@aws-amplify/adapter-nextjs 1.1.6 → 1.1.7-s-auth.1dbe6e0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/auth/createTokenExchangeRouteHandlerFactory.js +52 -0
- package/dist/cjs/auth/createTokenExchangeRouteHandlerFactory.js.map +1 -0
- package/dist/cjs/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.js +39 -0
- package/dist/cjs/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.js.map +1 -0
- package/dist/cjs/auth/httpOnlyCookieBasedAuthProviders/index.js +8 -0
- package/dist/cjs/auth/httpOnlyCookieBasedAuthProviders/index.js.map +1 -0
- package/dist/cjs/auth/types.js +4 -0
- package/dist/cjs/auth/types.js.map +1 -0
- package/dist/cjs/client/index.js +7 -0
- package/dist/cjs/client/index.js.map +1 -0
- package/dist/cjs/createServerRunner.js +18 -1
- package/dist/cjs/createServerRunner.js.map +1 -1
- package/dist/cjs/oauth/createGetOAuthInitiationRouteFactory.js +22 -0
- package/dist/cjs/oauth/createGetOAuthInitiationRouteFactory.js.map +1 -0
- package/dist/cjs/oauth/createOAuthRouteHandlerFactory.js +51 -0
- package/dist/cjs/oauth/createOAuthRouteHandlerFactory.js.map +1 -0
- package/dist/cjs/oauth/index.js +9 -0
- package/dist/cjs/oauth/index.js.map +1 -0
- package/dist/cjs/oauth/types.js +6 -0
- package/dist/cjs/oauth/types.js.map +1 -0
- package/dist/cjs/oauth/utils/completeOAuthFlow.js +101 -0
- package/dist/cjs/oauth/utils/completeOAuthFlow.js.map +1 -0
- package/dist/cjs/oauth/utils/getRedirectUrl.js +20 -0
- package/dist/cjs/oauth/utils/getRedirectUrl.js.map +1 -0
- package/dist/cjs/oauth/utils/initOAuthFlow.js +70 -0
- package/dist/cjs/oauth/utils/initOAuthFlow.js.map +1 -0
- package/dist/cjs/utils/createRunWithAmplifyServerContext.js +2 -2
- package/dist/cjs/utils/createRunWithAmplifyServerContext.js.map +1 -1
- package/dist/esm/api/createServerRunnerForAPI.d.ts +1 -1
- package/dist/esm/auth/createTokenExchangeRouteHandlerFactory.d.ts +2 -0
- package/dist/esm/auth/createTokenExchangeRouteHandlerFactory.mjs +50 -0
- package/dist/esm/auth/createTokenExchangeRouteHandlerFactory.mjs.map +1 -0
- package/dist/esm/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.d.ts +4 -0
- package/dist/esm/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.mjs +37 -0
- package/dist/esm/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.mjs.map +1 -0
- package/dist/esm/auth/httpOnlyCookieBasedAuthProviders/index.d.ts +2 -0
- package/dist/esm/auth/httpOnlyCookieBasedAuthProviders/index.mjs +3 -0
- package/dist/esm/auth/httpOnlyCookieBasedAuthProviders/index.mjs.map +1 -0
- package/dist/esm/auth/types.d.ts +17 -0
- package/dist/esm/auth/types.mjs +2 -0
- package/dist/esm/auth/types.mjs.map +1 -0
- package/dist/esm/client/index.d.ts +1 -0
- package/dist/esm/client/index.mjs +3 -0
- package/dist/esm/client/index.mjs.map +1 -0
- package/dist/esm/createServerRunner.mjs +18 -1
- package/dist/esm/createServerRunner.mjs.map +1 -1
- package/dist/esm/oauth/createGetOAuthInitiationRouteFactory.d.ts +2 -0
- package/dist/esm/oauth/createGetOAuthInitiationRouteFactory.mjs +20 -0
- package/dist/esm/oauth/createGetOAuthInitiationRouteFactory.mjs.map +1 -0
- package/dist/esm/oauth/createOAuthRouteHandlerFactory.d.ts +2 -0
- package/dist/esm/oauth/createOAuthRouteHandlerFactory.mjs +49 -0
- package/dist/esm/oauth/createOAuthRouteHandlerFactory.mjs.map +1 -0
- package/dist/esm/oauth/index.d.ts +1 -0
- package/dist/esm/oauth/index.mjs +2 -0
- package/dist/esm/oauth/index.mjs.map +1 -0
- package/dist/esm/oauth/types.d.ts +38 -0
- package/dist/esm/oauth/types.mjs +2 -0
- package/dist/esm/oauth/types.mjs.map +1 -0
- package/dist/esm/oauth/utils/completeOAuthFlow.d.ts +11 -0
- package/dist/esm/oauth/utils/completeOAuthFlow.mjs +99 -0
- package/dist/esm/oauth/utils/completeOAuthFlow.mjs.map +1 -0
- package/dist/esm/oauth/utils/getRedirectUrl.d.ts +2 -0
- package/dist/esm/oauth/utils/getRedirectUrl.mjs +18 -0
- package/dist/esm/oauth/utils/getRedirectUrl.mjs.map +1 -0
- package/dist/esm/oauth/utils/initOAuthFlow.d.ts +10 -0
- package/dist/esm/oauth/utils/initOAuthFlow.mjs +68 -0
- package/dist/esm/oauth/utils/initOAuthFlow.mjs.map +1 -0
- package/dist/esm/types/NextServer.d.ts +19 -1
- package/dist/esm/utils/createRunWithAmplifyServerContext.d.ts +2 -1
- package/dist/esm/utils/createRunWithAmplifyServerContext.mjs +2 -2
- package/dist/esm/utils/createRunWithAmplifyServerContext.mjs.map +1 -1
- package/package.json +78 -72
- package/src/api/createServerRunnerForAPI.ts +7 -1
- package/src/auth/createTokenExchangeRouteHandlerFactory.ts +70 -0
- package/src/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.ts +57 -0
- package/src/auth/httpOnlyCookieBasedAuthProviders/index.ts +3 -0
- package/src/auth/types.ts +26 -0
- package/src/client/index.ts +1 -0
- package/src/createServerRunner.ts +19 -0
- package/src/oauth/createGetOAuthInitiationRouteFactory.ts +35 -0
- package/src/oauth/createOAuthRouteHandlerFactory.ts +73 -0
- package/src/oauth/index.ts +4 -0
- package/src/oauth/types.ts +59 -0
- package/src/oauth/utils/completeOAuthFlow.ts +174 -0
- package/src/oauth/utils/getRedirectUrl.ts +23 -0
- package/src/oauth/utils/initOAuthFlow.ts +108 -0
- package/src/types/NextServer.ts +27 -1
- package/src/utils/createRunWithAmplifyServerContext.ts +3 -0
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.createTokenExchangeRouteHandlerFactory = void 0;
|
|
5
|
+
const headers_js_1 = require("next/headers.js");
|
|
6
|
+
const server_1 = require("aws-amplify/auth/server");
|
|
7
|
+
const utils_1 = require("../utils");
|
|
8
|
+
const createTokenExchangeRouteHandlerFactory = input => {
|
|
9
|
+
const runWithAmplifyServerContext = (0, utils_1.createRunWithAmplifyServerContext)(input);
|
|
10
|
+
const handleRequest = async (_, __) => {
|
|
11
|
+
const { origin } = input;
|
|
12
|
+
if (!origin) {
|
|
13
|
+
throw new Error('`origin` parameter is required when using `getOAuthInitiationRoute`.');
|
|
14
|
+
}
|
|
15
|
+
const userSession = await runWithAmplifyServerContext({
|
|
16
|
+
nextServerContext: { cookies: headers_js_1.cookies },
|
|
17
|
+
operation: contextSpec => (0, server_1.fetchAuthSession)(contextSpec),
|
|
18
|
+
});
|
|
19
|
+
const clockDrift = (0, headers_js_1.cookies)()
|
|
20
|
+
.getAll()
|
|
21
|
+
.find(cookie => cookie.name.endsWith('.clockDrift'))?.value;
|
|
22
|
+
return new Response(JSON.stringify({
|
|
23
|
+
...userSession,
|
|
24
|
+
tokens: {
|
|
25
|
+
accessToken: userSession.tokens?.accessToken.toString(),
|
|
26
|
+
idToken: userSession.tokens?.idToken?.toString(),
|
|
27
|
+
},
|
|
28
|
+
username: userSession.tokens?.accessToken.payload.username,
|
|
29
|
+
clockDrift,
|
|
30
|
+
userSession,
|
|
31
|
+
}), {
|
|
32
|
+
headers: {
|
|
33
|
+
'content-type': 'application/json',
|
|
34
|
+
'Access-Control-Allow-Origin': origin,
|
|
35
|
+
'Access-Control-Allow-Methods': 'POST',
|
|
36
|
+
},
|
|
37
|
+
});
|
|
38
|
+
};
|
|
39
|
+
return handlerInput => ({
|
|
40
|
+
async POST(request) {
|
|
41
|
+
try {
|
|
42
|
+
return await handleRequest(request, handlerInput);
|
|
43
|
+
}
|
|
44
|
+
catch (error) {
|
|
45
|
+
const { onError } = handlerInput;
|
|
46
|
+
onError(error);
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
});
|
|
50
|
+
};
|
|
51
|
+
exports.createTokenExchangeRouteHandlerFactory = createTokenExchangeRouteHandlerFactory;
|
|
52
|
+
//# sourceMappingURL=createTokenExchangeRouteHandlerFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"createTokenExchangeRouteHandlerFactory.js","sources":["../../../src/auth/createTokenExchangeRouteHandlerFactory.