support search query in redirect URL (#23)

* support search query in redirect URL * commit file
descope · Mar 13, 2024 · bfc749c · bfc749c
1 parent b17bc8d
commit bfc749c
Show file tree

Hide file tree

Showing 6 changed files with 63 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -144,6 +144,7 @@ export default authMiddleware({
 
 	// The URL to redirect to if the user is not authenticated
 	// Defaults to process.env.SIGN_IN_ROUTE or '/sign-in' if not provided
+	// NOTE: In case it contains query parameters that exist in the original URL, they will override the original query parameters. e.g. if the original URL is /page?param1=1&param2=2 and the redirect URL is /sign-in?param1=3, the final redirect URL will be /sign-in?param1=3&param2=2
 	redirectUrl?: string
 
 	// An array of public routes that do not require authentication

diff --git a/src/server/authMiddleware.ts b/src/server/authMiddleware.ts
@@ -4,6 +4,7 @@ import descopeSdk from '@descope/node-sdk';
 import type { AuthenticationInfo } from '@descope/node-sdk';
 import { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants';
 import { getGlobalSdk } from './sdk';
+import { mergeSearchParams } from './utils';
 
 type MiddlewareOptions = {
 	// The Descope project ID to use for authentication
@@ -12,6 +13,7 @@ type MiddlewareOptions = {
 
 	// The URL to redirect to if the user is not authenticated
 	// Defaults to process.env.SIGN_IN_ROUTE or '/sign-in' if not provided
+	// NOTE: In case it contains query parameters that exist in the original URL, they will override the original query parameters. e.g. if the original URL is /page?param1=1&param2=2 and the redirect URL is /sign-in?param1=3, the final redirect URL will be /sign-in?param1=3&param2=2
 	redirectUrl?: string;
 
 	// An array of public routes that do not require authentication
@@ -79,7 +81,17 @@ const createAuthMiddleware =
 			if (!isPublicRoute(req, options)) {
 				const redirectUrl = options.redirectUrl || DEFAULT_PUBLIC_ROUTES.signIn;
 				const url = req.nextUrl.clone();
-				url.pathname = redirectUrl;
+				// Create a URL object for redirectUrl. 'http://example.com' is just a placeholder.
+				const parsedRedirectUrl = new URL(redirectUrl, 'http://example.com');
+				url.pathname = parsedRedirectUrl.pathname;
+
+				const searchParams = mergeSearchParams(
+					url.search,
+					parsedRedirectUrl.search
+				);
+				if (searchParams) {
+					url.search = searchParams;
+				}
 				console.debug(`Auth middleware, Redirecting to ${redirectUrl}`);
 				return NextResponse.redirect(url);
 			}

diff --git a/src/server/constants.ts b/src/server/constants.ts
@@ -3,7 +3,6 @@ declare const BUILD_VERSION: string;
 
 export const DESCOPE_SESSION_HEADER = 'x-descope-session';
 
-// eslint-disable-next-line import/prefer-default-export
 export const baseHeaders = {
 	'x-descope-sdk-name': 'nextjs',
 	'x-descope-sdk-version': BUILD_VERSION

diff --git a/src/server/utils.ts b/src/server/utils.ts
@@ -0,0 +1,21 @@
+/* eslint-disable import/prefer-default-export */
+
+/*
+Merges multiple search params into one.
+It will override according to the order of the search params
+Examples:
+ - mergeSearchParams('?a=1', '?b=2') => 'a=1&b=2'
+ - mergeSearchParams('?a=1', '?a=2') => 'a=2'
+ - mergeSearchParams('?a=1', '?a=2', '?b=3') => 'a=2&b=3'
+*/
+export const mergeSearchParams = (...searchParams: string[]): string => {
+	const res = searchParams.reduce((acc, curr) => {
+		const currParams = new URLSearchParams(curr);
+		currParams.forEach((value, key) => {
+			acc.set(key, value);
+		});
+		return acc;
+	}, new URLSearchParams());
+
+	return res.toString();
+};
diff --git a/test/server/authMiddleware.test.ts b/test/server/authMiddleware.test.ts
@@ -116,4 +116,17 @@ describe('authMiddleware', () => {
 			pathname: customRedirectUrl
 		});
 	});
+
+	it('support and redirect url with search params', async () => {
+		mockValidateJwt.mockRejectedValue(new Error('Invalid JWT'));
+		const customRedirectUrl = '/custom-sign-in?redirect=/another-path';
+		const middleware = authMiddleware({ redirectUrl: customRedirectUrl });
+		const mockReq = createMockNextRequest({ pathname: '/private' });
+
+		await middleware(mockReq);
+		expect(NextResponse.redirect).toHaveBeenCalledWith({
+			pathname: '/custom-sign-in',
+			search: `redirect=${encodeURIComponent('/another-path')}`
+		});
+	});
 });
diff --git a/test/server/utils.test.ts b/test/server/utils.test.ts
@@ -0,0 +1,15 @@
+import { mergeSearchParams } from '../../src/server/utils';
+
+describe('utils', () => {
+	describe('mergeSearchParams', () => {
+		it('should merge search params', () => {
+			const searchParams = mergeSearchParams('a=1&b=2', 'c=3&d=4');
+			expect(searchParams).toBe('a=1&b=2&c=3&d=4');
+		});
+
+		it('should merge search params with duplicate keys', () => {
+			const searchParams = mergeSearchParams('a=1&b=2', 'a=3&d=4');
+			expect(searchParams).toBe('a=3&b=2&d=4');
+		});
+	});
+});