@akinon/next 2.0.0-beta.2 → 2.0.0-beta.20

package/middlewares/index.ts

@@ -9,6 +9,10 @@ import withCompleteGpay from './complete-gpay';
 import withCompleteMasterpass from './complete-masterpass';
 import withCheckoutProvider from './checkout-provider';
 import withSavedCardRedirection from './saved-card-redirection';
+import withCompleteWallet from './complete-wallet';
+import withWalletCompleteRedirection from './wallet-complete-redirection';
+import withMasterpassRestCallback from './masterpass-rest-callback';
+import withBfcacheHeaders from './bfcache-headers';
 import { NextRequest } from 'next/server';
 
 export {
@@ -22,17 +26,21 @@ export {
   withCompleteGpay,
   withCompleteMasterpass,
   withCheckoutProvider,
-  withSavedCardRedirection
+  withSavedCardRedirection,
+  withCompleteWallet,
+  withWalletCompleteRedirection,
+  withMasterpassRestCallback,
+  withBfcacheHeaders
 };
 
 export interface PzNextRequest extends NextRequest {
   middlewareParams: {
     commerceUrl: string;
-    found: boolean;
     rewrites: {
       locale?: string;
       prettyUrl?: string;
       currency?: string;
+      [key: string]: string | undefined;
     };
   };
 }

package/middlewares/locale.ts

@@ -4,17 +4,33 @@ import { PzNextRequest } from '.';
 import { LocaleUrlStrategy } from '../localization';
 import { urlLocaleMatcherRegex } from '../utils';
 import logger from '../utils/log';
+import { getUrlPathWithLocale } from '../utils/localization';
 
-const getMatchedLocale = (pathname: string) => {
+const getMatchedLocale = (pathname: string, req: PzNextRequest) => {
   let matchedLocale = pathname.match(urlLocaleMatcherRegex)?.[0] ?? '';
   matchedLocale = matchedLocale.replace('/', '');
 
+  const { localeUrlStrategy, defaultLocaleValue } = settings.localization;
+
+  if (localeUrlStrategy === LocaleUrlStrategy.Subdomain) {
+    const host =
+      req.headers.get('x-forwarded-host') || req.headers.get('host') || '';
+
+    if (host) {
+      const subDomain = host.split('.')[0] || '';
+      const subDomainLocaleMatched = `/${subDomain}`.match(
+        urlLocaleMatcherRegex
+      );
+
+      if (subDomainLocaleMatched && subDomainLocaleMatched[0]) {
+        matchedLocale = subDomainLocaleMatched[0].slice(1);
+      }
+    }
+  }
+
   if (!matchedLocale.length) {
-    if (
-      settings.localization.localeUrlStrategy !==
-      LocaleUrlStrategy.ShowAllLocales
-    ) {
-      matchedLocale = settings.localization.defaultLocaleValue;
+    if (localeUrlStrategy !== LocaleUrlStrategy.ShowAllLocales) {
+      matchedLocale = defaultLocaleValue;
     }
   }
 
@@ -28,8 +44,10 @@ const withLocale =
 
     try {
       const url = req.nextUrl.clone();
-      const matchedLocale = getMatchedLocale(url.pathname);
-      let { localeUrlStrategy, defaultLocaleValue, redirectToDefaultLocale } =
+      const matchedLocale = getMatchedLocale(url.pathname, req);
+      let { localeUrlStrategy } = settings.localization;
+
+      const { defaultLocaleValue, redirectToDefaultLocale } =
         settings.localization;
 
       localeUrlStrategy =
@@ -50,8 +68,14 @@ const withLocale =
         redirectToDefaultLocale &&
         req.method === 'GET'
       ) {
-        url.pathname = `/${defaultLocaleValue}${url.pathname}`;
-        return NextResponse.redirect(url);
+        // Redirect to existing or default locale
+        url.pathname = getUrlPathWithLocale(
+          url.pathname,
+          req.cookies.get('pz-locale')?.value
+        );
+
+        // Use 303 for POST requests
+        return NextResponse.redirect(url, 303);
       }
 
       req.middlewareParams.rewrites.locale = matchedLocale;
@@ -61,7 +85,6 @@ const withLocale =
         ip
       });
     }
-
     return middleware(req, event);
   };
 