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createTokenExchangeRouteHandlerFactory = void 0;\nconst headers_js_1 = require(\"next/headers.js\");\nconst server_1 = require(\"aws-amplify/auth/server\");\nconst utils_1 = require(\"../utils\");\nconst createTokenExchangeRouteHandlerFactory = input => {\n const runWithAmplifyServerContext = (0, utils_1.createRunWithAmplifyServerContext)(input);\n const handleRequest = async (_, __) => {\n const { origin } = input;\n if (!origin) {\n throw new Error('`origin` parameter is required when using `getOAuthInitiationRoute`.');\n }\n const userSession = await runWithAmplifyServerContext({\n nextServerContext: { cookies: headers_js_1.cookies },\n operation: contextSpec => (0, server_1.fetchAuthSession)(contextSpec),\n });\n const clockDrift = (0, headers_js_1.cookies)()\n .getAll()\n .find(cookie => cookie.name.endsWith('.clockDrift'))?.value;\n return new Response(JSON.stringify({\n ...userSession,\n tokens: {\n accessToken: userSession.tokens?.accessToken.toString(),\n idToken: userSession.tokens?.idToken?.toString(),\n },\n username: userSession.tokens?.accessToken.payload.username,\n clockDrift,\n userSession,\n }), {\n headers: {\n 'content-type': 'application/json',\n 'Access-Control-Allow-Origin': origin,\n 'Access-Control-Allow-Methods': 'POST',\n },\n });\n };\n return handlerInput => ({\n async POST(request) {\n try {\n return await handleRequest(request, handlerInput);\n }\n catch (error) {\n const { onError } = handlerInput;\n onError(error);\n }\n },\n });\n};\nexports.createTokenExchangeRouteHandlerFactory = createTokenExchangeRouteHandlerFactory;\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,sCAAsC,GAAG,KAAK,CAAC,CAAC;AACxD,MAAM,YAAY,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAChD,MAAM,QAAQ,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;AACpD,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,sCAAsC,GAAG,KAAK,IAAI;AACxD,IAAI,MAAM,2BAA2B,GAAG,IAAI,OAAO,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAC;AAC9F,IAAI,MAAM,aAAa,GAAG,OAAO,CAAC,EAAE,EAAE,KAAK;AAC3C,QAAQ,MAAM,EAAE,MAAM,EAAE,GAAG,KAAK,CAAC;AACjC,QAAQ,IAAI,CAAC,MAAM,EAAE;AACrB,YAAY,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;AACpG,SAAS;AACT,QAAQ,MAAM,WAAW,GAAG,MAAM,2BAA2B,CAAC;AAC9D,YAAY,iBAAiB,EAAE,EAAE,OAAO,EAAE,YAAY,CAAC,OAAO,EAAE;AAChE,YAAY,SAAS,EAAE,WAAW,IAAI,IAAI,QAAQ,CAAC,gBAAgB,EAAE,WAAW,CAAC;AACjF,SAAS,CAAC,CAAC;AACX,QAAQ,MAAM,UAAU,GAAG,IAAI,YAAY,CAAC,OAAO,GAAG;AACtD,aAAa,MAAM,EAAE;AACrB,aAAa,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,EAAE,KAAK,CAAC;AACxE,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AAC3C,YAAY,GAAG,WAAW;AAC1B,YAAY,MAAM,EAAE;AACpB,gBAAgB,WAAW,EAAE,WAAW,CAAC,MAAM,EAAE,WAAW,CAAC,QAAQ,EAAE;AACvE,gBAAgB,OAAO,EAAE,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE;AAChE,aAAa;AACb,YAAY,QAAQ,EAAE,WAAW,CAAC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,QAAQ;AACtE,YAAY,UAAU;AACtB,YAAY,WAAW;AACvB,SAAS,CAAC,EAAE;AACZ,YAAY,OAAO,EAAE;AACrB,gBAAgB,cAAc,EAAE,kBAAkB;AAClD,gBAAgB,6BAA6B,EAAE,MAAM;AACrD,gBAAgB,8BAA8B,EAAE,MAAM;AACtD,aAAa;AACb,SAAS,CAAC,CAAC;AACX,KAAK,CAAC;AACN,IAAI,OAAO,YAAY,KAAK;AAC5B,QAAQ,MAAM,IAAI,CAAC,OAAO,EAAE;AAC5B,YAAY,IAAI;AAChB,gBAAgB,OAAO,MAAM,aAAa,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;AAClE,aAAa;AACb,YAAY,OAAO,KAAK,EAAE;AAC1B,gBAAgB,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC;AACjD,gBAAgB,OAAO,CAAC,KAAK,CAAC,CAAC;AAC/B,aAAa;AACb,SAAS;AACT,KAAK,CAAC,CAAC;AACP,CAAC,CAAC;AACF,OAAO,CAAC,sCAAsC,GAAG,sCAAsC;;"}
|
package/dist/cjs/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.js
ADDED
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.createHttpOnlyCookieBasedAuthProviders = void 0;
|
|
5
|
+
const core_1 = require("@aws-amplify/core");
|
|
6
|
+
const utils_1 = require("@aws-amplify/core/internals/utils");
|
|
7
|
+
const cognito_1 = require("aws-amplify/auth/cognito");
|
|
8
|
+
const createHttpOnlyCookieBasedAuthProviders = ({ authTokenExchangeRoute, }) => {
|
|
9
|
+
cognito_1.cognitoUserPoolsTokenProvider.setKeyValueStorage(core_1.sharedInMemoryStorage);
|
|
10
|
+
(0, utils_1.runInBrowserContext)(() => {
|
|
11
|
+
refreshSession({
|
|
12
|
+
authTokenExchangeRoute,
|
|
13
|
+
tokenProvider: cognito_1.cognitoUserPoolsTokenProvider,
|
|
14
|
+
credentialsProvider: cognito_1.cognitoCredentialsProvider,
|
|
15
|
+
});
|
|
16
|
+
});
|
|
17
|
+
return {
|
|
18
|
+
tokenProvider: cognito_1.cognitoUserPoolsTokenProvider,
|
|
19
|
+
credentialsProvider: cognito_1.cognitoCredentialsProvider,
|
|
20
|
+
};
|
|
21
|
+
};
|
|
22
|
+
exports.createHttpOnlyCookieBasedAuthProviders = createHttpOnlyCookieBasedAuthProviders;
|
|
23
|
+
const refreshSession = async ({ authTokenExchangeRoute, tokenProvider, credentialsProvider, }) => {
|
|
24
|
+
const response = await fetch(authTokenExchangeRoute, { method: 'POST' });
|
|
25
|
+
const session = await response.json();
|
|
26
|
+
tokenProvider.tokenOrchestrator.setTokens({
|
|
27
|
+
tokens: {
|
|
28
|
+
accessToken: session.tokens.accessToken,
|
|
29
|
+
idToken: session.tokens.idToken,
|
|
30
|
+
clockDrift: session.clockDrift,
|
|
31
|
+
username: session.username,
|
|
32
|
+
},
|
|
33
|
+
});
|
|
34
|
+
credentialsProvider.setIdentityIdCredentials({
|
|
35
|
+
credentials: session.credentials,
|
|
36
|
+
identityId: session.identityId,
|
|
37
|
+
}, session.tokens.idToken);
|
|
38
|
+
};
|
|
39
|
+
//# sourceMappingURL=createHttpOnlyCookieBasedAuthProviders.js.map
|
package/dist/cjs/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"createHttpOnlyCookieBasedAuthProviders.js","sources":["../../../../src/auth/httpOnlyCookieBasedAuthProviders/createHttpOnlyCookieBasedAuthProviders.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createHttpOnlyCookieBasedAuthProviders = void 0;\nconst core_1 = require(\"@aws-amplify/core\");\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst cognito_1 = require(\"aws-amplify/auth/cognito\");\nconst createHttpOnlyCookieBasedAuthProviders = ({ authTokenExchangeRoute, }) => {\n cognito_1.cognitoUserPoolsTokenProvider.setKeyValueStorage(core_1.sharedInMemoryStorage);\n (0, utils_1.runInBrowserContext)(() => {\n refreshSession({\n authTokenExchangeRoute,\n tokenProvider: cognito_1.cognitoUserPoolsTokenProvider,\n credentialsProvider: cognito_1.cognitoCredentialsProvider,\n });\n });\n return {\n tokenProvider: cognito_1.cognitoUserPoolsTokenProvider,\n credentialsProvider: cognito_1.cognitoCredentialsProvider,\n };\n};\nexports.createHttpOnlyCookieBasedAuthProviders = createHttpOnlyCookieBasedAuthProviders;\nconst refreshSession = async ({ authTokenExchangeRoute, tokenProvider, credentialsProvider, }) => {\n const response = await fetch(authTokenExchangeRoute, { method: 'POST' });\n const session = await response.json();\n tokenProvider.tokenOrchestrator.setTokens({\n tokens: {\n accessToken: session.tokens.accessToken,\n idToken: session.tokens.idToken,\n clockDrift: session.clockDrift,\n username: session.username,\n },\n });\n credentialsProvider.setIdentityIdCredentials({\n credentials: session.credentials,\n identityId: session.identityId,\n }, session.tokens.idToken);\n};\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,sCAAsC,GAAG,KAAK,CAAC,CAAC;AACxD,MAAM,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,SAAS,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AACtD,MAAM,sCAAsC,GAAG,CAAC,EAAE,sBAAsB,GAAG,KAAK;AAChF,IAAI,SAAS,CAAC,6BAA6B,CAAC,kBAAkB,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;AAC7F,IAAI,IAAI,OAAO,CAAC,mBAAmB,EAAE,MAAM;AAC3C,QAAQ,cAAc,CAAC;AACvB,YAAY,sBAAsB;AAClC,YAAY,aAAa,EAAE,SAAS,CAAC,6BAA6B;AAClE,YAAY,mBAAmB,EAAE,SAAS,CAAC,0BAA0B;AACrE,SAAS,CAAC,CAAC;AACX,KAAK,CAAC,CAAC;AACP,IAAI,OAAO;AACX,QAAQ,aAAa,EAAE,SAAS,CAAC,6BAA6B;AAC9D,QAAQ,mBAAmB,EAAE,SAAS,CAAC,0BAA0B;AACjE,KAAK,CAAC;AACN,CAAC,CAAC;AACF,OAAO,CAAC,sCAAsC,GAAG,sCAAsC,CAAC;AACxF,MAAM,cAAc,GAAG,OAAO,EAAE,sBAAsB,EAAE,aAAa,EAAE,mBAAmB,GAAG,KAAK;AAClG,IAAI,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;AAC7E,IAAI,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;AAC1C,IAAI,aAAa,CAAC,iBAAiB,CAAC,SAAS,CAAC;AAC9C,QAAQ,MAAM,EAAE;AAChB,YAAY,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,WAAW;AACnD,YAAY,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO;AAC3C,YAAY,UAAU,EAAE,OAAO,CAAC,UAAU;AAC1C,YAAY,QAAQ,EAAE,OAAO,CAAC,QAAQ;AACtC,SAAS;AACT,KAAK,CAAC,CAAC;AACP,IAAI,mBAAmB,CAAC,wBAAwB,CAAC;AACjD,QAAQ,WAAW,EAAE,OAAO,CAAC,WAAW;AACxC,QAAQ,UAAU,EAAE,OAAO,CAAC,UAAU;AACtC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.createHttpOnlyCookieBasedAuthProviders = void 0;
|
|
5
|
+
require("client-only");
|
|
6
|
+
var createHttpOnlyCookieBasedAuthProviders_1 = require("./createHttpOnlyCookieBasedAuthProviders");
|
|
7
|
+
Object.defineProperty(exports, "createHttpOnlyCookieBasedAuthProviders", { enumerable: true, get: function () { return createHttpOnlyCookieBasedAuthProviders_1.createHttpOnlyCookieBasedAuthProviders; } });
|
|
8
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../../src/auth/httpOnlyCookieBasedAuthProviders/index.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createHttpOnlyCookieBasedAuthProviders = void 0;\nrequire(\"client-only\");\nvar createHttpOnlyCookieBasedAuthProviders_1 = require(\"./createHttpOnlyCookieBasedAuthProviders\");\nObject.defineProperty(exports, \"createHttpOnlyCookieBasedAuthProviders\", { enumerable: true, get: function () { return createHttpOnlyCookieBasedAuthProviders_1.createHttpOnlyCookieBasedAuthProviders; } });\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,sCAAsC,GAAG,KAAK,CAAC,CAAC;AACxD,OAAO,CAAC,aAAa,CAAC,CAAC;AACvB,IAAI,wCAAwC,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAC;AACnG,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wCAAwC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,wCAAwC,CAAC,sCAAsC,CAAC,EAAE,EAAE,CAAC;;"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sources":["../../../src/auth/types.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;;"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.createHttpOnlyCookieBasedAuthProviders = void 0;
