Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Testing util - generateSessionCookie for stateful session #1708

Open
5 tasks done
PSoltes opened this issue Mar 19, 2024 · 3 comments
Open
5 tasks done

Testing util - generateSessionCookie for stateful session #1708

PSoltes opened this issue Mar 19, 2024 · 3 comments

Comments

@PSoltes
Copy link
Contributor

PSoltes commented Mar 19, 2024

Checklist

  • I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

We'd like to test some of our apis without doing the actual login flow all the time. There is util to generate session cookie, but only for stateless session. I'd like to have option to generate one for stateful session.

Describe the ideal solution

expose generateCookieValue and signing in some way. Might be just override of generateSessionCookie but we will specify id or genId instead of whole session object.

Alternatives and current workarounds

Current workaround is just installing jose and hkdf and copying those approx 20 lines of code where we need it. Problematic if you ever change something.

Additional context

No response
@PSoltes
Copy link
Contributor Author

PSoltes commented Mar 19, 2024

I am open to create PR for this if you don't see any problem with this feature

@vhavronsky
Copy link

🔝

@PSoltes
Copy link
Contributor Author

PSoltes commented Mar 27, 2024
edited

create a spec for PR that I'll create for this issue

  • create generateSessionCookie overload with signature generateSessionCookie(session: Session, genId: (session: Session) => string, sessionStore?: SessionStore, config: GenerateSessionCookieConfig) => Promise<{cookie: string, deleteFakeSessionFromStore?: () => Promise<void>}>

Behaviour

  • genId will generate id for session based on provided session obj
  • id will be encrypted via generateCookieValue using secret provided in config loaded via signing
  • if sessionStore was provided - fake session will be set in session store using its set method
  • method will return encrypted id - cookie value
    • if sessionStore was provided it will also return wrapper using destroy method of store - removing fake session

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PSoltes @vhavronsky