Skip to content

Commit

Permalink
fix(auth-js): Fix immutable headers error in x-forwarded request (#614)
Browse files Browse the repository at this point in the history 
* fix: immutable headers error in x-forwarded req

* added changeset
  • Loading branch information
@divyam234
divyam234 authored Jul 4, 2024
1 parent 52c0e41 commit 19f3bea
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 37 deletions.
5 changes: 5 additions & 0 deletions .changeset/chatty-dragons-juggle.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@hono/auth-js': patch
---

fix immutable headers error in x-forwarded req
71 changes: 34 additions & 37 deletions packages/auth-js/src/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,10 @@ import type { AdapterUser } from '@auth/core/adapters'
import type { JWT } from '@auth/core/jwt'
import type { Session } from '@auth/core/types'
import type { Context, MiddlewareHandler } from 'hono'
import { env ,getRuntimeKey} from 'hono/adapter'
import { env, getRuntimeKey } from 'hono/adapter'
import { HTTPException } from 'hono/http-exception'
import { setEnvDefaults as coreSetEnvDefaults } from '@auth/core'


declare module 'hono' {
interface ContextVariableMap {
authUser: AuthUser
Expand Down Expand Up @@ -39,34 +38,31 @@ export function setEnvDefaults(env: AuthEnv, config: AuthConfig) {
coreSetEnvDefaults(env, config)
}

async function cloneRequest(input: URL | string, request: Request){

if ( getRuntimeKey() === "bun") {
return new Request(input, {
method: request.method,
headers:new Headers(request.headers),
body:
request.method === "GET" || request.method === "HEAD"
? undefined
: await request.blob(),
// @ts-ignore: TS2353
referrer: "referrer" in request ? (request.referrer as string) : undefined,
// deno-lint-ignore no-explicit-any
referrerPolicy: request.referrerPolicy as any,
mode: request.mode,
credentials: request.credentials,
// @ts-ignore: TS2353
cache: request.cache,
redirect: request.redirect,
integrity: request.integrity,
keepalive: request.keepalive,
signal: request.signal
})
}
return new Request(input, request)
async function cloneRequest(input: URL | string, request: Request, headers?: Headers) {
if (getRuntimeKey() === 'bun') {
return new Request(input, {
method: request.method,
headers: headers ?? new Headers(request.headers),
body:
request.method === 'GET' || request.method === 'HEAD' ? undefined : await request.blob(),
// @ts-ignore: TS2353
referrer: 'referrer' in request ? (request.referrer as string) : undefined,
// deno-lint-ignore no-explicit-any
referrerPolicy: request.referrerPolicy as any,
mode: request.mode,
credentials: request.credentials,
// @ts-ignore: TS2353
cache: request.cache,
redirect: request.redirect,
integrity: request.integrity,
keepalive: request.keepalive,
signal: request.signal,
})
}
return new Request(input, request)
}

export async function reqWithEnvUrl(req: Request, authUrl?: string){
export async function reqWithEnvUrl(req: Request, authUrl?: string) {
if (authUrl) {
const reqUrlObj = new URL(req.url)
const authUrlObj = new URL(authUrl)
Expand All @@ -75,19 +71,20 @@ export async function reqWithEnvUrl(req: Request, authUrl?: string){
return cloneRequest(reqUrlObj.href, req)
} else {
const url = new URL(req.url)
const proto = req.headers.get('x-forwarded-proto')
const host = req.headers.get('x-forwarded-host') ?? req.headers.get('host')
const headers = new Headers(req.headers)
const proto = headers.get('x-forwarded-proto')
const host = headers.get('x-forwarded-host') ?? headers.get('host')
if (proto != null) url.protocol = proto.endsWith(':') ? proto : proto + ':'
if (host!=null) {
if (host != null) {
url.host = host
const portMatch = host.match(/:(\d+)$/)
if (portMatch) url.port = portMatch[1]
else url.port = ''
req.headers.delete("x-forwarded-host")
req.headers.delete("Host")
req.headers.set("Host", host)
headers.delete('x-forwarded-host')
headers.delete('Host')
headers.set('Host', host)
}
return cloneRequest(url.href, req)
return cloneRequest(url.href, req, headers)
}
}

Expand Down Expand Up @@ -150,7 +147,7 @@ export function authHandler(): MiddlewareHandler {
return async (c) => {
const config = c.get('authConfig')
const ctxEnv = env(c) as AuthEnv

setEnvDefaults(ctxEnv, config)

if (!config.secret || config.secret.length === 0) {
Expand All @@ -161,4 +158,4 @@ export function authHandler(): MiddlewareHandler {
const res = await Auth(authReq, config)
return new Response(res.body, res)
}
}
}

0 comments on commit 19f3bea

Please sign in to comment.