supertokens · sattvikc · Feb 28, 2024 · Feb 7, 2024 · Feb 7, 2024 · Feb 8, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres
 to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## Unreleased
+
+- Add a new core API for fetching all the core properties
+
 ## [7.0.17] - 2024-02-06
 
 - Fixes issue where error logs were printed to StdOut instead of StdErr.

diff --git a/config.yaml b/config.yaml
@@ -48,7 +48,7 @@ core_config_version: 0
 # password_reset_token_lifetime:
 
 
-# (DIFFERENT_ACROSS_TENANTS | OPTIONAL | Default: 86400000 (1 day)) long value. Time in milliseconds for how long an 
+# (DIFFERENT_ACROSS_TENANTS | OPTIONAL | Default: 86400000 (1 day)) long value. Time in milliseconds for how long an
 # email verification token / link is valid for.
 # email_verification_token_lifetime:
 
@@ -139,7 +139,7 @@ core_config_version: 0
 
 # (OPTIONAL | Default: null). This is used when deploying the core in SuperTokens SaaS infrastructure. If set, limits
 # what database information is shown to / modifiable by the dev when they query the core to get the information about
-#  their tenants. It only exposes that information when this key is used instead of the regular api_keys config.
+# their tenants. It only exposes that information when this key is used instead of the regular api_keys config.
 # supertokens_saas_secret:
 
 # (DIFFERENT_ACROSS_APPS | OPTIONAL | Default: null). This is used when the core needs to assume a specific CDI version

diff --git a/devConfig.yaml b/devConfig.yaml
@@ -49,7 +49,7 @@ core_config_version: 0
 # password_reset_token_lifetime:
 
 
-# (DIFFERENT_ACROSS_TENANTS | OPTIONAL | Default: 86400000 (1 day)) long value. Time in milliseconds for how long an 
+# (DIFFERENT_ACROSS_TENANTS | OPTIONAL | Default: 86400000 (1 day)) long value. Time in milliseconds for how long an
 # email verification token / link is valid for.
 # email_verification_token_lifetime:
 
@@ -140,7 +140,7 @@ disable_telemetry: true
 
 # (OPTIONAL | Default: null). This is used when deploying the core in SuperTokens SaaS infrastructure. If set, limits
 # what database information is shown to / modifiable by the dev when they query the core to get the information about
-#  their tenants. It only exposes that information when this key is used instead of the regular api_keys config.
+# their tenants. It only exposes that information when this key is used instead of the regular api_keys config.
 # supertokens_saas_secret:
 
 # (DIFFERENT_ACROSS_APPS | OPTIONAL | Default: null). This is used when the core needs to assume a specific CDI version

diff --git a/src/main/java/io/supertokens/config/CoreConfig.java b/src/main/java/io/supertokens/config/CoreConfig.java
diff --git a/src/main/java/io/supertokens/config/annotations/ConfigDescription.java b/src/main/java/io/supertokens/config/annotations/ConfigDescription.java
@@ -0,0 +1,29 @@
+/*
+ *    Copyright (c) 2024, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+ package io.supertokens.config.annotations;
+
+ import java.lang.annotation.ElementType;
+ import java.lang.annotation.Retention;
+ import java.lang.annotation.RetentionPolicy;
+ import java.lang.annotation.Target;
+
+ @Retention(RetentionPolicy.RUNTIME)
+ @Target(ElementType.FIELD)
+ public @interface ConfigDescription {
+    String value() default "";
+ }
+
diff --git a/src/main/java/io/supertokens/config/annotations/EnumProperty.java b/src/main/java/io/supertokens/config/annotations/EnumProperty.java
@@ -0,0 +1,29 @@
+/*
+ *    Copyright (c) 2024, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+ package io.supertokens.config.annotations;
+
+ import java.lang.annotation.ElementType;
+ import java.lang.annotation.Retention;
+ import java.lang.annotation.RetentionPolicy;
+ import java.lang.annotation.Target;
+
+ @Retention(RetentionPolicy.RUNTIME)
+ @Target(ElementType.FIELD)
+ public @interface EnumProperty {
+    String[] value() default {};
+ }
+
diff --git a/src/main/java/io/supertokens/inmemorydb/Start.java b/src/main/java/io/supertokens/inmemorydb/Start.java
@@ -2758,6 +2758,11 @@ public Set<String> getValidFieldsInConfig() {
         return SQLiteConfig.getValidFields();
     }
 
