Fixes are per PR comments

nkshah2 · nkshah2 · commit 6a25f9454dea · 2023-05-05T15:49:10.000+05:30
diff --git a/recipe/session/accessToken.go b/recipe/session/accessToken.go
@@ -101,6 +101,7 @@ func GetInfoFromAccessToken(jwtInfo sessmodels.ParsedJWTInfo, jwks keyfunc.JWKS,
 				}
 
 				payload = claimsMap
+				break
 			}
 		}
 	}
diff --git a/recipe/session/apiImplementation.go b/recipe/session/apiImplementation.go
@@ -18,7 +18,6 @@ package session
 import (
 	"net/http"
 
-	"github.com/supertokens/supertokens-golang/recipe/session/claims"
 	"github.com/supertokens/supertokens-golang/recipe/session/sessmodels"
 	"github.com/supertokens/supertokens-golang/supertokens"
 )
@@ -64,30 +63,6 @@ func MakeAPIImplementation() sessmodels.APIInterface {
 				return nil, nil
 			}
 
-			var overrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, sessionContainer sessmodels.SessionContainer, userContext supertokens.UserContext) ([]claims.SessionClaimValidator, error) = nil
-			if verifySessionOptions != nil {
-				overrideGlobalClaimValidators = verifySessionOptions.OverrideGlobalClaimValidators
-			}
-			claimValidators := options.ClaimValidatorsAddedByOtherRecipes
-			claimValidators, err = (*options.RecipeImplementation.GetGlobalClaimValidators)((*sessionContainer).GetUserID(), claimValidators, userContext)
-			if err != nil {
-				return nil, err
-			}
-			if overrideGlobalClaimValidators != nil {
-				claimValidators, err = overrideGlobalClaimValidators(claimValidators, sessionContainer, userContext)
-				if err != nil {
-					return nil, err
-				}
-			}
-
-			if err != nil {
-				return nil, err
-			}
-			err = (*sessionContainer).AssertClaimsWithContext(claimValidators, userContext)
-			if err != nil {
-				return nil, err
-			}
-
 			return sessionContainer, nil
 		}
 	}
diff --git a/recipe/session/cookieAndHeaders.go b/recipe/session/cookieAndHeaders.go
@@ -19,6 +19,8 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"errors"
+	"fmt"
+	"github.com/supertokens/supertokens-golang/supertokens"
 	"net/http"
 	"net/textproto"
 	"net/url"
@@ -158,6 +160,7 @@ func GetToken(req *http.Request, tokenType sessmodels.TokenType, transferMethod
 }
 
 func setToken(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, tokenType sessmodels.TokenType, value string, expires uint64, transferMethod sessmodels.TokenTransferMethod) error {
+	supertokens.LogDebugMessage(fmt.Sprint("setToken: Setting ", tokenType, " token as ", transferMethod))
 	if transferMethod == sessmodels.CookieTransferMethod {
 		cookieName, err := getCookieNameFromTokenType(tokenType)
 		if err != nil {
@@ -169,7 +172,7 @@ func setToken(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, to
 		} else if tokenType == sessmodels.RefreshToken {
 			pathType = "refreshTokenPath"
 		}
-		SetCookie(config, res, cookieName, value, expires, pathType)
+		setCookie(config, res, cookieName, value, expires, pathType)
 	} else if transferMethod == sessmodels.HeaderTransferMethod {
 		headerName, err := getResponseHeaderNameForTokenType(tokenType)
 		if err != nil {
@@ -193,7 +196,7 @@ func setHeader(res http.ResponseWriter, key, value string, allowDuplicateKey boo
 	}
 }
 
-func SetCookie(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, name string, value string, expires uint64, pathType string) {
+func setCookie(config sessmodels.TypeNormalisedInput, res http.ResponseWriter, name string, value string, expires uint64, pathType string) {
 	var domain string
 	if config.CookieDomain != nil {
 		domain = *config.CookieDomain
diff --git a/recipe/session/sessionFunctions.go b/recipe/session/sessionFunctions.go
@@ -83,10 +83,10 @@ func getSessionHelper(config sessmodels.TypeNormalisedInput, querier supertokens
 			return sessmodels.GetSessionResponse{}, err
 		}
 
