@aws-amplify/adapter-nextjs 1.4.1-server-auth.778c2b6.0 → 1.4.1-server-auth.28fa210.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (123) hide show
  1. package/dist/cjs/api/createServerRunnerForAPI.js +1 -1
  2. package/dist/cjs/api/createServerRunnerForAPI.js.map +1 -1
  3. package/dist/cjs/api/generateServerClient.js +5 -5
  4. package/dist/cjs/api/generateServerClient.js.map +1 -1
  5. package/dist/cjs/auth/constant.js +9 -3
  6. package/dist/cjs/auth/constant.js.map +1 -1
  7. package/dist/cjs/auth/createAuthRouteHandlersFactory.js +10 -11
  8. package/dist/cjs/auth/createAuthRouteHandlersFactory.js.map +1 -1
  9. package/dist/cjs/auth/handlers/handleSignInCallbackRequest.js +28 -2
  10. package/dist/cjs/auth/handlers/handleSignInCallbackRequest.js.map +1 -1
  11. package/dist/cjs/auth/handlers/handleSignInCallbackRequestForPagesRouter.js +20 -2
  12. package/dist/cjs/auth/handlers/handleSignInCallbackRequestForPagesRouter.js.map +1 -1
  13. package/dist/cjs/auth/utils/createAuthFlowProofs.js +2 -2
  14. package/dist/cjs/auth/utils/createAuthFlowProofs.js.map +1 -1
  15. package/dist/cjs/auth/utils/createErrorSearchParamsString.js +18 -0
  16. package/dist/cjs/auth/utils/createErrorSearchParamsString.js.map +1 -0
  17. package/dist/cjs/auth/utils/getAccessTokenUsername.js +2 -2
  18. package/dist/cjs/auth/utils/getAccessTokenUsername.js.map +1 -1
  19. package/dist/cjs/auth/utils/index.js +5 -3
  20. package/dist/cjs/auth/utils/index.js.map +1 -1
  21. package/dist/cjs/auth/utils/origin.js +3 -0
  22. package/dist/cjs/auth/utils/origin.js.map +1 -1
  23. package/dist/cjs/auth/utils/{resolveCodeAndStateFromUrl.js → parseSignInCallbackUrl.js} +6 -4
  24. package/dist/cjs/auth/utils/parseSignInCallbackUrl.js.map +1 -0
  25. package/dist/cjs/auth/utils/resolveRedirectUrl.js +2 -2
  26. package/dist/cjs/auth/utils/resolveRedirectUrl.js.map +1 -1
  27. package/dist/cjs/createServerRunner.js +1 -1
  28. package/dist/cjs/createServerRunner.js.map +1 -1
  29. package/dist/cjs/utils/createCookieStorageAdapterFromNextServerContext.js +2 -2
  30. package/dist/cjs/utils/createCookieStorageAdapterFromNextServerContext.js.map +1 -1
  31. package/dist/cjs/utils/createRunWithAmplifyServerContext.js +2 -2
  32. package/dist/cjs/utils/createRunWithAmplifyServerContext.js.map +1 -1
  33. package/dist/esm/api/createServerRunnerForAPI.d.ts +1 -1
  34. package/dist/esm/api/createServerRunnerForAPI.mjs +1 -1
  35. package/dist/esm/api/createServerRunnerForAPI.mjs.map +1 -1
  36. package/dist/esm/api/generateServerClient.d.ts +1 -2
  37. package/dist/esm/api/generateServerClient.mjs +3 -3
  38. package/dist/esm/api/generateServerClient.mjs.map +1 -1
  39. package/dist/esm/api/index.d.ts +1 -1
  40. package/dist/esm/auth/constant.d.ts +2 -0
  41. package/dist/esm/auth/constant.mjs +9 -3
  42. package/dist/esm/auth/constant.mjs.map +1 -1
  43. package/dist/esm/auth/createAuthRouteHandlersFactory.mjs +1 -3
  44. package/dist/esm/auth/createAuthRouteHandlersFactory.mjs.map +1 -1
  45. package/dist/esm/auth/handleAuthApiRouteRequestForAppRouter.mjs +1 -3
  46. package/dist/esm/auth/handleAuthApiRouteRequestForAppRouter.mjs.map +1 -1
  47. package/dist/esm/auth/handleAuthApiRouteRequestForPagesRouter.mjs +1 -3
  48. package/dist/esm/auth/handleAuthApiRouteRequestForPagesRouter.mjs.map +1 -1
  49. package/dist/esm/auth/handlers/handleSignInCallbackRequest.mjs +32 -6
  50. package/dist/esm/auth/handlers/handleSignInCallbackRequest.mjs.map +1 -1