package/middlewares/masterpass-rest-callback.ts

@@ -0,0 +1,230 @@
+import { NextFetchEvent, NextMiddleware, NextResponse } from 'next/server';
+import Settings from 'settings';
+import logger from '../utils/log';
+import { getUrlPathWithLocale } from '../utils/localization';
+import { PzNextRequest } from '.';
+import { getCheckoutPath } from '../utils';
+
+const withMasterpassRestCallback =
+  (middleware: NextMiddleware) =>
+  async (req: PzNextRequest, event: NextFetchEvent) => {
+    const url = req.nextUrl.clone();
+    const ip = req.headers.get('x-forwarded-for') ?? '';
+    const sessionId = req.cookies.get('osessionid');
+
+    if (!url.pathname.includes('/orders/masterpass-rest-callback')) {
+      return middleware(req, event);
+    }
+
+    if (req.method !== 'POST') {
+      logger.warn('Invalid request method for masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        method: req.method,
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+
+    const responseCode = url.searchParams.get('responseCode');
+    const token = url.searchParams.get('token');
+
+    if (!responseCode || !token) {
+      logger.warn('Missing required parameters for masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        responseCode,
+        token,
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+
+    try {
+      const formData = await req.formData();
+      const body: Record<string, string> = {};
+
+      Array.from(formData.entries()).forEach(([key, value]) => {
+        body[key] = value.toString();
+      });
+
+      if (!sessionId) {
+        logger.warn(
+          'Make sure that the SESSION_COOKIE_SAMESITE environment variable is set to None in Commerce.',
+          {
+            middleware: 'masterpass-rest-callback',
+            ip
+          }
+        );
+
+        return NextResponse.redirect(
+          `${url.origin}${getUrlPathWithLocale(
+            '/orders/checkout/',
+            req.cookies.get('pz-locale')?.value
+          )}`,
+          303
+        );
+      }
+
+      const isPostCheckout = req.cookies.get('pz-post-checkout-flow')?.value === 'true';
+      const requestUrl = new URL(getCheckoutPath(isPostCheckout), Settings.commerceUrl);
+      requestUrl.searchParams.set('page', 'MasterpassRestCompletePage');
+      requestUrl.searchParams.set('responseCode', responseCode);
+      requestUrl.searchParams.set('token', token);
+      requestUrl.searchParams.set(
+        'three_d_secure',
+        body.transactionType?.includes('3D') ? 'true' : 'false'
+      );
+      requestUrl.searchParams.set(
+        'transactionType',
+        body.transactionType || ''
+      );
+
+      const requestHeaders = {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'X-Requested-With': 'XMLHttpRequest',
+        Cookie: req.headers.get('cookie') ?? '',
+        'x-currency': req.cookies.get('pz-currency')?.value ?? '',
+        'x-forwarded-for': ip,
+        'User-Agent': req.headers.get('user-agent') ?? ''
+      };
+
+      const request = await fetch(requestUrl.toString(), {
+        method: 'POST',
+        headers: requestHeaders,
+        body: new URLSearchParams(body)
+      });
+
+      logger.info('Masterpass REST callback request', {
+        requestUrl: requestUrl.toString(),
+        status: request.status,
+        requestHeaders,
+        ip
+      });
+
+      const response = await request.json();
+
+      const { context_list: contextList, errors } = response;
+
+      let redirectUrl = response.redirect_url;
+
+      if (!redirectUrl && contextList && contextList.length > 0) {
+        for (const context of contextList) {
+          if (context.page_context && context.page_context.redirect_url) {
+            redirectUrl = context.page_context.redirect_url;
+            break;
+          }
+        }
+      }
+
+      if (errors && Object.keys(errors).length) {
+        logger.error('Error while processing masterpass REST callback', {
+          middleware: 'masterpass-rest-callback',
+          errors,
+          requestHeaders,
+          ip
+        });
+
+        const errorResponse = NextResponse.redirect(
+          `${url.origin}${getUrlPathWithLocale(
+            '/orders/checkout/',
+            req.cookies.get('pz-locale')?.value
+          )}`,
+          {
+            status: 303,
+            headers: {
+              'Set-Cookie': `pz-pos-error=${encodeURIComponent(JSON.stringify(errors))}; path=/;`
+            }
+          }
+        );
+
+        // Add error cookie
+        errorResponse.cookies.set('pz-pos-error', JSON.stringify(errors), {
+          path: '/'
+        });
+
+        return errorResponse;
+      }
+
+      logger.info('Masterpass REST callback response', {
+        middleware: 'masterpass-rest-callback',
+        contextList,
+        redirectUrl,
+        ip
+      });
+
+      if (!redirectUrl) {
+        logger.warn(
+          'No redirection url found in response. Redirecting to checkout page.',
+          {
+            middleware: 'masterpass-rest-callback',
+            requestHeaders,
+            response: JSON.stringify(response),
+            ip
+          }
+        );
+
+        const redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`;
+
+        return NextResponse.redirect(redirectUrlWithLocale, 303);
+      }
+
+      const redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
+        redirectUrl,
+        req.cookies.get('pz-locale')?.value
+      )}`;
+
+      logger.info('Redirecting after masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        redirectUrl: redirectUrlWithLocale,
+        ip
+      });
+
+      const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
+
+      // Forward set-cookie headers from the upstream response
+      const setCookieHeader = request.headers.get('set-cookie');
+      if (setCookieHeader) {
+        setCookieHeader.split(',').forEach((cookie) => {
+          nextResponse.headers.append('Set-Cookie', cookie.trim());
+        });
+      }
+
+      return nextResponse;
+    } catch (error) {
+      logger.error('Error while processing masterpass REST callback', {
+        middleware: 'masterpass-rest-callback',
+        error,
+        requestHeaders: {
+          Cookie: req.headers.get('cookie') ?? '',
+          'x-currency': req.cookies.get('pz-currency')?.value ?? ''
+        },
+        ip
+      });
+
+      return NextResponse.redirect(
+        `${url.origin}${getUrlPathWithLocale(
+          '/orders/checkout/',
+          req.cookies.get('pz-locale')?.value
+        )}`,
+        303
+      );
+    }
+  };
+
+export default withMasterpassRestCallback;

