Return amazonaws.com for aws services public urls and add tests

supertokens · Sep 19, 2023 · 633adad · 633adad
1 parent 8816ffb
commit 633adad
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 2 deletions.
diff --git a/supertokens_python/utils.py b/supertokens_python/utils.py
@@ -304,10 +304,10 @@ def get_top_level_domain_for_same_site_resolution(url: str) -> str:
     if parsed_url.domain == "":  # type: ignore
         if hostname.endswith(".amazonaws.com"):
             # Example: url http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com
-            # return ec2-xx-yyy-zzz-0.compute-1.amazonaws.com
+            # return amazonaws.com
             # If user deploys the website on the same ec2 instance as the API
             # this use SameSite=lax, otherwise SameSite=none
-            return hostname
+            return "amazonaws.com"
 
         raise Exception(
             "Please make sure that the apiDomain and websiteDomain have correct values"

diff --git a/tests/test_config.py b/tests/test_config.py
@@ -736,3 +736,43 @@ async def test_samesite_invalid_config():
             )
         else:
             assert False, "Exception not raised"
+
+
+@mark.asyncio
+async def test_cookie_samesite_with_ec2_public_url():
+    start_st()
+    init(
+        supertokens_config=SupertokensConfig("http://localhost:3567"),
+        app_info=InputAppInfo(
+            app_name="SuperTokens Demo",
+            api_domain="https://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3001",
+            website_domain="https://blog.supertokens.com",
+            api_base_path="/",
+        ),
+        framework="fastapi",
+        recipe_list=[session.init(get_token_transfer_method=lambda _, __, ___: "cookie")]
+    )
+
+    # domain name isn't provided so browser decides to use the same host
+    # which will be ec2-xx-yyy-zzz-0.compute-1.amazonaws.com
+    assert SessionRecipe.get_instance().config.cookie_domain is None
+    assert SessionRecipe.get_instance().config.cookie_same_site == "none"
+    assert SessionRecipe.get_instance().config.cookie_secure is True
+
+    reset()
+
+    init(
+        supertokens_config=SupertokensConfig("http://localhost:3567"),
+        app_info=InputAppInfo(
+            app_name="SuperTokens Demo",
+            api_domain="http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3001",
+            website_domain="http://ec2-aa-bbb-ccc-0.compute-1.amazonaws.com:3000",
+            api_base_path="/",
+        ),
+        framework="fastapi",
+        recipe_list=[session.init(get_token_transfer_method=lambda _, __, ___: "cookie")],
+    )
+
+    assert SessionRecipe.get_instance().config.cookie_domain is None
+    assert SessionRecipe.get_instance().config.cookie_same_site == "lax"
+    assert SessionRecipe.get_instance().config.cookie_secure is False