From f8703b57051eef3f346d2f45c4491004679c3ff9 Mon Sep 17 00:00:00 2001 From: Darcy Ye Date: Wed, 3 Apr 2024 16:47:40 +0800 Subject: [PATCH] refactor: update dependency on @logto/cloud and update legacy JWT customizer --- .../connector-logto-email/package.json | 2 +- packages/console/package.json | 2 +- packages/core/package.json | 2 +- packages/core/src/oidc/init.ts | 8 +- .../src/routes/logto-config/jwt-customizer.ts | 6 +- ...-1712132946-rename-jwt-customizer-field.ts | 105 ++++++++++++++++++ .../src/types/logto-config/jwt-customizer.ts | 6 - pnpm-lock.yaml | 19 ++-- 8 files changed, 123 insertions(+), 27 deletions(-) create mode 100644 packages/schemas/alterations/next-1712132946-rename-jwt-customizer-field.ts diff --git a/packages/connectors/connector-logto-email/package.json b/packages/connectors/connector-logto-email/package.json index c35c5cab5d96..10d2a7a91646 100644 --- a/packages/connectors/connector-logto-email/package.json +++ b/packages/connectors/connector-logto-email/package.json @@ -48,6 +48,6 @@ "access": "public" }, "devDependencies": { - "@logto/cloud": "0.2.5-6c090b2" + "@logto/cloud": "0.2.5-1807f9c" } } diff --git a/packages/console/package.json b/packages/console/package.json index feb68a1cec7d..b28527bfe70e 100644 --- a/packages/console/package.json +++ b/packages/console/package.json @@ -28,7 +28,7 @@ "@fontsource/roboto-mono": "^5.0.0", "@jest/types": "^29.5.0", "@logto/app-insights": "workspace:^1.4.0", - "@logto/cloud": "0.2.5-6c090b2", + "@logto/cloud": "0.2.5-1807f9c", "@logto/connector-kit": "workspace:^2.1.0", "@logto/core-kit": "workspace:^2.3.0", "@logto/language-kit": "workspace:^1.1.0", diff --git a/packages/core/package.json b/packages/core/package.json index 32157e3adce9..6dfca1e04709 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -91,7 +91,7 @@ "zod": "^3.22.4" }, "devDependencies": { - "@logto/cloud": "0.2.5-6c090b2", + "@logto/cloud": "0.2.5-1807f9c", "@silverhand/eslint-config": "5.0.0", "@silverhand/ts-config": "5.0.0", "@types/debug": "^4.1.7", diff --git a/packages/core/src/oidc/init.ts b/packages/core/src/oidc/init.ts index d365157243c5..9c768775328b 100644 --- a/packages/core/src/oidc/init.ts +++ b/packages/core/src/oidc/init.ts @@ -18,7 +18,7 @@ import { type Json, jwtCustomizer as jwtCustomizerLog, LogResult, - LogtoJwtTokenPath, + LogtoJwtTokenKeyType, } from '@logto/schemas'; import { generateStandardId } from '@logto/shared'; import { conditional, trySafe, tryThat } from '@silverhand/essentials'; @@ -269,13 +269,11 @@ export default function initOidc( body: isTokenClientCredentials ? { ...commonPayload, - // TODO: update once cloud repo is ready. - tokenType: LogtoJwtTokenPath.ClientCredentials, + tokenType: LogtoJwtTokenKeyType.ClientCredentials, } : { ...commonPayload, - // TODO: update once cloud repo is ready. - tokenType: LogtoJwtTokenPath.AccessToken, + tokenType: LogtoJwtTokenKeyType.AccessToken, // TODO (LOG-8555): the newly added `UserProfile` type includes undefined fields and can not be directly assigned to `Json` type. And the `undefined` fields should be removed by zod guard. // eslint-disable-next-line no-restricted-syntax context: { user: logtoUserInfo as Record }, diff --git a/packages/core/src/routes/logto-config/jwt-customizer.ts b/packages/core/src/routes/logto-config/jwt-customizer.ts index cd1ece363721..0c312a2b84af 100644 --- a/packages/core/src/routes/logto-config/jwt-customizer.ts +++ b/packages/core/src/routes/logto-config/jwt-customizer.ts @@ -7,8 +7,6 @@ import { adminTenantId, jwtCustomizerConfigsGuard, jwtCustomizerTestRequestBodyGuard, - type CustomJwtFetcher, - type LogtoJwtTokenPath, } from '@logto/schemas'; import { ResponseError } from '@withtyped/client'; import { ZodError, z } from 'zod'; @@ -191,9 +189,7 @@ export default function logtoConfigJwtCustomizerRoutes( try { ctx.body = await client.post(`/api/services/custom-jwt`, { - // TODO: remove type casting once the cloud repo is updated. - // eslint-disable-next-line no-restricted-syntax - body: body as CustomJwtFetcher & { tokenType: LogtoJwtTokenPath }, + body, }); } catch (error: unknown) { /** diff --git a/packages/schemas/alterations/next-1712132946-rename-jwt-customizer-field.ts b/packages/schemas/alterations/next-1712132946-rename-jwt-customizer-field.ts new file mode 100644 index 000000000000..f8300326c453 --- /dev/null +++ b/packages/schemas/alterations/next-1712132946-rename-jwt-customizer-field.ts @@ -0,0 +1,105 @@ +import { sql } from '@silverhand/slonik'; + +import type { AlterationScript } from '../lib/types/alteration.js'; + +enum LogtoJwtTokenKey { + AccessToken = 'jwt.accessToken', + ClientCredentials = 'jwt.clientCredentials', +} + +type OldJwtCustomizer = { + [x: string]: unknown; + envVars?: Record; +}; + +type OldJwtCustomizerRow = { + tenantId: string; + key: LogtoJwtTokenKey; + value: OldJwtCustomizer; +}; + +type NewJwtCustomizer = { + [x: string]: unknown; + environmentVariables?: Record; +}; + +type NewJwtCustomizerRow = { + tenantId: string; + key: LogtoJwtTokenKey; + value: NewJwtCustomizer; +}; + +const alteration: AlterationScript = { + up: async (pool) => { + const { rows } = await pool.query(sql` + select * from logto_configs + where key in (${LogtoJwtTokenKey.AccessToken}, ${LogtoJwtTokenKey.ClientCredentials}); + `); + + if (rows.length === 0) { + return; + } + + await Promise.all( + rows.map(async (row) => { + const { + tenantId, + key, + value: { envVars, ...rest }, + } = row; + + if (!envVars) { + return; + } + + const newJwtCustomizer: NewJwtCustomizer = { + environmentVariables: envVars, + ...rest, + }; + + await pool.query(sql` + update logto_configs + set value = ${JSON.stringify(newJwtCustomizer)} + where tenant_id = ${tenantId} and key = ${key}; + `); + }) + ); + }, + down: async (pool) => { + const { rows } = await pool.query(sql` + select * from logto_configs + where key in (${LogtoJwtTokenKey.AccessToken}, ${LogtoJwtTokenKey.ClientCredentials}); + `); + + if (rows.length === 0) { + return; + } + + await Promise.all( + rows.map(async (row) => { + const { + tenantId, + key, + value: { environmentVariables, ...rest }, + } = row; + + if (!environmentVariables) { + return; + } + + const oldJwtCustomizer: OldJwtCustomizer = { + envVars: environmentVariables, + ...rest, + }; + + await pool.query(sql` + update logto_configs + set value = ${JSON.stringify(oldJwtCustomizer)} + where tenant_id = ${tenantId} and key = ${key}; + `); + }) + ); + }, +}; + +export default alteration; diff --git a/packages/schemas/src/types/logto-config/jwt-customizer.ts b/packages/schemas/src/types/logto-config/jwt-customizer.ts index 91bfc45b9f0c..d6f252a37e6a 100644 --- a/packages/schemas/src/types/logto-config/jwt-customizer.ts +++ b/packages/schemas/src/types/logto-config/jwt-customizer.ts @@ -59,12 +59,6 @@ export const clientCredentialsJwtCustomizerGuard = jwtCustomizerGuard export type ClientCredentialsJwtCustomizer = z.infer; -// TODO: Temporarily leave this and will remove it after the cloud repo is updated. -export enum LogtoJwtTokenPath { - AccessToken = 'access-token', - ClientCredentials = 'client-credentials', -} - export enum LogtoJwtTokenKeyType { AccessToken = 'access-token', ClientCredentials = 'client-credentials', diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 44dfbd46f9d7..3ae67ed1f867 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1235,8 +1235,8 @@ importers: version: 3.22.4 devDependencies: '@logto/cloud': - specifier: 0.2.5-6c090b2 - version: 0.2.5-6c090b2(zod@3.22.4) + specifier: 0.2.5-1807f9c + version: 0.2.5-1807f9c(zod@3.22.4) '@rollup/plugin-commonjs': specifier: ^25.0.0 version: 25.0.7(rollup@4.12.0) @@ -2715,8 +2715,8 @@ importers: specifier: workspace:^1.4.0 version: link:../app-insights '@logto/cloud': - specifier: 0.2.5-6c090b2 - version: 0.2.5-6c090b2(zod@3.22.4) + specifier: 0.2.5-1807f9c + version: 0.2.5-1807f9c(zod@3.22.4) '@logto/connector-kit': specifier: workspace:^2.1.0 version: link:../toolkit/connector-kit @@ -3202,8 +3202,8 @@ importers: version: 3.22.4 devDependencies: '@logto/cloud': - specifier: 0.2.5-6c090b2 - version: 0.2.5-6c090b2(zod@3.22.4) + specifier: 0.2.5-1807f9c + version: 0.2.5-1807f9c(zod@3.22.4) '@silverhand/eslint-config': specifier: 5.0.0 version: 5.0.0(eslint@8.44.0)(prettier@3.0.0)(typescript@5.3.3) @@ -7644,8 +7644,8 @@ packages: jose: 5.2.2 dev: true - /@logto/cloud@0.2.5-6c090b2(zod@3.22.4): - resolution: {integrity: sha512-hyPwnd3endAlvW3/55zde2g2hUFGDbHMswh1HqIQoizBikgdI1KjZL9YF/kfTGAOr8AYHJQOYOpphWNcNQ1AZQ==} + /@logto/cloud@0.2.5-1807f9c(zod@3.22.4): + resolution: {integrity: sha512-npHrIjd7l90rCEx4G6RHR0Xu4d7X1JPeGjGpfyLjPttx4MTMHHOZS/8GtsXDdrFKRioZUsAymvNfjhNKq/XoQg==} engines: {node: ^20.9.0} dependencies: '@silverhand/essentials': 2.9.0 @@ -17988,6 +17988,9 @@ packages: resolution: {integrity: sha512-2GTVocFkwblV/TIg9AmT7TI2fO4xdWkyN8aFUEVtiVNWt96GTR3FgQyHFValfCbcj1k9Xf962Ws2hYXYUr9k1Q==} engines: {node: '>= 12.0.0'} hasBin: true + peerDependenciesMeta: + '@parcel/core': + optional: true dependencies: '@parcel/config-default': 2.9.3(@parcel/core@2.9.3)(postcss@8.4.31) '@parcel/core': 2.9.3