-		expiryTime := uint64(expiryTimeInPayload.(float64))
-		timeCreated := uint64(timeCreatedInPayload.(float64))
-
 		if parsedAccessToken.Version < 3 {
+			expiryTime := uint64(expiryTimeInPayload.(float64))
+			timeCreated := uint64(timeCreatedInPayload.(float64))
+
 			if expiryTime < GetCurrTimeInMS() {
 				return sessmodels.GetSessionResponse{}, err
 			}
diff --git a/recipe/session/sessionRequestFunctions.go b/recipe/session/sessionRequestFunctions.go
@@ -300,7 +300,7 @@ func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config
 	} else {
 		if GetCookieValue(req, legacyIdRefreshTokenCookieName) != nil {
 			supertokens.LogDebugMessage("refreshSession: cleared legacy id refresh token because refresh token was not found")
-			SetCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")
+			setCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")
 		}
 
 		supertokens.LogDebugMessage("refreshSession: UNAUTHORISED because refresh token in request is undefined")
@@ -339,7 +339,7 @@ func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config
 		if (isTokenTheftDetectedErr) || (isUnauthorisedErr && unauthorisedErr.ClearTokens != nil && *unauthorisedErr.ClearTokens) {
 			if GetCookieValue(req, legacyIdRefreshTokenCookieName) != nil {
 				supertokens.LogDebugMessage("refreshSession: cleared legacy id refresh token because refresh is clearing other tokens")
-				SetCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")
+				setCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")
 			}
 		}
 
@@ -364,7 +364,7 @@ func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config
 
 	if GetCookieValue(req, legacyIdRefreshTokenCookieName) != nil {
 		supertokens.LogDebugMessage("refreshSession: cleared legacy id refresh token after successful refresh")
-		SetCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")
+		setCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")
 	}
 
 	return result, nil
diff --git a/recipe/session/sessmodels/models.go b/recipe/session/sessmodels/models.go
@@ -28,7 +28,7 @@ import (
 
 type TokenType string
 
-var JWKCacheMaxAgeInMs = 600000
+var JWKCacheMaxAgeInMs = 60000
 var JWKRefreshRateLimit = 500
 
 const (
diff --git a/recipe/session/sessmodels/recipeInterface.go b/recipe/session/sessmodels/recipeInterface.go
@@ -20,29 +20,6 @@ import (
 	"github.com/supertokens/supertokens-golang/supertokens"
 )
 
-type CreateNewSessionResponse struct {
-	Status  string
-	Session SessionContainer
-}
-
-type GetSessionFunctionResponse struct {
-	Status  string
-	Session *SessionContainer
-	Error   *error
-}
-
-type GetSessionMainFunctionClaimResponse struct {
-	Message               string
-	ClaimValidationErrors []claims.ClaimValidationError
-}
-
-type GetSessionMainFunctionResponse struct {
-	Status   string
-	Session  *SessionContainer
-	Error    *error
-	Response *GetSessionMainFunctionClaimResponse
-}
-
 type RecipeInterface struct {
 	CreateNewSession            *func(userID string, accessTokenPayload map[string]interface{}, sessionDataInDatabase map[string]interface{}, disableAntiCsrf *bool, userContext supertokens.UserContext) (SessionContainer, error)
 	GetSession                  *func(accessToken string, antiCSRFToken *string, options *VerifySessionOptions, userContext supertokens.UserContext) (SessionContainer, error)
diff --git a/recipe/session/utils.go b/recipe/session/utils.go
@@ -308,23 +308,6 @@ func sendTokenTheftDetectedResponse(recipeInstance Recipe, sessionHandle string,
 	return supertokens.SendNon200ResponseWithMessage(response, "token theft detected", recipeInstance.Config.SessionExpiredStatusCode)
 }
 
-func getKeyInfoFromJson(response map[string]interface{}) []sessmodels.KeyInfo {
-	keyList := []sessmodels.KeyInfo{}
-
-	_, ok := response["jwtSigningPublicKeyList"]
-	if ok {
-		for _, k := range response["jwtSigningPublicKeyList"].([]interface{}) {
-			keyList = append(keyList, sessmodels.KeyInfo{
-				PublicKey:  (k.((map[string]interface{})))["publicKey"].(string),
-				ExpiryTime: uint64((k.((map[string]interface{})))["ExpiryTime"].(float64)),
-				CreatedAt:  uint64((k.((map[string]interface{})))["createdAt"].(float64)),
-			})
-		}
-	}
-
-	return keyList
-}
-
 func ValidateClaimsInPayload(claimValidators []claims.SessionClaimValidator, newAccessTokenPayload map[string]interface{}, userContext supertokens.UserContext) []claims.ClaimValidationError {
 	validationErrors := []claims.ClaimValidationError{}
 
diff --git a/supertokens/utils.go b/supertokens/utils.go
@@ -286,6 +286,8 @@ func SetRequestInUserContextIfNotDefined(userContext *map[string]interface{}, r
 
 	if userContext == nil {
 		_userContext = map[string]interface{}{}
+	} else {
+		_userContext = *userContext
 	}
 
 	defaultObj, ok := _userContext["_default"]