package/middlewares/oauth-login.ts

@@ -6,78 +6,221 @@ import {
 } from 'next/server';
 import Settings from 'settings';
 import { getUrlPathWithLocale } from '../utils/localization';
+import logger from '../utils/log';
 
-const withOauthLogin =
-  (middleware: NextMiddleware) =>
-  async (req: NextRequest, event: NextFetchEvent) => {
-    const url = req.nextUrl.clone();
-    const loginUrlMatcherRegex = new RegExp(/^\/(\w+)\/login\/?$/);
-    const loginCallbackUrlMatcherRegex = new RegExp(
-      /^\/(\w+)\/login\/callback\/?$/
-    );
-    const ip = req.headers.get('x-forwarded-for') ?? '';
-
-    const headers = {
-      'x-forwarded-host':
-        req.headers.get('x-forwarded-host') || req.headers.get('host') || '',
-      'x-currency': req.cookies.get('pz-currency')?.value ?? '',
-      'x-forwarded-for': ip
+const LOGIN_URL_REGEX = /^\/(\w+)\/login\/?$/;
+const CALLBACK_URL_REGEX = /^\/(\w+)\/login\/callback\/?$/;
+
+function buildCommerceHeaders(req: NextRequest): Record<string, string> {
+  return {
+    'x-forwarded-host':
+      req.headers.get('x-forwarded-host') || req.headers.get('host') || '',
+    'x-forwarded-for': req.headers.get('x-forwarded-for') ?? '',
+    'x-forwarded-proto': req.headers.get('x-forwarded-proto') || 'https',
+    'x-currency': req.cookies.get('pz-currency')?.value ?? '',
+    cookie: req.headers.get('cookie') ?? ''
+  };
+}
+
+async function getRequestBody(
+  req: NextRequest
+): Promise<{ content: string; contentType: string } | undefined> {
+  if (req.method !== 'POST') return undefined;
+
+  const content = await req.text();
+  if (!content.length) return undefined;
+
+  return {
+    content,
+    contentType:
+      req.headers.get('content-type') ?? 'application/x-www-form-urlencoded'
+  };
+}
+
+function fetchCommerce(
+  url: string,
+  req: NextRequest,
+  body?: { content: string; contentType: string }
+): Promise<Response> {
+  const headers = buildCommerceHeaders(req);
+
+  if (body) {
+    headers['content-type'] = body.contentType;
+  }
+
+  return fetch(url, {
+    method: body ? 'POST' : 'GET',
+    headers,
+    body: body?.content,
+    redirect: 'manual'
+  });
+}
+
+function forwardCookies(from: Response, to: NextResponse): void {
+  from.headers.getSetCookie().forEach((cookie) => {
+    to.headers.append('set-cookie', cookie);
+  });
+}
+
+function buildRedirectResponse(
+  commerceResponse: Response,
+  location: string,
+  origin: string
+): NextResponse {
+  const response = NextResponse.redirect(new URL(location, origin));
+  forwardCookies(commerceResponse, response);
+  return response;
+}
+
+function commercePassthrough(commerceResponse: Response): NextResponse {
+  return new NextResponse(commerceResponse.body, {
+    status: commerceResponse.status,
+    headers: commerceResponse.headers
+  });
+}
+
+function buildOAuthCallbackCookie(referer: string): string {
+  return `pz-oauth-callback-url=${encodeURIComponent(referer)}; Path=/`;
+}
+
+async function handleLogin(
+  req: NextRequest,
+  provider: string
+): Promise<{ response: NextResponse; redirected: boolean }> {
+  const commerceResponse = await fetchCommerce(
+    `${Settings.commerceUrl}/${provider}/login/`,
+    req
+  );
+
+  const location = commerceResponse.headers.get('location');
+  if (!location) {
+    return {
+      response: commercePassthrough(commerceResponse),
+      redirected: false
     };
+  }
 
