@adaptic/backend-legacy 0.0.35 → 0.0.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/client.cjs +74 -4
- package/client.d.ts +19 -0
- package/esm/client.d.ts +19 -0
- package/esm/client.d.ts.map +1 -1
- package/esm/client.js.map +1 -1
- package/esm/client.mjs +73 -4
- package/package.json +1 -1
- package/server.cjs +13 -7
package/client.cjs
CHANGED
|
@@ -36,6 +36,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
36
36
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
37
37
|
exports.client = void 0;
|
|
38
38
|
exports.configureConnectionPool = configureConnectionPool;
|
|
39
|
+
exports.setTokenProvider = setTokenProvider;
|
|
39
40
|
exports.getApolloClient = getApolloClient;
|
|
40
41
|
exports.getApolloModules = getApolloModules;
|
|
41
42
|
const DEFAULT_POOL_CONFIG = {
|
|
@@ -50,6 +51,7 @@ let apolloClient;
|
|
|
50
51
|
let pendingOperations = 0;
|
|
51
52
|
let operationQueue = [];
|
|
52
53
|
let poolConfig = DEFAULT_POOL_CONFIG;
|
|
54
|
+
let customTokenProvider;
|
|
53
55
|
/**
|
|
54
56
|
* Dynamically loads the correct Apollo modules based on the runtime environment.
|
|
55
57
|
*/
|
|
@@ -71,6 +73,74 @@ function configureConnectionPool(config) {
|
|
|
71
73
|
poolConfig = { ...poolConfig, ...config };
|
|
72
74
|
console.log(`Apollo client connection pool configured: ${JSON.stringify(poolConfig)}`);
|
|
73
75
|
}
|
|
76
|
+
/**
|
|
77
|
+
* Sets a custom token provider for dynamic authentication.
|
|
78
|
+
* This allows clients to provide tokens from session storage, cookies, etc.
|
|
79
|
+
*
|
|
80
|
+
* @param provider - Function that returns the auth token (sync or async)
|
|
81
|
+
*
|
|
82
|
+
* @example
|
|
83
|
+
* // Using with NextAuth session token
|
|
84
|
+
* setTokenProvider(async () => {
|
|
85
|
+
* const session = await getSession();
|
|
86
|
+
* return session?.accessToken || '';
|
|
87
|
+
* });
|
|
88
|
+
*/
|
|
89
|
+
function setTokenProvider(provider) {
|
|
90
|
+
customTokenProvider = provider;
|
|
91
|
+
// Reset the client so it picks up the new token provider
|
|
92
|
+
if (apolloClient) {
|
|
93
|
+
console.log('Token provider updated, Apollo client will be recreated on next request');
|
|
94
|
+
apolloClient = undefined;
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* Validates that a token looks like a valid JWT.
|
|
99
|
+
* JWTs have three base64url-encoded parts separated by dots.
|
|
100
|
+
*/
|
|
101
|
+
function isValidJwtFormat(token) {
|
|
102
|
+
if (!token)
|
|
103
|
+
return false;
|
|
104
|
+
const parts = token.split('.');
|
|
105
|
+
if (parts.length !== 3)
|
|
106
|
+
return false;
|
|
107
|
+
// Check that each part is base64url encoded (alphanumeric, -, _, no padding needed)
|
|
108
|
+
const base64UrlRegex = /^[A-Za-z0-9_-]+$/;
|
|
109
|
+
return parts.every(part => base64UrlRegex.test(part));
|
|
110
|
+
}
|
|
111
|
+
/**
|
|
112
|
+
* Gets the authentication token with validation.
|
|
113
|
+
* Returns empty string if no valid token is available.
