feat(clerk-js): Send force_origin on skipCache token requests#8106
feat(clerk-js): Send force_origin on skipCache token requests#8106nikosdouvlis merged 6 commits intomainfrom
Conversation
🦋 Changeset detectedLatest commit: ea801e3 The changes in this PR will be included in the next version bump. This PR includes changesets to release 3 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
When getToken({ skipCache: true }) is called, send force_origin=true
in the query string. This tells the FAPI Proxy to route directly to
origin instead of Session Minter, preserving the skipCache contract
of always returning authoritative DB-minted tokens.
nikosdouvlis
force-pushed
the
nikos/plat-2567-force-origin-on-skipcache
branch
from
9550a9a to
f9c17fd
Compare
Verify that getToken({ skipCache: true }) sends force_origin=true in the
POST body, and that getToken() without skipCache does not include it.
@clerk/agent-toolkit
@clerk/astro
@clerk/backend
@clerk/chrome-extension
@clerk/clerk-js
@clerk/dev-cli
@clerk/expo
@clerk/expo-passkeys
@clerk/express
@clerk/fastify
@clerk/hono
@clerk/localizations
@clerk/nextjs
@clerk/nuxt
@clerk/react
@clerk/react-router
@clerk/shared
@clerk/tanstack-react-start
@clerk/testing
@clerk/ui
@clerk/upgrade
@clerk/vue
commit: |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository YAML (base), Organization UI (inherited) Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughA changeset for 🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@integration/tests/resiliency.test.ts`:
- Around line 561-564: The test currently asserts lastBody.get('force_origin')
unconditionally, which fails when sessionMinter is off; update the assertion to
first check the sessionMinter feature flag/state used in the test harness
(sessionMinter) and only assert that lastBody.get('force_origin') === 'true'
when sessionMinter is enabled, otherwise assert that force_origin is
absent/undefined (or not set) for the POST body; locate the assertion around the
expect(lastBody.get('force_origin')).toBe('true') and guard it with a
conditional based on the sessionMinter flag used by the test setup.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Organization UI (inherited)
Review profile: ASSERTIVE
Plan: Pro
Run ID: 17eb570d-456d-407f-82d1-037facb48e5c
📒 Files selected for processing (5)
.changeset/session-minter-force-origin.mdintegration/tests/resiliency.test.tspackages/clerk-js/src/core/resources/Session.tspackages/clerk-js/src/core/resources/__tests__/Session.test.tspackages/clerk-js/src/core/resources/__tests__/Token.test.ts
2 participants
Why
When Session Minter is active,
getToken({ skipCache: true })could be routed to the edge minter instead of origin. TheskipCachecontract is "give me a token minted from authoritative DB data", so we need to tell the FAPI Proxy to bypass Session Minter.What
Send
force_origin=truein the query string whenskipCache: true. The FAPI Proxy will use this to route directly to origin once Session Minter is enabled.The param is currently ignored by the backend and will be wired up in PLAT-2472.
Test plan
force_origin=truein query string whenskipCache: trueforce_originabsent whenskipCache: falseSummary by CodeRabbit
Bug Fixes
Tests
Chores