diff --git a/docs/apl.md b/docs/apl.md index 9380f84..13e5042 100644 --- a/docs/apl.md +++ b/docs/apl.md @@ -4,11 +4,11 @@ APL is an interface for managing auth data of registered Apps. Implementing it d ## Available methods -- `get: (apiUrl: string) => Promise` - If the entry for given apiUrl exists, returns AuthData object. +- `get: (saleorApiUrl: string) => Promise` - If the entry for given saleorApiUrl exists, returns AuthData object. - `set: (authData: AuthData) => Promise` - Save auth data. -- `delete: (apiUrl: string) => Promise` - Remove auth data fot the given API URL. +- `delete: (saleorApiUrl: string) => Promise` - Remove auth data fot the given API URL. - `getAll: () => Promise` - Returns all auth data available. @@ -24,7 +24,7 @@ Interface containing data used for communication with the Saleor API: export interface AuthData { domain: string; token: string; - apiUrl: string; + saleorApiUrl: string; appId: string; jwks: string; } @@ -32,7 +32,7 @@ export interface AuthData { - `domain` - Domain of the API - `token` - Authorization token -- `apiUrl` - Full URL to the Saleor GraphQL API +- `saleorApiUrl` - Full URL to the Saleor GraphQL API - `appID` - ID of the app assigned during the installation process - `jwks` - JSON Web Key Set available at `https:///.well-known/jwks.json`, cached in the APL for the faster webhook validation @@ -72,18 +72,18 @@ const client = createClient(); await client.connect(); const redisAPL: APL = { - get: async (apiUrl: string) => { - const response = await client.get(apiUrl); + get: async (saleorApiUrl: string) => { + const response = await client.get(saleorApiUrl); if (response) { return JSON.parse(response); } return; }, set: async (authData: AuthData) => { - await client.set(authData.apiUrl, JSON.stringify(authData)); + await client.set(authData.saleorApiUrl, JSON.stringify(authData)); }, - delete: async (apiUrl: string) => { - await client.del(apiUrl); + delete: async (saleorApiUrl: string) => { + await client.del(saleorApiUrl); }, getAll: async () => { throw new Exception("Not implemented."); diff --git a/docs/protected-handlers.md b/docs/protected-handlers.md index 36c191b..2bff0ef 100644 --- a/docs/protected-handlers.md +++ b/docs/protected-handlers.md @@ -53,7 +53,7 @@ fetch("/api/protected", { * headers the backend will check if the request has enough permissions to * perform the action. */ - "saleor-api-url": apiUrl, + "saleor-api-url": saleorApiUrl, "authorization-bearer": token, }, }); diff --git a/src/APL/apl.ts b/src/APL/apl.ts index 0cbd182..fd150db 100644 --- a/src/APL/apl.ts +++ b/src/APL/apl.ts @@ -1,7 +1,7 @@ export interface AuthData { domain: string; token: string; - apiUrl: string; + saleorApiUrl: string; appId: string; jwks: string; } @@ -25,9 +25,9 @@ export type AplConfiguredResult = }; export interface APL { - get: (apiUrl: string) => Promise; + get: (saleorApiUrl: string) => Promise; set: (authData: AuthData) => Promise; - delete: (apiUrl: string) => Promise; + delete: (saleorApiUrl: string) => Promise; getAll: () => Promise; /** * Inform that configuration is finished and correct diff --git a/src/APL/auth-data-from-object.ts b/src/APL/auth-data-from-object.ts index a22d0f0..4c3e796 100644 --- a/src/APL/auth-data-from-object.ts +++ b/src/APL/auth-data-from-object.ts @@ -12,9 +12,9 @@ export const authDataFromObject = (parsed: unknown): AuthData | undefined => { debug("Given object did not contained AuthData"); return undefined; } - const { apiUrl, appId, domain, token, jwks } = parsed as AuthData; + const { saleorApiUrl, appId, domain, token, jwks } = parsed as AuthData; return { - apiUrl, + saleorApiUrl, appId, domain, token, diff --git a/src/APL/file-apl.test.ts b/src/APL/file-apl.test.ts index 4b5b5ca..470202d 100644 --- a/src/APL/file-apl.test.ts +++ b/src/APL/file-apl.test.ts @@ -7,7 +7,7 @@ import { FileAPL } from "./file-apl"; const stubAuthData: AuthData = { domain: "example.com", token: "example-token", - apiUrl: "https://example.com/graphql/", + saleorApiUrl: "https://example.com/graphql/", appId: "42", jwks: "{}", }; @@ -23,7 +23,7 @@ describe("APL", () => { vi.spyOn(fsPromises, "readFile").mockResolvedValue("Not a valid JSON"); const apl = new FileAPL(); - await expect(apl.get(stubAuthData.apiUrl)).resolves.toBe(undefined); + await expect(apl.get(stubAuthData.saleorApiUrl)).resolves.toBe(undefined); }); it("Returns auth data for existing api url", async () => { @@ -31,7 +31,7 @@ describe("APL", () => { const apl = new FileAPL(); - expect(await apl.get(stubAuthData.apiUrl)).toStrictEqual(stubAuthData); + expect(await apl.get(stubAuthData.saleorApiUrl)).toStrictEqual(stubAuthData); }); it("Returns undefined for unknown api url", async () => { @@ -75,7 +75,7 @@ describe("APL", () => { const apl = new FileAPL(); - await apl.delete(stubAuthData.apiUrl); + await apl.delete(stubAuthData.saleorApiUrl); expect(spyWriteFile).toBeCalledWith(".saleor-app-auth.json", "{}"); }); diff --git a/src/APL/file-apl.ts b/src/APL/file-apl.ts index 26ee67d..20f9d21 100644 --- a/src/APL/file-apl.ts +++ b/src/APL/file-apl.ts @@ -48,11 +48,11 @@ export class FileAPL implements APL { return undefined; } - const { token, domain, apiUrl, appId, jwks } = parsedData; + const { token, domain, saleorApiUrl, appId, jwks } = parsedData; - if (token && domain && apiUrl && appId && jwks) { + if (token && domain && saleorApiUrl && appId && jwks) { debug("Token and domain found, returning values: %s, %s", domain, `${token[0]}***`); - return { token, domain, apiUrl, appId, jwks }; + return { token, domain, saleorApiUrl, appId, jwks }; } return undefined; @@ -77,9 +77,9 @@ export class FileAPL implements APL { } } - async get(apiUrl: string) { + async get(saleorApiUrl: string) { const authData = await this.loadDataFromFile(); - if (apiUrl === authData?.apiUrl) { + if (saleorApiUrl === authData?.saleorApiUrl) { return authData; } return undefined; @@ -89,10 +89,10 @@ export class FileAPL implements APL { await this.saveDataToFile(authData); } - async delete(apiUrl: string) { + async delete(saleorApiUrl: string) { const authData = await this.loadDataFromFile(); - if (apiUrl === authData?.apiUrl) { + if (saleorApiUrl === authData?.saleorApiUrl) { await this.saveDataToFile(); } } diff --git a/src/APL/has-auth-data.ts b/src/APL/has-auth-data.ts index c58c2f1..3edc3d3 100644 --- a/src/APL/has-auth-data.ts +++ b/src/APL/has-auth-data.ts @@ -7,4 +7,4 @@ export const hasAuthData = (data: unknown) => hasProp(data, "domain") && hasProp(data, "token") && hasProp(data, "appId") && - hasProp(data, "apiUrl"); + hasProp(data, "saleorApiUrl"); diff --git a/src/APL/saleor-cloud-apl.ts b/src/APL/saleor-cloud-apl.ts index 