chore: sync console-preview with next/main (#12303)

aws-amplify · Oct 16, 2023 · 5a31ca1 · 5a31ca1
2 parents f7f118b + b5d6819
commit 5a31ca1
Show file tree

Hide file tree

Showing 18 changed files with 224 additions and 154 deletions.
diff --git a/packages/adapter-nextjs/src/utils/createCookieStorageAdapterFromNextServerContext.ts b/packages/adapter-nextjs/src/utils/createCookieStorageAdapterFromNextServerContext.ts
@@ -79,14 +79,14 @@ const createCookieStorageAdapterFromNextRequestAndNextResponse = (
 
 	return {
 		get(name) {
-			return readonlyCookieStore.get(processCookieName(name));
+			return readonlyCookieStore.get(ensureEncodedForJSCookie(name));
 		},
 		getAll: readonlyCookieStore.getAll.bind(readonlyCookieStore),
 		set(name, value, options) {
-			mutableCookieStore.set(processCookieName(name), value, options);
+			mutableCookieStore.set(ensureEncodedForJSCookie(name), value, options);
 		},
 		delete(name) {
-			mutableCookieStore.delete(processCookieName(name));
+			mutableCookieStore.delete(ensureEncodedForJSCookie(name));
 		},
 	};
 };
@@ -102,7 +102,7 @@ const createCookieStorageAdapterFromNextRequestAndHttpResponse = (
 
 	return {
 		get(name) {
-			return readonlyCookieStore.get(processCookieName(name));
+			return readonlyCookieStore.get(ensureEncodedForJSCookie(name));
 		},
 		getAll: readonlyCookieStore.getAll.bind(readonlyCookieStore),
 		...mutableCookieStore,
@@ -121,23 +121,23 @@ const createCookieStorageAdapterFromNextCookies = (
 	// and safely ignore the error if it is thrown.
 	const setFunc: CookieStorage.Adapter['set'] = (name, value, options) => {
 		try {
-			cookieStore.set(processCookieName(name), value, options);
+			cookieStore.set(ensureEncodedForJSCookie(name), value, options);
 		} catch {
 			// no-op
 		}
 	};
 
 	const deleteFunc: CookieStorage.Adapter['delete'] = name => {
 		try {
-			cookieStore.delete(processCookieName(name));
+			cookieStore.delete(ensureEncodedForJSCookie(name));
 		} catch {
 			// no-op
 		}
 	};
 
 	return {
 		get(name) {
-			return cookieStore.get(processCookieName(name));
+			return cookieStore.get(ensureEncodedForJSCookie(name));
 		},
 		getAll: cookieStore.getAll.bind(cookieStore),
 		set: setFunc,
@@ -157,7 +157,7 @@ const createCookieStorageAdapterFromGetServerSidePropsContext = (
 
 	return {
 		get(name) {
-			const value = cookiesMap[processCookieName(name)];
+			const value = cookiesMap[ensureEncodedForJSCookie(name)];
 			return value
 				? {
 						name,
@@ -171,15 +171,17 @@ const createCookieStorageAdapterFromGetServerSidePropsContext = (
 		set(name, value, options) {
 			response.setHeader(
 				'Set-Cookie',
-				`${processCookieName(name)}=${value};${
+				`${ensureEncodedForJSCookie(name)}=${value};${
 					options ? serializeSetCookieOptions(options) : ''
 				}`
 			);
 		},
 		delete(name) {
 			response.setHeader(
 				'Set-Cookie',
-				`${processCookieName(name)}=;Expires=${DATE_IN_THE_PAST.toUTCString()}`
+				`${ensureEncodedForJSCookie(
+					name
+				)}=;Expires=${DATE_IN_THE_PAST.toUTCString()}`
 			);
 		},
 	};
@@ -191,15 +193,17 @@ const createMutableCookieStoreFromHeaders = (
 	const setFunc: CookieStorage.Adapter['set'] = (name, value, options) => {
 		headers.append(
 			'Set-Cookie',
-			`${processCookieName(name)}=${value};${
+			`${ensureEncodedForJSCookie(name)}=${value};${
 				options ? serializeSetCookieOptions(options) : ''
 			}`
 		);
 	};
 	const deleteFunc: CookieStorage.Adapter['delete'] = name => {
 		headers.append(
 			'Set-Cookie',
-			`${processCookieName(name)}=;Expires=${DATE_IN_THE_PAST.toUTCString()}`
+			`${ensureEncodedForJSCookie(
+				name
+			)}=;Expires=${DATE_IN_THE_PAST.toUTCString()}`
 		);
 	};
 	return {
@@ -231,14 +235,11 @@ const serializeSetCookieOptions = (
 	return serializedOptions.join(';');
 };
 
-const processCookieName = (name: string): string => {
-	// if the cookie name contains a `%`, it should have been encoded by the
-	// tokenProvider, to ensure the compatibility of cookie name encoding handled
-	// by the js-cookie package on the client side (as the cookies is created
-	// on the client side with sign in), we double encode it.
-	if (name.includes('%')) {
-		return encodeURIComponent(name);
-	}
-
-	return name;
-};
+// Ensures the cookie names are encoded in order to look up the cookie store
+// that is manipulated by js-cookie on the client side.
+// Details of the js-cookie encoding behavior see:
+// https://github.com/js-cookie/js-cookie#encoding
+// The implementation is borrowed from js-cookie without escaping `[()]` as
+// we are not using those chars in the auth keys.
+const ensureEncodedForJSCookie = (name: string): string =>
+	encodeURIComponent(name).replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent);
diff --git a/packages/auth/__tests__/providers/cognito/tokenProvider.test.ts b/packages/auth/__tests__/providers/cognito/tokenProvider.test.ts
@@ -84,19 +84,18 @@ describe('Loading tokens', () => {
 		const memoryStorage = new MemoryStorage();
 		const userPoolClientId = 'userPoolClientId';
 		const userSub1 = '[email protected]';
-		const userSub1Encoded = 'user1%40email.com';
 		const userSub2 = '[email protected]';
 
