diff --git a/.changeset/evil-points-fly.md b/.changeset/evil-points-fly.md new file mode 100644 index 00000000000..da0737489da --- /dev/null +++ b/.changeset/evil-points-fly.md @@ -0,0 +1,5 @@ +--- +'@clerk/backend': patch +--- + +Renaming `__experimental_passwordCompromised` to `__experimental_setPasswordCompromised` and introducing `__experimental_unsetPasswordCompromised` diff --git a/integration/testUtils/usersService.ts b/integration/testUtils/usersService.ts index 53ad10a5aa0..e8b0f058675 100644 --- a/integration/testUtils/usersService.ts +++ b/integration/testUtils/usersService.ts @@ -89,7 +89,7 @@ export type UserService = { createFakeOrganization: (userId: string) => Promise; getUser: (opts: { id?: string; email?: string }) => Promise; createFakeAPIKey: (userId: string) => Promise; - passwordCompromised: (userId: string) => Promise; + setPasswordCompromised: (userId: string) => Promise; }; /** @@ -236,8 +236,8 @@ export const createUserService = (clerkClient: ClerkClient) => { clerkClient.apiKeys.revoke({ apiKeyId: apiKey.id, revocationReason: reason }), } satisfies FakeAPIKey; }, - passwordCompromised: async (userId: string) => { - await withErrorLogging('passwordCompromised', () => clerkClient.users.__experimental_passwordCompromised(userId)); + setPasswordCompromised: async (userId: string) => { + await clerkClient.users.__experimental_setPasswordCompromised(userId); }, }; diff --git a/integration/tests/session-tasks-sign-in-reset-password.test.ts b/integration/tests/session-tasks-sign-in-reset-password.test.ts index ac303f19473..2a61c446581 100644 --- a/integration/tests/session-tasks-sign-in-reset-password.test.ts +++ b/integration/tests/session-tasks-sign-in-reset-password.test.ts @@ -19,7 +19,7 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword const user = u.services.users.createFakeUser(); const createdUser = await u.services.users.createBapiUser(user); - await u.services.users.passwordCompromised(createdUser.id); + await u.services.users.setPasswordCompromised(createdUser.id); // Performs sign-in await u.po.signIn.goTo(); @@ -66,7 +66,7 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword const user = u.services.users.createFakeUser(); const createdUser = await u.services.users.createBapiUser(user); - await u.services.users.passwordCompromised(createdUser.id); + await u.services.users.setPasswordCompromised(createdUser.id); const fakeOrganization = u.services.organizations.createFakeOrganization(); await u.services.organizations.createBapiOrganization({ name: fakeOrganization.name, diff --git a/packages/backend/src/api/endpoints/UserApi.ts b/packages/backend/src/api/endpoints/UserApi.ts index f78517ed3b4..a24c3ec4f23 100644 --- a/packages/backend/src/api/endpoints/UserApi.ts +++ b/packages/backend/src/api/endpoints/UserApi.ts @@ -199,6 +199,10 @@ type DeleteUserExternalAccountParams = { externalAccountId: string; }; +type SetPasswordCompromisedParams = { + revokeAllSessions?: boolean; +}; + type UserID = { userId: string; }; @@ -448,14 +452,25 @@ export class UserAPI extends AbstractAPI { }); } - public async __experimental_passwordCompromised(userId: string) { + public async __experimental_setPasswordCompromised( + userId: string, + params: SetPasswordCompromisedParams = { + revokeAllSessions: false, + }, + ) { + this.requireId(userId); + return this.request({ + method: 'POST', + path: joinPaths(basePath, userId, 'password', 'set_compromised'), + bodyParams: params, + }); + } + + public async __experimental_unsetPasswordCompromised(userId: string) { this.requireId(userId); return this.request({ method: 'POST', - path: joinPaths(basePath, userId, 'password_compromised'), - bodyParams: { - revokeAllSessions: false, - }, + path: joinPaths(basePath, userId, 'password', 'unset_compromised'), }); } }