Upgrade deps + allow node 18.x (#5622)

* Upgrade deps + allow node 18.x * Upgraded next-auth to v4.17 * Latest known to work version of next-auth * Make next-auth.d.ts compatible with next-auth@v4.17.0 * Type fixes Co-authored-by: Peer Richelsen <peeroke@gmail.com>
2022-11-23 18:35:08 +00:00 · 2022-11-23 18:35:08 +00:00 · b31b8cc6df
parent 6dce57440e
commit b31b8cc6df
8 changed files with 1252 additions and 149 deletions
--- a/apps/web/package.json
+++ b/apps/web/package.json
@ -19,11 +19,11 @@
    "check-changed-files": "ts-node scripts/ts-check-changed-files.ts"
  },
  "engines": {
-    "node": "16.x",
+    "node": "16.x || 18.x",
    "yarn": ">=1.19.0 < 2.0.0"
  },
  "dependencies": {
-    "@boxyhq/saml-jackson": "1.3.1",
+    "@boxyhq/saml-jackson": "1.3.6",
    "@calcom/app-store": "*",
    "@calcom/app-store-cli": "*",
    "@calcom/core": "*",
--- a/apps/web/pages/api/auth/[...nextauth].tsx
+++ b/apps/web/pages/api/auth/[...nextauth].tsx
@ -271,7 +271,7 @@ export default NextAuth({
          username: user.username,
          email: user.email,
          role: user.role,
-          impersonatedByUID: user?.impersonatedByUID as number,
+          impersonatedByUID: user?.impersonatedByUID,
        };
      }

@ -331,16 +331,16 @@ export default NextAuth({
    async signIn(params) {
      const { user, account, profile } = params;

-      if (account.provider === "email") {
+      if (account?.provider === "email") {
        return true;
      }
      // In this case we've already verified the credentials in the authorize
      // callback so we can sign the user in.
-      if (account.type === "credentials") {
+      if (account?.type === "credentials") {
        return true;
      }

-      if (account.type !== "oauth") {
+      if (account?.type !== "oauth") {
        return false;
      }

@ -352,12 +352,14 @@ export default NextAuth({
        return false;
      }

-      if (account.provider) {
+      if (account?.provider) {
        let idP: IdentityProvider = IdentityProvider.GOOGLE;
        if (account.provider === "saml") {
          idP = IdentityProvider.SAML;
        }
-        user.email_verified = user.email_verified || user.emailVerified || profile.email_verified;
+        // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+        // @ts-ignore-error TODO validate email_verified key on profile
+        user.email_verified = user.email_verified || !!user.emailVerified || profile.email_verified;

        if (!user.email_verified) {
          return "/auth/error?error=unverified-email";
@ -440,7 +442,7 @@ export default NextAuth({
                emailVerified: new Date(Date.now()),
                name: user.name,
                identityProvider: idP,
-                identityProviderId: user.id as string,
+                identityProviderId: String(user.id),
              },
            });

@ -463,7 +465,7 @@ export default NextAuth({
            name: user.name,
            email: user.email,
            identityProvider: idP,
-            identityProviderId: user.id as string,
+            identityProviderId: String(user.id),
          },
        });
        const linkAccountNewUserData = { ...account, userId: newUser.id };
--- a/apps/web/pages/video/[uid].tsx
+++ b/apps/web/pages/video/[uid].tsx
@ -136,7 +136,7 @@ export async function getServerSideProps(context: NextPageContext) {
  const session = await getSession();

  // set meetingPassword to null for guests
-  if (session?.userid !== bookingObj.user?.id) {
+  if (session?.user.id !== bookingObj.user?.id) {
    bookingObj.references.forEach((bookRef) => {
      bookRef.meetingPassword = null;
    });
--- a/package.json
+++ b/package.json
@ -62,11 +62,11 @@
    "@types/jest": "^28.1.7",
    "dotenv-checker": "^1.1.5",
    "husky": "^8.0.1",
+    "jest": "^28.1.0",
    "jest-environment-jsdom": "^28.1.3",
    "jest-mock-extended": "^2.0.7",
    "jest-watch-select-projects": "^2.0.0",
    "jest-watch-typeahead": "^2.0.0",
-    "jest": "^28.1.0",
    "lint-staged": "^12.5.0",
    "prettier": "^2.7.1",
    "ts-jest": "^28.0.8"
@ -92,7 +92,7 @@
    ]
  },
  "engines": {
-    "node": "16.x",
+    "node": ">=16.x",
    "npm": ">=7.0.0",
    "yarn": ">=1.19.0 < 2.0.0"
  },
--- a/packages/lib/default-cookies.ts
+++ b/packages/lib/default-cookies.ts
@ -60,5 +60,14 @@ export function defaultCookies(useSecureCookies: boolean): CookiesOptions {
        httpOnly: true,
      },
    },
+    nonce: {
+      name: `${cookiePrefix}next-auth.nonce`,
+      options: {
+        httpOnly: true,
+        sameSite: "lax",
+        path: "/",
+        secure: useSecureCookies,
+      },
+    },
  };
 }
--- a/packages/trpc/server/routers/viewer/saml.tsx
+++ b/packages/trpc/server/routers/viewer/saml.tsx
@ -30,7 +30,7 @@ export const samlRouter = router({
      }

      // Retrieve the SP SAML Config
-      const SPConfig = samlSPConfig.get();
+      const SPConfig = await samlSPConfig.get();

      const response = {
        provider: "",
--- a/packages/types/next-auth.d.ts
+++ b/packages/types/next-auth.d.ts
@ -1,19 +1,20 @@
-import { UserPermissionRole } from "@prisma/client";
-import { DefaultSession } from "next-auth";
+import { User as PrismaUser } from "@prisma/client";
+import { DefaultUser } from "next-auth";

 declare module "next-auth" {
-  type DefaultSessionUser = NonNullable<DefaultSession["user"]>;
-  type CalendsoSessionUser = DefaultSessionUser & {
-    id: number;
-    username: string;
-    impersonatedByUID?: number;
-    role: UserPermissionRole;
-  };
  /**
   * Returned by `useSession`, `getSession` and received as a prop on the `Provider` React Context
   */
  interface Session {
    hasValidLicense: boolean;
-    user: CalendsoSessionUser;
+    user: User;
+  }
+  interface User extends Omit<DefaultUser, "id"> {
+    id: PrismaUser["id"];
+    emailVerified?: PrismaUser["emailVerified"];
+    email_verified?: boolean;
+    impersonatedByUID?: number;
+    username?: PrismaUser["username"];
+    role?: PrismaUser["role"];
  }
 }
--- a/yarn.lock
+++ b/yarn.lock