fix: build callback handler token gegeneration (#31)

packages/medusa-plugin-auth/package.json

@@ -60,6 +60,7 @@
   },
   "dependencies": {
     "@superfaceai/passport-twitter-oauth2": "^1.1.0",
+    "@types/node": "^18.11.10",
     "cors": "^2.8.5",
     "express": "^4.18.1",
     "jsonwebtoken": "^8.5.1",

packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts

@@ -8,7 +8,7 @@ import { Router } from 'express';
 import cors from 'cors';
 import { FACEBOOK_ADMIN_STRATEGY_NAME, FacebookAuthOptions, Profile } from './types';
 import { PassportStrategy } from '../../core/Strategy';
-import { buildCallbackHandler } from '../../utils/build-callback-handler';
+import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
 
 export class FacebookAdminStrategy extends PassportStrategy(FacebookStrategy, FACEBOOK_ADMIN_STRATEGY_NAME) {
 	constructor(
@@ -92,6 +92,7 @@ export function getFacebookAdminAuthRouter(facebook: FacebookAuthOptions, config
 
 	const expiresIn = facebook.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
 	const callbackHandler = buildCallbackHandler(
+		"admin",
 		ADMIN_AUTH_TOKEN_COOKIE_NAME,
 		configModule.projectConfig.jwt_secret,
 		expiresIn,

packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts

@@ -10,7 +10,7 @@ import { EntityManager } from 'typeorm';
 import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
 import { FACEBOOK_STORE_STRATEGY_NAME, FacebookAuthOptions, Profile } from './types';
 import { PassportStrategy } from '../../core/Strategy';
-import { buildCallbackHandler } from '../../utils/build-callback-handler';
+import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
 
 export class FacebookStoreStrategy extends PassportStrategy(FacebookStrategy, FACEBOOK_STORE_STRATEGY_NAME) {
 	constructor(
@@ -118,6 +118,7 @@ export function getFacebookStoreAuthRouter(facebook: FacebookAuthOptions, config
 
 	const expiresIn = facebook.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
 	const callbackHandler = buildCallbackHandler(
+		"store",
 		STORE_AUTH_TOKEN_COOKIE_NAME,
 		configModule.projectConfig.jwt_secret,
 		expiresIn,

packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts

@@ -8,7 +8,7 @@ import { Router } from 'express';
 import cors from 'cors';
 import { GOOGLE_ADMIN_STRATEGY_NAME, GoogleAuthOptions, Profile } from './types';
 import { PassportStrategy } from '../../core/Strategy';
-import { buildCallbackHandler } from '../../utils/build-callback-handler';
+import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
 
 export class GoogleAdminStrategy extends PassportStrategy(GoogleStrategy, GOOGLE_ADMIN_STRATEGY_NAME) {
 	constructor(
@@ -94,6 +94,7 @@ export function getGoogleAdminAuthRouter(google: GoogleAuthOptions, configModule
 
 	const expiresIn = google.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
 	const callbackHandler = buildCallbackHandler(
+		"admin",
 		ADMIN_AUTH_TOKEN_COOKIE_NAME,
 		configModule.projectConfig.jwt_secret,
 		expiresIn,

packages/medusa-plugin-auth/src/auth-strategies/google/store.ts

@@ -10,7 +10,7 @@ import { EntityManager } from 'typeorm';
 import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
 import { PassportStrategy } from '../../core/Strategy';
 import { GOOGLE_STORE_STRATEGY_NAME, GoogleAuthOptions, Profile } from './types';
-import { buildCallbackHandler } from '../../utils/build-callback-handler';
+import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
 
 export class GoogleStoreStrategy extends PassportStrategy(GoogleStrategy, GOOGLE_STORE_STRATEGY_NAME) {
 	constructor(
@@ -120,6 +120,7 @@ export function getGoogleStoreAuthRouter(google: GoogleAuthOptions, configModule
 
 	const expiresIn = google.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
 	const callbackHandler = buildCallbackHandler(
+		"store",
 		STORE_AUTH_TOKEN_COOKIE_NAME,
 		configModule.projectConfig.jwt_secret,
 		expiresIn,

packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts

@@ -8,7 +8,7 @@ import { Router } from 'express';
 import cors from 'cors';
 import { LINKEDIN_ADMIN_STRATEGY_NAME, LinkedinAuthOptions, Profile } from './types';
 import { PassportStrategy } from '../../core/Strategy';
-import { buildCallbackHandler } from '../../utils/build-callback-handler';
+import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
 
 export class LinkedinAdminStrategy extends PassportStrategy(LinkedinStrategy, LINKEDIN_ADMIN_STRATEGY_NAME) {
 	constructor(
@@ -97,6 +97,7 @@ export function getLinkedinAdminAuthRouter(linkedin: LinkedinAuthOptions, config
 	const expiresIn = linkedin.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
 
 	const callbackHandler = buildCallbackHandler(
+		"admin",
 		ADMIN_AUTH_TOKEN_COOKIE_NAME,
 		configModule.projectConfig.jwt_secret,
 		expiresIn,

packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts

@@ -10,7 +10,7 @@ import { EntityManager } from 'typeorm';
 import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
 import { PassportStrategy } from '../../core/Strategy';
 import { LINKEDIN_STORE_STRATEGY_NAME, LinkedinAuthOptions, Profile } from './types';
-import { buildCallbackHandler } from '../../utils/build-callback-handler';
+import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
 
 export class LinkedinStoreStrategy extends PassportStrategy(LinkedinStrategy, LINKEDIN_STORE_STRATEGY_NAME) {
 	constructor(
@@ -122,6 +122,7 @@ export function getLinkedinStoreAuthRouter(linkedin: LinkedinAuthOptions, config
 
 	const expiresIn = linkedin.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
 	const callbackHandler = buildCallbackHandler(
+		"store",
 		STORE_AUTH_TOKEN_COOKIE_NAME,
 		configModule.projectConfig.jwt_secret,
 		expiresIn,

packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts

@@ -0,0 +1,10 @@
+import jwt from 'jsonwebtoken';
+import { getCookieOptions } from './get-cookie-options';
+
+export function buildCallbackHandler(domain: "admin" | "store", cookieName: string, secret: string, expiresIn: number, successRedirect: string) {
+	return (req, res) => {
+		const tokenData = domain === "admin" ? { userId: req.user.id } : { customer_id: req.user.id }
+		const token = jwt.sign(tokenData, secret, { expiresIn });
+		res.cookie(cookieName, token, getCookieOptions(expiresIn)).redirect(successRedirect);
+	};
+}

packages/medusa-plugin-sentry/src/api/handlers/sentry-web-hook.ts

@@ -1,6 +1,6 @@
 import { Request, Response } from 'express';
 import SentryService from '../../services/sentry';
-import { verifySignature } from '../../utils';
+import { verifySignature } from '../../core/utils';
 import { SentryWebHookOptions } from '../../types';
 
 export default (webHookOptions: SentryWebHookOptions) => {

yarn.lock

@@ -4531,6 +4531,11 @@
   resolved "https://registry.yarnpkg.com/@types/node/-/node-18.11.5.tgz#1bc94cf2f9ab5fe33353bc7c79c797dcc5325bef"
   integrity sha512-3JRwhbjI+cHLAkUorhf8RnqUbFXajvzX4q6fMn5JwkgtuwfYtRQYI3u4V92vI6NJuTsbBQWWh3RZjFsuevyMGQ==
 
+"@types/node@^18.11.10":
+  version "18.11.10"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-18.11.10.tgz#4c64759f3c2343b7e6c4b9caf761c7a3a05cee34"
+  integrity sha512-juG3RWMBOqcOuXC643OAdSA525V44cVgGV6dUDuiFtss+8Fk5x1hI93Rsld43VeJVIeqlP9I7Fn9/qaVqoEAuQ==
+
 "@types/node@^8.5.7":
   version "8.10.66"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-8.10.66.tgz#dd035d409df322acc83dff62a602f12a5783bbb3"