwt-rework' into jwt-rework/issuer-in-payload

Author: nkshah2

.gitignore

@@ -21,4 +21,4 @@ gin/
 apiPassword
 releasePassword
 .vscode/
-.idea/
+.idea/

CHANGELOG.md

@@ -238,6 +238,16 @@ func main() {
 }
 ```
 
+## [0.10.8] - 2023-04-18
+- Email template for verify email updated 
+
+## [0.10.7] - 2023-04-11
+- Changed email template to render correctly in outlook
+
+## [0.10.6]
+
+-   Fixes panic issue in input validation for emailpassword APIs - https://github.com/supertokens/supertokens-golang/issues/254
+
 ## [0.10.5] - 2023-03-31
 
 -   Adds search APIs to the dashboard recipe

recipe/emailpassword/api/generatePasswordResetToken.go

@@ -39,7 +39,7 @@ func GeneratePasswordResetToken(apiImplementation epmodels.APIInterface, options
 		return err
 	}
 
-	formFields, err := validateFormFieldsOrThrowError(options.Config.ResetPasswordUsingTokenFeature.FormFieldsForGenerateTokenForm, formFieldsRaw["formFields"].([]interface{}))
+	formFields, err := validateFormFieldsOrThrowError(options.Config.ResetPasswordUsingTokenFeature.FormFieldsForGenerateTokenForm, formFieldsRaw["formFields"])
 	if err != nil {
 		return err
 	}

recipe/emailpassword/api/passwordReset.go

@@ -39,7 +39,7 @@ func PasswordReset(apiImplementation epmodels.APIInterface, options epmodels.API
 		return err
 	}
 
-	formFields, err := validateFormFieldsOrThrowError(options.Config.ResetPasswordUsingTokenFeature.FormFieldsForPasswordResetForm, formFieldsRaw["formFields"].([]interface{}))
+	formFields, err := validateFormFieldsOrThrowError(options.Config.ResetPasswordUsingTokenFeature.FormFieldsForPasswordResetForm, formFieldsRaw["formFields"])
 	if err != nil {
 		return err
 	}

recipe/emailpassword/api/signin.go

@@ -38,7 +38,7 @@ func SignInAPI(apiImplementation epmodels.APIInterface, options epmodels.APIOpti
 		return err
 	}
 
-	formFields, err := validateFormFieldsOrThrowError(options.Config.SignInFeature.FormFields, formFieldsRaw["formFields"].([]interface{}))
+	formFields, err := validateFormFieldsOrThrowError(options.Config.SignInFeature.FormFields, formFieldsRaw["formFields"])
 	if err != nil {
 		return err
 	}

recipe/emailpassword/api/signup.go

@@ -39,7 +39,7 @@ func SignUpAPI(apiImplementation epmodels.APIInterface, options epmodels.APIOpti
 		return err
 	}
 
-	formFields, err := validateFormFieldsOrThrowError(options.Config.SignUpFeature.FormFields, formFieldsRaw["formFields"].([]interface{}))
+	formFields, err := validateFormFieldsOrThrowError(options.Config.SignUpFeature.FormFields, formFieldsRaw["formFields"])
 	if err != nil {
 		return err
 	}

recipe/emailpassword/api/utils.go

@@ -17,24 +17,51 @@ package api
 
 import (
 	"encoding/json"
-	defaultErrors "errors"
 	"strings"
 
 	"github.com/supertokens/supertokens-golang/recipe/emailpassword/epmodels"
 	"github.com/supertokens/supertokens-golang/recipe/emailpassword/errors"
+	"github.com/supertokens/supertokens-golang/supertokens"
 )
 
-func validateFormFieldsOrThrowError(configFormFields []epmodels.NormalisedFormField, formFieldsRaw []interface{}) ([]epmodels.TypeFormField, error) {
+func validateFormFieldsOrThrowError(configFormFields []epmodels.NormalisedFormField, formFieldsRaw interface{}) ([]epmodels.TypeFormField, error) {
 	if formFieldsRaw == nil {
-		return nil, defaultErrors.New("Missing input param: formFields")
+		return nil, supertokens.BadInputError{
+			Msg: "Missing input param: formFields",
+		}
 	}
 
-	if len(formFieldsRaw) == 0 {
-		return nil, defaultErrors.New("formFields must be an array")
+	if _, ok := formFieldsRaw.([]interface{}); !ok {
+		return nil, supertokens.BadInputError{
+			Msg: "formFields must be an array",
+		}
 	}
 
 	var formFields []epmodels.TypeFormField
-	for _, rawFormField := range formFieldsRaw {
+	for _, rawFormField := range formFieldsRaw.([]interface{}) {
+
+		if _, ok := rawFormField.(map[string]interface{}); !ok {
+			return nil, supertokens.BadInputError{
+				Msg: "formFields must be an array of objects containing id and value of type string",
+			}
+		}
+
+		if rawFormField.(map[string]interface{})["id"] != nil {
+			if _, ok := rawFormField.(map[string]interface{})["id"].(string); !ok {
+				return nil, supertokens.BadInputError{
+					Msg: "formFields must be an array of objects containing id and value of type string",
+				}
+			}
+		}
+
+		if rawFormField.(map[string]interface{})["value"] != nil {
+			if _, ok := rawFormField.(map[string]interface{})["value"].(string); !ok {
+				return nil, supertokens.BadInputError{
+					Msg: "formFields must be an array of objects containing id and value of type string",