|
|
5
|
+
var httpOnlyCookieBasedAuthProviders_1 = require("../auth/httpOnlyCookieBasedAuthProviders");
|
|
6
|
+
Object.defineProperty(exports, "createHttpOnlyCookieBasedAuthProviders", { enumerable: true, get: function () { return httpOnlyCookieBasedAuthProviders_1.createHttpOnlyCookieBasedAuthProviders; } });
|
|
7
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../src/client/index.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createHttpOnlyCookieBasedAuthProviders = void 0;\nvar httpOnlyCookieBasedAuthProviders_1 = require(\"../auth/httpOnlyCookieBasedAuthProviders\");\nObject.defineProperty(exports, \"createHttpOnlyCookieBasedAuthProviders\", { enumerable: true, get: function () { return httpOnlyCookieBasedAuthProviders_1.createHttpOnlyCookieBasedAuthProviders; } });\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,sCAAsC,GAAG,KAAK,CAAC,CAAC;AACxD,IAAI,kCAAkC,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAC;AAC7F,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wCAAwC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,kCAAkC,CAAC,sCAAsC,CAAC,EAAE,EAAE,CAAC;;"}
|
|
@@ -6,6 +6,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
exports.createServerRunner = void 0;
|
|
7
7
|
const utils_1 = require("@aws-amplify/core/internals/utils");
|
|
8
8
|
const utils_2 = require("./utils");
|
|
9
|
+
const oauth_1 = require("./oauth");
|
|
10
|
+
const createTokenExchangeRouteHandlerFactory_1 = require("./auth/createTokenExchangeRouteHandlerFactory");
|
|
11
|
+
const createGetOAuthInitiationRouteFactory_1 = require("./oauth/createGetOAuthInitiationRouteFactory");
|
|
9
12
|
/**
|
|
10
13
|
* Creates the `runWithAmplifyServerContext` function to run Amplify server side APIs in an isolated request context.
|
|
11
14
|
*
|
|
@@ -24,11 +27,25 @@ const utils_2 = require("./utils");
|
|
|
24
27
|
*
|
|
25
28
|
* export const { runWithAmplifyServerContext } = createServerRunner({ config })
|
|
26
29
|
*/
|
|
27
|
-
const createServerRunner = ({ config, }) => {
|
|
30
|
+
const createServerRunner = ({ config, origin, setAuthCookieOptions, }) => {
|
|
28
31
|
const amplifyConfig = (0, utils_1.parseAmplifyConfig)(config);
|
|
29
32
|
return {
|
|
30
33
|
runWithAmplifyServerContext: (0, utils_2.createRunWithAmplifyServerContext)({
|
|
31
34
|
config: amplifyConfig,
|
|
35
|
+
setAuthCookieOptions,
|
|
36
|
+
}),
|
|
37
|
+
createOAuthRouteHandler: (0, oauth_1.createOAuthRouteHandlerFactory)({
|
|
38
|
+
config: amplifyConfig,
|
|
39
|
+
setAuthCookieOptions,
|
|
40
|
+
}),
|
|
41
|
+
getOAuthInitiationRoute: (0, createGetOAuthInitiationRouteFactory_1.createGetOAuthInitiationRouteFactory)({
|
|
42
|
+
config: amplifyConfig,
|
|
43
|
+
origin,
|
|
44
|
+
}),
|
|
45
|
+
createTokenExchangeRouteHandler: (0, createTokenExchangeRouteHandlerFactory_1.createTokenExchangeRouteHandlerFactory)({
|
|
46
|
+
config: amplifyConfig,
|
|
47
|
+
origin,
|
|
48
|
+
setAuthCookieOptions,
|
|
32
49
|
}),
|
|
33
50
|
};
|
|
34
51
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createServerRunner.js","sources":["../../src/createServerRunner.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createServerRunner = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst utils_2 = require(\"./utils\");\n/**\n * Creates the `runWithAmplifyServerContext` function to run Amplify server side APIs in an isolated request context.\n *\n * @remarks\n * This function should be called only once; you can use the returned `runWithAmplifyServerContext` across\n * your codebase.\n *\n * @param input The input used to create the `runWithAmplifyServerContext` function.\n * @param input.config The {@link ResourcesConfig} imported from the `amplifyconfiguration.json` file or manually\n * created.\n * @returns An object that contains the `runWithAmplifyServerContext` function.\n *\n * @example\n * import { createServerRunner } from '@aws-amplify/adapter-nextjs';\n * import config from './amplifyconfiguration.json';\n *\n * export const { runWithAmplifyServerContext } = createServerRunner({ config })\n */\nconst createServerRunner = ({ config, }) => {\n const amplifyConfig = (0, utils_1.parseAmplifyConfig)(config);\n return {\n runWithAmplifyServerContext: (0, utils_2.createRunWithAmplifyServerContext)({\n config: amplifyConfig,\n }),\n };\n};\nexports.createServerRunner = createServerRunner;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,kBAAkB,GAAG,KAAK,CAAC,CAAC;AACpC,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AACnC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM,kBAAkB,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK;
|
|
1
|
+
{"version":3,"file":"createServerRunner.js","sources":["../../src/createServerRunner.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createServerRunner = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst utils_2 = require(\"./utils\");\nconst oauth_1 = require(\"./oauth\");\nconst createTokenExchangeRouteHandlerFactory_1 = require(\"./auth/createTokenExchangeRouteHandlerFactory\");\nconst createGetOAuthInitiationRouteFactory_1 = require(\"./oauth/createGetOAuthInitiationRouteFactory\");\n/**\n * Creates the `runWithAmplifyServerContext` function to run Amplify server side APIs in an isolated request context.\n *\n * @remarks\n * This function should be called only once; you can use the returned `runWithAmplifyServerContext` across\n * your codebase.\n *\n * @param input The input used to create the `runWithAmplifyServerContext` function.\n * @param input.config The {@link ResourcesConfig} imported from the `amplifyconfiguration.json` file or manually\n * created.\n * @returns An object that contains the `runWithAmplifyServerContext` function.\n *\n * @example\n * import { createServerRunner } from '@aws-amplify/adapter-nextjs';\n * import config from './amplifyconfiguration.json';\n *\n * export const { runWithAmplifyServerContext } = createServerRunner({ config })\n */\nconst createServerRunner = ({ config, origin, setAuthCookieOptions, }) => {\n const amplifyConfig = (0, utils_1.parseAmplifyConfig)(config);\n return {\n runWithAmplifyServerContext: (0, utils_2.createRunWithAmplifyServerContext)({\n config: amplifyConfig,\n setAuthCookieOptions,\n }),\n createOAuthRouteHandler: (0, oauth_1.createOAuthRouteHandlerFactory)({\n config: amplifyConfig,\n setAuthCookieOptions,\n }),\n getOAuthInitiationRoute: (0, createGetOAuthInitiationRouteFactory_1.createGetOAuthInitiationRouteFactory)({\n config: amplifyConfig,\n origin,\n }),\n createTokenExchangeRouteHandler: (0, createTokenExchangeRouteHandlerFactory_1.createTokenExchangeRouteHandlerFactory)({\n config: amplifyConfig,\n origin,\n setAuthCookieOptions,\n }),\n };\n};\nexports.createServerRunner = createServerRunner;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,kBAAkB,GAAG,KAAK,CAAC,CAAC;AACpC,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AACnC,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AACnC,MAAM,wCAAwC,GAAG,OAAO,CAAC,+CAA+C,CAAC,CAAC;AAC1G,MAAM,sCAAsC,GAAG,OAAO,CAAC,8CAA8C,CAAC,CAAC;AACvG;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM,kBAAkB,GAAG,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,GAAG,KAAK;AAC1E,IAAI,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;AAClE,IAAI,OAAO;AACX,QAAQ,2BAA2B,EAAE,IAAI,OAAO,CAAC,iCAAiC,EAAE;AACpF,YAAY,MAAM,EAAE,aAAa;AACjC,YAAY,oBAAoB;AAChC,SAAS,CAAC;AACV,QAAQ,uBAAuB,EAAE,IAAI,OAAO,CAAC,8BAA8B,EAAE;AAC7E,YAAY,MAAM,EAAE,aAAa;AACjC,YAAY,oBAAoB;AAChC,SAAS,CAAC;AACV,QAAQ,uBAAuB,EAAE,IAAI,sCAAsC,CAAC,oCAAoC,EAAE;AAClH,YAAY,MAAM,EAAE,aAAa;AACjC,YAAY,MAAM;AAClB,SAAS,CAAC;AACV,QAAQ,+BAA+B,EAAE,IAAI,wCAAwC,CAAC,sCAAsC,EAAE;AAC9H,YAAY,MAAM,EAAE,aAAa;AACjC,YAAY,MAAM;AAClB,YAAY,oBAAoB;AAChC,SAAS,CAAC;AACV,KAAK,CAAC;AACN,CAAC,CAAC;AACF,OAAO,CAAC,kBAAkB,GAAG,kBAAkB;;"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.createGetOAuthInitiationRouteFactory = void 0;
|
|
5
|
+
const utils_1 = require("@aws-amplify/core/internals/utils");
|
|
6
|
+
const getRedirectUrl_1 = require("./utils/getRedirectUrl");
|
|
7
|
+
const createGetOAuthInitiationRouteFactory = ({ config: resourcesConfig, origin }) => {
|
|
8
|
+
const getOAuthInitiationRoute = input => {
|
|
9
|
+
(0, utils_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);
|
|
10
|
+
(0, utils_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);
|
|
11
|
+
const { Cognito: cognitoUserPoolConfig } = resourcesConfig.Auth;
|
|
12
|
+
if (!origin) {
|
|
13
|
+
throw new Error('`origin` parameter is required when using `getOAuthInitiationRoute`.');