-    if (loginUrlMatcherRegex.test(url.pathname)) {
-      const provider = url.pathname.match(loginUrlMatcherRegex)[1];
-      const response = NextResponse.rewrite(
-        `${Settings.commerceUrl}/${provider}/login/`,
-        {
-          headers
-        }
-      );
+  const response = buildRedirectResponse(
+    commerceResponse,
+    location,
+    req.nextUrl.origin
+  );
 
-      if (req.headers.get('referer')) {
-        response.cookies.set(
-          'pz-oauth-callback-url',
-          req.headers.get('referer')
-        );
-      }
+  response.headers.append(
+    'set-cookie',
+    buildOAuthCallbackCookie(req.headers.get('referer') || '')
+  );
 
-      return response;
-    }
+  return { response, redirected: true };
+}
 
-    if (loginCallbackUrlMatcherRegex.test(url.pathname)) {
-      const provider = url.pathname.match(loginCallbackUrlMatcherRegex)[1];
+async function handleCallback(
+  req: NextRequest,
+  provider: string,
+  search: string
+): Promise<{ response: NextResponse; redirected: boolean }> {
+  const body = await getRequestBody(req);
+  const commerceResponse = await fetchCommerce(
+    `${Settings.commerceUrl}/${provider}/login/callback/${search}`,
+    req,
+    body
+  );
 
-      return NextResponse.rewrite(
-        `${Settings.commerceUrl}/${provider}/login/callback/${url.search}`,
-        {
-          headers
-        }
-      );
-    }
+  const location = commerceResponse.headers.get('location');
+  if (!location) {
+    return {
+      response: commercePassthrough(commerceResponse),
+      redirected: false
+    };
+  }
+
+  return {
+    response: buildRedirectResponse(
+      commerceResponse,
+      location,
+      req.nextUrl.origin
+    ),
+    redirected: true
+  };
+}
+
+function handleBasketRedirect(req: NextRequest): NextResponse | null {
+  const hasSession = req.cookies.get('osessionid');
+  const messages = req.cookies.get('messages')?.value;
+
+  if (!messages) return null;
+  if (!messages.includes('Successfully signed in') && !hasSession) return null;
+
+  let redirectUrl = `${req.nextUrl.origin}${getUrlPathWithLocale(
+    '/auth/oauth-login',
+    req.cookies.get('pz-locale')?.value
+  )}`;
+
+  const callbackUrl = req.cookies.get('pz-oauth-callback-url')?.value ?? '';
+  if (callbackUrl.length) {
+    redirectUrl += `?next=${encodeURIComponent(callbackUrl)}`;
+  }
+
+  const response = NextResponse.redirect(redirectUrl);
+  response.cookies.delete('messages');
+  response.cookies.delete('pz-oauth-callback-url');
+  return response;
+}
 
-    if (!url.pathname.startsWith('/baskets/basket')) {
+const withOauthLogin =
+  (middleware: NextMiddleware) =>
+  async (req: NextRequest, event: NextFetchEvent) => {
+    const { pathname, search } = req.nextUrl;
+
+    if (!pathname.includes('/login') && !pathname.startsWith('/baskets/basket')) {
       return middleware(req, event);
     }
 
-    const currentSessionId = req.cookies.get('osessionid');
+    logger.info('OAuth login redirect', {
+      host: req.headers.get('host'),
+      'x-forwarded-host': req.headers.get('x-forwarded-host'),
+      'x-forwarded-for': req.headers.get('x-forwarded-for')
+    });
 