Original file line number	Diff line number	Diff line change
`@@ -101,6 +101,7 @@ func GetInfoFromAccessToken(jwtInfo sessmodels.ParsedJWTInfo, jwks keyfunc.JWKS,`
`101`	`101`	`}`
`102`	`102`
`103`	`103`	`payload = claimsMap`
	`104`	`+ break`
`104`	`105`	`}`
`105`	`106`	`}`
`106`	`107`	`}`
Original file line number	Diff line number	Diff line change
`@@ -83,10 +83,10 @@ func getSessionHelper(config sessmodels.TypeNormalisedInput, querier supertokens`
`83`	`83`	`return sessmodels.GetSessionResponse{}, err`
`84`	`84`	`}`
`85`	`85`
`86`		`- expiryTime := uint64(expiryTimeInPayload.(float64))`
`87`		`- timeCreated := uint64(timeCreatedInPayload.(float64))`
`88`		`-`
`89`	`86`	`if parsedAccessToken.Version < 3 {`
	`87`	`+ expiryTime := uint64(expiryTimeInPayload.(float64))`
	`88`	`+ timeCreated := uint64(timeCreatedInPayload.(float64))`
	`89`	`+`
`90`	`90`	`if expiryTime < GetCurrTimeInMS() {`
`91`	`91`	`return sessmodels.GetSessionResponse{}, err`
`92`	`92`	`}`
Original file line number	Diff line number	Diff line change
`@@ -300,7 +300,7 @@ func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config`
`300`	`300`	`} else {`
`301`	`301`	`if GetCookieValue(req, legacyIdRefreshTokenCookieName) != nil {`
`302`	`302`	`supertokens.LogDebugMessage("refreshSession: cleared legacy id refresh token because refresh token was not found")`
`303`		`- SetCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")`
	`303`	`+ setCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")`
`304`	`304`	`}`
`305`	`305`
`306`	`306`	`supertokens.LogDebugMessage("refreshSession: UNAUTHORISED because refresh token in request is undefined")`
`@@ -339,7 +339,7 @@ func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config`
`339`	`339`	`if (isTokenTheftDetectedErr) \|\| (isUnauthorisedErr && unauthorisedErr.ClearTokens != nil && *unauthorisedErr.ClearTokens) {`
`340`	`340`	`if GetCookieValue(req, legacyIdRefreshTokenCookieName) != nil {`
`341`	`341`	`supertokens.LogDebugMessage("refreshSession: cleared legacy id refresh token because refresh is clearing other tokens")`
`342`		`- SetCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")`
	`342`	`+ setCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")`
`343`	`343`	`}`
`344`	`344`	`}`
`345`	`345`
`@@ -364,7 +364,7 @@ func RefreshSessionInRequest(req *http.Request, res http.ResponseWriter, config`
`364`	`364`
`365`	`365`	`if GetCookieValue(req, legacyIdRefreshTokenCookieName) != nil {`
`366`	`366`	`supertokens.LogDebugMessage("refreshSession: cleared legacy id refresh token after successful refresh")`
`367`		`- SetCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")`
	`367`	`+ setCookie(config, res, legacyIdRefreshTokenCookieName, "", 0, "accessTokenPath")`
`368`	`368`	`}`
`369`	`369`
`370`	`370`	`return result, nil`
Original file line number	Diff line number	Diff line change
`@@ -286,6 +286,8 @@ func SetRequestInUserContextIfNotDefined(userContext *map[string]interface{}, r`
`286`	`286`
`287`	`287`	`if userContext == nil {`
`288`	`288`	`_userContext = map[string]interface{}{}`
	`289`	`+ } else {`
	`290`	`+ _userContext = *userContext`
`289`	`291`	`}`
`290`	`292`
`291`	`293`	`defaultObj, ok := _userContext["_default"]`