  51. package/dist/esm/auth/handlers/handleSignInCallbackRequestForPagesRouter.mjs +24 -6
  52. package/dist/esm/auth/handlers/handleSignInCallbackRequestForPagesRouter.mjs.map +1 -1
  53. package/dist/esm/auth/handlers/handleSignInSignUpRequest.mjs +1 -2
  54. package/dist/esm/auth/handlers/handleSignInSignUpRequest.mjs.map +1 -1
  55. package/dist/esm/auth/handlers/handleSignInSignUpRequestForPagesRouter.mjs +1 -2
  56. package/dist/esm/auth/handlers/handleSignInSignUpRequestForPagesRouter.mjs.map +1 -1
  57. package/dist/esm/auth/handlers/handleSignOutCallbackRequest.mjs +1 -3
  58. package/dist/esm/auth/handlers/handleSignOutCallbackRequest.mjs.map +1 -1
  59. package/dist/esm/auth/handlers/handleSignOutCallbackRequestForPagesRouter.mjs +1 -3
  60. package/dist/esm/auth/handlers/handleSignOutCallbackRequestForPagesRouter.mjs.map +1 -1
  61. package/dist/esm/auth/handlers/handleSignOutRequest.mjs +1 -2
  62. package/dist/esm/auth/handlers/handleSignOutRequest.mjs.map +1 -1
  63. package/dist/esm/auth/handlers/handleSignOutRequestForPagesRouter.mjs +1 -2
  64. package/dist/esm/auth/handlers/handleSignOutRequestForPagesRouter.mjs.map +1 -1
  65. package/dist/esm/auth/handlers/types.d.ts +1 -1
  66. package/dist/esm/auth/types.d.ts +1 -1
  67. package/dist/esm/auth/utils/authNTokens.d.ts +1 -1
  68. package/dist/esm/auth/utils/createAuthFlowProofs.mjs +1 -1
  69. package/dist/esm/auth/utils/createAuthFlowProofs.mjs.map +1 -1
  70. package/dist/esm/auth/utils/createErrorSearchParamsString.d.ts +4 -0
  71. package/dist/esm/auth/utils/createErrorSearchParamsString.mjs +15 -0
  72. package/dist/esm/auth/utils/createErrorSearchParamsString.mjs.map +1 -0
  73. package/dist/esm/auth/utils/createUrlSearchParams.d.ts +1 -1
  74. package/dist/esm/auth/utils/getAccessTokenUsername.mjs +1 -1
  75. package/dist/esm/auth/utils/getAccessTokenUsername.mjs.map +1 -1
  76. package/dist/esm/auth/utils/index.d.ts +2 -1
  77. package/dist/esm/auth/utils/index.mjs +2 -1
  78. package/dist/esm/auth/utils/index.mjs.map +1 -1
  79. package/dist/esm/auth/utils/origin.mjs +3 -0
  80. package/dist/esm/auth/utils/origin.mjs.map +1 -1
  81. package/dist/esm/auth/utils/parseSignInCallbackUrl.d.ts +6 -0
  82. package/dist/esm/auth/utils/{resolveCodeAndStateFromUrl.mjs → parseSignInCallbackUrl.mjs} +5 -3
  83. package/dist/esm/auth/utils/parseSignInCallbackUrl.mjs.map +1 -0
  84. package/dist/esm/auth/utils/resolveRedirectUrl.d.ts +1 -1
  85. package/dist/esm/auth/utils/resolveRedirectUrl.mjs +1 -1
  86. package/dist/esm/auth/utils/resolveRedirectUrl.mjs.map +1 -1
  87. package/dist/esm/createServerRunner.mjs +1 -1
  88. package/dist/esm/createServerRunner.mjs.map +1 -1
  89. package/dist/esm/types/NextServer.d.ts +2 -2
  90. package/dist/esm/utils/createCookieStorageAdapterFromNextServerContext.d.ts +1 -1
  91. package/dist/esm/utils/createCookieStorageAdapterFromNextServerContext.mjs +1 -1
  92. package/dist/esm/utils/createCookieStorageAdapterFromNextServerContext.mjs.map +1 -1
  93. package/dist/esm/utils/createRunWithAmplifyServerContext.d.ts +3 -3
  94. package/dist/esm/utils/createRunWithAmplifyServerContext.mjs +1 -1
  95. package/dist/esm/utils/createRunWithAmplifyServerContext.mjs.map +1 -1
  96. package/dist/esm/utils/createTokenValidator.d.ts +1 -1
  97. package/package.json +4 -4
  98. package/src/api/createServerRunnerForAPI.ts +2 -2
  99. package/src/api/generateServerClient.ts +9 -11
  100. package/src/api/index.ts +1 -1
  101. package/src/auth/constant.ts +13 -2
  102. package/src/auth/createAuthRouteHandlersFactory.ts +4 -6