+    @Override
+    public ArrayList<ConfigFieldInfo> getConfigFieldsInfo() {
+        return new ArrayList<ConfigFieldInfo>();
+    }
+
     @Override
     public void setLogLevels(Set<LOG_LEVEL> logLevels) {
         Config.setLogLevels(this, logLevels);

diff --git a/src/main/java/io/supertokens/webserver/Webserver.java b/src/main/java/io/supertokens/webserver/Webserver.java
@@ -258,6 +258,7 @@ private void setupRoutes() {
         addAPI(new ConsumeResetPasswordAPI(main));
 
         addAPI(new RequestStatsAPI(main));
+        addAPI(new CoreConfigListAPI(main));
 
         StandardContext context = tomcatReference.getContext();
         Tomcat tomcat = tomcatReference.getTomcat();

diff --git a/src/main/java/io/supertokens/webserver/api/core/CoreConfigListAPI.java b/src/main/java/io/supertokens/webserver/api/core/CoreConfigListAPI.java
@@ -0,0 +1,90 @@
+/*
+ *    Copyright (c) 2024, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.webserver.api.core;
+
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+
+import io.supertokens.Main;
+import io.supertokens.config.CoreConfig;
+import io.supertokens.pluginInterface.ConfigFieldInfo;
+import io.supertokens.storageLayer.StorageLayer;
+import io.supertokens.webserver.WebserverAPI;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+
+public class CoreConfigListAPI extends WebserverAPI {
+    private static final long serialVersionUID = -4641988458637882374L;
+
+    public CoreConfigListAPI(Main main) {
+        super(main, "");
+    }
+
+    @Override
+    public String getPath() {
+        return "/core-config/list";
+    }
+
+    @Override
+    protected boolean checkAPIKey(HttpServletRequest req) {
+        return false;
+    }
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
+        ArrayList<ConfigFieldInfo> config = CoreConfig.getConfigFieldsInfo();
+        ArrayList<ConfigFieldInfo> storageFields = StorageLayer.getBaseStorage(main).getConfigFieldsInfo();
+
+        config.addAll(storageFields);
+
+        JsonObject result = new JsonObject();
+
+        JsonArray configJson = new JsonArray();
+        for (ConfigFieldInfo field : config) {
+            JsonObject fieldJson = new GsonBuilder().create().toJsonTree(field).getAsJsonObject();
+            configJson.add(fieldJson);
+        }
+
+        try {
+            if (shouldProtectProtectedConfig(req)) {
+                JsonArray configWithouProtectedFields = new JsonArray();
+                String[] protectedPluginFields = StorageLayer.getBaseStorage(main)
+                        .getProtectedConfigsFromSuperTokensSaaSUsers();
+                for (JsonElement field : configJson) {
+                    String fieldName = field.getAsJsonObject().get("name").getAsString();
+                    if (!Arrays.asList(protectedPluginFields).contains(fieldName) && !Arrays.asList(CoreConfig.PROTECTED_CONFIGS).contains(fieldName)) {
+                        configWithouProtectedFields.add(field);
+                    }
+                }
+                configJson = configWithouProtectedFields;
+            }
+        } catch (Exception e) {
+        }
+
+        result.addProperty("status", "OK");
+        result.add("config", configJson);
+        super.sendJsonResponse(200, result, resp);
+
+    }
+}