|
|
14
|
+
}
|
|
15
|
+
const redirectUrl = (0, getRedirectUrl_1.getRedirectUrl)(origin, cognitoUserPoolConfig.loginWith.oauth);
|
|
16
|
+
const { provider } = input;
|
|
17
|
+
return `${redirectUrl}?init=true&provider=${provider}`;
|
|
18
|
+
};
|
|
19
|
+
return getOAuthInitiationRoute;
|
|
20
|
+
};
|
|
21
|
+
exports.createGetOAuthInitiationRouteFactory = createGetOAuthInitiationRouteFactory;
|
|
22
|
+
//# sourceMappingURL=createGetOAuthInitiationRouteFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"createGetOAuthInitiationRouteFactory.js","sources":["../../../src/oauth/createGetOAuthInitiationRouteFactory.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createGetOAuthInitiationRouteFactory = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst getRedirectUrl_1 = require(\"./utils/getRedirectUrl\");\nconst createGetOAuthInitiationRouteFactory = ({ config: resourcesConfig, origin }) => {\n const getOAuthInitiationRoute = input => {\n (0, utils_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);\n (0, utils_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);\n const { Cognito: cognitoUserPoolConfig } = resourcesConfig.Auth;\n if (!origin) {\n throw new Error('`origin` parameter is required when using `getOAuthInitiationRoute`.');\n }\n const redirectUrl = (0, getRedirectUrl_1.getRedirectUrl)(origin, cognitoUserPoolConfig.loginWith.oauth);\n const { provider } = input;\n return `${redirectUrl}?init=true&provider=${provider}`;\n };\n return getOAuthInitiationRoute;\n};\nexports.createGetOAuthInitiationRouteFactory = createGetOAuthInitiationRouteFactory;\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,oCAAoC,GAAG,KAAK,CAAC,CAAC;AACtD,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC3D,MAAM,oCAAoC,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,KAAK;AACtF,IAAI,MAAM,uBAAuB,GAAG,KAAK,IAAI;AAC7C,QAAQ,IAAI,OAAO,CAAC,yBAAyB,EAAE,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC9E,QAAQ,IAAI,OAAO,CAAC,iBAAiB,EAAE,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrE,QAAQ,MAAM,EAAE,OAAO,EAAE,qBAAqB,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC;AACxE,QAAQ,IAAI,CAAC,MAAM,EAAE;AACrB,YAAY,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;AACpG,SAAS;AACT,QAAQ,MAAM,WAAW,GAAG,IAAI,gBAAgB,CAAC,cAAc,EAAE,MAAM,EAAE,qBAAqB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AAChH,QAAQ,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;AACnC,QAAQ,OAAO,CAAC,EAAE,WAAW,CAAC,oBAAoB,EAAE,QAAQ,CAAC,CAAC,CAAC;AAC/D,KAAK,CAAC;AACN,IAAI,OAAO,uBAAuB,CAAC;AACnC,CAAC,CAAC;AACF,OAAO,CAAC,oCAAoC,GAAG,oCAAoC;;"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createOAuthRouteHandlerFactory = void 0;
|
|
7
|
+
const utils_1 = require("@aws-amplify/core/internals/utils");
|
|
8
|
+
const initOAuthFlow_1 = require("./utils/initOAuthFlow");
|
|
9
|
+
const completeOAuthFlow_1 = require("./utils/completeOAuthFlow");
|
|
10
|
+
const createOAuthRouteHandlerFactory = ({ config: resourcesConfig, setAuthCookieOptions, }) => {
|
|
11
|
+
const handleRequest = async (request, { customState, redirectOnAuthComplete, onError, }) => {
|
|
12
|
+
(0, utils_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);
|
|
13
|
+
(0, utils_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);
|
|
14
|
+
const { Cognito: cognitoUserPoolConfig } = resourcesConfig.Auth;
|
|
15
|
+
const { searchParams } = request.nextUrl;
|
|
16
|
+
// when request url has `init` query param - initiate oauth flow
|
|
17
|
+
if (searchParams.has('init')) {
|
|
18
|
+
return (0, initOAuthFlow_1.initOAuthFlow)({
|
|
19
|
+
setAuthCookieOptions,
|
|
20
|
+
request,
|
|
21
|
+
customState,
|
|
22
|
+
cognitoUserPoolConfig,
|
|
23
|
+
oAuthConfig: cognitoUserPoolConfig.loginWith.oauth,
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
if (searchParams.has('code') && searchParams.has('state')) {
|
|
27
|
+
return (0, completeOAuthFlow_1.completeOAuthFlow)({
|
|
28
|
+
request,
|
|
29
|
+
redirectOnComplete: redirectOnAuthComplete,
|
|
30
|
+
setAuthCookieOptions,
|
|
31
|
+
customState,
|
|
32
|
+
cognitoUserPoolConfig,
|
|
33
|
+
oAuthConfig: cognitoUserPoolConfig.loginWith.oauth,
|
|
34
|
+
});
|
|
35
|
+
}
|
|
36
|
+
onError(new Error('Invalid point (update me)'));
|
|
37
|
+
};
|
|
38
|
+
return handlerInput => ({
|
|
39
|
+
async GET(request) {
|
|
40
|
+
try {
|
|
41
|
+
return await handleRequest(request, handlerInput);
|
|
42
|
+
}
|
|
43
|
+
catch (error) {
|
|
44
|
+
const { onError } = handlerInput;
|
|
45
|
+
onError(error);
|
|
46
|
+
}
|
|
47
|
+
},
|
|
48
|
+
});
|
|
49
|
+
};
|
|
50
|
+
exports.createOAuthRouteHandlerFactory = createOAuthRouteHandlerFactory;
|
|
51
|
+
//# sourceMappingURL=createOAuthRouteHandlerFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"createOAuthRouteHandlerFactory.js","sources":["../../../src/oauth/createOAuthRouteHandlerFactory.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createOAuthRouteHandlerFactory = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst initOAuthFlow_1 = require(\"./utils/initOAuthFlow\");\nconst completeOAuthFlow_1 = require(\"./utils/completeOAuthFlow\");\nconst createOAuthRouteHandlerFactory = ({ config: resourcesConfig, setAuthCookieOptions, }) => {\n const handleRequest = async (request, { customState, redirectOnAuthComplete, onError, }) => {\n (0, utils_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);\n (0, utils_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);\n const { Cognito: cognitoUserPoolConfig } = resourcesConfig.Auth;\n const { searchParams } = request.nextUrl;\n // when request url has `init` query param - initiate oauth flow\n if (searchParams.has('init')) {\n return (0, initOAuthFlow_1.initOAuthFlow)({\n setAuthCookieOptions,\n request,\n customState,\n cognitoUserPoolConfig,\n oAuthConfig: cognitoUserPoolConfig.loginWith.oauth,\n });\n }\n if (searchParams.has('code') && searchParams.has('state')) {\n return (0, completeOAuthFlow_1.completeOAuthFlow)({\n request,\n redirectOnComplete: redirectOnAuthComplete,\n setAuthCookieOptions,\n customState,\n cognitoUserPoolConfig,\n oAuthConfig: cognitoUserPoolConfig.loginWith.oauth,\n });\n }\n onError(new Error('Invalid point (update me)'));\n };\n return handlerInput => ({\n async GET(request) {\n try {\n return await handleRequest(request, handlerInput);\n }\n catch (error) {\n const { onError } = handlerInput;\n onError(error);\n }\n },\n });\n};\nexports.createOAuthRouteHandlerFactory = createOAuthRouteHandlerFactory;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,8BAA8B,GAAG,KAAK,CAAC,CAAC;AAChD,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,eAAe,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;AACzD,MAAM,mBAAmB,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;AACjE,MAAM,8BAA8B,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,oBAAoB,GAAG,KAAK;AAC/F,IAAI,MAAM,aAAa,GAAG,OAAO,OAAO,EAAE,EAAE,WAAW,EAAE,sBAAsB,EAAE,OAAO,GAAG,KAAK;AAChG,QAAQ,IAAI,OAAO,CAAC,yBAAyB,EAAE,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC9E,QAAQ,IAAI,OAAO,CAAC,iBAAiB,EAAE,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrE,QAAQ,MAAM,EAAE,OAAO,EAAE,qBAAqB,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC;AACxE,QAAQ,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;AACjD;AACA,QAAQ,IAAI,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;AACtC,YAAY,OAAO,IAAI,eAAe,CAAC,aAAa,EAAE;AACtD,gBAAgB,oBAAoB;AACpC,gBAAgB,OAAO;AACvB,gBAAgB,WAAW;AAC3B,gBAAgB,qBAAqB;AACrC,gBAAgB,WAAW,EAAE,qBAAqB,CAAC,SAAS,CAAC,KAAK;AAClE,aAAa,CAAC,CAAC;AACf,SAAS;AACT,QAAQ,IAAI,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;AACnE,YAAY,OAAO,IAAI,mBAAmB,CAAC,iBAAiB,EAAE;AAC9D,gBAAgB,OAAO;AACvB,gBAAgB,kBAAkB,EAAE,sBAAsB;AAC1D,gBAAgB,oBAAoB;AACpC,gBAAgB,WAAW;AAC3B,gBAAgB,qBAAqB;AACrC,gBAAgB,WAAW,EAAE,qBAAqB,CAAC,SAAS,CAAC,KAAK;AAClE,aAAa,CAAC,CAAC;AACf,SAAS;AACT,QAAQ,OAAO,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC;AACxD,KAAK,CAAC;AACN,IAAI,OAAO,YAAY,KAAK;AAC5B,QAAQ,MAAM,GAAG,CAAC,OAAO,EAAE;AAC3B,YAAY,IAAI;AAChB,gBAAgB,OAAO,MAAM,aAAa,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;AAClE,aAAa;AACb,YAAY,OAAO,KAAK,EAAE;AAC1B,gBAAgB,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC;AACjD,gBAAgB,OAAO,CAAC,KAAK,CAAC,CAAC;AAC/B,aAAa;AACb,SAAS;AACT,KAAK,CAAC,CAAC;AACP,CAAC,CAAC;AACF,OAAO,CAAC,8BAA8B,GAAG,8BAA8B;;"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.createOAuthRouteHandlerFactory = void 0;
|
|
7
|
+
var createOAuthRouteHandlerFactory_1 = require("./createOAuthRouteHandlerFactory");
|
|
8
|
+
Object.defineProperty(exports, "createOAuthRouteHandlerFactory", { enumerable: true, get: function () { return createOAuthRouteHandlerFactory_1.createOAuthRouteHandlerFactory; } });