  103. package/src/auth/handlers/handleSignInCallbackRequest.ts +44 -4
  104. package/src/auth/handlers/handleSignInCallbackRequestForPagesRouter.ts +41 -4
  105. package/src/auth/handlers/types.ts +1 -1
  106. package/src/auth/types.ts +1 -1
  107. package/src/auth/utils/authNTokens.ts +1 -1
  108. package/src/auth/utils/createAuthFlowProofs.ts +1 -1
  109. package/src/auth/utils/createErrorSearchParamsString.ts +22 -0
  110. package/src/auth/utils/createUrlSearchParams.ts +1 -1
  111. package/src/auth/utils/getAccessTokenUsername.ts +1 -1
  112. package/src/auth/utils/index.ts +2 -1
  113. package/src/auth/utils/origin.ts +6 -0
  114. package/src/auth/utils/{resolveCodeAndStateFromUrl.ts → parseSignInCallbackUrl.ts} +5 -1
  115. package/src/auth/utils/resolveRedirectUrl.ts +4 -2
  116. package/src/createServerRunner.ts +2 -2
  117. package/src/types/NextServer.ts +2 -2
  118. package/src/utils/createCookieStorageAdapterFromNextServerContext.ts +1 -1
  119. package/src/utils/createRunWithAmplifyServerContext.ts +3 -2
  120. package/src/utils/createTokenValidator.ts +1 -1
  121. package/dist/cjs/auth/utils/resolveCodeAndStateFromUrl.js.map +0 -1
  122. package/dist/esm/auth/utils/resolveCodeAndStateFromUrl.d.ts +0 -4
  123. package/dist/esm/auth/utils/resolveCodeAndStateFromUrl.mjs.map +0 -1
package/dist/cjs/api/createServerRunnerForAPI.js CHANGED
@@ -4,7 +4,7 @@
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.createServerRunnerForAPI = void 0;
7
- const utils_1 = require("@aws-amplify/core/internals/utils");
7
+ const utils_1 = require("aws-amplify/utils");
8
8
  const utils_2 = require("../utils");
9
9
  const createServerRunnerForAPI = ({ config, }) => {
10
10
  const amplifyConfig = (0, utils_1.parseAmplifyConfig)(config);
package/dist/cjs/api/createServerRunnerForAPI.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"createServerRunnerForAPI.js","sources":["../../../src/api/createServerRunnerForAPI.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createServerRunnerForAPI = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst utils_2 = require(\"../utils\");\nconst createServerRunnerForAPI = ({ config, }) => {\n const amplifyConfig = (0, utils_1.parseAmplifyConfig)(config);\n return {\n runWithAmplifyServerContext: (0, utils_2.createRunWithAmplifyServerContext)({\n config: amplifyConfig,\n }),\n resourcesConfig: amplifyConfig,\n };\n};\nexports.createServerRunnerForAPI = createServerRunnerForAPI;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,wBAAwB,GAAG,KAAK,CAAC,CAAC;AAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,wBAAwB,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK;AAClD,IAAI,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;AAClE,IAAI,OAAO;AACX,QAAQ,2BAA2B,EAAE,IAAI,OAAO,CAAC,iCAAiC,EAAE;AACpF,YAAY,MAAM,EAAE,aAAa;AACjC,SAAS,CAAC;AACV,QAAQ,eAAe,EAAE,aAAa;AACtC,KAAK,CAAC;AACN,CAAC,CAAC;AACF,OAAO,CAAC,wBAAwB,GAAG,wBAAwB;;"}
1
+ {"version":3,"file":"createServerRunnerForAPI.js","sources":["../../../src/api/createServerRunnerForAPI.