|
|
114
|
+
*/
|
|
115
|
+
async function getAuthToken() {
|
|
116
|
+
let token = '';
|
|
117
|
+
// First, try the custom token provider if set
|
|
118
|
+
if (customTokenProvider) {
|
|
119
|
+
try {
|
|
120
|
+
token = await Promise.resolve(customTokenProvider());
|
|
121
|
+
}
|
|
122
|
+
catch (error) {
|
|
123
|
+
console.error('[Apollo Client] Error getting token from custom provider:', error);
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
// Fall back to environment variables
|
|
127
|
+
if (!token) {
|
|
128
|
+
token = process.env.NEXT_PUBLIC_SERVER_AUTH_TOKEN || process.env.SERVER_AUTH_TOKEN || '';
|
|
129
|
+
}
|
|
130
|
+
// Validate the token format
|
|
131
|
+
if (token && !isValidJwtFormat(token)) {
|
|
132
|
+
// Check if it looks like a Google OAuth token
|
|
133
|
+
if (token.startsWith('ya29.')) {
|
|
134
|
+
// Google OAuth tokens are valid, pass through
|
|
135
|
+
return token;
|
|
136
|
+
}
|
|
137
|
+
console.warn('[Apollo Client] Token does not appear to be a valid JWT format. ' +
|
|
138
|
+
'Expected format: header.payload.signature (three base64url-encoded parts). ' +
|
|
139
|
+
'Token will not be sent. Please check your NEXT_PUBLIC_SERVER_AUTH_TOKEN or SERVER_AUTH_TOKEN environment variable.');
|
|
140
|
+
return '';
|
|
141
|
+
}
|
|
142
|
+
return token;
|
|
143
|
+
}
|
|
74
144
|
/**
|
|
75
145
|
* Processes the operation queue respecting the connection pool limits.
|
|
76
146
|
*/
|
|
@@ -145,11 +215,11 @@ async function getApolloClient() {
|
|
|
145
215
|
timeout: poolConfig.connectionTimeout,
|
|
146
216
|
}
|
|
147
217
|
});
|
|
148
|
-
// Create the auth link.
|
|
149
|
-
const authLink = setContext((request, prevContext) => {
|
|
218
|
+
// Create the auth link with async token retrieval and validation.
|
|
219
|
+
const authLink = setContext(async (request, prevContext) => {
|
|
150
220
|
const headers = prevContext.headers || {};
|
|
151
|
-
// Retrieve the token
|
|
152
|
-
const token =
|
|
221
|
+
// Retrieve and validate the token
|
|
222
|
+
const token = await getAuthToken();
|
|
153
223
|
return {
|
|
154
224
|
headers: {
|
|
155
225
|
...headers,
|
package/client.d.ts
CHANGED
|
@@ -17,11 +17,30 @@ interface ConnectionPoolConfig {
|
|
|
17
17
|
retryDelay: number;
|
|
18
18
|
connectionTimeout: number;
|
|
19
19
|
}
|
|
20
|
+
/**
|
|
21
|
+
* Function type for dynamic token providers.
|
|
22
|
+
* Allows clients to provide tokens dynamically (e.g., from session storage).
|
|
23
|
+
*/
|
|
24
|
+
export type TokenProvider = () => string | Promise<string>;
|
|
20
25
|
/**
|
|
21
26
|
* Configures the connection pool for Apollo Client.
|
|
22
27
|
* Call this function to customize connection pooling behavior.
|
|
23
28
|
*/
|
|
24
29
|
export declare function configureConnectionPool(config: Partial<ConnectionPoolConfig>): void;
|
|
30
|
+
/**
|
|
31
|
+
* Sets a custom token provider for dynamic authentication.
|
|
32
|
+
* This allows clients to provide tokens from session storage, cookies, etc.
|
|
33
|
+
*
|
|
34
|
+
* @param provider - Function that returns the auth token (sync or async)
|
|
35
|
+
*
|
|
36
|
+
* @example
|
|
37
|
+
* // Using with NextAuth session token
|
|
38
|
+
* setTokenProvider(async () => {
|
|
39
|
+
* const session = await getSession();
|
|
40
|
+
* return session?.accessToken || '';
|
|
41
|
+
* });
|
|
42
|
+
*/
|
|
43
|
+
export declare function setTokenProvider(provider: TokenProvider): void;
|
|
25
44
|
/**
|
|
26
45
|
* Returns a singleton Apollo Client instance with connection pooling.
|
|
27
46
|
* **IMPORTANT:** Because module loading is asynchronous,
|
package/esm/client.d.ts
CHANGED
|
@@ -17,11 +17,30 @@ interface ConnectionPoolConfig {
|
|
|
17
17
|
retryDelay: number;
|
|
18
18
|
connectionTimeout: number;
|
|
19
19
|
}
|
|
20
|
+
/**
|
|
21
|
+
* Function type for dynamic token providers.
|
|
22
|
+
* Allows clients to provide tokens dynamically (e.g., from session storage).
