diff --git a/packages/backend/src/tokens/handshake.ts b/packages/backend/src/tokens/handshake.ts index c6c9ccc3552..005644b0881 100644 --- a/packages/backend/src/tokens/handshake.ts +++ b/packages/backend/src/tokens/handshake.ts @@ -149,6 +149,10 @@ export class HandshakeService { url.searchParams.append(constants.QueryParameters.HandshakeReason, reason); url.searchParams.append(constants.QueryParameters.HandshakeFormat, 'nonce'); + if (this.authenticateContext.sessionToken) { + url.searchParams.append(constants.Cookies.Session, this.authenticateContext.sessionToken); + } + if (this.authenticateContext.instanceType === 'development' && this.authenticateContext.devBrowserToken) { url.searchParams.append(constants.QueryParameters.DevBrowser, this.authenticateContext.devBrowserToken); } @@ -221,6 +225,7 @@ export class HandshakeService { newUrl.searchParams.delete(constants.QueryParameters.Handshake); newUrl.searchParams.delete(constants.QueryParameters.HandshakeHelp); newUrl.searchParams.delete(constants.QueryParameters.DevBrowser); + newUrl.searchParams.delete(constants.QueryParameters.HandshakeNonce); headers.append(constants.Headers.Location, newUrl.toString()); headers.set(constants.Headers.CacheControl, 'no-store'); } diff --git a/packages/clerk-js/src/core/resources/Session.ts b/packages/clerk-js/src/core/resources/Session.ts index 7128832ccaf..b18ca555e3e 100644 --- a/packages/clerk-js/src/core/resources/Session.ts +++ b/packages/clerk-js/src/core/resources/Session.ts @@ -38,7 +38,7 @@ import { TokenId } from '@/utils/tokenId'; import { clerkInvalidStrategy, clerkMissingWebAuthnPublicKeyOptions } from '../errors'; import { eventBus, events } from '../events'; import { SessionTokenCache } from '../tokenCache'; -import { BaseResource, PublicUserData, Token, User } from './internal'; +import { BaseResource, ClerkAPIResponseError, PublicUserData, Token, User } from './internal'; import { SessionVerification } from './SessionVerification'; export class Session extends BaseResource implements SessionResource { @@ -399,9 +399,18 @@ export class Session extends BaseResource implements SessionResource { // TODO: update template endpoint to accept organizationId const params: Record = template ? {} : { organizationId }; - const tokenResolver = Token.create(path, params); - - // Cache the promise immediately to prevent concurrent calls from triggering duplicate requests + const tokenResolver = Token.create(path, params).catch(e => { + if ( + e instanceof ClerkAPIResponseError && + e.status === 422 && + e.errors.length > 0 && + e.errors[0].code === 'missing_expired_token' && + this.lastActiveToken + ) { + return Token.create(path, { ...params }, { expired_token: this.lastActiveToken.getRawString() }); + } + throw e; + }); SessionTokenCache.set({ tokenId, tokenResolver }); return tokenResolver.then(token => { diff --git a/packages/clerk-js/src/core/resources/Token.ts b/packages/clerk-js/src/core/resources/Token.ts index 80df33dc793..29f94151d53 100644 --- a/packages/clerk-js/src/core/resources/Token.ts +++ b/packages/clerk-js/src/core/resources/Token.ts @@ -8,11 +8,12 @@ export class Token extends BaseResource implements TokenResource { jwt?: JWT; - static async create(path: string, body: any = {}): Promise { + static async create(path: string, body: any = {}, search: Record = {}): Promise { const json = (await BaseResource._fetch({ path, method: 'POST', body, + search, })) as unknown as TokenJSON; return new Token(json, path);