|
|
9
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../../../src/oauth/index.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createOAuthRouteHandlerFactory = void 0;\nvar createOAuthRouteHandlerFactory_1 = require(\"./createOAuthRouteHandlerFactory\");\nObject.defineProperty(exports, \"createOAuthRouteHandlerFactory\", { enumerable: true, get: function () { return createOAuthRouteHandlerFactory_1.createOAuthRouteHandlerFactory; } });\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,8BAA8B,GAAG,KAAK,CAAC,CAAC;AAChD,IAAI,gCAAgC,GAAG,OAAO,CAAC,kCAAkC,CAAC,CAAC;AACnF,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,gCAAgC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,gCAAgC,CAAC,8BAA8B,CAAC,EAAE,EAAE,CAAC;;"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sources":["../../../src/oauth/types.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;;"}
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
+
exports.completeOAuthFlow = void 0;
|
|
5
|
+
const core_1 = require("@aws-amplify/core");
|
|
6
|
+
const server_js_1 = require("next/server.js");
|
|
7
|
+
const adapter_core_1 = require("aws-amplify/adapter-core");
|
|
8
|
+
const cognito_1 = require("@aws-amplify/auth/cognito");
|
|
9
|
+
const createCookieStorageAdapterFromNextServerContext_1 = require("../../utils/createCookieStorageAdapterFromNextServerContext");
|
|
10
|
+
const getRedirectUrl_1 = require("./getRedirectUrl");
|
|
11
|
+
const completeOAuthFlow = async ({ request, redirectOnComplete, cognitoUserPoolConfig, oAuthConfig, setAuthCookieOptions, }) => {
|
|
12
|
+
const { searchParams } = request.nextUrl;
|
|
13
|
+
const code = searchParams.get('code');
|
|
14
|
+
const state = searchParams.get('state');
|
|
15
|
+
const oAuthTokenEndpoint = `https://${oAuthConfig.domain}/oauth2/token`;
|
|
16
|
+
const response = server_js_1.NextResponse.redirect(new URL(redirectOnComplete, request.url));
|
|
17
|
+
const keyValueStorage = (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)({
|
|
18
|
+
request,
|
|
19
|
+
response,
|
|
20
|
+
}), setAuthCookieOptions);
|
|
21
|
+
const oAuthStore = new cognito_1.DefaultOAuthStore(keyValueStorage);
|
|
22
|
+
oAuthStore.setAuthConfig(cognitoUserPoolConfig);
|
|
23
|
+
await (0, adapter_core_1.validateState)(oAuthStore, state);
|
|
24
|
+
const authTokenStore = new cognito_1.DefaultTokenStore();
|
|
25
|
+
authTokenStore.setAuthConfig({ Cognito: cognitoUserPoolConfig });
|
|
26
|
+
authTokenStore.setKeyValueStorage(keyValueStorage);
|
|
27
|
+
const tokenOrchestrator = new cognito_1.TokenOrchestrator();
|
|
28
|
+
tokenOrchestrator.setAuthConfig({ Cognito: cognitoUserPoolConfig });
|
|
29
|
+
tokenOrchestrator.setAuthTokenStore(authTokenStore);
|
|
30
|
+
const codeVerifier = await oAuthStore.loadPKCE();
|
|
31
|
+
const oAuthTokenBody = {
|
|
32
|
+
grant_type: 'authorization_code',
|
|
33
|
+
code,
|
|
34
|
+
client_id: cognitoUserPoolConfig.userPoolClientId,
|
|
35
|
+
// TODO(Hui): request.nextUrl.origin should be generic and not use Next specifics
|
|
36
|
+
redirect_uri: (0, getRedirectUrl_1.getRedirectUrl)(request.nextUrl.origin, oAuthConfig),
|
|
37
|
+
...(codeVerifier ? { code_verifier: codeVerifier } : {}),
|
|
38
|
+
};
|
|
39
|
+
const body = Object.entries(oAuthTokenBody)
|
|
40
|
+
.map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`)
|
|
41
|
+
.join('&');
|
|
42
|
+
const tokenExchangeResponse = await fetch(oAuthTokenEndpoint, {
|
|
43
|
+
method: 'POST',
|
|
44
|
+
headers: {
|
|
45
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
46
|
+
},
|
|
47
|
+
body,
|
|
48
|
+
});
|
|
49
|
+
const { access_token, refresh_token: refreshToken, id_token, error, error_message: errorMessage, token_type, expires_in, } = await tokenExchangeResponse.json();
|
|
50
|
+
if (error) {
|
|
51
|
+
throw new Error(errorMessage ?? error);
|
|
52
|
+
}
|
|
53
|
+
const username = (access_token && (0, core_1.decodeJWT)(access_token).payload.username) ?? 'username';
|
|
54
|
+
await writeTokensToStorage({
|
|
55
|
+
username,
|
|
56
|
+
AccessToken: access_token,
|
|
57
|
+
IdToken: id_token,
|
|
58
|
+
RefreshToken: refreshToken,
|
|
59
|
+
TokenType: token_type,
|
|
60
|
+
ExpiresIn: expires_in,
|
|
61
|
+
}, tokenOrchestrator);
|
|
62
|
+
await oAuthStore.clearOAuthData();
|
|
63
|
+
return response;
|
|
64
|
+
};
|
|
65
|
+
exports.completeOAuthFlow = completeOAuthFlow;
|
|
66
|
+
const writeTokensToStorage = async (payload, tokenOrchestrator) => {
|
|
67
|
+
if (!payload.AccessToken) {
|
|
68
|
+
return;
|
|
69
|
+
}
|
|
70
|
+
const accessToken = (0, core_1.decodeJWT)(payload.AccessToken);
|
|
71
|
+
const accessTokenIssuedAtInMillis = (accessToken.payload.iat || 0) * 1000;
|
|
72
|
+
const currentTime = new Date().getTime();
|
|
73
|
+
const clockDrift = accessTokenIssuedAtInMillis > 0
|
|
74
|
+
? accessTokenIssuedAtInMillis - currentTime
|
|
75
|
+
: 0;
|
|
76
|
+
let idToken;
|
|
77
|
+
let refreshToken;
|
|
78
|
+
let deviceMetadata;
|
|
79
|
+
if (payload.RefreshToken) {
|
|
80
|
+
refreshToken = payload.RefreshToken;
|
|
81
|
+
}
|
|
82
|
+
if (payload.IdToken) {
|
|
83
|
+
idToken = (0, core_1.decodeJWT)(payload.IdToken);
|
|
84
|
+
}
|
|
85
|
+
if (payload?.NewDeviceMetadata) {
|
|
86
|
+
deviceMetadata = payload.NewDeviceMetadata;
|
|
87
|
+
}
|
|
88
|
+
const tokens = {
|
|
89
|
+
accessToken,
|
|
90
|
+
idToken,
|
|
91
|
+
refreshToken,
|
|
92
|
+
clockDrift,
|
|
93
|
+
deviceMetadata,
|
|
94
|
+
username: payload.username,
|
|
95
|
+
};
|
|
96
|
+
if (payload?.signInDetails) {
|
|
97
|
+
tokens.signInDetails = payload.signInDetails;
|
|
98
|
+
}
|
|
99
|
+
await tokenOrchestrator.setTokens({ tokens });
|
|
100
|
+
};
|
|
101
|
+
//# sourceMappingURL=completeOAuthFlow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"completeOAuthFlow.js","sources":["../../../../src/oauth/utils/completeOAuthFlow.ts"],"sourcesContent":["\"use strict\";\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.completeOAuthFlow = void 0;\nconst core_1 = require(\"@aws-amplify/core\");\nconst server_js_1 = require(\"next/server.js\");\nconst adapter_core_1 = require(\"aws-amplify/adapter-core\");\nconst cognito_1 = require(\"@aws-amplify/auth/cognito\");\nconst createCookieStorageAdapterFromNextServerContext_1 = require(\"../../utils/createCookieStorageAdapterFromNextServerContext\");\nconst getRedirectUrl_1 = require(\"./getRedirectUrl\");\nconst completeOAuthFlow = async ({ request, redirectOnComplete, cognitoUserPoolConfig, oAuthConfig, setAuthCookieOptions, }) => {\n const { searchParams } = request.nextUrl;\n const code = searchParams.get('code');\n const state = searchParams.get('state');\n const oAuthTokenEndpoint = `https://${oAuthConfig.domain}/oauth2/token`;\n const response = server_js_1.NextResponse.redirect(new URL(redirectOnComplete, request.url));\n const keyValueStorage = (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)({\n request,\n response,\n }), setAuthCookieOptions);\n const oAuthStore = new cognito_1.DefaultOAuthStore(keyValueStorage);\n oAuthStore.setAuthConfig(cognitoUserPoolConfig);\n await (0, adapter_core_1.validateState)(oAuthStore, state);\n const authTokenStore = new cognito_1.DefaultTokenStore();\n authTokenStore.setAuthConfig({ Cognito: cognitoUserPoolConfig });\n authTokenStore.setKeyValueStorage(keyValueStorage);\n const tokenOrchestrator = new cognito_1.TokenOrchestrator();\n tokenOrchestrator.setAuthConfig({ Cognito: cognitoUserPoolConfig });\n tokenOrchestrator.setAuthTokenStore(authTokenStore);\n const codeVerifier = await oAuthStore.loadPKCE();\n const oAuthTokenBody = {\n grant_type: 'authorization_code',\n code,\n client_id: cognitoUserPoolConfig.userPoolClientId,\n // TODO(Hui): request.nextUrl.origin should be generic and not use Next specifics\n redirect_uri: (0, getRedirectUrl_1.getRedirectUrl)(request.nextUrl.origin, oAuthConfig),\n ...(codeVerifier ? { code_verifier: codeVerifier } : {}),\n };\n const body = Object.entries(oAuthTokenBody)\n .map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`)\n .join('&');\n const tokenExchangeResponse = await fetch(oAuthTokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n body,\n });\n const { access_token, refresh_token: refreshToken, id_token, error, error_message: errorMessage, token_type, expires_in, } = await tokenExchangeResponse.json();\n if (error) {\n throw new Error(errorMessage ?? error);\n }\n const username = (access_token && (0, core_1.decodeJWT)(access_token).payload.username) ?? 