|
|
23
|
+
*/
|
|
24
|
+
export type TokenProvider = () => string | Promise<string>;
|
|
20
25
|
/**
|
|
21
26
|
* Configures the connection pool for Apollo Client.
|
|
22
27
|
* Call this function to customize connection pooling behavior.
|
|
23
28
|
*/
|
|
24
29
|
export declare function configureConnectionPool(config: Partial<ConnectionPoolConfig>): void;
|
|
30
|
+
/**
|
|
31
|
+
* Sets a custom token provider for dynamic authentication.
|
|
32
|
+
* This allows clients to provide tokens from session storage, cookies, etc.
|
|
33
|
+
*
|
|
34
|
+
* @param provider - Function that returns the auth token (sync or async)
|
|
35
|
+
*
|
|
36
|
+
* @example
|
|
37
|
+
* // Using with NextAuth session token
|
|
38
|
+
* setTokenProvider(async () => {
|
|
39
|
+
* const session = await getSession();
|
|
40
|
+
* return session?.accessToken || '';
|
|
41
|
+
* });
|
|
42
|
+
*/
|
|
43
|
+
export declare function setTokenProvider(provider: TokenProvider): void;
|
|
25
44
|
/**
|
|
26
45
|
* Returns a singleton Apollo Client instance with connection pooling.
|
|
27
46
|
* **IMPORTANT:** Because module loading is asynchronous,
|
package/esm/client.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,YAAY,IAAI,gBAAgB,EAChC,aAAa,IAAI,iBAAiB,EAClC,qBAAqB,EAEtB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,QAAQ,IAAI,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAEpE,YAAY,EACV,gBAAgB,EAChB,iBAAiB,EACjB,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAGF,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,cAAc,gBAAgB,EAAE,YAAY,CAAC;IAC3D,aAAa,EAAE,cAAc,6CAA6C,EAAE,aAAa,CAAC;IAC1F,QAAQ,EAAE,cAAc,0BAA0B,EAAE,QAAQ,CAAC;IAC7D,GAAG,EAAE,cAAc,gBAAgB,EAAE,GAAG,CAAC;IACzC,WAAW,EAAE,cAAc,gBAAgB,EAAE,WAAW,CAAC;IACzD,KAAK,EAAE,cAAc,gBAAgB,EAAE,KAAK,CAAC;IAC7C,UAAU,EAAE,cAAc,6BAA6B,EAAE,UAAU,CAAC;IACpE,OAAO,EAAE,cAAc,2BAA2B,EAAE,OAAO,CAAC;CAC7D;AAGD,UAAU,oBAAoB;IAC5B,uBAAuB,EAAE,MAAM,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,YAAY,IAAI,gBAAgB,EAChC,aAAa,IAAI,iBAAiB,EAClC,qBAAqB,EAEtB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,QAAQ,IAAI,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAEpE,YAAY,EACV,gBAAgB,EAChB,iBAAiB,EACjB,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAGF,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,cAAc,gBAAgB,EAAE,YAAY,CAAC;IAC3D,aAAa,EAAE,cAAc,6CAA6C,EAAE,aAAa,CAAC;IAC1F,QAAQ,EAAE,cAAc,0BAA0B,EAAE,QAAQ,CAAC;IAC7D,GAAG,EAAE,cAAc,gBAAgB,EAAE,GAAG,CAAC;IACzC,WAAW,EAAE,cAAc,gBAAgB,EAAE,WAAW,CAAC;IACzD,KAAK,EAAE,cAAc,gBAAgB,EAAE,KAAK,CAAC;IAC7C,UAAU,EAAE,cAAc,6BAA6B,EAAE,UAAU,CAAC;IACpE,OAAO,EAAE,cAAc,2BAA2B,EAAE,OAAO,CAAC;CAC7D;AAGD,UAAU,oBAAoB;IAC5B,uBAAuB,EAAE,MAAM,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAUD;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;AAuB3D;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAGnF;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,aAAa,GAAG,IAAI,CAO9D;AAwGD;;;;GAIG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,gBAAgB,CAAC,qBAAqB,CAAC,CAAC,CAqGxF;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,aAAa,CAAC,CAK/D;AAED;;;;GAIG;AACH,eAAO,MAAM,MAAM,kDAAoB,CAAC"}
|
