SuperTokens

Contributing with Impact

After I contributed to Epic Online Transport, I was ready to contribute to a larger project. When I was first learning web development, I started experimenting with authentication protocols. I started by implementing them, but I was worried that my code would have security holes that someone more experienced with OAuth2 could exploit. I found a commercial open source authentication server called SuperTokens that would handle these protocols for me. However, it was still a fairly new project at the time. I experienced a bug with the CLI, so I decided to fix it.

Test Driven Development

This was the first time that I wrote unit tests to verify my code. Since this project requires enterprise stability, I had to come up with several test cases that would run every time a change was made in the repository.

@Test
public void invalidBasePathTest() throws InterruptedException, IOException {
    String[] args = { "../" };
    HashMap<String, String> tests = new HashMap<>();
    tests.put("somepath/",     "/somepath");
    tests.put("somepath//",    "/somepath");
    tests.put("/somepath/",    "/somepath");
    tests.put("//somepath//",  "/somepath");
    tests.put("somepath",      "/somepath");
    tests.put("/somepath",     "/somepath");
    tests.put("some/path",     "/some/path");
    tests.put("some/path/",    "/some/path");
    tests.put("some/path//",   "/some/path");
    tests.put("/some/path",    "/some/path");
    tests.put("//some/path",   "/some/path");
    tests.put("some//path",    "/some/path");
    tests.put("some/////path", "/some/path");

    TestingProcess process;
    EventAndException e;
    for(String base_path : tests.keySet())
    {
        String result = tests.get(base_path);
        Utils.setValueInConfig("base_path", base_path);
        process = TestingProcessManager.start(args);
        e = process.checkOrWaitForEvent(PROCESS_STATE.STARTED);
        assertEquals(result, Config.getConfig(process.main).getBasePath());
        process.kill();
        assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
    }

    Utils.setValueInConfig("base_path", "/some path");
    process = TestingProcessManager.start(args);
    e = process.checkOrWaitForEvent(PROCESS_STATE.INIT_FAILURE);
    assertTrue(e != null && e.exception instanceof QuitProgramException
                       && e.exception.getMessage().equals("Invalid characters in base_path config"));
    Utils.reset();
}

The code above has been run hundreds of times to ensure that my code is still working. My path normalization logic that this code tests has been downloaded over 1 million times.¹ This was the first time that my work has actually had a tangible impact on the lives of many people. From this experience, I learned that it is not too difficult to have this kind of impact if you know where to look. I plan to keep pursuing similar opportunities in the future.

Because of my contributions, I was offered an interview by Rishabh Poddar, SuperTokens CTO/co-founder in Summer 2022. Sadly, I had to decline because I was going to begin attending Texas A&M in the Fall.

View Code On GitHub View Website

My Pull Requests

• feat: Add IntelliJ IDEA Run Configurations
• feat: Run Core Script, Script Options, Script Consolidation
• Add image of run configurations
• fix: SuperTokens list ignoring base_path in config
• fix: SuperTokens list ignoring base_path in config
• feat: Support for environment variables in config.yaml
• feat: Windows Support

My Issues

• SuperTokens list command breaks when base_path is set

---

1. SuperTokens Docker Image Pull Statistics ↩