 		memoryStorage.setItem(
-			`CognitoIdentityServiceProvider.${userPoolClientId}.${userSub1Encoded}.deviceKey`,
+			`CognitoIdentityServiceProvider.${userPoolClientId}.${userSub1}.deviceKey`,
 			'user1-device-key'
 		);
 		memoryStorage.setItem(
-			`CognitoIdentityServiceProvider.${userPoolClientId}.${userSub1Encoded}.deviceGroupKey`,
+			`CognitoIdentityServiceProvider.${userPoolClientId}.${userSub1}.deviceGroupKey`,
 			'user1-device-group-key'
 		);
 		memoryStorage.setItem(
-			`CognitoIdentityServiceProvider.${userPoolClientId}.${userSub1Encoded}.randomPasswordKey`,
+			`CognitoIdentityServiceProvider.${userPoolClientId}.${userSub1}.randomPasswordKey`,
 			'user1-random-password'
 		);
 		memoryStorage.setItem(
@@ -144,7 +143,7 @@ describe('saving tokens', () => {
 				userPoolClientId,
 			},
 		});
-
+		const lastAuthUser = 'amplify@user';
 		await tokenStore.storeTokens({
 			accessToken: decodeJWT(
 				'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3MTAyOTMxMzAsInVzZXJuYW1lIjoiYW1wbGlmeUB1c2VyIn0.AAA'
@@ -159,59 +158,57 @@ describe('saving tokens', () => {
 				deviceGroupKey: 'device-group-key2',
 				randomPassword: 'random-password2',
 			},
-			username: 'amplify@user',
+			username: lastAuthUser,
 		});
 
-		const usernameDecoded = 'amplify%40user';
-
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.LastAuthUser`
 			)
-		).toBe(usernameDecoded); // from decoded JWT
+		).toBe(lastAuthUser);
 
 		// Refreshed tokens
 
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.accessToken`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.accessToken`
 			)
 		).toBe(
 			'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3MTAyOTMxMzAsInVzZXJuYW1lIjoiYW1wbGlmeUB1c2VyIn0.AAA'
 		);
 
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.idToken`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.idToken`
 			)
 		).toBe(
 			'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3MTAyOTMxMzAsInVzZXJuYW1lIjoiYW1wbGlmeUB1c2VyIn0.III'
 		);
 
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.refreshToken`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.refreshToken`
 			)
 		).toBe('refresh-token');
 
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.clockDrift`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.clockDrift`
 			)
 		).toBe('150');
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.deviceKey`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.deviceKey`
 			)
 		).toBe('device-key2');
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.deviceGroupKey`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.deviceGroupKey`
 			)
 		).toBe('device-group-key2');
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameDecoded}.randomPasswordKey`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${lastAuthUser}.randomPasswordKey`
 			)
 		).toBe('random-password2');
 	});
@@ -276,115 +273,59 @@ describe('saving tokens', () => {
 				deviceGroupKey: 'device-group-key2',
 				randomPassword: 'random-password2',
 			},
-			username: 'amplify@user',
+			username: oldUserName,
 		});
 
-		const usernameEncoded = 'amplify%40user';
-
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.LastAuthUser`
 			)
-		).toBe(usernameEncoded); // from decoded JWT
+		).toBe(oldUserName);
 
 		// Refreshed tokens
 
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.accessToken`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.accessToken`
 			)
 		).toBe(
 			'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3MTAyOTMxMzAsInVzZXJuYW1lIjoiYW1wbGlmeUB1c2VyIn0.AAA'
 		);
 
 		expect(
 			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.idToken`
+				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.idToken`
 			)
 		).toBe(
 			'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3MTAyOTMxMzAsInVzZXJuYW1lIjoiYW1wbGlmeUB1c2VyIn0.III'
 		);
 
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.refreshToken`
-			)
-		).toBe('refresh-token');
-
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.clockDrift`
-			)
-		).toBe('150');
-
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.deviceKey`
-			)
-		).toBe('device-key2');
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.deviceGroupKey`
-			)
-		).toBe('device-group-key2');
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${usernameEncoded}.randomPasswordKey`
-			)
-		).toBe('random-password2');
-
-		// old tokens cleared
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.accessToken`
-			)
-		).toBeUndefined();
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.idToken`
-			)
-		).toBeUndefined();
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.refreshToken`
 			)
-		).toBeUndefined();
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.clockDrift`
-			)
-		).toBeUndefined();
+		).toBe('refresh-token');
 
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.idToken`
-			)
-		).toBeUndefined();
-		expect(
-			await memoryStorage.getItem(
-				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.refreshToken`
-			)
-		).toBeUndefined();
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.clockDrift`
 			)
-		).toBeUndefined();
+		).toBe('150');
 
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.deviceKey`
 			)
-		).not.toBeUndefined();
+		).toBe('device-key2');
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.deviceGroupKey`
 			)
-		).not.toBeUndefined();
+		).toBe('device-group-key2');
 		expect(
 			await memoryStorage.getItem(
 				`CognitoIdentityServiceProvider.${userPoolClientId}.${oldUserName}.randomPasswordKey`
 			)
-		).not.toBeUndefined();
+		).toBe('random-password2');
 	});
 });