@aws-amplify/adapter-nextjs 1.2.3 → 1.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/utils/isValidCognitoToken.js +7 -0
- package/dist/cjs/utils/isValidCognitoToken.js.map +1 -1
- package/dist/esm/api/createServerRunnerForAPI.mjs +1 -0
- package/dist/esm/api/createServerRunnerForAPI.mjs.map +1 -1
- package/dist/esm/createServerRunner.mjs +1 -0
- package/dist/esm/createServerRunner.mjs.map +1 -1
- package/dist/esm/utils/isValidCognitoToken.mjs +7 -0
- package/dist/esm/utils/isValidCognitoToken.mjs.map +1 -1
- package/package.json +2 -2
- package/src/utils/isValidCognitoToken.ts +8 -0
|
@@ -5,6 +5,7 @@
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.isValidCognitoToken = void 0;
|
|
7
7
|
const aws_jwt_verify_1 = require("aws-jwt-verify");
|
|
8
|
+
const error_1 = require("aws-jwt-verify/error");
|
|
8
9
|
/**
|
|
9
10
|
* Verifies a Cognito JWT token for its validity.
|
|
10
11
|
*
|
|
@@ -26,6 +27,12 @@ const isValidCognitoToken = async (input) => {
|
|
|
26
27
|
return true;
|
|
27
28
|
}
|
|
28
29
|
catch (error) {
|
|
30
|
+
// When `JwtExpiredError` is thrown, the token should have valid signature
|
|
31
|
+
// but expired. So, we can consider it as a valid token.
|
|
32
|
+
// Reference https://github.com/awslabs/aws-jwt-verify/blob/8d8f714d7281913ecd660147f5c30311479601c1/src/jwt-rsa.ts#L290-L301
|
|
33
|
+
if (error instanceof error_1.JwtExpiredError) {
|
|
34
|
+
return true;
|
|
35
|
+
}
|
|
29
36
|
// TODO (ashwinkumar6): surface invalid cognito token error to customer
|
|
30
37
|
// TODO: clear invalid tokens from Storage
|
|
31
38
|
return false;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"isValidCognitoToken.js","sources":["../../../src/utils/isValidCognitoToken.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.isValidCognitoToken = void 0;\nconst aws_jwt_verify_1 = require(\"aws-jwt-verify\");\n/**\n * Verifies a Cognito JWT token for its validity.\n *\n * @param input - An object containing:\n * - token: The JWT token as a string that needs to be verified.\n * - userPoolId: The ID of the AWS Cognito User Pool to which the token belongs.\n * - clientId: The Client ID associated with the Cognito User Pool.\n * @internal\n */\nconst isValidCognitoToken = async (input) => {\n const { userPoolId, clientId, tokenType, token } = input;\n try {\n const verifier = aws_jwt_verify_1.CognitoJwtVerifier.create({\n userPoolId,\n tokenUse: tokenType,\n clientId,\n });\n await verifier.verify(token);\n return true;\n }\n catch (error) {\n // TODO (ashwinkumar6): surface invalid cognito token error to customer\n // TODO: clear invalid tokens from Storage\n return false;\n }\n};\nexports.isValidCognitoToken = isValidCognitoToken;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,mBAAmB,GAAG,KAAK,CAAC,CAAC;AACrC,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AACnD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM,mBAAmB,GAAG,OAAO,KAAK,KAAK;AAC7C,IAAI,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC;AAC7D,IAAI,IAAI;AACR,QAAQ,MAAM,QAAQ,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,MAAM,CAAC;AACpE,YAAY,UAAU;AACtB,YAAY,QAAQ,EAAE,SAAS;AAC/B,YAAY,QAAQ;AACpB,SAAS,CAAC,CAAC;AACX,QAAQ,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACrC,QAAQ,OAAO,IAAI,CAAC;AACpB,KAAK;AACL,IAAI,OAAO,KAAK,EAAE;AAClB;AACA;AACA,QAAQ,OAAO,KAAK,CAAC;AACrB,KAAK;AACL,CAAC,CAAC;AACF,OAAO,CAAC,mBAAmB,GAAG,mBAAmB;;"}
|
|
1
|
+