1168c24..99099f9 100644 --- a/src/APL/saleor-cloud-apl.ts +++ b/src/APL/saleor-cloud-apl.ts @@ -19,7 +19,7 @@ const validateResponseStatus = (response: Response) => { const mapAuthDataToAPIBody = (authData: AuthData) => ({ saleor_app_id: authData.appId, - api_url: authData.apiUrl, + api_url: authData.saleorApiUrl, jwks: authData.jwks, domain: authData.domain, token: authData.token, @@ -46,15 +46,15 @@ export class SaleorCloudAPL implements APL { }; } - private getUrlForDomain(apiUrl: string) { + private getUrlForDomain(saleorApiUrl: string) { // API URL has to be base64 encoded - return `${this.resourceUrl}/${btoa(apiUrl)}`; + return `${this.resourceUrl}/${btoa(saleorApiUrl)}`; } - async get(apiUrl: string): Promise { - debug("Will fetch data from SaleorCloudAPL for apiUrl %s", apiUrl); + async get(saleorApiUrl: string): Promise { + debug("Will fetch data from SaleorCloudAPL for saleorApiUrl %s", saleorApiUrl); - const response = await fetch(this.getUrlForDomain(apiUrl), { + const response = await fetch(this.getUrlForDomain(saleorApiUrl), { method: "GET", headers: { "Content-Type": "application/json", ...this.headers }, }).catch((error) => { @@ -70,7 +70,7 @@ export class SaleorCloudAPL implements APL { const authData = authDataFromObject(parsedResponse); if (!authData) { - debug("No auth data for given apiUrl"); + debug("No auth data for given saleorApiUrl"); return undefined; } @@ -97,11 +97,11 @@ export class SaleorCloudAPL implements APL { return undefined; } - async delete(apiUrl: string) { - debug("Deleting data from SaleorCloud for apiUrl: %s", apiUrl); + async delete(saleorApiUrl: string) { + debug("Deleting data from SaleorCloud for saleorApiUrl: %s", saleorApiUrl); try { - const response = await fetch(this.getUrlForDomain(apiUrl), { + const response = await fetch(this.getUrlForDomain(saleorApiUrl), { method: "DELETE", headers: { "Content-Type": "application/json", ...this.headers }, }); diff --git a/src/APL/upstash-apl.test.ts b/src/APL/upstash-apl.test.ts index e70e3b0..9cf935e 100644 --- a/src/APL/upstash-apl.test.ts +++ b/src/APL/upstash-apl.test.ts @@ -15,7 +15,7 @@ const aplConfig: UpstashAPLConfig = { const stubAuthData: AuthData = { domain: "example.com", token: "example-token", - apiUrl: "https://example.com/graphql/", + saleorApiUrl: "https://example.com/graphql/", appId: "42", jwks: "{}", }; @@ -57,7 +57,7 @@ describe("APL", () => { { // eslint-disable-next-line quotes - body: `["SET", "${stubAuthData.apiUrl}", "${JSON.stringify(stubAuthData)}"]`, + body: `["SET", "${stubAuthData.saleorApiUrl}", "${JSON.stringify(stubAuthData)}"]`, headers: { "Content-Type": "application/json", Authorization: "Bearer token", @@ -93,7 +93,7 @@ describe("APL", () => { }); const apl = new UpstashAPL(aplConfig); - expect(await apl.get(stubAuthData.apiUrl)).toStrictEqual(stubAuthData); + expect(await apl.get(stubAuthData.saleorApiUrl)).toStrictEqual(stubAuthData); }); it("Return undefined when unknown domain requested", async () => { diff --git a/src/APL/upstash-apl.ts b/src/APL/upstash-apl.ts index 14d0240..4e49141 100644 --- a/src/APL/upstash-apl.ts +++ b/src/APL/upstash-apl.ts @@ -87,20 +87,20 @@ export class UpstashAPL implements APL { private async saveDataToUpstash(authData: AuthData) { debug("saveDataToUpstash() called with: %j", { - apiUrl: authData.apiUrl, + saleorApiUrl: authData.saleorApiUrl, token: authData.token.substring(0, 4), }); const data = JSON.stringify(authData); - await this.upstashRequest(`["SET", "${authData.apiUrl}", "${data}"]`); + await this.upstashRequest(`["SET", "${authData.saleorApiUrl}", "${data}"]`); } - private async deleteDataFromUpstash(apiUrl: string) { - await this.upstashRequest(`["DEL", "${apiUrl}"]`); + private async deleteDataFromUpstash(saleorApiUrl: string) { + await this.upstashRequest(`["DEL", "${saleorApiUrl}"]`); } - private async fetchDataFromUpstash(apiUrl: string) { - const result = await this.upstashRequest(`["GET", "${apiUrl}"]`); + private async fetchDataFromUpstash(saleorApiUrl: string) { + const result = await this.upstashRequest(`["GET", "${saleorApiUrl}"]`); if (result) { const authData = JSON.parse(result); return authData; @@ -108,16 +108,16 @@ export class UpstashAPL implements APL { return undefined; } - async get(apiUrl: string) { - return this.fetchDataFromUpstash(apiUrl); + async get(saleorApiUrl: string) { + return this.fetchDataFromUpstash(saleorApiUrl); } async set(authData: AuthData) { await this.saveDataToUpstash(authData); } - async delete(apiUrl: string) { - await this.deleteDataFromUpstash(apiUrl); + async delete(saleorApiUrl: string) { + await this.deleteDataFromUpstash(saleorApiUrl); } async getAll() { diff --git a/src/APL/vercel-apl.test.ts b/src/APL/vercel-apl.test.ts index e7487dc..c35ce45 100644 --- a/src/APL/vercel-apl.test.ts +++ b/src/APL/vercel-apl.test.ts @@ -16,7 +16,7 @@ const aplConfig = { const stubAuthData: AuthData = { domain: "example.com", token: "example-token", - apiUrl: "https://example.com/graphql/", + saleorApiUrl: "https://example.com/graphql/", appId: "42", jwks: "{}", }; @@ -150,7 +150,7 @@ describe("APL", () => { const apl = new VercelAPL(aplConfig); - expect(await apl.get(stubAuthData.apiUrl)).toStrictEqual(stubAuthData); + expect(await apl.get(stubAuthData.saleorApiUrl)).toStrictEqual(stubAuthData); }); it("Return undefined when unknown api url requested", async () => { diff --git a/src/APL/vercel-apl.ts b/src/APL/vercel-apl.ts index 43f549b..6f31809 100644 --- a/src/APL/vercel-apl.ts +++ b/src/APL/vercel-apl.ts @@ -108,10 +108,10 @@ export class VercelAPL implements APL { debug("Register service responded successfully"); } - async get(apiUrl: string) { + async get(saleorApiUrl: string) { const authData = getEnvAuth(); - if (authData && apiUrl === authData.apiUrl) { + if (authData && saleorApiUrl === authData.saleorApiUrl) { return authData; } return undefined; @@ -126,8 +126,8 @@ export class VercelAPL implements APL { await this.saveDataToVercel(authData); } - async delete(apiUrl: string) { - if (apiUrl === getEnvAuth()?.apiUrl) { + async delete(saleorApiUrl: string) { + if (saleorApiUrl === getEnvAuth()?.saleorApiUrl) { // Override existing data with the empty values await this.saveDataToVercel(); } diff --git a/src/app-bridge/app-bridge-provider.test.tsx b/src/app-bridge/app-bridge-provider.test.tsx index 30c2837..3ed13ff 100644 --- a/src/app-bridge/app-bridge-provider.test.tsx +++ b/src/app-bridge/app-bridge-provider.test.tsx @@ -9,7 +9,7 @@ import { DashboardEventFactory } from "./events"; const origin = "http://example.com"; const domain = "saleor.domain.host"; -const apiUrl = "https://saleor.domain.host/graphql/"; +const saleorApiUrl = "https://saleor.domain.host/graphql/"; Object.defineProperty(window.document, "referrer", { value: origin, @@ -18,7 +18,7 @@ Object.defineProperty(window.document, "referrer", { Object.defineProperty(window, "location", { value: { - href: `${origin}?