feat(backend): For production apps, let all errors end up in handshake

nikosdouvlis · nikosdouvlis · commit 682c57c49462 · 2024-08-01T01:42:08.000+03:00
If a handshake loop occurs, it's going to be stopped by the infinite loop prevention mechanism and the request will terminate with a signed out state
diff --git a/packages/backend/src/tokens/request.ts b/packages/backend/src/tokens/request.ts
@@ -229,30 +229,6 @@ ${error.getFullMessage()}`,
     throw new Error(`Clerk: Handshake token verification failed: ${error.getFullMessage()}.`);
   }
 
-  function handleHandshakeTokenVerificationErrorInProduction(error: TokenVerificationError) {
-    // In production, the handshake token is being transferred as a cookie, so there is a possibility of collision
-    // with a handshake token of another app running on the same etld+1 domain.
-    // For example, if one app is running on sub1.clerk.com and another on sub2.clerk.com, the handshake token
-    // cookie for both apps will be set on etld+1 (clerk.com) so there's a possibility that one app will accidentally
-    // use the handshake token of a different app during the handshake flow.
-    // In this scenario, verification will fail with TokenInvalidSignature. In contrast to the development case,
-    // we need to allow the flow to continue so the app eventually retries another handshake with the correct token.
-    // We need to make sure, however, that we don't allow the flow to continue indefinitely, so we throw an error after X
-    // retries to avoid an infinite loop. An infinite loop can happen if the customer switched Clerk keys for their prod app.
-    if (
-      error.reason === TokenVerificationErrorReason.TokenInvalidSignature ||
-      error.reason === TokenVerificationErrorReason.InvalidSecretKey ||
-      error.reason === TokenVerificationErrorReason.JWKKidMismatch ||
-      error.reason === TokenVerificationErrorReason.JWKFailedToResolve
-    ) {
-      // Let the request go through and eventually retry another handshake,
-      // only if needed - a handshake will be thrown if another rule matches
-      return;
-    }
-    const msg = `Clerk: Handshake token verification failed with "${error.getFullMessage()}"`;
-    return signedOut(authenticateContext, AuthErrorReason.UnexpectedError, msg);
-  }
-
   async function authenticateRequestWithTokenInCookie() {
     const hasActiveClient = authenticateContext.clientUat;
     const hasSessionToken = !!authenticateContext.sessionTokenInCookie;
@@ -270,19 +246,23 @@ ${error.getFullMessage()}`,
       try {
         return await resolveHandshake();
       } catch (error) {
+        // In production, the handshake token is being transferred as a cookie, so there is a possibility of collision
+        // with a handshake token of another app running on the same etld+1 domain.
+        // For example, if one app is running on sub1.clerk.com and another on sub2.clerk.com, the handshake token
+        // cookie for both apps will be set on etld+1 (clerk.com) so there's a possibility that one app will accidentally
+        // use the handshake token of a different app during the handshake flow.
+        // In this scenario, verification will fail with TokenInvalidSignature. In contrast to the development case,
+        // we need to allow the flow to continue so the app eventually retries another handshake with the correct token.
+        // We need to make sure, however, that we don't allow the flow to continue indefinitely, so we throw an error after X
+        // retries to avoid an infinite loop. An infinite loop can happen if the customer switched Clerk keys for their prod app.
+
+        // Check the handleHandshakeTokenVerificationErrorInDevelopment function for the development case.
         if (error instanceof TokenVerificationError && authenticateContext.instanceType === 'development') {
           handleHandshakeTokenVerificationErrorInDevelopment(error);
         }
-
-        if (error instanceof TokenVerificationError && authenticateContext.instanceType === 'production') {
-          const terminateEarly = handleHandshakeTokenVerificationErrorInProduction(error);
-          if (terminateEarly) {
-            return terminateEarly;
-          }
-        }
       }
     }
-
+    console.log('4');
     /**
      * Otherwise, check for "known unknown" auth states that we can resolve with a handshake.
      */
@@ -360,6 +340,8 @@ ${error.getFullMessage()}`,
       return handleError(decodedErrors[0], 'cookie');
     }
 
+    console.log('5');
+    // prin eskage edo
     if (decodeResult.payload.iat < authenticateContext.clientUat) {
       return handleMaybeHandshakeStatus(authenticateContext, AuthErrorReason.SessionTokenOutdated, '');
     }