package/esm/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,YAAY;AAuCZ,MAAM,mBAAmB,GAAyB;IAChD,uBAAuB,EAAE,GAAG,EAAG,gDAAgD;IAC/E,aAAa,EAAE,CAAC,EAAa,iDAAiD;IAC9E,UAAU,EAAE,IAAI,EAAc,kEAAkE;IAChG,iBAAiB,EAAE,KAAK,EAAK,2BAA2B;CACzD,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,YAAY;AAuCZ,MAAM,mBAAmB,GAAyB;IAChD,uBAAuB,EAAE,GAAG,EAAG,gDAAgD;IAC/E,aAAa,EAAE,CAAC,EAAa,iDAAiD;IAC9E,UAAU,EAAE,IAAI,EAAc,kEAAkE;IAChG,iBAAiB,EAAE,KAAK,EAAK,2BAA2B;CACzD,CAAC;AASF,yBAAyB;AACzB,IAAI,aAAwC,CAAC;AAC7C,IAAI,YAAiE,CAAC;AACtE,IAAI,iBAAiB,GAAG,CAAC,CAAC;AAC1B,IAAI,cAAc,GAA+B,EAAE,CAAC;AACpD,IAAI,UAAU,GAAyB,mBAAmB,CAAC;AAC3D,IAAI,mBAA8C,CAAC;AAEnD;;GAEG;AACH,KAAK,UAAU,iBAAiB;IAC9B,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QACnE,mEAAmE;QACnE,OAAO,CAAC,MAAM,MAAM,CAAC,wBAAwB,CAAC,CAAkB,CAAC;IACnE,CAAC;SAAM,CAAC;QACN,kDAAkD;QAClD,OAAO,CAAC,MAAM,MAAM,CAAC,wBAAwB,CAAC,CAAkB,CAAC;IACnE,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,MAAqC;IAC3E,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,GAAG,MAAM,EAAE,CAAC;IAC1C,OAAO,CAAC,GAAG,CAAC,6CAA6C,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;AACzF,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAuB;IACtD,mBAAmB,GAAG,QAAQ,CAAC;IAC/B,yDAAyD;IACzD,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC;QACvF,YAAY,GAAG,SAAS,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,KAAa;IACrC,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACrC,oFAAoF;IACpF,MAAM,cAAc,GAAG,kBAAkB,CAAC;IAC1C,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxD,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,YAAY;IACzB,IAAI,KAAK,GAAG,EAAE,CAAC;IAEf,8CAA8C;IAC9C,IAAI,mBAAmB,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAAC;QACvD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,2DAA2D,EAAE,KAAK,CAAC,CAAC;QACpF,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,EAAE,CAAC;IAC3F,CAAC;IAED,4BAA4B;IAC5B,IAAI,KAAK,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;QACtC,8CAA8C;QAC9C,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,8CAA8C;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,CAAC,IAAI,CACV,kEAAkE;YAClE,6EAA6E;YAC7E,oHAAoH,CACrH,CAAC;QACF,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,YAAY;IACnB,2EAA2E;IAC3E,OAAO,iBAAiB,GAAG,UAAU,CAAC,uBAAuB,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3F,MAAM,SAAS,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC;QACzC,IAAI,SAAS,EAAE,CAAC;YACd,iBAAiB,EAAE,CAAC;YACpB,SAAS,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;gBACvB,iBAAiB,EAAE,CAAC;gBACpB,YAAY,EAAE,CAAC,CAAC,iDAAiD;YACnE,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,gBAAgB,CAAI,SAA2B,EAAE,OAAO,GAAG,CAAC;IACzE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,gBAAgB,GAAG,KAAK,IAAmB,EAAE;YACjD,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;gBACjC,OAAO,CAAC,MAAM,CAAC,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,OAAO,GAAG,UAAU,CAAC,aAAa;oBACpC,CAAC,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;wBAC7D,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;oBACpE,iDAAiD;oBACjD,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;oBAClF,OAAO,CAAC,IAAI,CAAC,wCAAwC,KAAK,eAAe,OAAO,GAAG,CAAC,IAAI,UAAU,CAAC,aAAa,GAAG,CAAC,CAAC;oBACrH,UAAU,CAAC,GAAG,EAAE;wBACd,gBAAgB,CAAC,SAAS,EAAE