diff --git a/docs/content/docs/plugins/bearer.mdx b/docs/content/docs/plugins/bearer.mdx index 67c8da5d..2446c62d 100644 --- a/docs/content/docs/plugins/bearer.mdx +++ b/docs/content/docs/plugins/bearer.mdx @@ -22,15 +22,6 @@ export const auth = betterAuth({ }); ``` -And in your auth client as well: - -```ts title="auth-client.ts" -import { bearerClient } from "better-auth/client/plugins"; -export const authClient = createAuthClient({ - plugins: [bearerClient()] -}); -``` - ## How to Use Bearer Tokens ### 1. Obtain the Bearer Token @@ -66,6 +57,7 @@ export const authClient = createAuthClient({ }); ``` + You may want to clear the token based on the response status code or other conditions: ### 2. Configure the Auth Client @@ -145,6 +137,3 @@ export async function handler(req, res) { ## Options **requireSignature** (boolean): Require the token to be signed. Default: `false`. - -**cookieName** (string): Custom cookie name for the temporary bearer token confirmation cookie. Default: `"bearer-token-confirmation"`. -(For more information, [read here](https://github.com/better-auth/better-auth/pull/4123)) \ No newline at end of file diff --git a/packages/better-auth/src/adapters/kysely-adapter/test/state.txt b/packages/better-auth/src/adapters/kysely-adapter/test/state.txt index 027047b4..0e5ea08e 100644 --- a/packages/better-auth/src/adapters/kysely-adapter/test/state.txt +++ b/packages/better-auth/src/adapters/kysely-adapter/test/state.txt @@ -1 +1 @@ -IDLE \ No newline at end of file +RUNNING \ No newline at end of file diff --git a/packages/better-auth/src/client/plugins/index.ts b/packages/better-auth/src/client/plugins/index.ts index 3f00739b..a4a4f212 100644 --- a/packages/better-auth/src/client/plugins/index.ts +++ b/packages/better-auth/src/client/plugins/index.ts @@ -19,6 +19,5 @@ export * from "../../plugins/oidc-provider/client"; export * from "../../plugins/api-key/client"; export * from "../../plugins/one-time-token/client"; export * from "../../plugins/siwe/client"; -export * from "../../plugins/bearer/client"; export * from "../../plugins/device-authorization/client"; export type * from "@simplewebauthn/server"; diff --git a/packages/better-auth/src/plugins/bearer/client.ts b/packages/better-auth/src/plugins/bearer/client.ts deleted file mode 100644 index 27c609a1..00000000 --- a/packages/better-auth/src/plugins/bearer/client.ts +++ /dev/null @@ -1,17 +0,0 @@ -import type { BetterAuthClientPlugin } from "../../types"; - -export const bearerClient = () => { - return { - id: "bearer", - getActions($fetch, $store, options) { - if (typeof document === "undefined") return {}; - const cookie = document.cookie; - if (cookie.includes("bearer-token=true")) { - // This will hit the endpoint which would grab the bearer token cookie if it exists, then delete said cookie - // It will then return the bearer token in the response which should be caught on the authClient's `onSuccess` hook - $fetch("/get-bearer-token"); - } - return {}; - }, - } satisfies BetterAuthClientPlugin; -}; diff --git a/packages/better-auth/src/plugins/bearer/index.ts b/packages/better-auth/src/plugins/bearer/index.ts index 1610cb76..add11d87 100644 --- a/packages/better-auth/src/plugins/bearer/index.ts +++ b/packages/better-auth/src/plugins/bearer/index.ts @@ -1,7 +1,7 @@ import { serializeSignedCookie } from "better-call"; import type { BetterAuthPlugin } from "../../types/plugins"; import { parseSetCookieHeader } from "../../cookies"; -import { createAuthEndpoint, createAuthMiddleware } from "../../api"; +import { createAuthMiddleware } from "../../api"; import { createHMAC } from "@better-auth/utils/hmac"; interface BearerOptions { @@ -13,76 +13,14 @@ interface BearerOptions { * @default false */ requireSignature?: boolean; - /** - * Custom cookie name for the temporary bearer token confirmation cookie. - * - * @default "bearer-token-confirmation" - */ - cookieName?: string; } /** * Converts bearer token to session cookie */ export const bearer = (options?: BearerOptions) => { - const bearerConfirmationCookieName = - options?.cookieName || "bearer-token-confirmation"; return { id: "bearer", - endpoints: { - getBearerToken: createAuthEndpoint( - "/get-bearer-token", - { - method: "GET", - metadata: { - client: false, - }, - requireHeaders: true, - }, - async (ctx) => { - const cookieString = ctx.headers.get("cookie"); - if (!cookieString) { - return ctx.json({ - success: false, - }); - } - const cookies = cookieString - .split(";") - .map((cookie) => cookie.trim()); - const foundBearerToken = cookies.find((cookie) => - cookie.startsWith(`${bearerConfirmationCookieName}=`), - ); - const foundSessionToken = cookies.find((cookie) => - cookie.startsWith(ctx.context.authCookies.sessionToken.name), - ); - if (foundBearerToken && foundSessionToken) { - const setCookie = foundSessionToken.split("=")[1]; - const parsedCookies = parseSetCookieHeader(setCookie); - const cookieName = ctx.context.authCookies.sessionToken.name; - const sessionCookie = parsedCookies.get(cookieName); - if ( - !sessionCookie || - !sessionCookie.value || - sessionCookie["max-age"] === 0 - ) { - return; - } - const token = sessionCookie.value; - ctx.setHeader("set-auth-token", token); - ctx.setHeader( - "set-cookie", - `${bearerConfirmationCookieName}=; Path=/; HttpOnly; SameSite=Strict; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT`, - ); - return ctx.json({ - success: true, - }); - } - return ctx.json({ - success: false, - }); - }, - ), - }, hooks: { before: [ { @@ -176,19 +114,6 @@ export const bearer = (options?: BearerOptions) => { .filter(Boolean), ); headersSet.add("set-auth-token"); - const location = - ctx.context.responseHeaders?.get("location") || - ctx.context.responseHeaders?.get("Location"); - // If location exists, it likely means the authClient isn't able to pick up the bearer token. - // We will store a "bearer-token-confirmation" cookie so that when the authClient loads it can hit the - // `/get-bearer-token` endpoint and check for it, then delete it and return the bearer token. - if (location) { - // set a temporary cookie that will be used to get the bearer token - ctx.setHeader( - "set-cookie", - `${bearerConfirmationCookieName}=true; Path=/; SameSite=Strict; Secure`, - ); - } ctx.setHeader("set-auth-token", token); ctx.setHeader( "Access-Control-Expose-Headers", diff --git a/packages/better-auth/src/test-utils/test-instance.ts b/packages/better-auth/src/test-utils/test-instance.ts index 0ea24d5b..44403779 100644 --- a/packages/better-auth/src/test-utils/test-instance.ts +++ b/packages/better-auth/src/test-utils/test-instance.ts @@ -16,7 +16,6 @@ import { MongoClient } from "mongodb"; import { mongodbAdapter } from "../adapters/mongodb-adapter"; import { createPool } from "mysql2/promise"; import { bearer } from "../plugins"; -import { bearerClient } from "../client/plugins"; const cleanupSet = new Set(); @@ -248,10 +247,6 @@ export async function getTestInstance< const client = createAuthClient({ ...(config?.clientOptions as C extends undefined ? {} : C), - plugins: [ - bearerClient(), - ...((config?.clientOptions?.plugins as C["plugins"]) || []), - ], baseURL: getBaseURL( options?.baseURL || "http://localhost:" + (config?.port || 3000), options?.basePath || "/api/auth",