chore(clerk-sdk-node): Drop deprecations (#2021)

* chore(clerk-sdk-node): Drop `CLERK_API_KEY` and `apiKey`

* chore(clerk-sdk-node): Drop `verifySessionToken` hotfix for Redwood

* chore(clerk-sdk-node): Drop `CLERK_FRONTEND_API` and `frontendApi`

* chore(clerk-sdk-node): Drop clerkClient exposed setters

The dropped setters: `setClerkApiVersion`, `setClerkHttpOptions`, `setClerkServerApiUrl`

* chore(clerk-sdk-node): Move tests under __tests__ directory for consistency

* fix(clerk-sdk-node): Fix package exports

Changes:
 - drop subpath exports of /esm|cjs/instance

* chore(clerk-sdk-node): Drop unused info script - replaced by tsup

* chore(repo): Add changeset

.changeset/popular-singers-sort.md

@@ -0,0 +1,21 @@
+---
+'@clerk/clerk-sdk-node': major
+---
+
+Drop deprecations. Migration steps:
+
+- use `CLERK_SECRET_KEY` instead of `CLERK_API_KEY` env variable
+- use `secretKey` instead of `apiKey`
+- use `CLERK_PUBLISHABLE_KEY` instead of `CLERK_FRONTEND_API` env variable
+- use `publishableKey` instead of `frontendApi`
+- drop Redwood hotfix (upgrade to latest version)
+- use `createClerkClient` with options to create a new clerkClient instead of using
+  the following setters:
+    - `setClerkApiVersion`
+    - `setClerkHttpOptions`
+    - `setClerkServerApiUrl`
+    - `setClerkApiKey`
+- use `@clerk/clerk-sdk-node` instead of `@clerk/clerk-sdk-node/{cjs|esm}/instance`
+
+Extra:
+- bundle only index.ts and instance.ts

packages/sdk-node/examples/node/src/allowlistIdentifiers.ts

@@ -1,13 +1,6 @@
 // Usage:
 // From examples/node, run files with "npm test ./src/allowlistIdentifiers.ts"
-import {
-  allowlistIdentifiers,
-  setClerkServerApiUrl,
-} from '@clerk/clerk-sdk-node';
-
-const serverApiUrl = process.env.CLERK_API_URL || '';
-
-setClerkServerApiUrl(serverApiUrl);
+import { allowlistIdentifiers } from '@clerk/clerk-sdk-node';
 
 // Add an allowlist identifier
 await allowlistIdentifiers.createAllowlistIdentifier({

packages/sdk-node/examples/node/src/clients.ts

@@ -31,7 +31,7 @@ try {
 
 try {
   console.log('Get client list with invalid API key');
-  clerk.apiKey = 'snafu';
+  clerk.secretKey = 'snafu';
   const invalidClients = await clerk.clients.getClientList();
   console.log(invalidClients);
 } catch (error) {

packages/sdk-node/jest.setup.js

@@ -1,2 +1 @@
-process.env.CLERK_API_KEY = 'TEST_API_KEY';
-process.env.CLERK_SECRET_KEY = 'TEST_API_KEY';
+process.env.CLERK_SECRET_KEY = 'TEST_SECRET_KEY';

packages/sdk-node/package.json

@@ -24,37 +24,25 @@
   },
   "exports": {
     ".": {
-      "types": "./dist/types/index.d.ts",
-      "require": "./dist/cjs/index.js",
-      "import": "./dist/esm/index.mjs",
-      "default": "./dist/cjs/index.js"
+      "import": {
+        "types": "./dist/index.d.mts",
+        "default": "./dist/index.mjs"
+      },
+      "require": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      }
     },
-    "./esm/instance": {
-      "types": "./dist/types/instance.d.ts",
-      "require": "./dist/cjs/instance.js",
-      "import": "./dist/esm/instance.mjs",
-      "default": "./dist/cjs/instance.js"
-    },
-    "./cjs/instance": {
-      "types": "./dist/types/instance.d.ts",
-      "require": "./dist/cjs/instance.js",
-      "import": "./dist/esm/instance.mjs",
-      "default": "./dist/cjs/instance.js"
-    }
+    "./package.json": "./package.json"
   },
-  "main": "./dist/cjs/index.js",
-  "module": "./dist/esm/index.mjs",
-  "types": "./dist/types/index.d.ts",
+  "main": "./dist/index.js",
   "files": [
-    "dist",
-    "esm",
-    "cjs"
+    "dist"
   ],
   "scripts": {
     "build": "npm run clean && tsup",
     "dev": "tsup --watch",
     "dev:publish": "npm run dev -- --env.publish",
-    "build:declarations": "tsc -p tsconfig.declarations.json",
     "publish:local": "npx yalc push --replace  --sig",
     "clean": "rimraf ./dist",
     "lint": "eslint src/",

packages/sdk-node/src/__tests__/__snapshots__/exports.test.ts.snap

@@ -56,10 +56,6 @@ exports[`module exports should not change unless explicitly set 1`] = `
   "requireAuth",
   "sanitizeAuthObject",
   "sessions",
-  "setClerkApiKey",
-  "setClerkApiVersion",
-  "setClerkHttpOptions",
-  "setClerkServerApiUrl",
   "signJwt",
   "signedInAuthObject",
   "signedOutAuthObject",

packages/sdk-node/src/authenticateRequest.test.ts → packages/sdk-node/src/__tests__/authenticateRequest.test.ts

