@akinon/next 1.120.0-rc.3 → 1.120.0-rc.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +12 -0
  2. package/middlewares/oauth-login.ts +82 -63
  3. package/package.json +2 -2
package/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # @akinon/next
2
2
 
3
+ ## 1.120.0-rc.5
4
+
5
+ ### Minor Changes
6
+
7
+ - e18836b: ZERO-4160: Restore scope in Sentry addon configuration in akinon.json
8
+
9
+ ## 1.120.0-rc.4
10
+
11
+ ### Minor Changes
12
+
13
+ - bfafa3f4: ZERO-4160: Refactor oauth-login middleware to use fetchCommerce for API calls and improve cookie handling
14
+
3
15
  ## 1.120.0-rc.3
4
16
 
5
17
  ### Minor Changes
package/middlewares/oauth-login.ts CHANGED
@@ -8,94 +8,112 @@ import Settings from 'settings';
8
8
  import { getUrlPathWithLocale } from '../utils/localization';
9
9
  import logger from '../utils/log';
10
10
 
11
- const withOauthLogin =
12
- (middleware: NextMiddleware) =>
13
- async (req: NextRequest, event: NextFetchEvent) => {
14
- const url = req.nextUrl.clone();
15
- const loginUrlMatcherRegex = new RegExp(/^\/(\w+)\/login\/?$/);
16
- const loginCallbackUrlMatcherRegex = new RegExp(
17
- /^\/(\w+)\/login\/callback\/?$/
18
- );
19
- const ip = req.headers.get('x-forwarded-for') ?? '';
20
-
21
- const requestHeaders = {
11
+ const LOGIN_URL_REGEX = /^\/(\w+)\/login\/?$/;
12
+ const CALLBACK_URL_REGEX = /^\/(\w+)\/login\/callback\/?$/;
13
+
14
+ function fetchCommerce(url: string, req: NextRequest): Promise<Response> {
15
+ return fetch(url, {
16
+ headers: {
22
17
  'x-forwarded-host':
23
18
  req.headers.get('x-forwarded-host') || req.headers.get('host') || '',
24
- 'x-forwarded-for': ip,
19
+ 'x-forwarded-for': req.headers.get('x-forwarded-for') ?? '',
20
+ 'x-forwarded-proto': req.headers.get('x-forwarded-proto') || 'https',
25
21
  'x-currency': req.cookies.get('pz-currency')?.value ?? '',
26
-
27
- };
22
+ cookie: req.headers.get('cookie') ?? ''
23
+ },
24
+ redirect: 'manual'
25
+ });
26
+ }
27
+
28
+ function forwardCookies(from: Response, to: NextResponse): void {
29
+ from.headers.getSetCookie().forEach((cookie) => {
30
+ to.headers.append('set-cookie', cookie);
31
+ });
32
+ }
33
+
34
+ function commerceRedirect(
35
+ commerceResponse: Response,
36
+ location: string,
37
+ origin: string
38
+ ): NextResponse {
39
+ const redirectUrl = new URL(location, origin);
40
+ const response = NextResponse.redirect(redirectUrl);
41
+ forwardCookies(commerceResponse, response);
42
+ return response;
43
+ }
44
+
45
+ function commercePassthrough(commerceResponse: Response): NextResponse {
46
+ return new NextResponse(commerceResponse.body, {
47
+ status: commerceResponse.status,
48
+ headers: commerceResponse.headers
49
+ });
50
+ }
28
51
 
52
+ const withOauthLogin =
53
+ (middleware: NextMiddleware) =>
54
+ async (req: NextRequest, event: NextFetchEvent) => {
55
+ const { pathname, search } = req.nextUrl;
29
56
 
30
- logger.info('OAuth login redirect', {
31
- host: req.headers.get('host'),
32
- 'x-forwarded-host': req.headers.get('x-forwarded-host'),
33
- 'x-forwarded-for': req.headers.get('x-forwarded-for')
34
- });
35
-
57
+ logger.info('OAuth login redirect', {
58
+ host: req.headers.get('host'),
59
+ 'x-forwarded-host': req.headers.get('x-forwarded-host'),
60
+ 'x-forwarded-for': req.headers.get('x-forwarded-for')
61
+ });
36
62
 
37
- if (loginUrlMatcherRegex.test(url.pathname)) {
63
+ const loginMatch = LOGIN_URL_REGEX.exec(pathname);
64
+ if (loginMatch) {
38
65
  try {
39
- const provider = url.pathname.match(loginUrlMatcherRegex)[1];
40
- const commerceResponse = await fetch(
66
+ const provider = loginMatch[1];
67
+ const commerceResponse = await fetchCommerce(
41
68
  `${Settings.commerceUrl}/${provider}/login/`,
42
- {
43
- headers: requestHeaders,
44
- redirect: 'manual'
45
- }
69
+ req
46
70
  );
47
71
 