${AppIframeParams.DOMAIN}=${domain}&${AppIframeParams.APP_ID}=appid&${AppIframeParams.SALEOR_API_URL}=${apiUrl}`, + href: `${origin}?${AppIframeParams.DOMAIN}=${domain}&${AppIframeParams.APP_ID}=appid&${AppIframeParams.SALEOR_API_URL}=${saleorApiUrl}`, }, writable: true, }); @@ -40,7 +40,7 @@ describe("AppBridgeProvider", () => { appBridgeInstance={ new AppBridge({ targetDomain: domain, - saleorApiUrl: apiUrl, + saleorApiUrl, }) } > @@ -102,7 +102,7 @@ describe("useAppBridge hook", () => { it("Stores active state in React State", () => { const appBridge = new AppBridge({ targetDomain: domain, - saleorApiUrl: apiUrl, + saleorApiUrl, }); const renderCallback = vi.fn(); @@ -138,7 +138,7 @@ describe("useAppBridge hook", () => { ready: false, theme: "light", locale: "en", - saleorApiUrl: apiUrl, + saleorApiUrl, }); }); }); diff --git a/src/app-bridge/app-bridge.ts b/src/app-bridge/app-bridge.ts index 49be511..44b0c85 100644 --- a/src/app-bridge/app-bridge.ts +++ b/src/app-bridge/app-bridge.ts @@ -207,7 +207,7 @@ export class AppBridge { return new Promise((resolve, reject) => { if (!window.parent) { - debug("window.parent doesnt exist, will throw"); + debug("window.parent doesn't exist, will throw"); reject(new Error("Parent window does not exist.")); return; @@ -305,7 +305,7 @@ export class AppBridge { debug("Received message from origin: %s and data: %j", origin, data); if (origin !== this.refererOrigin) { - debug("Origin from message doesnt match refererOrigin. Function will return now"); + debug("Origin from message doesn't match refererOrigin. Function will return now"); // TODO what should happen here - be explicit return; } diff --git a/src/get-app-id.ts b/src/get-app-id.ts index 549f4e0..d354cff 100644 --- a/src/get-app-id.ts +++ b/src/get-app-id.ts @@ -11,16 +11,16 @@ type GetIdResponseType = { }; export interface GetAppIdProperties { - apiUrl: string; + saleorApiUrl: string; token: string; } export const getAppId = async ({ - apiUrl, + saleorApiUrl, token, }: GetAppIdProperties): Promise => { try { - const response = await fetch(apiUrl, { + const response = await fetch(saleorApiUrl, { method: "POST", headers: { "Content-Type": "application/json", diff --git a/src/handlers/next/create-app-register-handler.test.ts b/src/handlers/next/create-app-register-handler.test.ts index 761def2..08e43a9 100644 --- a/src/handlers/next/create-app-register-handler.test.ts +++ b/src/handlers/next/create-app-register-handler.test.ts @@ -54,7 +54,7 @@ describe("create-app-register-handler", () => { * It fails -> params.auth_token isn't present */ expect(mockApl.set).toHaveBeenCalledWith({ - apiUrl: "https://mock-saleor-domain.saleor.cloud/graphql/", + saleorApiUrl: "https://mock-saleor-domain.saleor.cloud/graphql/", domain: "https://mock-saleor-domain.saleor.cloud/", token: "mock-auth-token", appId: "42", diff --git a/src/handlers/next/create-app-register-handler.ts b/src/handlers/next/create-app-register-handler.ts index 5f35a2d..85995b6 100644 --- a/src/handlers/next/create-app-register-handler.ts +++ b/src/handlers/next/create-app-register-handler.ts @@ -45,7 +45,7 @@ export const createAppRegisterHandler = ({ apl }: CreateAppRegisterHandlerOption } // Try to get App ID from the API, to confirm that communication can be established - const appId = await getAppId({ apiUrl: saleorApiUrl, token: authToken }); + const appId = await getAppId({ saleorApiUrl, token: authToken }); if (!appId) { return new Response( { @@ -80,7 +80,13 @@ export const createAppRegisterHandler = ({ apl }: CreateAppRegisterHandlerOption } try { - await apl.set({ domain: saleorDomain, token: authToken, apiUrl: saleorApiUrl, appId, jwks }); + await apl.set({ + domain: saleorDomain, + token: authToken, + saleorApiUrl, + appId, + jwks, + }); } catch { debug("There was an error during saving the auth data"); return Response.InternalServerError({ diff --git a/src/handlers/next/process-async-saleor-webhook.test.ts b/src/handlers/next/process-async-saleor-webhook.test.ts index 2a6fe3e..8e5ac64 100644 --- a/src/handlers/next/process-async-saleor-webhook.test.ts +++ b/src/handlers/next/process-async-saleor-webhook.test.ts @@ -33,12 +33,12 @@ describe("processAsyncSaleorWebhook", () => { let mockRequest: NextApiRequest; const mockAPL: APL = { - get: async (apiUrl: string) => - apiUrl === "https://example.com/graphql/" + get: async (saleorApiUrl: string) => + saleorApiUrl === "https://example.com/graphql/" ? { domain: "example.com", token: "mock-token", - apiUrl: "https://example.com/graphql/", + saleorApiUrl: "https://example.com/graphql/", appId: "42", jwks: "{}", } diff --git a/src/handlers/next/process-async-saleor-webhook.ts b/src/handlers/next/process-async-saleor-webhook.ts index 5d39f6d..c72beda 100644 --- a/src/handlers/next/process-async-saleor-webhook.ts +++ b/src/handlers/next/process-async-saleor-webhook.ts @@ -143,7 +143,7 @@ export const processAsyncSaleorWebhook: ProcessAsyncSaleorWebhook = async ({ await verifySignatureWithJwks(authData.jwks, signature, rawBody); } catch { debug("Request signature check failed. Refresh the JWKS cache and check again"); - const newJwks = await fetchRemoteJwks(authData.apiUrl); + const newJwks = await fetchRemoteJwks(authData.saleorApiUrl); try { debug("Second attempt to validate the signature JWKS, using fresh tokens from the API"); await verifySignatureWithJwks(newJwks, signature, rawBody); diff --git a/src/handlers/next/process-protected-handler.test.ts b/src/handlers/next/process-protected-handler.test.ts index 794c4e7..13bc966 100644 --- a/src/handlers/next/process-protected-handler.test.ts +++ b/src/handlers/next/process-protected-handler.test.ts @@ -26,12 +26,12 @@ describe("processSaleorProtectedHandler", () => { let mockRequest: NextApiRequest; const mockAPL: APL = { - get: async (apiUrl: string) => - apiUrl === "https://example.com/graphql/" + get: async (saleorApiUrl: string) => + saleorApiUrl === "https://example.com/graphql/" ? { domain: "example.com", token: "mock-token", - apiUrl: "https://example.com/graphql/", + saleorApiUrl: "https://example.com/graphql/", appId: "42", jwks: "{}", } @@ -72,7 +72,7 @@ describe("processSaleorProtectedHandler", () => { authData: { domain: "example.com", token: "mock-token", - apiUrl: "https://example.com/graphql/", + saleorApiUrl: "https://example.com/graphql/", appId: "42", jwks: "{}", }, diff --git a/src/handlers/next/process-protected-handler.ts