{"version":3,"file":"isValidCognitoToken.js","sources":["../../../src/utils/isValidCognitoToken.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.isValidCognitoToken = void 0;\nconst aws_jwt_verify_1 = require(\"aws-jwt-verify\");\nconst error_1 = require(\"aws-jwt-verify/error\");\n/**\n * Verifies a Cognito JWT token for its validity.\n *\n * @param input - An object containing:\n * - token: The JWT token as a string that needs to be verified.\n * - userPoolId: The ID of the AWS Cognito User Pool to which the token belongs.\n * - clientId: The Client ID associated with the Cognito User Pool.\n * @internal\n */\nconst isValidCognitoToken = async (input) => {\n const { userPoolId, clientId, tokenType, token } = input;\n try {\n const verifier = aws_jwt_verify_1.CognitoJwtVerifier.create({\n userPoolId,\n tokenUse: tokenType,\n clientId,\n });\n await verifier.verify(token);\n return true;\n }\n catch (error) {\n // When `JwtExpiredError` is thrown, the token should have valid signature\n // but expired. So, we can consider it as a valid token.\n // Reference https://github.com/awslabs/aws-jwt-verify/blob/8d8f714d7281913ecd660147f5c30311479601c1/src/jwt-rsa.ts#L290-L301\n if (error instanceof error_1.JwtExpiredError) {\n return true;\n }\n // TODO (ashwinkumar6): surface invalid cognito token error to customer\n // TODO: clear invalid tokens from Storage\n return false;\n }\n};\nexports.isValidCognitoToken = isValidCognitoToken;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,mBAAmB,GAAG,KAAK,CAAC,CAAC;AACrC,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AACnD,MAAM,OAAO,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAChD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM,mBAAmB,GAAG,OAAO,KAAK,KAAK;AAC7C,IAAI,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC;AAC7D,IAAI,IAAI;AACR,QAAQ,MAAM,QAAQ,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,MAAM,CAAC;AACpE,YAAY,UAAU;AACtB,YAAY,QAAQ,EAAE,SAAS;AAC/B,YAAY,QAAQ;AACpB,SAAS,CAAC,CAAC;AACX,QAAQ,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACrC,QAAQ,OAAO,IAAI,CAAC;AACpB,KAAK;AACL,IAAI,OAAO,KAAK,EAAE;AAClB;AACA;AACA;AACA,QAAQ,IAAI,KAAK,YAAY,OAAO,CAAC,eAAe,EAAE;AACtD,YAAY,OAAO,IAAI,CAAC;AACxB,SAAS;AACT;AACA;AACA,QAAQ,OAAO,KAAK,CAAC;AACrB,KAAK;AACL,CAAC,CAAC;AACF,OAAO,CAAC,mBAAmB,GAAG,mBAAmB;;"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { parseAmplifyConfig } from '@aws-amplify/core/internals/utils';
|
|
2
2
|
import { createRunWithAmplifyServerContext } from '../utils/createRunWithAmplifyServerContext.mjs';
|
|
3
3
|
import 'aws-jwt-verify';
|
|
4
|
+
import 'aws-jwt-verify/error';
|
|
4
5
|
|
|
5
6
|
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
6
7
|
// SPDX-License-Identifier: Apache-2.0
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createServerRunnerForAPI.mjs","sources":["../../../src/api/createServerRunnerForAPI.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { parseAmplifyConfig } from '@aws-amplify/core/internals/utils';\nimport { createRunWithAmplifyServerContext } from '../utils';\nexport const createServerRunnerForAPI = ({ config, }) => {\n const amplifyConfig = parseAmplifyConfig(config);\n return {\n runWithAmplifyServerContext: createRunWithAmplifyServerContext({\n config: amplifyConfig,\n }),\n resourcesConfig: amplifyConfig,\n };\n};\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createServerRunnerForAPI.mjs","sources":["../../../src/api/createServerRunnerForAPI.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { parseAmplifyConfig } from '@aws-amplify/core/internals/utils';\nimport { createRunWithAmplifyServerContext } from '../utils';\nexport const createServerRunnerForAPI = ({ config, }) => {\n const amplifyConfig = parseAmplifyConfig(config);\n return {\n runWithAmplifyServerContext: createRunWithAmplifyServerContext({\n config: amplifyConfig,\n }),\n resourcesConfig: amplifyConfig,\n };\n};\n"],"names":[],"mappings":";;;;;AAAA;AACA;AAGY,MAAC,wBAAwB,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK;AACzD,IAAI,MAAM,aAAa,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;AACrD,IAAI,OAAO;AACX,QAAQ,2BAA2B,EAAE,iCAAiC,CAAC;AACvE,YAAY,MAAM,EAAE,aAAa;AACjC,SAAS,CAAC;AACV,QAAQ,eAAe,EAAE,aAAa;AACtC,KAAK,CAAC;AACN;;;;"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { parseAmplifyConfig } from '@aws-amplify/core/internals/utils';
|
