From 7beadc7580a6bb41587f2446df4a6165369ae8b9 Mon Sep 17 00:00:00 2001 From: wobsoriano Date: Tue, 2 Dec 2025 11:38:35 -0800 Subject: [PATCH 1/3] chore(backend): Rename machine auth verification methods --- .../backend/src/api/__tests__/M2MTokenApi.test.ts | 8 ++++---- packages/backend/src/api/__tests__/factory.test.ts | 6 +++--- packages/backend/src/api/endpoints/APIKeysApi.ts | 11 ++++++++++- .../src/api/endpoints/IdPOAuthAccessTokenApi.ts | 11 ++++++++++- packages/backend/src/api/endpoints/M2MTokenApi.ts | 11 ++++++++++- packages/backend/src/tokens/verify.ts | 6 +++--- 6 files changed, 40 insertions(+), 13 deletions(-) diff --git a/packages/backend/src/api/__tests__/M2MTokenApi.test.ts b/packages/backend/src/api/__tests__/M2MTokenApi.test.ts index f2d8f99c016..b3ba1aed1c5 100644 --- a/packages/backend/src/api/__tests__/M2MTokenApi.test.ts +++ b/packages/backend/src/api/__tests__/M2MTokenApi.test.ts @@ -206,7 +206,7 @@ describe('M2MToken', () => { }); }); - describe('verifyToken', () => { + describe('verify', () => { it('verifies a m2m token using machine secret', async () => { const apiClient = createBackendApiClient({ apiUrl: 'https://api.clerk.test', @@ -223,7 +223,7 @@ describe('M2MToken', () => { ), ); - const response = await apiClient.m2m.verifyToken({ + const response = await apiClient.m2m.verify({ token: m2mSecret, }); @@ -249,7 +249,7 @@ describe('M2MToken', () => { ), ); - const response = await apiClient.m2m.verifyToken({ + const response = await apiClient.m2m.verify({ token: m2mSecret, }); @@ -274,7 +274,7 @@ describe('M2MToken', () => { ); const errResponse = await apiClient.m2m - .verifyToken({ + .verify({ token: m2mSecret, }) .catch(err => err); diff --git a/packages/backend/src/api/__tests__/factory.test.ts b/packages/backend/src/api/__tests__/factory.test.ts index e3e0f697461..bc73d4a207d 100644 --- a/packages/backend/src/api/__tests__/factory.test.ts +++ b/packages/backend/src/api/__tests__/factory.test.ts @@ -325,7 +325,7 @@ describe('api.client', () => { ), ); - const response = await apiClient.m2m.verifyToken({ + const response = await apiClient.m2m.verify({ machineSecretKey: 'ak_test_in_header_params', // this will be added to headerParams.Authorization token: 'mt_secret_test', }); @@ -353,7 +353,7 @@ describe('api.client', () => { ), ); - const response = await apiClient.m2m.verifyToken({ + const response = await apiClient.m2m.verify({ token: 'mt_secret_test', }); expect(response.id).toBe('mt_test'); @@ -425,7 +425,7 @@ describe('api.client', () => { ), ); - const response = await apiClient.m2m.verifyToken({ + const response = await apiClient.m2m.verify({ token: 'mt_secret_test', }); expect(response.id).toBe('mt_test'); diff --git a/packages/backend/src/api/endpoints/APIKeysApi.ts b/packages/backend/src/api/endpoints/APIKeysApi.ts index 1b9b1d6ddb4..7d0c951284a 100644 --- a/packages/backend/src/api/endpoints/APIKeysApi.ts +++ b/packages/backend/src/api/endpoints/APIKeysApi.ts @@ -2,6 +2,7 @@ import type { ClerkPaginationRequest } from '@clerk/shared/types'; import type { PaginatedResourceResponse } from '../../api/resources/Deserializer'; import { joinPaths } from '../../util/path'; +import { deprecated } from '../../util/shared'; import type { APIKey } from '../resources/APIKey'; import { AbstractAPI } from './AbstractApi'; @@ -88,11 +89,19 @@ export class APIKeysAPI extends AbstractAPI { }); } - async verifySecret(secret: string) { + async verify(secret: string) { return this.request({ method: 'POST', path: joinPaths(basePath, 'verify'), bodyParams: { secret }, }); } + + /** + * @deprecated Use `verify()` instead. This method will be removed in the next major release. + */ + async verifySecret(secret: string) { + deprecated('apiKeys.verifySecret()', 'Use `apiKeys.verify()` instead.'); + return this.verify(secret); + } } diff --git a/packages/backend/src/api/endpoints/IdPOAuthAccessTokenApi.ts b/packages/backend/src/api/endpoints/IdPOAuthAccessTokenApi.ts index e32c6188364..d300ec6f84e 100644 --- a/packages/backend/src/api/endpoints/IdPOAuthAccessTokenApi.ts +++ b/packages/backend/src/api/endpoints/IdPOAuthAccessTokenApi.ts @@ -1,15 +1,24 @@ import { joinPaths } from '../../util/path'; +import { deprecated } from '../../util/shared'; import type { IdPOAuthAccessToken } from '../resources'; import { AbstractAPI } from './AbstractApi'; const basePath = '/oauth_applications/access_tokens'; export class IdPOAuthAccessTokenApi extends AbstractAPI { - async verifyAccessToken(accessToken: string) { + async verify(accessToken: string) { return this.request({ method: 'POST', path: joinPaths(basePath, 'verify'), bodyParams: { access_token: accessToken }, }); } + + /** + * @deprecated Use `verify()` instead. This method will be removed in the next major release. + */ + async verifyAccessToken(accessToken: string) { + deprecated('idPOAuthAccessToken.verifyAccessToken()', 'Use `idPOAuthAccessToken.verify()` instead.'); + return this.verify(accessToken); + } } diff --git a/packages/backend/src/api/endpoints/M2MTokenApi.ts b/packages/backend/src/api/endpoints/M2MTokenApi.ts index 8ea48c1c105..1ba15555b53 100644 --- a/packages/backend/src/api/endpoints/M2MTokenApi.ts +++ b/packages/backend/src/api/endpoints/M2MTokenApi.ts @@ -1,4 +1,5 @@ import { joinPaths } from '../../util/path'; +import { deprecated } from '../../util/shared'; import type { ClerkBackendApiRequestOptions } from '../request'; import type { M2MToken } from '../resources/M2MToken'; import { AbstractAPI } from './AbstractApi'; @@ -94,7 +95,7 @@ export class M2MTokenApi extends AbstractAPI { return this.request(requestOptions); } - async verifyToken(params: VerifyM2MTokenParams) { + async verify(params: VerifyM2MTokenParams) { const { token, machineSecretKey } = params; const requestOptions = this.#createRequestOptions( @@ -108,4 +109,12 @@ export class M2MTokenApi extends AbstractAPI { return this.request(requestOptions); } + + /** + * @deprecated Use `verify()` instead. This method will be removed in the next major release. + */ + async verifyToken(params: VerifyM2MTokenParams) { + deprecated('m2m.verifyToken()', 'Use `m2m.verify()` instead.'); + return this.verify(params); + } } diff --git a/packages/backend/src/tokens/verify.ts b/packages/backend/src/tokens/verify.ts index dfc22cc4d66..1185322dbae 100644 --- a/packages/backend/src/tokens/verify.ts +++ b/packages/backend/src/tokens/verify.ts @@ -199,7 +199,7 @@ async function verifyM2MToken( ): Promise> { try { const client = createBackendApiClient(options); - const verifiedToken = await client.m2m.verifyToken({ token }); + const verifiedToken = await client.m2m.verify({ token }); return { data: verifiedToken, tokenType: TokenType.M2MToken, errors: undefined }; } catch (err: any) { return handleClerkAPIError(TokenType.M2MToken, err, 'Machine token not found'); @@ -212,7 +212,7 @@ async function verifyOAuthToken( ): Promise> { try { const client = createBackendApiClient(options); - const verifiedToken = await client.idPOAuthAccessToken.verifyAccessToken(accessToken); + const verifiedToken = await client.idPOAuthAccessToken.verify(accessToken); return { data: verifiedToken, tokenType: TokenType.OAuthToken, errors: undefined }; } catch (err: any) { return handleClerkAPIError(TokenType.OAuthToken, err, 'OAuth token not found'); @@ -225,7 +225,7 @@ async function verifyAPIKey( ): Promise> { try { const client = createBackendApiClient(options); - const verifiedToken = await client.apiKeys.verifySecret(secret); + const verifiedToken = await client.apiKeys.verify(secret); return { data: verifiedToken, tokenType: TokenType.ApiKey, errors: undefined }; } catch (err: any) { return handleClerkAPIError(TokenType.ApiKey, err, 'API key not found'); From bac3b5bda546327f0a063536398148fd55362c1d Mon Sep 17 00:00:00 2001 From: Robert Soriano Date: Tue, 2 Dec 2025 11:39:14 -0800 Subject: [PATCH 2/3] chore: add changeset --- .changeset/spotty-wasps-smoke.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/spotty-wasps-smoke.md diff --git a/.changeset/spotty-wasps-smoke.md b/.changeset/spotty-wasps-smoke.md new file mode 100644 index 00000000000..99ef745b910 --- /dev/null +++ b/.changeset/spotty-wasps-smoke.md @@ -0,0 +1,5 @@ +--- +"@clerk/backend": minor +--- + +Rename machine auth verification methods From 842f09f02c1be197f62de205981cace1b5e5aa4d Mon Sep 17 00:00:00 2001 From: Robert Soriano Date: Tue, 2 Dec 2025 11:44:51 -0800 Subject: [PATCH 3/3] chore: update changeset --- .changeset/spotty-wasps-smoke.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.changeset/spotty-wasps-smoke.md b/.changeset/spotty-wasps-smoke.md index 99ef745b910..6edf4a2af65 100644 --- a/.changeset/spotty-wasps-smoke.md +++ b/.changeset/spotty-wasps-smoke.md @@ -1,5 +1,19 @@ --- -"@clerk/backend": minor +'@clerk/backend': minor --- -Rename machine auth verification methods +Unified machine token verification methods under a consistent `verify()` API. The previous methods (`verifySecret`, `verifyToken`, `verifyAccessToken`) are now deprecated. + +Before + +```ts +await clerkClient.apiKeys.verifySecret('ak_...'); +await clerkClient.m2m.verifyToken({ token: 'mt_...' }); +``` + +After + +```ts +await clerkClient.apiKeys.verify('ak_...'); +await clerkClient.m2m.verify({ token: 'mt_...' }); +```