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createServerRunnerForAPI = void 0;\nconst utils_1 = require(\"aws-amplify/utils\");\nconst utils_2 = require(\"../utils\");\nconst createServerRunnerForAPI = ({ config, }) => {\n const amplifyConfig = (0, utils_1.parseAmplifyConfig)(config);\n return {\n runWithAmplifyServerContext: (0, utils_2.createRunWithAmplifyServerContext)({\n config: amplifyConfig,\n }),\n resourcesConfig: amplifyConfig,\n };\n};\nexports.createServerRunnerForAPI = createServerRunnerForAPI;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,wBAAwB,GAAG,KAAK,CAAC,CAAC;AAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC7C,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,wBAAwB,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK;AAClD,IAAI,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;AAClE,IAAI,OAAO;AACX,QAAQ,2BAA2B,EAAE,IAAI,OAAO,CAAC,iCAAiC,EAAE;AACpF,YAAY,MAAM,EAAE,aAAa;AACjC,SAAS,CAAC;AACV,QAAQ,eAAe,EAAE,aAAa;AACtC,KAAK,CAAC;AACN,CAAC,CAAC;AACF,OAAO,CAAC,wBAAwB,GAAG,wBAAwB;;"}
package/dist/cjs/api/generateServerClient.js CHANGED
@@ -4,10 +4,10 @@
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.generateServerClientUsingReqRes = exports.generateServerClientUsingCookies = void 0;
7
- const internals_1 = require("@aws-amplify/api/internals");
7
+ const internals_1 = require("aws-amplify/api/internals");
8
8
  const server_1 = require("aws-amplify/api/server");
9
- const adapter_core_1 = require("@aws-amplify/core/internals/adapter-core");
10
- const utils_1 = require("@aws-amplify/core/internals/utils");
9
+ const internals_2 = require("aws-amplify/adapter-core/internals");
10
+ const utils_1 = require("aws-amplify/utils");
11
11
  const createServerRunnerForAPI_1 = require("./createServerRunnerForAPI");
12
12
  /**
13
13
  * Generates an API client that can be used inside a Next.js Server Component with Dynamic Rendering
@@ -20,7 +20,7 @@ const createServerRunnerForAPI_1 = require("./createServerRunnerForAPI");
20
20
  */
21
21
  function generateServerClientUsingCookies(options) {
22
22
  if (typeof options.cookies !== 'function') {
23
- throw new adapter_core_1.AmplifyServerContextError({
23
+ throw new internals_2.AmplifyServerContextError({
24
24
  message: 'generateServerClientUsingCookies is only compatible with the `cookies` Dynamic Function available in Server Components.',
25
25
  // TODO: link to docs
26
26
  recoverySuggestion: 'use `generateServerClient` inside of `runWithAmplifyServerContext` with the `request` object.',
@@ -32,7 +32,7 @@ function generateServerClientUsingCookies(options) {
32
32
  // causing it to always get invoked inside `runWithAmplifyServerContext`
33
33
  const getAmplify = (fn) => runWithAmplifyServerContext({
34
34
  nextServerContext: { cookies: options.cookies },
35
- operation: contextSpec => fn((0, adapter_core_1.getAmplifyServerContext)(contextSpec).amplify),
35
+ operation: contextSpec => fn((0, internals_2.getAmplifyServerContext)(contextSpec).amplify),
36
36
  });
37
37
  const { cookies: _cookies, config: _config, ...params } = options;
38
38
  return (0, internals_1.generateClientWithAmplifyInstance)({
package/dist/cjs/api/generateServerClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"generateServerClient.js","sources":["../../../src/api/generateServerClient.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.generateServerClientUsingReqRes = exports.generateServerClientUsingCookies = void 0;\nconst internals_1 = require(\"@aws-amplify/api/internals\");\nconst server_1 = require(\"aws-amplify/api/server\");\nconst adapter_core_1 = require(\"@aws-amplify/core/internals/adapter-core\");\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst createServerRunnerForAPI_1 = require(\"./createServerRunnerForAPI\");\n/**\n * Generates an API client that can be used inside a Next.js Server Component with Dynamic Rendering\n *\n * @example\n * import { cookies } from \"next/headers\"\n *\n * const client = generateServerClientUsingCookies({ cookies });\n * const result = await client.graphql({ query: listPosts });\n */\nfunction generateServerClientUsingCookies(options) {\n if (typeof options.cookies !