|
2
2
|
import { createRunWithAmplifyServerContext } from './utils/createRunWithAmplifyServerContext.mjs';
|
|
3
3
|
import 'aws-jwt-verify';
|
|
4
|
+
import 'aws-jwt-verify/error';
|
|
4
5
|
|
|
5
6
|
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
6
7
|
// SPDX-License-Identifier: Apache-2.0
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createServerRunner.mjs","sources":["../../src/createServerRunner.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { parseAmplifyConfig } from '@aws-amplify/core/internals/utils';\nimport { createRunWithAmplifyServerContext } from './utils';\n/**\n * Creates the `runWithAmplifyServerContext` function to run Amplify server side APIs in an isolated request context.\n *\n * @remarks\n * This function should be called only once; you can use the returned `runWithAmplifyServerContext` across\n * your codebase.\n *\n * @param input The input used to create the `runWithAmplifyServerContext` function.\n * @param input.config The {@link ResourcesConfig} imported from the `amplifyconfiguration.json` file or manually\n * created.\n * @returns An object that contains the `runWithAmplifyServerContext` function.\n *\n * @example\n * import { createServerRunner } from '@aws-amplify/adapter-nextjs';\n * import config from './amplifyconfiguration.json';\n *\n * export const { runWithAmplifyServerContext } = createServerRunner({ config })\n */\nexport const createServerRunner = ({ config, }) => {\n const amplifyConfig = parseAmplifyConfig(config);\n return {\n runWithAmplifyServerContext: createRunWithAmplifyServerContext({\n config: amplifyConfig,\n }),\n };\n};\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createServerRunner.mjs","sources":["../../src/createServerRunner.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { parseAmplifyConfig } from '@aws-amplify/core/internals/utils';\nimport { createRunWithAmplifyServerContext } from './utils';\n/**\n * Creates the `runWithAmplifyServerContext` function to run Amplify server side APIs in an isolated request context.\n *\n * @remarks\n * This function should be called only once; you can use the returned `runWithAmplifyServerContext` across\n * your codebase.\n *\n * @param input The input used to create the `runWithAmplifyServerContext` function.\n * @param input.config The {@link ResourcesConfig} imported from the `amplifyconfiguration.json` file or manually\n * created.\n * @returns An object that contains the `runWithAmplifyServerContext` function.\n *\n * @example\n * import { createServerRunner } from '@aws-amplify/adapter-nextjs';\n * import config from './amplifyconfiguration.json';\n *\n * export const { runWithAmplifyServerContext } = createServerRunner({ config })\n */\nexport const createServerRunner = ({ config, }) => {\n const amplifyConfig = parseAmplifyConfig(config);\n return {\n runWithAmplifyServerContext: createRunWithAmplifyServerContext({\n config: amplifyConfig,\n }),\n };\n};\n"],"names":[],"mappings":";;;;;AAAA;AACA;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACY,MAAC,kBAAkB,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK;AACnD,IAAI,MAAM,aAAa,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;AACrD,IAAI,OAAO;AACX,QAAQ,2BAA2B,EAAE,iCAAiC,CAAC;AACvE,YAAY,MAAM,EAAE,aAAa;AACjC,SAAS,CAAC;AACV,KAAK,CAAC;AACN;;;;"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { CognitoJwtVerifier } from 'aws-jwt-verify';
|
|
2
|
+
import { JwtExpiredError } from 'aws-jwt-verify/error';
|
|
2
3
|
|
|
3
4
|
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
|
4
5
|
// SPDX-License-Identifier: Apache-2.0
|
|
@@ -23,6 +24,12 @@ const isValidCognitoToken = async (input) => {
|
|
|
23
24
|
return true;
|
|
24
25
|
}
|
|
25
26
|
catch (error) {
|
|
27
|
+
// When `JwtExpiredError` is thrown, the token should have valid signature
|
|
28
|
+
// but expired. So, we can consider it as a valid token.
