From 6a96f743aaeacc76d7ec483157f79825c26542ba Mon Sep 17 00:00:00 2001 From: Owen Date: Thu, 23 Apr 2026 21:38:12 -0700 Subject: [PATCH] Update exchange session to support wildcards --- server/routers/badger/exchangeSession.ts | 28 ++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/server/routers/badger/exchangeSession.ts b/server/routers/badger/exchangeSession.ts index bde5518b8..e6c8b70f1 100644 --- a/server/routers/badger/exchangeSession.ts +++ b/server/routers/badger/exchangeSession.ts @@ -6,7 +6,7 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { resourceAccessToken, resources, sessions } from "@server/db"; import { db } from "@server/db"; -import { eq } from "drizzle-orm"; +import { and, eq, inArray, or, sql } from "drizzle-orm"; import { createResourceSession, serializeResourceSessionCookie, @@ -65,11 +65,31 @@ export async function exchangeSession( const clientIp = requestIp ? stripPortFromHost(requestIp) : undefined; - const [resource] = await db + const parts = cleanHost.split("."); + const wildcardCandidates: string[] = []; + for (let i = 1; i < parts.length; i++) { + wildcardCandidates.push(`*.${parts.slice(i).join(".")}`); + } + + const potentialResources = await db .select() .from(resources) - .where(eq(resources.fullDomain, cleanHost)) - .limit(1); + .where( + or( + eq(resources.fullDomain, cleanHost), + wildcardCandidates.length > 0 + ? and( + eq(resources.wildcard, true), + inArray(resources.fullDomain, wildcardCandidates) + ) + : sql`false` + ) + ); + + const exactMatch = potentialResources.find( + (r) => r.fullDomain === cleanHost + ); + const resource = exactMatch ?? potentialResources[0]; if (!resource) { return next(