Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for async functions in context provider? #10

Open
jmurty opened this issue Aug 30, 2022 · 2 comments
Open

Support for async functions in context provider? #10

jmurty opened this issue Aug 30, 2022 · 2 comments

Comments

@jmurty
Copy link

jmurty commented Aug 30, 2022

We would like to use this KnownUser library for server-side queueing from a Next.js application, but we are finding the Node library difficult to apply to our use-case.

The main problem we have is the requirement that context provider (IConnectorContextProvider) functions all return synchronous results instead of async/promises, especially getCryptoProvider().getSha256Hash().

We want to run the KnownUser validation in Next.js middleware but in these run in an Edge Runtime context where we don't have access to native Node libraries like crypto as used in the example. Instead we can use the Web Crypto API, but that only provides async crypto functions.

This means we cannot generate a HMAC/SHA-256 hash value for getCryptoProvider().getSha256Hash() synchronously, only with an async result which doesn't work where this context function is called in the rest of the codebase.

We are attempting to work around this by implementing just the incompatible pieces of KnownUser in own code – specifically token validation and follow-on cookie-setting – but are finding that the relatively few functions & utils exposed by KnownUser is making this difficult without re-implementing much of the library.

If the KnownUser library could support async function implementations in the context provider it would most likely work for us out of the box.
@sarooghi
Copy link
Contributor

sarooghi commented Aug 30, 2022
edited
Loading

Hi,
We are looking at the async support but do not have any timing for it.
As a workaround, you can bundle any sha256 library inside the javascript locally (without using the native module)
Please feel free to contact our support team we are happy to arrange a call and discuss the solution.

@jmurty
Copy link
Author

jmurty commented Aug 31, 2022

Thanks very much for the feedback and tip @sarooghi .

I tried the js-sha256 library but it didn't work in Next.js middleware because it relies on the Node.js process built-in.

However, the crypto-js library did work: success!

For anyone following, here's the final implementation I ended up with for Next.js middleware:

// Install `crypto-js` and add these imports:
// import Hex from "crypto-js/enc-hex";
// import hmacSHA256 from "crypto-js/hmac-sha256";

getCryptoProvider: function () {
  return {
    getSha256Hash: function (secretKey, plaintext) {
      // NOTE: We must use `crypt-js` library here instead of Node's
      // `crypto` built-in library, or other options like `js-sha256`,
      // because the other options rely on Node.js library inclusions that
      // aren't present or don't work in the Edge Runtime environment

      const hash = hmacSHA256(plaintext, secretKey);
      const hexHash = Hex.stringify(hash);
      return hexHash;
    },
  };
},

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jmurty @sarooghi