@@ -1,7 +1,7 @@
 import { constants, createIsomorphicRequest } from '@clerk/backend';
 import type { Request } from 'express';
 
-import { authenticateRequest } from './authenticateRequest';
+import { authenticateRequest } from '../authenticateRequest';
 
 const mockNext = jest.fn();
 
@@ -34,9 +34,7 @@ describe('authenticateRequest', () => {
     };
 
     const clerkClient = mockClerkClient();
-    const apiKey = 'apiKey';
-    const secretKey = '';
-    const frontendApi = 'frontendApi';
+    const secretKey = 'secretKey';
     const publishableKey = 'publishableKey';
     const searchParams = new URLSearchParams();
     searchParams.set('__query', 'true');
@@ -51,19 +49,15 @@ describe('authenticateRequest', () => {
 
     await authenticateRequest({
       clerkClient: clerkClient as any,
-      apiKey,
       secretKey,
-      frontendApi,
       publishableKey,
       req,
       options,
     });
     expect(clerkClient.authenticateRequest).toHaveBeenCalledWith(
       expect.objectContaining({
         authorizedParties: ['party1'],
-        apiKey: apiKey,
         secretKey: secretKey,
-        frontendApi: frontendApi,
         publishableKey: publishableKey,
         jwtKey: 'jwtKey',
         isSatellite: false,

packages/sdk-node/src/authenticateRequest.ts

@@ -16,14 +16,13 @@ export async function loadInterstitial({
 }) {
   const { clerkJSVersion, clerkJSUrl } = loadClientEnv();
   /**
-   * When publishable key or frontendApi is present utilize the localInterstitial method
+   * When publishable key is present utilize the localInterstitial method
    * and avoid the extra network call
    */
-  if (requestState.publishableKey || requestState.frontendApi) {
+  if (requestState.publishableKey) {
     return clerkClient.localInterstitial({
-      // Use frontendApi only when legacy frontendApi is used to avoid showing deprecation warning
-      // since the requestState always contains the frontendApi constructed by publishableKey.
-      frontendApi: requestState.publishableKey ? '' : requestState.frontendApi,
+      // TODO(@dimkl): use empty string for frontendApi until type is fixed in @clerk/backend to drop it
+      frontendApi: '',
       publishableKey: requestState.publishableKey,
       proxyUrl: requestState.proxyUrl,
       signInUrl: requestState.signInUrl,
@@ -37,7 +36,7 @@ export async function loadInterstitial({
 }
 
 export const authenticateRequest = (opts: AuthenticateRequestParams) => {
-  const { clerkClient, apiKey, secretKey, frontendApi, publishableKey, req, options } = opts;
+  const { clerkClient, secretKey, publishableKey, req, options } = opts;
   const { jwtKey, authorizedParties, audience } = options || {};
 
   const env = { ...loadApiEnv(), ...loadClientEnv() };
@@ -69,15 +68,13 @@ export const authenticateRequest = (opts: AuthenticateRequestParams) => {
     throw new Error(satelliteAndMissingProxyUrlAndDomain);
   }
 
-  if (isSatellite && !isHttpOrHttps(signInUrl) && isDevelopmentFromApiKey(secretKey || apiKey || '')) {
+  if (isSatellite && !isHttpOrHttps(signInUrl) && isDevelopmentFromApiKey(secretKey || '')) {
     throw new Error(satelliteAndMissingSignInUrl);
   }
 
   return clerkClient.authenticateRequest({
     audience,
-    apiKey,
     secretKey,
-    frontendApi,
     publishableKey,
     jwtKey,
     authorizedParties,
@@ -108,8 +105,7 @@ export const decorateResponseWithObservabilityHeaders = (res: ServerResponse, re
   requestState.status && res.setHeader(constants.Headers.AuthStatus, encodeURIComponent(requestState.status));
 };
 