|
|
29
|
+
// Reference https://github.com/awslabs/aws-jwt-verify/blob/8d8f714d7281913ecd660147f5c30311479601c1/src/jwt-rsa.ts#L290-L301
|
|
30
|
+
if (error instanceof JwtExpiredError) {
|
|
31
|
+
return true;
|
|
32
|
+
}
|
|
26
33
|
// TODO (ashwinkumar6): surface invalid cognito token error to customer
|
|
27
34
|
// TODO: clear invalid tokens from Storage
|
|
28
35
|
return false;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"isValidCognitoToken.mjs","sources":["../../../src/utils/isValidCognitoToken.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { CognitoJwtVerifier } from 'aws-jwt-verify';\n/**\n * Verifies a Cognito JWT token for its validity.\n *\n * @param input - An object containing:\n * - token: The JWT token as a string that needs to be verified.\n * - userPoolId: The ID of the AWS Cognito User Pool to which the token belongs.\n * - clientId: The Client ID associated with the Cognito User Pool.\n * @internal\n */\nexport const isValidCognitoToken = async (input) => {\n const { userPoolId, clientId, tokenType, token } = input;\n try {\n const verifier = CognitoJwtVerifier.create({\n userPoolId,\n tokenUse: tokenType,\n clientId,\n });\n await verifier.verify(token);\n return true;\n }\n catch (error) {\n // TODO (ashwinkumar6): surface invalid cognito token error to customer\n // TODO: clear invalid tokens from Storage\n return false;\n }\n};\n"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"isValidCognitoToken.mjs","sources":["../../../src/utils/isValidCognitoToken.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { CognitoJwtVerifier } from 'aws-jwt-verify';\nimport { JwtExpiredError } from 'aws-jwt-verify/error';\n/**\n * Verifies a Cognito JWT token for its validity.\n *\n * @param input - An object containing:\n * - token: The JWT token as a string that needs to be verified.\n * - userPoolId: The ID of the AWS Cognito User Pool to which the token belongs.\n * - clientId: The Client ID associated with the Cognito User Pool.\n * @internal\n */\nexport const isValidCognitoToken = async (input) => {\n const { userPoolId, clientId, tokenType, token } = input;\n try {\n const verifier = CognitoJwtVerifier.create({\n userPoolId,\n tokenUse: tokenType,\n clientId,\n });\n await verifier.verify(token);\n return true;\n }\n catch (error) {\n // When `JwtExpiredError` is thrown, the token should have valid signature\n // but expired. So, we can consider it as a valid token.\n // Reference https://github.com/awslabs/aws-jwt-verify/blob/8d8f714d7281913ecd660147f5c30311479601c1/src/jwt-rsa.ts#L290-L301\n if (error instanceof JwtExpiredError) {\n return true;\n }\n // TODO (ashwinkumar6): surface invalid cognito token error to customer\n // TODO: clear invalid tokens from Storage\n return false;\n }\n};\n"],"names":[],"mappings":";;;AAAA;AACA;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACY,MAAC,mBAAmB,GAAG,OAAO,KAAK,KAAK;AACpD,IAAI,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC;AAC7D,IAAI,IAAI;AACR,QAAQ,MAAM,QAAQ,GAAG,kBAAkB,CAAC,MAAM,CAAC;AACnD,YAAY,UAAU;AACtB,YAAY,QAAQ,EAAE,SAAS;AAC/B,YAAY,QAAQ;AACpB,SAAS,CAAC,CAAC;AACX,QAAQ,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACrC,QAAQ,OAAO,IAAI,CAAC;AACpB,KAAK;AACL,IAAI,OAAO,KAAK,EAAE;AAClB;AACA;AACA;AACA,QAAQ,IAAI,KAAK,YAAY,eAAe,EAAE;AAC9C,YAAY,OAAO,IAAI,CAAC;AACxB,SAAS;AACT;AACA;AACA,QAAQ,OAAO,KAAK,CAAC;AACrB,KAAK;AACL;;;;"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"author": "Amazon Web Services",
|
|
3
3
|
"name": "@aws-amplify/adapter-nextjs",
|
|
4
|
-
"version": "1.2.
|
|
4
|
+
"version": "1.2.4",
|
|
5
5
|
"description": "The adapter for the supporting of using Amplify APIs in Next.js.",
|
|
6
6
|
"peerDependencies": {
|
|
7
7
|
"aws-amplify": "^6.0.7",
|
|
@@ -71,5 +71,5 @@
|
|
|
71
71
|
"test": "npm run lint && jest -w 1 --coverage --logHeapUsage",
|
|
72
72
|
"ts-coverage": "typescript-coverage-report -p ./tsconfig.build.json -t 90.31"
|
|
73
73
|
},
|
|
74
|
-
"gitHead": "
|
|
74
|
+
"gitHead": "f0b4bd01eea7725dbcc719c5e26c13f0da788440"
|
|
75
75
|
}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
// SPDX-License-Identifier: Apache-2.0
|
|
3
3
|
|
|
4
4
|
import { CognitoJwtVerifier } from 'aws-jwt-verify';
|
|
5
|
+
import { JwtExpiredError } from 'aws-jwt-verify/error';
|
|
5
6
|
|
|
6
7
|
/**
|
|
7
8
|
* Verifies a Cognito JWT token for its validity.
|
|
@@ -30,6 +31,13 @@ export const isValidCognitoToken = async (input: {
|
|
|
30
31
|
|
|
31
32
|
return true;
|
|
32
33
|
} catch (error) {
|
|
34
|
+
// When `JwtExpiredError` is thrown, the token should have valid signature
|
|
35
|
+
// but expired. So, we can consider it as a valid token.
|
|
36
|
+
// Reference https://github.com/awslabs/aws-jwt-verify/blob/8d8f714d7281913ecd660147f5c30311479601c1/src/jwt-rsa.ts#L290-L301
|
|
37
|
+
if (error instanceof JwtExpiredError) {
|
|
38
|
+
return true;
|
|
39
|
+
}
|
|
40
|
+
|
|
33
41
|
// TODO (ashwinkumar6): surface invalid cognito token error to customer
|
|
34
42
|
// TODO: clear invalid tokens from Storage
|
|
35
43
|
return false;
|