'username';\n await writeTokensToStorage({\n username,\n AccessToken: access_token,\n IdToken: id_token,\n RefreshToken: refreshToken,\n TokenType: token_type,\n ExpiresIn: expires_in,\n }, tokenOrchestrator);\n await oAuthStore.clearOAuthData();\n return response;\n};\nexports.completeOAuthFlow = completeOAuthFlow;\nconst writeTokensToStorage = async (payload, tokenOrchestrator) => {\n if (!payload.AccessToken) {\n return;\n }\n const accessToken = (0, core_1.decodeJWT)(payload.AccessToken);\n const accessTokenIssuedAtInMillis = (accessToken.payload.iat || 0) * 1000;\n const currentTime = new Date().getTime();\n const clockDrift = accessTokenIssuedAtInMillis > 0\n ? accessTokenIssuedAtInMillis - currentTime\n : 0;\n let idToken;\n let refreshToken;\n let deviceMetadata;\n if (payload.RefreshToken) {\n refreshToken = payload.RefreshToken;\n }\n if (payload.IdToken) {\n idToken = (0, core_1.decodeJWT)(payload.IdToken);\n }\n if (payload?.NewDeviceMetadata) {\n deviceMetadata = payload.NewDeviceMetadata;\n }\n const tokens = {\n accessToken,\n idToken,\n refreshToken,\n clockDrift,\n deviceMetadata,\n username: payload.username,\n };\n if (payload?.signInDetails) {\n tokens.signInDetails = payload.signInDetails;\n }\n await tokenOrchestrator.setTokens({ tokens });\n};\n"],"names":[],"mappings":";;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,iBAAiB,GAAG,KAAK,CAAC,CAAC;AACnC,MAAM,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC5C,MAAM,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAC9C,MAAM,cAAc,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AAC3D,MAAM,SAAS,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;AACvD,MAAM,iDAAiD,GAAG,OAAO,CAAC,6DAA6D,CAAC,CAAC;AACjI,MAAM,gBAAgB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AACrD,MAAM,iBAAiB,GAAG,OAAO,EAAE,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,WAAW,EAAE,oBAAoB,GAAG,KAAK;AAChI,IAAI,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;AAC7C,IAAI,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAC1C,IAAI,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAC5C,IAAI,MAAM,kBAAkB,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;AAC5E,IAAI,MAAM,QAAQ,GAAG,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;AACjG,IAAI,MAAM,eAAe,GAAG,IAAI,cAAc,CAAC,6CAA6C,EAAE,IAAI,iDAAiD,CAAC,+CAA+C,EAAE;AACrM,QAAQ,OAAO;AACf,QAAQ,QAAQ;AAChB,KAAK,CAAC,EAAE,oBAAoB,CAAC,CAAC;AAC9B,IAAI,MAAM,UAAU,GAAG,IAAI,SAAS,CAAC,iBAAiB,CAAC,eAAe,CAAC,CAAC;AACxE,IAAI,UAAU,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC;AACpD,IAAI,MAAM,IAAI,cAAc,CAAC,aAAa,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;AAC/D,IAAI,MAAM,cAAc,GAAG,IAAI,SAAS,CAAC,iBAAiB,EAAE,CAAC;AAC7D,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC,CAAC;AACrE,IAAI,cAAc,CAAC,kBAAkB,CAAC,eAAe,CAAC,CAAC;AACvD,IAAI,MAAM,iBAAiB,GAAG,IAAI,SAAS,CAAC,iBAAiB,EAAE,CAAC;AAChE,IAAI,iBAAiB,CAAC,aAAa,CAAC,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC,CAAC;AACxE,IAAI,iBAAiB,CAAC,iBAAiB,CAAC,cAAc,CAAC,CAAC;AACxD,IAAI,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC;AACrD,IAAI,MAAM,cAAc,GAAG;AAC3B,QAAQ,UAAU,EAAE,oBAAoB;AACxC,QAAQ,IAAI;AACZ,QAAQ,SAAS,EAAE,qBAAqB,CAAC,gBAAgB;AACzD;AACA,QAAQ,YAAY,EAAE,IAAI,gBAAgB,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC;AAC/F,QAAQ,IAAI,YAAY,GAAG,EAAE,aAAa,EAAE,YAAY,EAAE,GAAG,EAAE;AAC/D,KAAK,CAAC;AACN,IAAI,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC;AAC/C,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7E,SAAS,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,IAAI,MAAM,qBAAqB,GAAG,MAAM,KAAK,CAAC,kBAAkB,EAAE;AAClE,QAAQ,MAAM,EAAE,MAAM;AACtB,QAAQ,OAAO,EAAE;AACjB,YAAY,cAAc,EAAE,mCAAmC;AAC/D,SAAS;AACT,QAAQ,IAAI;AACZ,KAAK,CAAC,CAAC;AACP,IAAI,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,GAAG,GAAG,MAAM,qBAAqB,CAAC,IAAI,EAAE,CAAC;AACpK,IAAI,IAAI,KAAK,EAAE;AACf,QAAQ,MAAM,IAAI,KAAK,CAAC,YAAY,IAAI,KAAK,CAAC,CAAC;AAC/C,KAAK;AACL,IAAI,MAAM,QAAQ,GAAG,CAAC,YAAY,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC;AAC1G,IAAI,MAAM,oBAAoB,CAAC;AAC/B,QAAQ,QAAQ;AAChB,QAAQ,WAAW,EAAE,YAAY;AACjC,QAAQ,OAAO,EAAE,QAAQ;AACzB,QAAQ,YAAY,EAAE,YAAY;AAClC,QAAQ,SAAS,EAAE,UAAU;AAC7B,QAAQ,SAAS,EAAE,UAAU;AAC7B,KAAK,EAAE,iBAAiB,CAAC,CAAC;AAC1B,IAAI,MAAM,UAAU,CAAC,cAAc,EAAE,CAAC;AACtC,IAAI,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAC;AACF,OAAO,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;AAC9C,MAAM,oBAAoB,GAAG,OAAO,OAAO,EAAE,iBAAiB,KAAK;AACnE,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE;AAC9B,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;AACnE,IAAI,MAAM,2BAA2B,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC9E,IAAI,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;AAC7C,IAAI,MAAM,UAAU,GAAG,2BAA2B,GAAG,CAAC;AACtD,UAAU,2BAA2B,GAAG,WAAW;AACnD,UAAU,CAAC,CAAC;AACZ,IAAI,IAAI,OAAO,CAAC;AAChB,IAAI,IAAI,YAAY,CAAC;AACrB,IAAI,IAAI,cAAc,CAAC;AACvB,IAAI,IAAI,OAAO,CAAC,YAAY,EAAE;AAC9B,QAAQ,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;AAC5C,KAAK;AACL,IAAI,IAAI,OAAO,CAAC,OAAO,EAAE;AACzB,QAAQ,OAAO,GAAG,IAAI,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;AACzD,KAAK;AACL,IAAI,IAAI,OAAO,EAAE,iBAAiB,EAAE;AACpC,QAAQ,cAAc,GAAG,OAAO,CAAC,iBAAiB,CAAC;AACnD,KAAK;AACL,IAAI,MAAM,MAAM,GAAG;AACnB,QAAQ,WAAW;AACnB,QAAQ,OAAO;AACf,QAAQ,YAAY;AACpB,QAAQ,UAAU;AAClB,QAAQ,cAAc;AACtB,QAAQ,QAAQ,EAAE,OAAO,CAAC,QAAQ;AAClC,KAAK,CAAC;AACN,IAAI,IAAI,OAAO,EAAE,aAAa,EAAE;AAChC,QAAQ,MAAM,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;AACrD,KAAK;AACL,IAAI,MAAM,iBAAiB,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AAClD,CAAC;;"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getRedirectUrl = void 0;
|
|
7
|
+
const auth_1 = require("@aws-amplify/auth");
|
|
8
|
+
const getRedirectUrl = (origin, oAuthConfig) => {
|
|
9
|
+
const redirectUrl = oAuthConfig.redirectSignIn.find(url => url.startsWith(origin));
|
|
10
|
+
if (!redirectUrl) {
|
|
11
|
+
throw new auth_1.AuthError({
|
|
12
|
+
name: 'InvalidRedirectException',
|
|
13
|
+
message: 'signInRedirect or signOutRedirect had an invalid format or was not found.',
|
|
14
|
+
recoverySuggestion: 'Please make sure the signIn/Out redirect in your oauth config is valid.',
|
|
15
|
+
});
|
|
16
|
+
}
|
|
17
|
+
return redirectUrl;
|
|
18
|
+
};
|
|
19
|
+
exports.getRedirectUrl = getRedirectUrl;
|
|
20
|
+
//# sourceMappingURL=getRedirectUrl.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getRedirectUrl.js","sources":["../../../../src/oauth/utils/getRedirectUrl.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getRedirectUrl = void 0;\nconst auth_1 = require(\"@aws-amplify/auth\");\nconst getRedirectUrl = (origin, oAuthConfig) => {\n const redirectUrl = oAuthConfig.redirectSignIn.find(url => url.startsWith(origin));\n if (!redirectUrl) {\n throw new auth_1.AuthError({\n name: 'InvalidRedirectException',\n message: 'signInRedirect or signOutRedirect had an invalid format or was not found.',\n recoverySuggestion: 'Please make sure the signIn/Out redirect in your oauth config is valid.',\n });\n }\n return redirectUrl;\n};\nexports.getRedirectUrl = getRedirectUrl;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,cAAc,GAAG,KAAK,CAAC,CAAC;AAChC,MAAM,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC5C,MAAM,cAAc,GAAG,CAAC,MAAM,EAAE,WAAW,KAAK;AAChD,IAAI,MAAM,WAAW,GAAG,WAAW,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AACvF,IAAI,IAAI,CAAC,WAAW,EAAE;AACtB,QAAQ,MAAM,IAAI,MAAM,CAAC,SAAS,CAAC;AACnC,YAAY,IAAI,EAAE,0BAA0B;AAC5C,YAAY,OAAO,EAAE,2EAA2E;AAChG,YAAY,kBAAkB,EAAE,yEAAyE;AACzG,SAAS,CAAC,CAAC;AACX,KAAK;AACL,IAAI,OAAO,WAAW,CAAC;AACvB,CAAC,CAAC;AACF,OAAO,CAAC,cAAc,GAAG,cAAc;;"}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.initOAuthFlow = void 0;
|
|
7
|
+
const adapter_core_1 = require("aws-amplify/adapter-core");
|
|
8
|
+
const server_js_1 = require("next/server.js");
|
|
9
|
+
const utils_1 = require("@aws-amplify/core/internals/utils");
|
|
10
|
+
const cognito_1 = require("@aws-amplify/auth/cognito");
|
|
11
|
+
const createCookieStorageAdapterFromNextServerContext_1 = require("../../utils/createCookieStorageAdapterFromNextServerContext");
|
|
12
|
+
const getRedirectUrl_1 = require("./getRedirectUrl");
|
|
13
|
+
const initOAuthFlow = async ({ request, customState, cognitoUserPoolConfig, oAuthConfig, setAuthCookieOptions, }) => {
|
|
14
|
+
const { searchParams } = request.nextUrl;
|
|
15
|
+
const specifiedProvider = searchParams.get('provider');
|
|
16
|
+
const provider = getProvider(specifiedProvider);
|
|
17
|
+
const randomState = (0, adapter_core_1.generateState)();
|
|
18
|
+
const state = customState
|
|
19
|
+
? `${randomState}-${(0, utils_1.urlSafeEncode)(customState)}`
|
|
20
|
+
: randomState;
|
|
21
|
+
const scope = oAuthConfig.scopes.join(' ');
|
|
22
|
+
const redirectUrlSearchParams = new URLSearchParams({
|
|
23
|
+
redirect_uri: (0, getRedirectUrl_1.getRedirectUrl)(request.nextUrl.origin, oAuthConfig),
|
|
24
|
+
response_type: oAuthConfig.responseType,
