Merge remote-tracking branch 'upstream/main' into add-effect-schema a…

…nd fix yarn.lock

.github/workflows/ci-event-emitter.yml

@@ -0,0 +1,25 @@
+name: ci-event-emitter
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'packages/event-emitter/**'
+  pull_request:
+    branches: ['*']
+    paths:
+      - 'packages/event-emitter/**'
+
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./packages/event-emitter
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20.x
+      - run: yarn install --frozen-lockfile
+      - run: yarn build
+      - run: yarn test

.github/workflows/ci-hello.yml

@@ -19,7 +19,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 18.x
+          node-version: 20.x
       - run: yarn install --frozen-lockfile
       - run: yarn build
       - run: yarn test

package.json

@@ -24,6 +24,7 @@
     "build:typia-validator": "yarn workspace @hono/typia-validator build",
     "build:swagger-ui": "yarn workspace @hono/swagger-ui build",
     "build:esbuild-transpiler": "yarn workspace @hono/esbuild-transpiler build",
+    "build:event-emitter": "yarn workspace @hono/event-emitter build",
     "build:oauth-providers": "yarn workspace @hono/oauth-providers build",
     "build:react-renderer": "yarn workspace @hono/react-renderer build",
     "build:auth-js": "yarn workspace @hono/auth-js build",

packages/auth-js/CHANGELOG.md

@@ -1,5 +1,17 @@
 # @hono/auth-js
 
+## 1.0.10
+
+### Patch Changes
+
+- [#614](https://github.com/honojs/middleware/pull/614) [`19f3beae1ab33bb3257694c742d1b3e5487a187d`](https://github.com/honojs/middleware/commit/19f3beae1ab33bb3257694c742d1b3e5487a187d) Thanks [@divyam234](https://github.com/divyam234)! - fix immutable headers error in x-forwarded req
+
+## 1.0.9
+
+### Patch Changes
+
+- [#598](https://github.com/honojs/middleware/pull/598) [`eb7e597aaabce2b2ac6e7809579c44f440c2b8b0`](https://github.com/honojs/middleware/commit/eb7e597aaabce2b2ac6e7809579c44f440c2b8b0) Thanks [@divyam234](https://github.com/divyam234)! - fix bun req cloning
+
 ## 1.0.8
 
 ### Patch Changes

packages/auth-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hono/auth-js",
-  "version": "1.0.8",
+  "version": "1.0.10",
   "description": "A third-party Auth js middleware for Hono",
   "main": "dist/index.js",
   "exports": {

packages/auth-js/src/index.ts

@@ -4,7 +4,7 @@ import type { AdapterUser } from '@auth/core/adapters'
 import type { JWT } from '@auth/core/jwt'
 import type { Session } from '@auth/core/types'
 import type { Context, MiddlewareHandler } from 'hono'
-import { env } from 'hono/adapter'
+import { env, getRuntimeKey } from 'hono/adapter'
 import { HTTPException } from 'hono/http-exception'
 import { setEnvDefaults as coreSetEnvDefaults } from '@auth/core'
 
@@ -38,33 +38,62 @@ export function setEnvDefaults(env: AuthEnv, config: AuthConfig) {
   coreSetEnvDefaults(env, config)
 }
 
-export function reqWithEnvUrl(req: Request, authUrl?: string): Request {
+async function cloneRequest(input: URL | string, request: Request, headers?: Headers) {
+  if (getRuntimeKey() === 'bun') {
+    return new Request(input, {
+      method: request.method,
+      headers: headers ?? new Headers(request.headers),
+      body:
+        request.method === 'GET' || request.method === 'HEAD' ? undefined : await request.blob(),
+      // @ts-ignore: TS2353
+      referrer: 'referrer' in request ? (request.referrer as string) : undefined,
+      // deno-lint-ignore no-explicit-any
+      referrerPolicy: request.referrerPolicy as any,
+      mode: request.mode,
+      credentials: request.credentials,
+      // @ts-ignore: TS2353
+      cache: request.cache,
+      redirect: request.redirect,
+      integrity: request.integrity,
+      keepalive: request.keepalive,
+      signal: request.signal,
+    })
+  }
+  return new Request(input, request)
+}
+
+export async function reqWithEnvUrl(req: Request, authUrl?: string) {
   if (authUrl) {
     const reqUrlObj = new URL(req.url)
     const authUrlObj = new URL(authUrl)
     const props = ['hostname', 'protocol', 'port', 'password', 'username'] as const
     props.forEach((prop) => (reqUrlObj[prop] = authUrlObj[prop]))
-    return new Request(reqUrlObj.href, req)
+    return cloneRequest(reqUrlObj.href, req)
   } else {
     const url = new URL(req.url)
-    const proto = req.headers.get('x-forwarded-proto')
-    const host = req.headers.get('x-forwarded-host') ?? req.headers.get('host')
+    const headers = new Headers(req.headers)
+    const proto = headers.get('x-forwarded-proto')
+    const host = headers.get('x-forwarded-host') ?? headers.get('host')
     if (proto != null) url.protocol = proto.endsWith(':') ? proto : proto + ':'
-    if (host) {
+    if (host != null) {
       url.host = host
       const portMatch = host.match(/:(\d+)$/)
       if (portMatch) url.port = portMatch[1]
       else url.port = ''
+      headers.delete('x-forwarded-host')
+      headers.delete('Host')
+      headers.set('Host', host)
     }
-    return new Request(url.href, req)
+    return cloneRequest(url.href, req, headers)
   }
 }
 