,OAAO,GAAG,CAAC,CAAC;6BACrC,IAAI,CAAC,OAAO,CAAC;6BACb,KAAK,CAAC,MAAM,CAAC,CAAC;oBACnB,CAAC,EAAE,KAAK,CAAC,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,KAAK,CAAC,CAAC;gBAChB,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,cAAc,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACtC,YAAY,EAAE,CAAC;IACjB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,IAAI,CAAC;QACH,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,GAAG,MAAM,iBAAiB,EAAE,CAAC;QAC5C,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC;QAErF,kCAAkC;QAClC,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB;YACxF,CAAC,YAAY,CAAC,CAAC,CAAC,gCAAgC,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC;QAEtF,oEAAoE;QACpE,MAAM,gBAAgB,GAAG,IAAI,QAAQ,CAAC;YACpC,GAAG,EAAE,OAAO;YACZ,KAAK;YACL,YAAY,EAAE;gBACZ,OAAO,EAAE,UAAU,CAAC,iBAAiB;aACtC;SACF,CAAC,CAAC;QAEH,kEAAkE;QAClE,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE;YACzD,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;YAC1C,kCAAkC;YAClC,MAAM,KAAK,GAAG,MAAM,YAAY,EAAE,CAAC;YACnC,OAAO;gBACL,OAAO,EAAE;oBACP,GAAG,OAAO;oBACV,aAAa,EAAE,KAAK,CAAC,CAAC,CAAC,UAAU,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE;oBAC7C,UAAU,EAAE,YAAY;iBACzB;aACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,mDAAmD;QACnD,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE,EAAE;YAChF,IAAI,aAAa,EAAE,CAAC;gBAClB,aAAa,CAAC,OAAO,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAO,EAAE,EAAE;oBAC1D,OAAO,CAAC,KAAK,CACX,6BAA6B,OAAO,eAAe,SAAS,WAAW,IAAI,EAAE,CAC9E,CAAC;gBACJ,CAAC,CAAC,CAAC;YACL,CAAC;YACD,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CAAC,oBAAoB,YAAY,EAAE,CAAC,CAAC;YACpD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,+DAA+D;QAC/D,MAAM,cAAc,GAAmB;YACrC,UAAU,EAAE;gBACV,WAAW,EAAE,mBAAmB;gBAChC,WAAW,EAAE,KAAK;aACnB;YACD,KAAK,EAAE;gBACL,WAAW,EAAE,cAAc;gBAC3B,WAAW,EAAE,KAAK;aACnB;YACD,MAAM,EAAE;gBACN,WAAW,EAAE,KAAK;aACnB;SACF,CAAC;QAEF,wDAAwD;QACxD,6EAA6E;QAC7E,YAAY,GAAG,IAAI,YAAY,CAAC;YAC9B,IAAI,EAAE,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YACzD,KAAK,EAAE,IAAI,aAAa,CAAC;gBACvB,oDAAoD;gBACpD,mEAAmE;gBACnE,YAAY,EAAE,EAAE;aACjB,CAAC;YACF,cAAc;YACd,QAAQ,EAAE;gBACR,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;aAC/C;SACF,CAAC,CAAC;QAEH,wEAAwE;QACxE,MAAM,aAAa,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC5D,MAAM,cAAc,GAAG,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAE9D,YAAY,CAAC,KAAK,GAAG,CAAC,OAAO,EAAE,EAAE;YAC/B,OAAO,gBAAgB,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC;QAEF,YAAY,CAAC,MAAM,GAAG,CAAC,OAAO,EAAE,EAAE;YAChC,OAAO,gBAAgB,CAAC,GAAG,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC;QAEF,OAAO,YAAY,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;QAC1D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,aAAa,GAAG,MAAM,iBAAiB,EAAE,CAAC;IAC5C,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC"}
|
package/esm/client.mjs
CHANGED
|
@@ -11,6 +11,7 @@ let apolloClient;
|
|
|
11
11
|
let pendingOperations = 0;
|
|
12
12
|
let operationQueue = [];
|
|
13
13
|
let poolConfig = DEFAULT_POOL_CONFIG;
|
|
14
|
+
let customTokenProvider;
|
|
14
15
|
/**
|
|
15
16
|
* Dynamically loads the correct Apollo modules based on the runtime environment.
