fix: backport to core 6.0 (#214)

Author: sattvikc

CHANGELOG.md

@@ -7,6 +7,13 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [4.0.5] - 2024-03-21
+
+- Fixes user id mapping queries
+- Adds a new `useStaticKey` param to `updateSessionInfo_Transaction`
+  - This enables smooth switching between `useDynamicAccessTokenSigningKey` settings by allowing refresh calls to
+    change the signing key type of a session
+
 ## [4.0.4] - 2024-02-20
 
 - Fixes vulnerabilities in dependencies

build.gradle

@@ -2,7 +2,7 @@ plugins {
     id 'java-library'
 }
 
-version = "4.0.4"
+version = "4.0.5"
 
 repositories {
     mavenCentral()

src/main/java/io/supertokens/storage/postgresql/Start.java

@@ -642,11 +642,11 @@ public SessionInfo getSessionInfo_Transaction(TenantIdentifier tenantIdentifier,
     @Override
     public void updateSessionInfo_Transaction(TenantIdentifier tenantIdentifier, TransactionConnection con,
                                               String sessionHandle, String refreshTokenHash2,
-                                              long expiry) throws StorageQueryException {
+                                              long expiry, boolean useStaticKey) throws StorageQueryException {
         Connection sqlCon = (Connection) con.getConnection();
         try {
             SessionQueries.updateSessionInfo_Transaction(this, sqlCon, tenantIdentifier, sessionHandle,
-                    refreshTokenHash2, expiry);
+                    refreshTokenHash2, expiry, useStaticKey);
         } catch (SQLException e) {
             throw new StorageQueryException(e);
         }
@@ -2244,10 +2244,10 @@ public boolean updateOrDeleteExternalUserIdInfo(AppIdentifier appIdentifier, Str
     }
 
     @Override
-    public HashMap<String, String> getUserIdMappingForSuperTokensIds(ArrayList<String> userIds)
+    public HashMap<String, String> getUserIdMappingForSuperTokensIds(AppIdentifier appIdentifier, ArrayList<String> userIds)
             throws StorageQueryException {
         try {
-            return UserIdMappingQueries.getUserIdMappingWithUserIds(this, userIds);
+            return UserIdMappingQueries.getUserIdMappingWithUserIds(this, appIdentifier, userIds);
         } catch (SQLException e) {
             throw new StorageQueryException(e);
         }

src/main/java/io/supertokens/storage/postgresql/queries/SessionQueries.java

@@ -141,18 +141,19 @@ public static SessionInfo getSessionInfo_Transaction(Start start, Connection con
 
     public static void updateSessionInfo_Transaction(Start start, Connection con, TenantIdentifier tenantIdentifier,
                                                      String sessionHandle,
-                                                     String refreshTokenHash2, long expiry)
+                                                     String refreshTokenHash2, long expiry, boolean useStaticKey)
             throws SQLException, StorageQueryException {
         String QUERY = "UPDATE " + getConfig(start).getSessionInfoTable()
-                + " SET refresh_token_hash_2 = ?, expires_at = ?"
+                + " SET refresh_token_hash_2 = ?, expires_at = ?, use_static_key = ?"
                 + " WHERE app_id = ? AND tenant_id = ? AND session_handle = ?";
 
         update(con, QUERY, pst -> {
             pst.setString(1, refreshTokenHash2);
             pst.setLong(2, expiry);
-            pst.setString(3, tenantIdentifier.getAppId());
-            pst.setString(4, tenantIdentifier.getTenantId());
-            pst.setString(5, sessionHandle);
+            pst.setBoolean(3, useStaticKey);
+            pst.setString(4, tenantIdentifier.getAppId());
+            pst.setString(5, tenantIdentifier.getTenantId());
+            pst.setString(6, sessionHandle);
         });
     }
 

src/main/java/io/supertokens/storage/postgresql/queries/UserIdMappingQueries.java

@@ -126,7 +126,9 @@ public static UserIdMapping[] getUserIdMappingWithEitherSuperTokensUserIdOrExter
 
     }
 
-    public static HashMap<String, String> getUserIdMappingWithUserIds(Start start, ArrayList<String> userIds)
+    public static HashMap<String, String> getUserIdMappingWithUserIds(Start start,
+                                                                      AppIdentifier appIdentifier,
+                                                                      ArrayList<String> userIds)
             throws SQLException, StorageQueryException {
 
         if (userIds.size() == 0) {
@@ -135,7 +137,8 @@ public static HashMap<String, String> getUserIdMappingWithUserIds(Start start, A
 
         // No need to filter based on tenantId because the id list is already filtered for a tenant
         StringBuilder QUERY = new StringBuilder(
-                "SELECT * FROM " + Config.getConfig(start).getUserIdMappingTable() + " WHERE supertokens_user_id IN (");
+                "SELECT * FROM " + Config.getConfig(start).getUserIdMappingTable() + " WHERE app_id = ? AND " +
+                        "supertokens_user_id IN (");
         for (int i = 0; i < userIds.size(); i++) {
             QUERY.append("?");
             if (i != userIds.size() - 1) {
@@ -145,9 +148,10 @@ public static HashMap<String, String> getUserIdMappingWithUserIds(Start start, A
         }
         QUERY.append(")");
         return execute(start, QUERY.toString(), pst -> {
+            pst.setString(1, appIdentifier.getAppId());
             for (int i = 0; i < userIds.size(); i++) {
-                // i+1 cause this starts with 1 and not 0
-                pst.setString(i + 1, userIds.get(i));
+                // i+2 cause this starts with 1 and not 0, and 1 is the app_id
+                pst.setString(i + 2, userIds.get(i));
             }
         }, result -> {
             HashMap<String, String> userIdMappings = new HashMap<>();