48
72
  const location = commerceResponse.headers.get('location');
49
- if (location) {
50
- const response = NextResponse.redirect(location);
51
-
52
- if (req.headers.get('referer')) {
53
- response.cookies.set(
54
- 'pz-oauth-callback-url',
55
- req.headers.get('referer')
56
- );
57
- }
58
-
59
- return response;
60
- }
61
-
62
- return new NextResponse(commerceResponse.body, {
63
- status: commerceResponse.status,
64
- headers: commerceResponse.headers
65
- });
73
+ if (!location) return commercePassthrough(commerceResponse);
74
+
75
+ const response = commerceRedirect(
76
+ commerceResponse,
77
+ location,
78
+ req.nextUrl.origin
79
+ );
80
+
81
+ response.headers.append(
82
+ 'set-cookie',
83
+ `pz-oauth-callback-url=${encodeURIComponent(req.headers.get('referer') || '')}; Path=/`
84
+ );
85
+
86
+ return response;
66
87
  } catch (error) {
67
88
  console.error('OAuth login fetch failed:', error);
68
89
  return middleware(req, event);
69
90
  }
70
91
  }
71
92
 
72
- if (loginCallbackUrlMatcherRegex.test(url.pathname)) {
93
+ const callbackMatch = CALLBACK_URL_REGEX.exec(pathname);
94
+ if (callbackMatch) {
73
95
  try {
74
- const provider = url.pathname.match(loginCallbackUrlMatcherRegex)[1];
75
- const commerceResponse = await fetch(
76
- `${Settings.commerceUrl}/${provider}/login/callback/${url.search}`,
77
- {
78
- headers: requestHeaders,
79
- redirect: 'manual'
80
- }
96
+ const provider = callbackMatch[1];
97
+ const commerceResponse = await fetchCommerce(
98
+ `${Settings.commerceUrl}/${provider}/login/callback/${search}`,
99
+ req
81
100
  );
82
101
 
83
102
  const location = commerceResponse.headers.get('location');
84
- if (location) {
85
- return NextResponse.redirect(location);
86
- }
87
-
88
- return new NextResponse(commerceResponse.body, {
89
- status: commerceResponse.status,
90
- headers: commerceResponse.headers
91
- });
103
+ if (!location) return commercePassthrough(commerceResponse);
104
+
105
+ return commerceRedirect(
106
+ commerceResponse,
107
+ location,
108
+ req.nextUrl.origin
109
+ );
92
110
  } catch (error) {
93
111
  console.error('OAuth callback fetch failed:', error);
94
112
  return middleware(req, event);
95
113
  }
96
114
  }
97
115
 
98
- if (!url.pathname.startsWith('/baskets/basket')) {
116
+ if (!pathname.startsWith('/baskets/basket')) {
99
117
  return middleware(req, event);
100
118
  }
101
119
 
@@ -105,11 +123,12 @@ const withOauthLogin =
105
123
  req.cookies.get('messages')?.value.includes('Successfully signed in') ||
106
124
  (currentSessionId && req.cookies.get('messages'))
107
125
  ) {
108
- let redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
126
+ let redirectUrlWithLocale = `${req.nextUrl.origin}${getUrlPathWithLocale(
109
127
  '/auth/oauth-login',
110
128
  req.cookies.get('pz-locale')?.value
111
129
  )}`;
112
- let callbackUrl = req.cookies.get('pz-oauth-callback-url')?.value ?? '';
130
+ const callbackUrl =
131
+ req.cookies.get('pz-oauth-callback-url')?.value ?? '';
113
132
 
114
133
  if (callbackUrl.length) {
115
134
  redirectUrlWithLocale += `?next=${encodeURIComponent(callbackUrl)}`;
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@akinon/next",
3
3
  "description": "Core package for Project Zero Next",
4
- "version": "1.120.0-rc.3",
4
+ "version": "1.120.0-rc.5",
5
5
  "private": false,
6
6
  "license": "MIT",
7
7
  "bin": {
@@ -35,7 +35,7 @@
35
35
  "set-cookie-parser": "2.6.0"
36
36
  },
37
37
  "devDependencies": {
38
- "@akinon/eslint-plugin-projectzero": "1.120.0-rc.3",
38
+ "@akinon/eslint-plugin-projectzero": "1.120.0-rc.5",
39
39
  "@babel/core": "7.26.10",
40
40
  "@babel/preset-env": "7.26.9",
41
41
  "@babel/preset-typescript": "7.27.0",