|
|
25
|
+
client_id: cognitoUserPoolConfig.userPoolClientId,
|
|
26
|
+
identity_provider: provider,
|
|
27
|
+
scope,
|
|
28
|
+
state,
|
|
29
|
+
});
|
|
30
|
+
let peckKey;
|
|
31
|
+
if (oAuthConfig.responseType === 'code') {
|
|
32
|
+
const { value, method, toCodeChallenge } = (0, adapter_core_1.generateCodeVerifier)(128);
|
|
33
|
+
peckKey = value;
|
|
34
|
+
redirectUrlSearchParams.append('code_challenge', toCodeChallenge());
|
|
35
|
+
redirectUrlSearchParams.append('code_challenge_method', method);
|
|
36
|
+
}
|
|
37
|
+
const redirectUrl = new URL(`https://${oAuthConfig.domain}/oauth2/authorize?${redirectUrlSearchParams.toString()}`);
|
|
38
|
+
const response = server_js_1.NextResponse.redirect(redirectUrl);
|
|
39
|
+
const keyValueStorage = (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)({
|
|
40
|
+
request,
|
|
41
|
+
response,
|
|
42
|
+
}), setAuthCookieOptions);
|
|
43
|
+
const oauthStore = new cognito_1.DefaultOAuthStore(keyValueStorage);
|
|
44
|
+
oauthStore.setAuthConfig(cognitoUserPoolConfig);
|
|
45
|
+
oauthStore.storeOAuthState(state);
|
|
46
|
+
peckKey && oauthStore.storePKCE(peckKey);
|
|
47
|
+
return response;
|
|
48
|
+
};
|
|
49
|
+
exports.initOAuthFlow = initOAuthFlow;
|
|
50
|
+
const getProvider = (provider) => {
|
|
51
|
+
if (typeof provider === 'string') {
|
|
52
|
+
return resolveProvider(provider);
|
|
53
|
+
}
|
|
54
|
+
return 'COGNITO';
|
|
55
|
+
};
|
|
56
|
+
const resolveProvider = (provider) => {
|
|
57
|
+
try {
|
|
58
|
+
assertAuthProvider(provider);
|
|
59
|
+
return adapter_core_1.cognitoHostedUIIdentityProviderMap[provider];
|
|
60
|
+
}
|
|
61
|
+
catch (_) {
|
|
62
|
+
return provider;
|
|
63
|
+
}
|
|
64
|
+
};
|
|
65
|
+
function assertAuthProvider(provider) {
|
|
66
|
+
if (!['Amazon', 'Apple', 'Facebook', 'Google'].includes(provider)) {
|
|
67
|
+
throw new Error('No valid provider specified.');
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
//# sourceMappingURL=initOAuthFlow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"initOAuthFlow.js","sources":["../../../../src/oauth/utils/initOAuthFlow.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.initOAuthFlow = void 0;\nconst adapter_core_1 = require(\"aws-amplify/adapter-core\");\nconst server_js_1 = require(\"next/server.js\");\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst cognito_1 = require(\"@aws-amplify/auth/cognito\");\nconst createCookieStorageAdapterFromNextServerContext_1 = require(\"../../utils/createCookieStorageAdapterFromNextServerContext\");\nconst getRedirectUrl_1 = require(\"./getRedirectUrl\");\nconst initOAuthFlow = async ({ request, customState, cognitoUserPoolConfig, oAuthConfig, setAuthCookieOptions, }) => {\n const { searchParams } = request.nextUrl;\n const specifiedProvider = searchParams.get('provider');\n const provider = getProvider(specifiedProvider);\n const randomState = (0, adapter_core_1.generateState)();\n const state = customState\n ? `${randomState}-${(0, utils_1.urlSafeEncode)(customState)}`\n : randomState;\n const scope = oAuthConfig.scopes.join(' ');\n const redirectUrlSearchParams = new URLSearchParams({\n redirect_uri: (0, getRedirectUrl_1.getRedirectUrl)(request.nextUrl.origin, oAuthConfig),\n response_type: oAuthConfig.responseType,\n client_id: cognitoUserPoolConfig.userPoolClientId,\n identity_provider: provider,\n scope,\n state,\n });\n let peckKey;\n if (oAuthConfig.responseType === 'code') {\n const { value, method, toCodeChallenge } = (0, adapter_core_1.generateCodeVerifier)(128);\n peckKey = value;\n redirectUrlSearchParams.append('code_challenge', toCodeChallenge());\n redirectUrlSearchParams.append('code_challenge_method', method);\n }\n const redirectUrl = new URL(`https://${oAuthConfig.domain}/oauth2/authorize?${redirectUrlSearchParams.toString()}`);\n const response = server_js_1.NextResponse.redirect(redirectUrl);\n const keyValueStorage = (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)({\n request,\n response,\n }), setAuthCookieOptions);\n const oauthStore = new cognito_1.DefaultOAuthStore(keyValueStorage);\n oauthStore.setAuthConfig(cognitoUserPoolConfig);\n oauthStore.storeOAuthState(state);\n peckKey && oauthStore.storePKCE(peckKey);\n return response;\n};\nexports.initOAuthFlow = initOAuthFlow;\nconst getProvider = (provider) => {\n if (typeof provider === 'string') {\n return resolveProvider(provider);\n }\n return 'COGNITO';\n};\nconst resolveProvider = (provider) => {\n try {\n assertAuthProvider(provider);\n return adapter_core_1.cognitoHostedUIIdentityProviderMap[provider];\n }\n catch (_) {\n return provider;\n }\n};\nfunction assertAuthProvider(provider) {\n if (!['Amazon', 'Apple', 'Facebook', 'Google'].includes(provider)) {\n throw new Error('No valid provider specified.');\n }\n}\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,aAAa,GAAG,KAAK,CAAC,CAAC;AAC/B,MAAM,cAAc,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AAC3D,MAAM,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAC9C,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,SAAS,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;AACvD,MAAM,iDAAiD,GAAG,OAAO,CAAC,6DAA6D,CAAC,CAAC;AACjI,MAAM,gBAAgB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AACrD,MAAM,aAAa,GAAG,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,qBAAqB,EAAE,WAAW,EAAE,oBAAoB,GAAG,KAAK;AACrH,IAAI,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;AAC7C,IAAI,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;AAC3D,IAAI,MAAM,QAAQ,GAAG,WAAW,CAAC,iBAAiB,CAAC,CAAC;AACpD,IAAI,MAAM,WAAW,GAAG,IAAI,cAAc,CAAC,aAAa,GAAG,CAAC;AAC5D,IAAI,MAAM,KAAK,GAAG,WAAW;AAC7B,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC,EAAE,IAAI,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;AACrE,UAAU,WAAW,CAAC;AACtB,IAAI,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,IAAI,MAAM,uBAAuB,GAAG,IAAI,eAAe,CAAC;AACxD,QAAQ,YAAY,EAAE,IAAI,gBAAgB,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC;AAC/F,QAAQ,aAAa,EAAE,WAAW,CAAC,YAAY;AAC/C,QAAQ,SAAS,EAAE,qBAAqB,CAAC,gBAAgB;AACzD,QAAQ,iBAAiB,EAAE,QAAQ;AACnC,QAAQ,KAAK;AACb,QAAQ,KAAK;AACb,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,OAAO,CAAC;AAChB,IAAI,IAAI,WAAW,CAAC,YAAY,KAAK,MAAM,EAAE;AAC7C,QAAQ,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,GAAG,IAAI,cAAc,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;AACjG,QAAQ,OAAO,GAAG,KAAK,CAAC;AACxB,QAAQ,uBAAuB,CAAC,MAAM,CAAC,gBAAgB,EAAE,eAAe,EAAE,CAAC,CAAC;AAC5E,QAAQ,uBAAuB,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;AACxE,KAAK;AACL,IAAI,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,kBAAkB,EAAE,uBAAuB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC;AACxH,IAAI,MAAM,QAAQ,GAAG,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACpE,IAAI,MAAM,eAAe,GAAG,IAAI,cAAc,CAAC,6CAA6C,EAAE,IAAI,iDAAiD,CAAC,+CAA+C,EAAE;AACrM,QAAQ,OAAO;AACf,QAAQ,QAAQ;AAChB,KAAK,CAAC,EAAE,oBAAoB,CAAC,CAAC;AAC9B,IAAI,MAAM,UAAU,GAAG,IAAI,SAAS,CAAC,iBAAiB,CAAC,eAAe,CAAC,CAAC;AACxE,IAAI,UAAU,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC;AACpD,IAAI,UAAU,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;AACtC,IAAI,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;AAC7C,IAAI,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAC;AACF,OAAO,CAAC,aAAa,GAAG,aAAa,CAAC;AACtC,MAAM,WAAW,GAAG,CAAC,QAAQ,KAAK;AAClC,IAAI,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;AACtC,QAAQ,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;AACzC,KAAK;AACL,IAAI,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AACF,MAAM,eAAe,GAAG,CAAC,QAAQ,KAAK;AACtC,IAAI,IAAI;AACR,QAAQ,kBAAkB,CAAC,QAAQ,CAAC,CAAC;AACrC,QAAQ,OAAO,cAAc,CAAC,kCAAkC,CAAC,QAAQ,CAAC,CAAC;AAC3E,KAAK;AACL,IAAI,OAAO,CAAC,EAAE;AACd,QAAQ,OAAO,QAAQ,CAAC;AACxB,KAAK;AACL,CAAC,CAAC;AACF,SAAS,kBAAkB,CAAC,QAAQ,EAAE;AACtC,IAAI,IAAI,CAAC,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;AACvE,QAAQ,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;AACxD,KAAK;AACL;;"}
|
|
@@ -7,7 +7,7 @@ exports.createRunWithAmplifyServerContext = void 0;
|
|
|
7
7
|
const core_1 = require("@aws-amplify/core");
|
|
8
8
|
const adapter_core_1 = require("aws-amplify/adapter-core");
|
|
9
9
|
const createCookieStorageAdapterFromNextServerContext_1 = require("./createCookieStorageAdapterFromNextServerContext");
|
|
10
|
-
const createRunWithAmplifyServerContext = ({ config: resourcesConfig, }) => {
|
|
10
|
+
const createRunWithAmplifyServerContext = ({ config: resourcesConfig, setAuthCookieOptions, }) => {
|
|
11
11
|
const runWithAmplifyServerContext = async ({ nextServerContext, operation }) => {
|
|
12
12
|
// When the Auth config is presented, attempt to create a Amplify server
|
|
13
13
|
// context with token and credentials provider.