-    if (
-      req.cookies.get('messages')?.value.includes('Successfully signed in') ||
-      (currentSessionId && req.cookies.get('messages'))
-    ) {
-      let redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
-        '/auth/oauth-login',
-        req.cookies.get('pz-locale')?.value
-      )}`;
-      let callbackUrl = req.cookies.get('pz-oauth-callback-url')?.value ?? '';
+    const loginMatch = LOGIN_URL_REGEX.exec(pathname);
+    if (loginMatch) {
+      try {
+        const { response, redirected } = await handleLogin(req, loginMatch[1]);
+        if (!redirected) {
+          logger.warn('OAuth login: no redirect from commerce', {
+            provider: loginMatch[1]
+          });
+        }
+        return response;
+      } catch (error) {
+        logger.error('OAuth login fetch failed', { error });
+        return middleware(req, event);
+      }
+    }
 
-      if (callbackUrl.length) {
-        redirectUrlWithLocale += `?next=${encodeURIComponent(callbackUrl)}`;
+    const callbackMatch = CALLBACK_URL_REGEX.exec(pathname);
+    if (callbackMatch) {
+      try {
+        const { response, redirected } = await handleCallback(
+          req,
+          callbackMatch[1],
+          search
+        );
+        if (!redirected) {
+          logger.warn('OAuth callback: no redirect from commerce', {
+            provider: callbackMatch[1]
+          });
+        }
+        return response;
+      } catch (error) {
+        logger.error('OAuth callback fetch failed', { error });
+        return middleware(req, event);
       }
+    }
 
-      const response = NextResponse.redirect(redirectUrlWithLocale);
-      response.cookies.delete('messages');
-      response.cookies.delete('pz-oauth-callback-url');
-      return response;
+    if (pathname.startsWith('/baskets/basket')) {
+      const response = handleBasketRedirect(req);
+      if (response) return response;
     }
 
     return middleware(req, event);

package/middlewares/pretty-url.ts

@@ -1,17 +1,33 @@
 import { Cache, CacheKey } from '../lib/cache';
-import { NextFetchEvent, NextMiddleware, NextRequest } from 'next/server';
-import { ROUTES } from 'routes';
+import { NextFetchEvent, NextMiddleware } from 'next/server';
 import { URLS } from '../data/urls';
 import Settings from 'settings';
 import { urlLocaleMatcherRegex } from '../utils';
 import { PzNextRequest } from '.';
 import logger from '../utils/log';
+import { ROUTES } from 'routes';
 
 type PrettyUrlResult = {
   matched: boolean;
   path?: string;
 };
 
+let APP_ROUTES: string[] = [];
+
+const legacyRoutes = Object.values(ROUTES);
+
+try {
+  const generatedRoutes = require('routes/generated-routes');
+  const allRoutes = [...legacyRoutes, ...(generatedRoutes || [])];
+  APP_ROUTES = Array.from(new Set(allRoutes));
+  logger.debug('Loaded merged routes (legacy + generated)', {
+    count: APP_ROUTES.length
+  });
+} catch (error) {
+  APP_ROUTES = legacyRoutes;
+  logger.debug('Loaded only legacy routes', { count: APP_ROUTES.length });
+}
+
 const resolvePrettyUrlHandler =
   (pathname: string, ip: string | null) => async () => {
     let results = <{ old_path: string }[]>[];
@@ -53,7 +69,8 @@ const resolvePrettyUrl = async (
     locale,
     resolvePrettyUrlHandler(pathname, ip),
     {
-      useProxy: true
+      useProxy: true,
+      compressed: true
     }
   );
 };
@@ -73,9 +90,7 @@ const withPrettyUrl =
     const isValidPrettyUrlPath = (pathname: string) => {
       return (
         new RegExp(/^\/[a-zA-Z0-9/]+(?:-[a-zA-Z0-9/]+)*$/).test(pathname) &&
-        !Object.entries(ROUTES).find(([, value]) =>
-          new RegExp(`^${value}$`).test(pathname)
-        )
+        !APP_ROUTES.some((route) => new RegExp(`^${route}$`).test(pathname))
       );
     };
     const ip = req.headers.get('x-forwarded-for') ?? '';
@@ -108,8 +123,6 @@ const withPrettyUrl =
       return middleware(req, event);
     }
 
-    req.middlewareParams.found = false;
-
     return middleware(req, event);
   };