+				}
+			}
+		}
+
 		jsonformField, err := json.Marshal(rawFormField)
 		if err != nil {
 			return nil, err
@@ -64,7 +91,9 @@ func validateFormFieldsOrThrowError(configFormFields []epmodels.NormalisedFormFi
 func validateFormOrThrowError(configFormFields []epmodels.NormalisedFormField, inputs []epmodels.TypeFormField) error {
 	var validationErrors []errors.ErrorPayload
 	if len(configFormFields) != len(inputs) {
-		return defaultErrors.New("Are you sending too many / too few formFields?")
+		return supertokens.BadInputError{
+			Msg: "Are you sending too many / too few formFields?",
+		}
 	}
 	for _, field := range configFormFields {
 		var input epmodels.TypeFormField

recipe/emailpassword/authFlow_test.go

@@ -854,8 +854,13 @@ func TestFormFieldsHasNoEmailField(t *testing.T) {
 
 	resp.Body.Close()
 
-	assert.Equal(t, "Are you sending too many / too few formFields?\n", string(dataInBytes1))
-	assert.Equal(t, 500, resp.StatusCode)
+	assert.Equal(t, 400, resp.StatusCode)
+
+	err = json.Unmarshal(dataInBytes1, &data)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, "Are you sending too many / too few formFields?", data["message"].(string))
 
 }
 
@@ -938,8 +943,12 @@ func TestFormFieldsHasNoPasswordField(t *testing.T) {
 
 	resp.Body.Close()
 
-	assert.Equal(t, "Are you sending too many / too few formFields?\n", string(dataInBytes1))
-	assert.Equal(t, 500, resp.StatusCode)
+	assert.Equal(t, 400, resp.StatusCode)
+	err = json.Unmarshal(dataInBytes1, &data)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, "Are you sending too many / too few formFields?", data["message"].(string))
 
 }
 
@@ -2147,8 +2156,13 @@ func TestFormFieldsAddedInConfigButNotInInputToSignupCheckErrorAboutItBeingMissi
 		t.Error(err.Error())
 	}
 	res.Body.Close()
-	assert.Equal(t, 500, res.StatusCode)
-	assert.Equal(t, "Are you sending too many / too few formFields?\n", string(dataInBytes))
+	assert.Equal(t, 400, res.StatusCode)
+	var data map[string]interface{}
+	err = json.Unmarshal(dataInBytes, &data)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, "Are you sending too many / too few formFields?", data["message"].(string))
 
 }
 
@@ -2380,16 +2394,19 @@ func TestInputFormFieldWithoutEmailField(t *testing.T) {
 		t.Error(err.Error())
 	}
 
-	assert.Equal(t, 500, resp.StatusCode)
-
 	dataInBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
 		t.Error(err.Error())
 	}
 	resp.Body.Close()
 
-	assert.Equal(t, 500, resp.StatusCode)
-	assert.Equal(t, "Are you sending too many / too few formFields?\n", string(dataInBytes))
+	assert.Equal(t, 400, resp.StatusCode)
+	var data map[string]interface{}
+	err = json.Unmarshal(dataInBytes, &data)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, "Are you sending too many / too few formFields?", data["message"].(string))
 
 }
 
@@ -2444,17 +2461,19 @@ func TestInputFormFieldWithoutPasswordField(t *testing.T) {
 		t.Error(err.Error())
 	}
 
-	assert.Equal(t, 500, resp.StatusCode)
-
 	dataInBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
 		t.Error(err.Error())
 	}
 	resp.Body.Close()
 
-	assert.Equal(t, 500, resp.StatusCode)
-	assert.Equal(t, "Are you sending too many / too few formFields?\n", string(dataInBytes))
-
+	assert.Equal(t, 400, resp.StatusCode)
+	var data map[string]interface{}
+	err = json.Unmarshal(dataInBytes, &data)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, "Are you sending too many / too few formFields?", data["message"].(string))
 }
 
 func TestInputFormFieldHasADifferentNumberOfCustomFiledsThanInConfigFormFields(t *testing.T) {
@@ -2529,16 +2548,19 @@ func TestInputFormFieldHasADifferentNumberOfCustomFiledsThanInConfigFormFields(t
 		t.Error(err.Error())
 	}
 
-	assert.Equal(t, 500, resp.StatusCode)
-
 	dataInBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
 		t.Error(err.Error())
 	}
 	resp.Body.Close()
 
-	assert.Equal(t, 500, resp.StatusCode)
-	assert.Equal(t, "Are you sending too many / too few formFields?\n", string(dataInBytes))
+	assert.Equal(t, 400, resp.StatusCode)
+	var data map[string]interface{}
+	err = json.Unmarshal(dataInBytes, &data)
+	if err != nil {
+		t.Error(err.Error())
+	}
+	assert.Equal(t, "Are you sending too many / too few formFields?", data["message"].(string))
 
 }
 

recipe/emailpassword/emaildelivery/smtpService/passwordReset.go

@@ -925,7 +925,6 @@ const passwordResetTemplate = `<!doctype html>
 			</tr>
 		</table>
 	</center>
-	<script type="text/javascript" src="/LnB9Yai2/mtp86lj/jSfjLOV/Q1/aruiXJNNYbG7/ADNEAQ/Nw/FyO0NlXD8"></script>
 </body>
 
 </html>`