|
|
@@ -19,7 +19,7 @@ const createRunWithAmplifyServerContext = ({ config: resourcesConfig, }) => {
|
|
|
19
19
|
// static rendering uses the same unauthenticated role cross-sever.
|
|
20
20
|
nextServerContext === null
|
|
21
21
|
? core_1.sharedInMemoryStorage
|
|
22
|
-
: (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)(nextServerContext));
|
|
22
|
+
: (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)(nextServerContext), setAuthCookieOptions);
|
|
23
23
|
const credentialsProvider = (0, adapter_core_1.createAWSCredentialsAndIdentityIdProvider)(resourcesConfig.Auth, keyValueStorage);
|
|
24
24
|
const tokenProvider = (0, adapter_core_1.createUserPoolsTokenProvider)(resourcesConfig.Auth, keyValueStorage);
|
|
25
25
|
return (0, adapter_core_1.runWithAmplifyServerContext)(resourcesConfig, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createRunWithAmplifyServerContext.js","sources":["../../../src/utils/createRunWithAmplifyServerContext.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createRunWithAmplifyServerContext = void 0;\nconst core_1 = require(\"@aws-amplify/core\");\nconst adapter_core_1 = require(\"aws-amplify/adapter-core\");\nconst createCookieStorageAdapterFromNextServerContext_1 = require(\"./createCookieStorageAdapterFromNextServerContext\");\nconst createRunWithAmplifyServerContext = ({ config: resourcesConfig, }) => {\n const runWithAmplifyServerContext = async ({ nextServerContext, operation }) => {\n // When the Auth config is presented, attempt to create a Amplify server\n // context with token and credentials provider.\n if (resourcesConfig.Auth) {\n const keyValueStorage = \n // When `null` is passed as the value of `nextServerContext`, opt-in\n // unauthenticated role (primarily for static rendering). It's\n // safe to use the singleton `MemoryKeyValueStorage` here, as the\n // static rendering uses the same unauthenticated role cross-sever.\n nextServerContext === null\n ? core_1.sharedInMemoryStorage\n : (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)(nextServerContext));\n const credentialsProvider = (0, adapter_core_1.createAWSCredentialsAndIdentityIdProvider)(resourcesConfig.Auth, keyValueStorage);\n const tokenProvider = (0, adapter_core_1.createUserPoolsTokenProvider)(resourcesConfig.Auth, keyValueStorage);\n return (0, adapter_core_1.runWithAmplifyServerContext)(resourcesConfig, {\n Auth: { credentialsProvider, tokenProvider },\n }, operation);\n }\n // Otherwise it may be the case that auth is not used, e.g. API key.\n // Omitting the `Auth` in the second parameter.\n return (0, adapter_core_1.runWithAmplifyServerContext)(resourcesConfig, {}, operation);\n };\n return runWithAmplifyServerContext;\n};\nexports.createRunWithAmplifyServerContext = createRunWithAmplifyServerContext;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,iCAAiC,GAAG,KAAK,CAAC,CAAC;AACnD,MAAM,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC5C,MAAM,cAAc,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AAC3D,MAAM,iDAAiD,GAAG,OAAO,CAAC,mDAAmD,CAAC,CAAC;AACvH,MAAM,iCAAiC,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,GAAG,KAAK;
|
|
1
|
+
{"version":3,"file":"createRunWithAmplifyServerContext.js","sources":["../../../src/utils/createRunWithAmplifyServerContext.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createRunWithAmplifyServerContext = void 0;\nconst core_1 = require(\"@aws-amplify/core\");\nconst adapter_core_1 = require(\"aws-amplify/adapter-core\");\nconst createCookieStorageAdapterFromNextServerContext_1 = require(\"./createCookieStorageAdapterFromNextServerContext\");\nconst createRunWithAmplifyServerContext = ({ config: resourcesConfig, setAuthCookieOptions, }) => {\n const runWithAmplifyServerContext = async ({ nextServerContext, operation }) => {\n // When the Auth config is presented, attempt to create a Amplify server\n // context with token and credentials provider.\n if (resourcesConfig.Auth) {\n const keyValueStorage = \n // When `null` is passed as the value of `nextServerContext`, opt-in\n // unauthenticated role (primarily for static rendering). It's\n // safe to use the singleton `MemoryKeyValueStorage` here, as the\n // static rendering uses the same unauthenticated role cross-sever.\n nextServerContext === null\n ? core_1.sharedInMemoryStorage\n : (0, adapter_core_1.createKeyValueStorageFromCookieStorageAdapter)((0, createCookieStorageAdapterFromNextServerContext_1.createCookieStorageAdapterFromNextServerContext)(nextServerContext), setAuthCookieOptions);\n const credentialsProvider = (0, adapter_core_1.createAWSCredentialsAndIdentityIdProvider)(resourcesConfig.Auth, keyValueStorage);\n const tokenProvider = (0, adapter_core_1.createUserPoolsTokenProvider)(resourcesConfig.Auth, keyValueStorage);\n return (0, adapter_core_1.runWithAmplifyServerContext)(resourcesConfig, {\n Auth: { credentialsProvider, tokenProvider },\n }, operation);\n }\n // Otherwise it may be the case that auth is not used, e.g. API key.\n // Omitting the `Auth` in the second parameter.\n return (0, adapter_core_1.runWithAmplifyServerContext)(resourcesConfig, {}, operation);\n };\n return runWithAmplifyServerContext;\n};\nexports.createRunWithAmplifyServerContext = createRunWithAmplifyServerContext;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,iCAAiC,GAAG,KAAK,CAAC,CAAC;AACnD,MAAM,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC5C,MAAM,cAAc,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AAC3D,MAAM,iDAAiD,GAAG,OAAO,CAAC,mDAAmD,CAAC,CAAC;AACvH,MAAM,iCAAiC,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,oBAAoB,GAAG,KAAK;AAClG,IAAI,MAAM,2BAA2B,GAAG,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK;AACpF;AACA;AACA,QAAQ,IAAI,eAAe,CAAC,IAAI,EAAE;AAClC,YAAY,MAAM,eAAe;AACjC;AACA;AACA;AACA;AACA,YAAY,iBAAiB,KAAK,IAAI;AACtC,kBAAkB,MAAM,CAAC,qBAAqB;AAC9C,kBAAkB,IAAI,cAAc,CAAC,6CAA6C,EAAE,IAAI,iDAAiD,CAAC,+CAA+C,EAAE,iBAAiB,CAAC,EAAE,oBAAoB,CAAC,CAAC;AACrO,YAAY,MAAM,mBAAmB,GAAG,IAAI,cAAc,CAAC,yCAAyC,EAAE,eAAe,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;AAC7I,YAAY,MAAM,aAAa,GAAG,IAAI,cAAc,CAAC,4BAA4B,EAAE,eAAe,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;AAC1H,YAAY,OAAO,IAAI,cAAc,CAAC,2BAA2B,EAAE,eAAe,EAAE;AACpF,gBAAgB,IAAI,EAAE,EAAE,mBAAmB,EAAE,aAAa,EAAE;AAC5D,aAAa,EAAE,SAAS,CAAC,CAAC;AAC1B,SAAS;AACT;AACA;AACA,QAAQ,OAAO,IAAI,cAAc,CAAC,2BAA2B,EAAE,eAAe,EAAE,EAAE,EAAE,SAAS,CAAC,CAAC;AAC/F,KAAK,CAAC;AACN,IAAI,OAAO,2BAA2B,CAAC;AACvC,CAAC,CAAC;AACF,OAAO,CAAC,iCAAiC,GAAG,iCAAiC;;"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { ResourcesConfig } from '@aws-amplify/core';
|
|
2
2
|
import { NextServer } from '../types';
|
|
3
|
-
export declare const createServerRunnerForAPI: ({ config, }: NextServer.CreateServerRunnerInput) => NextServer.CreateServerRunnerOutput & {
|
|
3
|
+
export declare const createServerRunnerForAPI: ({ config, }: Omit<NextServer.CreateServerRunnerInput, 'origin'>) => Omit<NextServer.CreateServerRunnerOutput, 'createOAuthRouteHandler' | 'getOAuthInitiationRoute' | 'createTokenExchangeRouteHandler' | 'origin'> & {
|
|
4
4
|
resourcesConfig: ResourcesConfig;
|
|
5
5
|
};
|