From b706aaef18339519854eebdba9e5ffa94f162faf Mon Sep 17 00:00:00 2001 From: ndom91 Date: Wed, 13 Mar 2024 22:22:17 +0100 Subject: [PATCH 1/2] feat: throw for missing secret --- packages/core/src/lib/utils/env.ts | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/packages/core/src/lib/utils/env.ts b/packages/core/src/lib/utils/env.ts index ab41433f8e..c2e88ce092 100644 --- a/packages/core/src/lib/utils/env.ts +++ b/packages/core/src/lib/utils/env.ts @@ -1,4 +1,5 @@ import type { AuthAction, AuthConfig } from "../../types.js" +import { MissingSecret } from "../../errors.js" /** Set default env variables on the config object */ export function setEnvDefaults(envObject: any, config: AuthConfig) { @@ -20,6 +21,12 @@ export function setEnvDefaults(envObject: any, config: AuthConfig) { } } + if (!config.secret?.length) { + throw new MissingSecret( + "Missing secret, please set AUTH_SECRET or config.secret" + ) + } + config.redirectProxyUrl ??= envObject.AUTH_REDIRECT_PROXY_URL config.trustHost ??= !!( envObject.AUTH_URL ?? From bf63cd4282c3b05ce3327efeb8d9ce9bb48cb741 Mon Sep 17 00:00:00 2001 From: ndom91 Date: Wed, 20 Mar 2024 18:47:15 +0100 Subject: [PATCH 2/2] fix: env tests for missing secret --- packages/core/test/env.test.ts | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/packages/core/test/env.test.ts b/packages/core/test/env.test.ts index 0e7b980b25..93d6c4b498 100644 --- a/packages/core/test/env.test.ts +++ b/packages/core/test/env.test.ts @@ -18,6 +18,7 @@ beforeEach(() => { describe("config is inferred from environment variables", () => { it("providers (client id, client secret, issuer, api key)", () => { const env = { + AUTH_SECRET: "asdf", AUTH_AUTH0_ID: "asdf", AUTH_AUTH0_SECRET: "fdsa", AUTH_AUTH0_ISSUER: "https://example.com", @@ -55,19 +56,22 @@ describe("config is inferred from environment variables", () => { }) it("AUTH_REDIRECT_PROXY_URL", () => { - const env = { AUTH_REDIRECT_PROXY_URL: "http://example.com" } + const env = { + AUTH_REDIRECT_PROXY_URL: "http://example.com", + AUTH_SECRET: "asdf", + } setEnvDefaults(env, authConfig) expect(authConfig.redirectProxyUrl).toBe(env.AUTH_REDIRECT_PROXY_URL) }) it("AUTH_URL", () => { - const env = { AUTH_URL: "http://n/api/auth" } + const env = { AUTH_URL: "http://n/api/auth", AUTH_SECRET: "asdf" } setEnvDefaults(env, authConfig) expect(authConfig.basePath).toBe("/api/auth") }) it("AUTH_URL + prefer config", () => { - const env = { AUTH_URL: "http://n/api/auth" } + const env = { AUTH_URL: "http://n/api/auth", AUTH_SECRET: "asdf" } const fromConfig = "/basepath-from-config" authConfig.basePath = fromConfig setEnvDefaults(env, authConfig) @@ -75,17 +79,20 @@ describe("config is inferred from environment variables", () => { }) it("AUTH_URL, but invalid value", () => { - const env = { AUTH_URL: "secret" } + const env = { AUTH_URL: "secret", AUTH_SECRET: "asdf" } setEnvDefaults(env, authConfig) expect(authConfig.basePath).toBe("/auth") }) it.each([ - [{ AUTH_TRUST_HOST: "1" }, { trustHost: true }], - [{ VERCEL: "1" }, { trustHost: true }], - [{ NODE_ENV: "development" }, { trustHost: true }], - [{ NODE_ENV: "test" }, { trustHost: true }], - [{ AUTH_URL: "http://example.com" }, { trustHost: true }], + [{ AUTH_TRUST_HOST: "1", AUTH_SECRET: "asdf" }, { trustHost: true }], + [{ VERCEL: "1" }, { trustHost: true, secret: "asdf" }], + [{ NODE_ENV: "development", AUTH_SECRET: "asdf" }, { trustHost: true }], + [{ NODE_ENV: "test" }, { trustHost: true, secret: "asdf" }], + [ + { AUTH_URL: "http://example.com", AUTH_SECRET: "asdf" }, + { trustHost: true }, + ], ])(`%j`, (env, expected) => { setEnvDefaults(env, authConfig) expect(authConfig).toMatchObject(expected)