 export async function getAuthUser(c: Context): Promise<AuthUser | null> {
   const config = c.get('authConfig')
-  let ctxEnv = env(c) as AuthEnv
+  const ctxEnv = env(c) as AuthEnv
   setEnvDefaults(ctxEnv, config)
-  const origin = new URL(reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL).url).origin
+  const authReq = await reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL)
+  const origin = new URL(authReq.url).origin
   const request = new Request(`${origin}${config.basePath}/session`, {
     headers: { cookie: c.req.header('cookie') ?? '' },
   })
@@ -117,15 +146,16 @@ export function initAuthConfig(cb: ConfigHandler): MiddlewareHandler {
 export function authHandler(): MiddlewareHandler {
   return async (c) => {
     const config = c.get('authConfig')
-    let ctxEnv = env(c) as AuthEnv
-    
+    const ctxEnv = env(c) as AuthEnv
+
     setEnvDefaults(ctxEnv, config)
 
     if (!config.secret || config.secret.length === 0) {
       throw new HTTPException(500, { message: 'Missing AUTH_SECRET' })
     }
 
-    const res = await Auth(reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL), config)
+    const authReq = await reqWithEnvUrl(c.req.raw, ctxEnv.AUTH_URL)
+    const res = await Auth(authReq, config)
     return new Response(res.body, res)
   }
-}
+}

packages/auth-js/test/index.test.ts

@@ -3,7 +3,7 @@ import { skipCSRFCheck } from '@auth/core'
 import type { Adapter } from '@auth/core/adapters'
 import Credentials from '@auth/core/providers/credentials'
 import { Hono } from 'hono'
-import { describe, expect, it, vi } from 'vitest'
+import { describe, expect, it, vi } from "vitest"
 import type { AuthConfig } from '../src'
 import { authHandler, verifyAuth, initAuthConfig, reqWithEnvUrl } from '../src'
 
@@ -78,9 +78,9 @@ describe('Config', () => {
   })
 })
 
-describe('reqWithEnvUrl()', () => {
+describe('reqWithEnvUrl()', async() => {
   const req = new Request('http://request-base/request-path')
-  const newReq = reqWithEnvUrl(req, 'https://auth-url-base/auth-url-path')
+  const newReq = await reqWithEnvUrl(req, 'https://auth-url-base/auth-url-path')
   it('Should rewrite the base path', () => {
     expect(newReq.url.toString()).toBe('https://auth-url-base/request-path')
   })
@@ -126,6 +126,7 @@ describe('Credentials Provider', () => {
       password: {},
     },
     authorize: (credentials) => {
+
       if (credentials.password === 'password') {
         return user
       }
@@ -200,4 +201,4 @@ describe('Credentials Provider', () => {
     let html = await res.text()
     expect(html).toContain('action="https://example.com/api/auth/callback/credentials"')
   })
-})
+})

packages/event-emitter/CHANGELOG.md

@@ -0,0 +1,7 @@
+# @hono/event-emitter
+
+## 1.0.0
+
+### Major Changes
+
+- [#615](https://github.com/honojs/middleware/pull/615) [`53b4f331906f3da57da81e87d461889d0aff5cb4`](https://github.com/honojs/middleware/commit/53b4f331906f3da57da81e87d461889d0aff5cb4) Thanks [@DavidHavl](https://github.com/DavidHavl)! - Full release of Event Emitter middleware for Hono