b/src/handlers/next/process-protected-handler.ts index 57085e0..cb8f2fc 100644 --- a/src/handlers/next/process-protected-handler.ts +++ b/src/handlers/next/process-protected-handler.ts @@ -85,7 +85,7 @@ export const processSaleorProtectedHandler: ProcessAsyncSaleorProtectedHandler = } try { - await verifyJWT({ appId: authData.appId, token, apiUrl: saleorApiUrl }); + await verifyJWT({ appId: authData.appId, token, saleorApiUrl }); } catch (e) { throw new ProtectedHandlerError("JWT verification failed: ", "JWT_VERIFICATION_FAILED"); } diff --git a/src/verify-jwt.test.ts b/src/verify-jwt.test.ts index c303179..29b38cd 100644 --- a/src/verify-jwt.test.ts +++ b/src/verify-jwt.test.ts @@ -27,18 +27,18 @@ describe("verifyJWT", () => { }); it("Process valid request", async () => { - await verifyJWT({ appId: validAppId, apiUrl: validApiUrl, token: validToken }); + await verifyJWT({ appId: validAppId, saleorApiUrl: validApiUrl, token: validToken }); }); it("Throw error on decode issue", async () => { await expect( - verifyJWT({ appId: validAppId, apiUrl: validApiUrl, token: "wrong_token" }) + verifyJWT({ appId: validAppId, saleorApiUrl: validApiUrl, token: "wrong_token" }) ).rejects.toThrow("JWT verification failed: Could not decode authorization token."); }); it("Throw error on app ID missmatch", async () => { await expect( - verifyJWT({ appId: "wrong_id", apiUrl: validApiUrl, token: validToken }) + verifyJWT({ appId: "wrong_id", saleorApiUrl: validApiUrl, token: validToken }) ).rejects.toThrow("JWT verification failed: Token's app property is different than app ID."); }); }); diff --git a/src/verify-jwt.ts b/src/verify-jwt.ts index 5287611..29fe9c2 100644 --- a/src/verify-jwt.ts +++ b/src/verify-jwt.ts @@ -11,11 +11,11 @@ export interface DashboardTokenPayload extends jose.JWTPayload { export interface verifyJWTArguments { appId: string; - apiUrl: string; + saleorApiUrl: string; token: string; } -export const verifyJWT = async ({ apiUrl, token, appId }: verifyJWTArguments) => { +export const verifyJWT = async ({ saleorApiUrl, token, appId }: verifyJWTArguments) => { let tokenClaims: DashboardTokenPayload; const ERROR_MESSAGE = "JWT verification failed:"; @@ -38,7 +38,7 @@ export const verifyJWT = async ({ apiUrl, token, appId }: verifyJWTArguments) => try { debug("Trying to create JWKS"); - const JWKS = jose.createRemoteJWKSet(new URL(getJwksUrlFromSaleorApiUrl(apiUrl))); + const JWKS = jose.createRemoteJWKSet(new URL(getJwksUrlFromSaleorApiUrl(saleorApiUrl))); debug("Trying to compare JWKS with token"); await jose.jwtVerify(token, JWKS); } catch (e) { diff --git a/src/verify-signature.ts b/src/verify-signature.ts index 8832c90..4e3c52e 100644 --- a/src/verify-signature.ts +++ b/src/verify-signature.ts @@ -37,7 +37,7 @@ export const verifySignature = async (domain: string, signature: string, rawBody * https://docs.saleor.io/docs/3.x/developer/extending/apps/asynchronous-webhooks#payload-signature */ export const verifySignatureFromApiUrl = async ( - apiUrl: string, + saleorApiUrl: string, signature: string, rawBody: string ) => { @@ -49,7 +49,7 @@ export const verifySignatureFromApiUrl = async ( }; const remoteJwks = jose.createRemoteJWKSet( - new URL(getJwksUrlFromSaleorApiUrl(apiUrl)) + new URL(getJwksUrlFromSaleorApiUrl(saleorApiUrl)) ) as jose.FlattenedVerifyGetKey; debug("Created remote JWKS");