|
|
16
17
|
*/
|
|
@@ -32,6 +33,74 @@ export function configureConnectionPool(config) {
|
|
|
32
33
|
poolConfig = { ...poolConfig, ...config };
|
|
33
34
|
console.log(`Apollo client connection pool configured: ${JSON.stringify(poolConfig)}`);
|
|
34
35
|
}
|
|
36
|
+
/**
|
|
37
|
+
* Sets a custom token provider for dynamic authentication.
|
|
38
|
+
* This allows clients to provide tokens from session storage, cookies, etc.
|
|
39
|
+
*
|
|
40
|
+
* @param provider - Function that returns the auth token (sync or async)
|
|
41
|
+
*
|
|
42
|
+
* @example
|
|
43
|
+
* // Using with NextAuth session token
|
|
44
|
+
* setTokenProvider(async () => {
|
|
45
|
+
* const session = await getSession();
|
|
46
|
+
* return session?.accessToken || '';
|
|
47
|
+
* });
|
|
48
|
+
*/
|
|
49
|
+
export function setTokenProvider(provider) {
|
|
50
|
+
customTokenProvider = provider;
|
|
51
|
+
// Reset the client so it picks up the new token provider
|
|
52
|
+
if (apolloClient) {
|
|
53
|
+
console.log('Token provider updated, Apollo client will be recreated on next request');
|
|
54
|
+
apolloClient = undefined;
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
/**
|
|
58
|
+
* Validates that a token looks like a valid JWT.
|
|
59
|
+
* JWTs have three base64url-encoded parts separated by dots.
|
|
60
|
+
*/
|
|
61
|
+
function isValidJwtFormat(token) {
|
|
62
|
+
if (!token)
|
|
63
|
+
return false;
|
|
64
|
+
const parts = token.split('.');
|
|
65
|
+
if (parts.length !== 3)
|
|
66
|
+
return false;
|
|
67
|
+
// Check that each part is base64url encoded (alphanumeric, -, _, no padding needed)
|
|
68
|
+
const base64UrlRegex = /^[A-Za-z0-9_-]+$/;
|
|
69
|
+
return parts.every(part => base64UrlRegex.test(part));
|
|
70
|
+
}
|
|
71
|
+
/**
|
|
72
|
+
* Gets the authentication token with validation.
|
|
73
|
+
* Returns empty string if no valid token is available.
|
|
74
|
+
*/
|
|
75
|
+
async function getAuthToken() {
|
|
76
|
+
let token = '';
|
|
77
|
+
// First, try the custom token provider if set
|
|
78
|
+
if (customTokenProvider) {
|
|
79
|
+
try {
|
|
80
|
+
token = await Promise.resolve(customTokenProvider());
|
|
81
|
+
}
|
|
82
|
+
catch (error) {
|
|
83
|
+
console.error('[Apollo Client] Error getting token from custom provider:', error);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
// Fall back to environment variables
|
|
87
|
+
if (!token) {
|
|
88
|
+
token = process.env.NEXT_PUBLIC_SERVER_AUTH_TOKEN || process.env.SERVER_AUTH_TOKEN || '';
|
|
89
|
+
}
|
|
90
|
+
// Validate the token format
|
|
91
|
+
if (token && !isValidJwtFormat(token)) {
|
|
92
|
+
// Check if it looks like a Google OAuth token
|
|
93
|
+
if (token.startsWith('ya29.')) {
|
|
94
|
+
// Google OAuth tokens are valid, pass through
|
|
95
|
+
return token;
|
|
96
|
+
}
|
|
97
|
+
console.warn('[Apollo Client] Token does not appear to be a valid JWT format. ' +
|
|
98
|
+
'Expected format: header.payload.signature (three base64url-encoded parts). ' +
|
|
99
|
+
'Token will not be sent. Please check your NEXT_PUBLIC_SERVER_AUTH_TOKEN or SERVER_AUTH_TOKEN environment variable.');
|
|
100
|
+
return '';
|
|
101
|
+
}
|
|
102
|
+
return token;
|
|
103
|
+
}
|
|
35
104
|
/**
|
|
36
105
|
* Processes the operation queue respecting the connection pool limits.
|
|
37
106
|
*/
|
|
@@ -106,11 +175,11 @@ export async function getApolloClient() {
|
|
|
106
175
|
timeout: poolConfig.connectionTimeout,
|
|
107
176
|
}
|
|
108
177
|
});
|
|
109
|
-
// Create the auth link.