-const isDevelopmentFromApiKey = (apiKey: string): boolean =>
-  apiKey.startsWith('test_') || apiKey.startsWith('sk_test_');
+const isDevelopmentFromApiKey = (secretKey: string): boolean => secretKey.startsWith('sk_test_');
 
 const absoluteProxyUrl = (relativeOrAbsoluteUrl: string, baseUrl: string): string => {
   if (!relativeOrAbsoluteUrl || !isValidProxyUrl(relativeOrAbsoluteUrl) || !isProxyUrlRelative(relativeOrAbsoluteUrl)) {

packages/sdk-node/src/clerkClient.ts

@@ -1,5 +1,5 @@
 import type { ClerkOptions, VerifyTokenOptions } from '@clerk/backend';
-import { Clerk as _Clerk, decodeJwt, verifyToken as _verifyToken } from '@clerk/backend';
+import { Clerk as _Clerk, verifyToken as _verifyToken } from '@clerk/backend';
 
 import { createClerkExpressRequireAuth } from './clerkExpressRequireAuth';
 import { createClerkExpressWithAuth } from './clerkExpressWithAuth';
@@ -9,7 +9,7 @@ type ExtendedClerk = ReturnType<typeof _Clerk> & {
   expressWithAuth: ReturnType<typeof createClerkExpressWithAuth>;
   expressRequireAuth: ReturnType<typeof createClerkExpressRequireAuth>;
   verifyToken: typeof _verifyToken;
-} & ReturnType<typeof createBasePropForRedwoodCompatibility>;
+};
 
 /**
  * This needs to be a *named* function in order to support the older
@@ -29,22 +29,9 @@ export function Clerk(options: ClerkOptions): ExtendedClerk {
     expressWithAuth,
     expressRequireAuth,
     verifyToken,
-    ...createBasePropForRedwoodCompatibility(),
   });
 }
 
-const createBasePropForRedwoodCompatibility = () => {
-  const verifySessionToken = (token: string) => {
-    const { jwtKey } = loadApiEnv();
-    const { payload } = decodeJwt(token);
-    return _verifyToken(token, {
-      issuer: payload.iss,
-      jwtKey,
-    });
-  };
-  return { base: { verifySessionToken } };
-};
-
 export const createClerkClient = Clerk;
 
 let clerkClientSingleton = {} as unknown as ReturnType<typeof Clerk>;
@@ -86,22 +73,3 @@ export const ClerkExpressWithAuth = (...args: Parameters<ReturnType<typeof creat
   const fn = createClerkExpressWithAuth({ clerkClient, ...env });
   return fn(...args);
 };
-
-/**
- * Stand-alone setters bound to the pre-initialised clerkClient
- */
-export const setClerkApiKey = (value: string) => {
-  clerkClient.__unstable_options.apiKey = value;
-};
-
-export const setClerkServerApiUrl = (value: string) => {
-  clerkClient.__unstable_options.apiUrl = value;
-};
-
-export const setClerkApiVersion = (value: string) => {
-  clerkClient.__unstable_options.apiVersion = value;
-};
-
-export const setClerkHttpOptions = (value: RequestInit) => {
-  clerkClient.__unstable_options.httpOptions = value;
-};

packages/sdk-node/src/clerkExpressRequireAuth.ts

@@ -11,30 +11,20 @@ import type { ClerkMiddlewareOptions, MiddlewareRequireAuthProp, RequireAuthProp
 
 export type CreateClerkExpressMiddlewareOptions = {
   clerkClient: ReturnType<typeof Clerk>;
-  /**
-   * @deprecated Use `secretKey` instead.
-   */
-  apiKey?: string;
   /* Secret Key */
   secretKey?: string;
-  /**
-   * @deprecated Use `publishableKey` instead.
-   */
-  frontendApi?: string;
   publishableKey?: string;
   apiUrl?: string;
 };
 
 export const createClerkExpressRequireAuth = (createOpts: CreateClerkExpressMiddlewareOptions) => {
-  const { clerkClient, frontendApi = '', apiKey = '', secretKey = '', publishableKey = '' } = createOpts;
+  const { clerkClient, secretKey = '', publishableKey = '' } = createOpts;
 
   return (options: ClerkMiddlewareOptions = {}): MiddlewareRequireAuthProp => {
     return async (req, res, next) => {
       const requestState = await authenticateRequest({
         clerkClient,
-        apiKey,
         secretKey,
-        frontendApi,
         publishableKey,
         req,
         options,

packages/sdk-node/src/clerkExpressWithAuth.ts

@@ -9,14 +9,12 @@ import type { CreateClerkExpressMiddlewareOptions } from './clerkExpressRequireA
 import type { ClerkMiddlewareOptions, MiddlewareWithAuthProp, WithAuthProp } from './types';
 
 export const createClerkExpressWithAuth = (createOpts: CreateClerkExpressMiddlewareOptions) => {
-  const { clerkClient, frontendApi = '', apiKey = '', secretKey = '', publishableKey = '' } = createOpts;
+  const { clerkClient, secretKey = '', publishableKey = '' } = createOpts;
   return (options: ClerkMiddlewareOptions = {}): MiddlewareWithAuthProp => {
     return async (req, res, next) => {
       const requestState = await authenticateRequest({
         clerkClient,
-        apiKey,
         secretKey,
-        frontendApi,
         publishableKey,
         req,
         options,