diff --git a/.changeset/evil-points-fly.md b/.changeset/evil-points-fly.md new file mode 100644 index 00000000000..da0737489da --- /dev/null +++ b/.changeset/evil-points-fly.md @@ -0,0 +1,5 @@ +--- +'@clerk/backend': patch +--- + +Renaming `__experimental_passwordCompromised` to `__experimental_setPasswordCompromised` and introducing `__experimental_unsetPasswordCompromised` diff --git a/integration/testUtils/usersService.ts b/integration/testUtils/usersService.ts index 2e7b184af45..2d28af6cfa7 100644 --- a/integration/testUtils/usersService.ts +++ b/integration/testUtils/usersService.ts @@ -76,7 +76,7 @@ export type UserService = { createFakeOrganization: (userId: string) => Promise; getUser: (opts: { id?: string; email?: string }) => Promise; createFakeAPIKey: (userId: string) => Promise; - passwordCompromised: (userId: string) => Promise; + setPasswordCompromised: (userId: string) => Promise; }; /** @@ -212,7 +212,7 @@ export const createUserService = (clerkClient: ClerkClient) => { clerkClient.apiKeys.revoke({ apiKeyId: apiKey.id, revocationReason: reason }), } satisfies FakeAPIKey; }, - passwordCompromised: async (userId: string) => { + setPasswordCompromised: async (userId: string) => { await clerkClient.users.__experimental_passwordCompromised(userId); }, }; diff --git a/integration/tests/session-tasks-sign-in-reset-password.test.ts b/integration/tests/session-tasks-sign-in-reset-password.test.ts index 3835312a728..53f032d80b4 100644 --- a/integration/tests/session-tasks-sign-in-reset-password.test.ts +++ b/integration/tests/session-tasks-sign-in-reset-password.test.ts @@ -22,7 +22,7 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword const user = u.services.users.createFakeUser(); const createdUser = await u.services.users.createBapiUser(user); - await u.services.users.passwordCompromised(createdUser.id); + await u.services.users.setPasswordCompromised(createdUser.id); // Performs sign-in await u.po.signIn.goTo(); @@ -69,7 +69,7 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword const user = u.services.users.createFakeUser(); const createdUser = await u.services.users.createBapiUser(user); - await u.services.users.passwordCompromised(createdUser.id); + await u.services.users.setPasswordCompromised(createdUser.id); const fakeOrganization = u.services.organizations.createFakeOrganization(); await u.services.organizations.createBapiOrganization({ name: fakeOrganization.name, diff --git a/packages/backend/src/api/endpoints/UserApi.ts b/packages/backend/src/api/endpoints/UserApi.ts index d1408f9e5c5..41803ef3f60 100644 --- a/packages/backend/src/api/endpoints/UserApi.ts +++ b/packages/backend/src/api/endpoints/UserApi.ts @@ -199,6 +199,10 @@ type DeleteUserExternalAccountParams = { externalAccountId: string; }; +type SetPasswordCompromisedParams = { + revokeAllSessions?: boolean; +}; + type UserID = { userId: string; }; @@ -448,14 +452,25 @@ export class UserAPI extends AbstractAPI { }); } - public async __experimental_passwordCompromised(userId: string) { + public async __experimental_setPasswordCompromised( + userId: string, + params: SetPasswordCompromisedParams = { + revokeAllSessions: false, + }, + ) { + this.requireId(userId); + return this.request({ + method: 'POST', + path: joinPaths(basePath, userId, 'password', 'set_compromised'), + bodyParams: params, + }); + } + + public async __experimental_unsetPasswordCompromised(userId: string) { this.requireId(userId); return this.request({ method: 'POST', - path: joinPaths(basePath, userId, 'password_compromised'), - bodyParams: { - revokeAllSessions: false, - }, + path: joinPaths(basePath, userId, 'password', 'unset_compromised'), }); } }