handle getCookieSetting function at build time

okta · Feb 11, 2022 · 16cdcbf · 16cdcbf
1 parent 6e76087
commit 16cdcbf
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 43 deletions.
diff --git a/lib/options/browser.ts b/lib/options/browser.ts
@@ -10,7 +10,9 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 
-import { StorageManagerOptions } from '../types';
+/* eslint-disable complexity */
+import { StorageManagerOptions, OktaAuthOptions } from '../types';
+import { warn } from '../util';
 
 export { default as storage } from '../browser/browserStorage';
 
@@ -49,3 +51,35 @@ export const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {
 };
 
 export const enableSharedStorage = true;
+
+export function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {
+  // Secure cookies will be automatically used on a HTTPS connection
+  // Non-secure cookies will be automatically used on a HTTP connection
+  // secure option can override the automatic behavior
+  var cookieSettings = args.cookies || {};
+  if (typeof cookieSettings.secure === 'undefined') {
+    cookieSettings.secure = isHTTPS;
+  }
+  if (typeof cookieSettings.sameSite === 'undefined') {
+    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';
+  }
+
+  // If secure=true, but the connection is not HTTPS, set secure=false.
+  if (cookieSettings.secure && !isHTTPS) {
+    // eslint-disable-next-line no-console
+    warn(
+      'The current page is not being served with the HTTPS protocol.\n' +
+      'For security reasons, we strongly recommend using HTTPS.\n' +
+      'If you cannot use HTTPS, set "cookies.secure" option to false.'
+    );
+    cookieSettings.secure = false;
+  }
+
+  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure
+  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.
+  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {
+    cookieSettings.sameSite = 'lax';
+  }
+
+  return cookieSettings;
+}
diff --git a/lib/options/index.ts b/lib/options/index.ts
@@ -10,48 +10,13 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 
-
-/* eslint-disable complexity */
-import { removeTrailingSlash, warn, removeNils } from '../util';
+import { removeTrailingSlash, removeNils } from '../util';
 import { assertValidConfig } from '../builderUtil';
 import { OktaAuthOptions } from '../types';
 
 import fetchRequest from '../fetch/fetchRequest';
-import { storage, STORAGE_MANAGER_OPTIONS, enableSharedStorage } from './node';
-import { isBrowser, isHTTPS } from '../features';
-
-function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {
-  // Secure cookies will be automatically used on a HTTPS connection
-  // Non-secure cookies will be automatically used on a HTTP connection
-  // secure option can override the automatic behavior
-  var cookieSettings = args.cookies || {};
-  if (typeof cookieSettings.secure === 'undefined') {
-    cookieSettings.secure = isHTTPS;
-  }
-  if (typeof cookieSettings.sameSite === 'undefined') {
-    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';
-  }
-
-  // If secure=true, but the connection is not HTTPS, set secure=false.
-  if (cookieSettings.secure && !isHTTPS) {
-    // eslint-disable-next-line no-console
-    warn(
-      'The current page is not being served with the HTTPS protocol.\n' +
-      'For security reasons, we strongly recommend using HTTPS.\n' +
-      'If you cannot use HTTPS, set "cookies.secure" option to false.'
-    );
-    cookieSettings.secure = false;
-  }
-
-  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure
-  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.
-  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {
-    cookieSettings.sameSite = 'lax';
-  }
-
-  return cookieSettings;
-}
-
+import { storage, STORAGE_MANAGER_OPTIONS, enableSharedStorage, getCookieSettings } from './node';
+import { isHTTPS } from '../features';
 
 export function getDefaultOptions(): OktaAuthOptions {
   const options = {
@@ -104,7 +69,7 @@ export function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {
     devMode: !!args.devMode,
     storageManager: args.storageManager,
     transactionManager: args.transactionManager,
-    cookies: isBrowser() ? getCookieSettings(args, isHTTPS()) : args.cookies,
+    cookies: getCookieSettings(args, isHTTPS()),
     flow: args.flow,
     codeChallenge: args.codeChallenge,
     codeChallengeMethod: args.codeChallengeMethod,

diff --git a/lib/options/node.ts b/lib/options/node.ts
@@ -10,7 +10,7 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 
-import { StorageManagerOptions } from '../types';
+import { StorageManagerOptions, OktaAuthOptions } from '../types';
 
 export { default as storage } from '../server/serverStorage';
 
@@ -33,3 +33,8 @@ export const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {
 };
 
 export const enableSharedStorage = false;
+
+// eslint-disable-next-line @typescript-eslint/no-unused-vars, no-unused-vars
+export function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS?: boolean) {
+  return args.cookies;
+}
diff --git a/webpack.common.config.js b/webpack.common.config.js
@@ -14,7 +14,7 @@ var babelOptions = {
   shouldPrintComment: () => false 
 };
 
-var babelExclude = /node_modules\/(?!p-cancelable|node-cache)/;
+var babelExclude = /node_modules\/(?!p-cancelable)/;
 
 module.exports = {
   module: {
@@ -44,7 +44,6 @@ module.exports = {
     extensions: ['.js', '.ts'],
     alias: {
       './node$': './browser', // use browser built-in objects and functions
-      'node-cache': false // do not webpack node-only modules
     }
   },
   plugins: [