|
|
110
|
-
const authLink = setContext((request, prevContext) => {
|
|
178
|
+
// Create the auth link with async token retrieval and validation.
|
|
179
|
+
const authLink = setContext(async (request, prevContext) => {
|
|
111
180
|
const headers = prevContext.headers || {};
|
|
112
|
-
// Retrieve the token
|
|
113
|
-
const token =
|
|
181
|
+
// Retrieve and validate the token
|
|
182
|
+
const token = await getAuthToken();
|
|
114
183
|
return {
|
|
115
184
|
headers: {
|
|
116
185
|
...headers,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@adaptic/backend-legacy",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.37",
|
|
4
4
|
"description": "Backend executable CRUD functions with dynamic variables construction, and type definitions for the Adaptic AI platform.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"types": "index.d.ts",
|
package/server.cjs
CHANGED
|
@@ -125,8 +125,6 @@ const startServer = async () => {
|
|
|
125
125
|
console.warn('Prisma client not found in global scope, reinitializing');
|
|
126
126
|
global.prisma = prismaClient_1.default;
|
|
127
127
|
}
|
|
128
|
-
console.log('Received headers:', req.headers);
|
|
129
|
-
console.log('Authorization header:', req.headers.authorization);
|
|
130
128
|
// Extract token from Authorization header
|
|
131
129
|
const authHeader = req.headers.authorization || '';
|
|
132
130
|
// Only try to verify token if it's in proper Bearer format
|
|
@@ -137,17 +135,24 @@ const startServer = async () => {
|
|
|
137
135
|
if (token.startsWith('ya29.')) {
|
|
138
136
|
// For Google OAuth tokens, we should validate differently or pass them through
|
|
139
137
|
// This is a temporary solution - ideally you should verify with Google's OAuth API
|
|
140
|
-
console.log('Detected Google OAuth token, skipping JWT verification');
|
|
141
138
|
user = { provider: 'google', token };
|
|
142
139
|
}
|
|
143
140
|
else {
|
|
144
|
-
//
|
|
141
|
+
// Validate JWT format before attempting verification (must have 3 dot-separated parts)
|
|
142
|
+
const tokenParts = token.split('.');
|
|
143
|
+
if (tokenParts.length !== 3) {
|
|
144
|
+
// Log only once per unique malformed token to avoid log spam
|
|
145
|
+
const tokenPreview = token.length > 20 ? `${token.substring(0, 20)}...` : token;
|
|
146
|
+
console.warn(`[Auth] Received malformed token (not a valid JWT format): ${tokenPreview}`);
|
|
147
|
+
// Continue without authentication - don't fail the request
|
|
148
|
+
return { prisma: global.prisma, req, authError: 'Malformed token: expected JWT format (header.payload.signature)' };
|
|
149
|
+
}
|
|
150
|
+
// For regular JWT tokens, verify
|
|
145
151
|
try {
|
|
146
152
|
// Use a default secret for development if JWT_SECRET is not set
|
|
147
153
|
const secretKey = process.env.JWT_SECRET || 'development_secret_key_for_local_testing_only';
|
|
148
154
|
// For testing/debugging with standard JWT tokens
|
|
149
155
|
if (token === 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.HcK9I0usxUgJYQd0NpBZG74MTUD9J1Vf9V_6iH7CFMk') {
|
|
150
|
-
console.log('Using test JWT token in GraphQL context');
|
|
151
156
|
user = { sub: '1234567890', name: 'John Doe', iat: 1516239022 };
|
|
152
157
|
}
|
|
153
158
|
else {
|
|
@@ -155,8 +160,9 @@ const startServer = async () => {
|
|
|
155
160
|
}
|
|
156
161
|
}
|
|
157
162
|
catch (e) {
|
|
158
|
-
|
|
159
|
-
|
|
163
|
+
// Only log verification failures at warn level with minimal info
|
|
164
|
+
const errorMessage = e instanceof Error ? e.message : 'Unknown error';
|
|
165
|
+
console.warn(`[Auth] JWT verification failed: ${errorMessage}`);
|
|
160
166
|
return { prisma: global.prisma, req, authError: 'Invalid token' };
|
|
161
167
|
}
|
|
162
168
|
}
|