== 'function') {\n throw new adapter_core_1.AmplifyServerContextError({\n message: 'generateServerClientUsingCookies is only compatible with the `cookies` Dynamic Function available in Server Components.',\n // TODO: link to docs\n recoverySuggestion: 'use `generateServerClient` inside of `runWithAmplifyServerContext` with the `request` object.',\n });\n }\n const { runWithAmplifyServerContext, resourcesConfig } = (0, createServerRunnerForAPI_1.createServerRunnerForAPI)({ config: options.config });\n // This function reference gets passed down to InternalGraphQLAPI.ts.graphql\n // where this._graphql is passed in as the `fn` argument\n // causing it to always get invoked inside `runWithAmplifyServerContext`\n const getAmplify = (fn) => runWithAmplifyServerContext({\n nextServerContext: { cookies: options.cookies },\n operation: contextSpec => fn((0, adapter_core_1.getAmplifyServerContext)(contextSpec).amplify),\n });\n const { cookies: _cookies, config: _config, ...params } = options;\n return (0, internals_1.generateClientWithAmplifyInstance)({\n amplify: getAmplify,\n config: resourcesConfig,\n ...params,\n }); // TS can't narrow the type here.\n}\nexports.generateServerClientUsingCookies = generateServerClientUsingCookies;\n/**\n * Generates an API client that can be used with both Pages Router and App Router\n *\n * @example\n * import config from './amplifyconfiguration.json';\n * import { listPosts } from './graphql/queries';\n *\n * const client = generateServerClientUsingReqRes({ config });\n *\n * const result = await runWithAmplifyServerContext({\n * nextServerContext: { request, response },\n * operation: (contextSpec) => client.graphql(contextSpec, {\n * query: listPosts,\n * }),\n * });\n */\nfunction generateServerClientUsingReqRes(options) {\n const amplifyConfig = (0, utils_1.parseAmplifyConfig)(options.config);\n const { config: _config, ...params } = options;\n return (0, server_1.generateClient)({\n config: amplifyConfig,\n ...params,\n });\n}\nexports.generateServerClientUsingReqRes = generateServerClientUsingReqRes;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,+BAA+B,GAAG,OAAO,CAAC,gCAAgC,GAAG,KAAK,CAAC,CAAC;AAC5F,MAAM,WAAW,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;AAC1D,MAAM,QAAQ,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AACnD,MAAM,cAAc,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAC;AAC3E,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,0BAA0B,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;AACzE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,gCAAgC,CAAC,OAAO,EAAE;AACnD,IAAI,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU,EAAE;AAC/C,QAAQ,MAAM,IAAI,cAAc,CAAC,yBAAyB,CAAC;AAC3D,YAAY,OAAO,EAAE,yHAAyH;AAC9I;AACA,YAAY,kBAAkB,EAAE,+FAA+F;AAC/H,SAAS,CAAC,CAAC;AACX,KAAK;AACL,IAAI,MAAM,EAAE,2BAA2B,EAAE,eAAe,EAAE,GAAG,IAAI,0BAA0B,CAAC,wBAAwB,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAClJ;AACA;AACA;AACA,IAAI,MAAM,UAAU,GAAG,CAAC,EAAE,KAAK,2BAA2B,CAAC;AAC3D,QAAQ,iBAAiB,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE;AACvD,QAAQ,SAAS,EAAE,WAAW,IAAI,EAAE,CAAC,IAAI,cAAc,CAAC,uBAAuB,EAAE,WAAW,CAAC,CAAC,OAAO,CAAC;AACtG,KAAK,CAAC,CAAC;AACP,IAAI,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;AACtE,IAAI,OAAO,IAAI,WAAW,CAAC,iCAAiC,EAAE;AAC9D,QAAQ,OAAO,EAAE,UAAU;AAC3B,QAAQ,MAAM,EAAE,eAAe;AAC/B,QAAQ,GAAG,MAAM;AACjB,KAAK,CAAC,CAAC;AACP,CAAC;AACD,OAAO,CAAC,gCAAgC,GAAG,gCAAgC,CAAC;AAC5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,+BAA+B,CAAC,OAAO,EAAE;AAClD,IAAI,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,kBAAkB,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AAC1E,IAAI,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;AACnD,IAAI,OAAO,IAAI,QAAQ,CAAC,cAAc,EAAE;AACxC,QAAQ,MAAM,EAAE,aAAa;AAC7B,QAAQ,GAAG,MAAM;AACjB,KAAK,CAAC,CAAC;AACP,CAAC;AACD,OAAO,CAAC,+BAA+B,GAAG,+BAA+B;;"}
1
+ {"version":3,"file":"generateServerClient.js","sources":["../../../src/api/generateServerClient.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.generateServerClientUsingReqRes = exports.generateServerClientUsingCookies = void 0;\nconst internals_1 = require(\"aws-amplify/api/internals\");\nconst server_1 = require(\"aws-amplify/api/server\");\nconst internals_2 = require(\"aws-amplify/adapter-core/internals\");\nconst utils_1 = require(\"aws-amplify/utils\");\nconst createServerRunnerForAPI_1 = require(\"./createServerRunnerForAPI\");\n/**\n * Generates an API client that can be used inside a Next.js Server Component with Dynamic Rendering\n *\n * @example\n * import { cookies } from \"next/headers\"\n *\n * const client = generateServerClientUsingCookies({ cookies });\n * const result = await client.graphql({ query: listPosts });\n */\nfunction generateServerClientUsingCookies(options) {\n if (typeof options.cookies !== 'function') {\n throw new internals_2.AmplifyServerContextError({\n message: 'generateServerClientUsingCookies is only compatible with the `cookies` Dynamic Function available in Server Components.',\n // TODO: link to docs\n recoverySuggestion: 'use `generateServerClient` inside of `runWithAmplifyServerContext` with the `request` object.',\n });\n }\n const { runWithAmplifyServerContext, resourcesConfig } = (0, createServerRunnerForAPI_1.createServerRunnerForAPI)({ config: options.config });\n // This function reference gets passed down to InternalGraphQLAPI.ts.graphql\n // where this._graphql is passed in as the `fn` argument\n // causing it to always get invoked inside `runWithAmplifyServerContext`\n const getAmplify = (fn) => runWithAmplifyServerContext({\n nextServerContext: { cookies: options.cookies },\n operation: contextSpec => fn((0, internals_2.getAmplifyServerContext)(contextSpec).amplify),\n });\n const { cookies: _cookies, config: _config, ...params } = options;\n return (0, internals_1.generateClientWithAmplifyInstance)({\n amplify: getAmplify,\n config: resourcesConfig,\n ...params,\n }); // TS can't narrow the type here.\n}\nexports.generateServerClientUsingCookies = generateServerClientUsingCookies;\n/**\n * Generates an API client that can be used with both Pages Router and App Router\n *\n * @example\n * import config from './amplifyconfiguration.json';\n * import { listPosts } from './graphql/queries';\n *\n * const client = generateServerClientUsingReqRes({ config });\n *\n * const result = await runWithAmplifyServerContext({\n * nextServerContext: { request, response },\n * operation: (contextSpec) => client.graphql(contextSpec, {\n * query: listPosts,\n * }),\n * });\n */\nfunction generateServerClientUsingReqRes(options) {\n const amplifyConfig = (0, utils_1.parseAmplifyConfig)(options.config);\n const { config: _config, ...params } = options;\n return (0, server_1.generateClient)({\n config: amplifyConfig,\n ...params,\n });\n}\nexports.generateServerClientUsingReqRes = generateServerClientUsingReqRes;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,+BAA+B,GAAG,OAAO,CAAC,gCAAgC,GAAG,KAAK,CAAC,CAAC;AAC5F,MAAM,WAAW,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;AACzD,MAAM,QAAQ,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AACnD,MAAM,WAAW,GAAG,OAAO,CAAC,oCAAoC,CAAC,CAAC;AAClE,MAAM,OAAO,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC7C,MAAM,0BAA0B,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;AACzE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,gCAAgC,CAAC,OAAO,EAAE;AACnD,IAAI,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU,EAAE;AAC/C,QAAQ,MAAM,IAAI,WAAW,CAAC,yBAAyB,CAAC;AACxD,YAAY,OAAO,EAAE,yHAAyH;AAC9I;AACA,YAAY,kBAAkB,EAAE,+FAA+F;AAC/H,SAAS,CAAC,CAAC;AACX,KAAK;AACL,IAAI,MAAM,EAAE,2BAA2B,EAAE,eAAe,EAAE,GAAG,IAAI,0BAA0B,CAAC,wBAAwB,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAClJ;AACA;AACA;AACA,IAAI,MAAM,UAAU,GAAG,CAAC,EAAE,KAAK,2BAA2B,CAAC;AAC3D,QAAQ,iBAAiB,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE;AACvD,QAAQ,SAAS,EAAE,WAAW,IAAI,EAAE,CAAC,IAAI,WAAW,CAAC,uBAAuB,EAAE,WAAW,CAAC,CAAC,OAAO,CAAC;AACnG,KAAK,CAAC,CAAC;AACP,IAAI,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;AACtE,IAAI,OAAO,IAAI,WAAW,CAAC,iCAAiC,EAAE;AAC9D,QAAQ,OAAO,EAAE,UAAU;AAC3B,QAAQ,MAAM,EAAE,eAAe;AAC/B,QAAQ,GAAG,MAAM;AACjB,KAAK,CAAC,CAAC;AACP,CAAC;AACD,OAAO,CAAC,gCAAgC,GAAG,gCAAgC,CAAC;AAC5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,+BAA+B,CAAC,OAAO,EAAE;AAClD,IAAI,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,kBAAkB,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AAC1E,IAAI,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;AACnD,IAAI,OAAO,IAAI,QAAQ,CAAC,cAAc,EAAE;AACxC,QAAQ,MAAM,EAAE,aAAa;AAC7B,QAAQ,GAAG,MAAM;AACjB,KAAK,CAAC,CAAC;AACP,CAAC;AACD,OAAO,CAAC,+BAA+B,GAAG,+BAA+B;;"}
package/dist/cjs/auth/constant.js CHANGED
@@ -3,7 +3,7 @@
3
3
  // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.OAUTH_GRANT_TYPE = exports.REMOVE_COOKIE_MAX_AGE = exports.AUTH_FLOW_PROOF_MAX_AGE = exports.IS_SIGNING_OUT_COOKIE_NAME = exports.STATE_COOKIE_NAME = exports.PKCE_COOKIE_NAME = exports.COGNITO_IDENTITY_PROVIDERS = exports.SUPPORTED_ROUTES = void 0;
6
+ exports.SIGN_IN_TIMEOUT_ERROR_MESSAGE = exports.SIGN_IN_TIMEOUT_ERROR_CODE = exports.OAUTH_GRANT_TYPE = exports.REMOVE_COOKIE_MAX_AGE = exports.AUTH_FLOW_PROOF_MAX_AGE = exports.IS_SIGNING_OUT_COOKIE_NAME = exports.STATE_COOKIE_NAME = exports.PKCE_COOKIE_NAME = exports.COGNITO_IDENTITY_PROVIDERS = exports.SUPPORTED_ROUTES = void 0;
7
7
  exports.SUPPORTED_ROUTES = [
8
8
  'sign-in',
9
9
  'sign-in-callback',
@@ -20,7 +20,13 @@ exports.COGNITO_IDENTITY_PROVIDERS = {
20
20
  exports.PKCE_COOKIE_NAME = 'com.amplify.server_auth.pkce';
21
21
  exports.STATE_COOKIE_NAME = 'com.amplify.server_auth.state';
22
22
  exports.IS_SIGNING_OUT_COOKIE_NAME = 'com.amplify.server_auth.isSigningOut';
23
- exports.AUTH_FLOW_PROOF_MAX_AGE = 10 * 60; // 10 mins in seconds
24
- exports.REMOVE_COOKIE_MAX_AGE = -1; // -1 to remove the cookie immediately (0 ==> session cookie)
23
+ // The 5 minutes is from the Cognito Social Identity Provider settings, see:
24
+ // https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social-idp.html
25
+ exports.AUTH_FLOW_PROOF_MAX_AGE = 5 * 60;
26
+ // -1 to remove the cookie immediately (0 ==> session cookie as observed)
27
+ exports.REMOVE_COOKIE_MAX_AGE = -1;
28
+ // With server-side auth flow, we don't support the less secure implicit flow
25
29
  exports.OAUTH_GRANT_TYPE = 'authorization_code';
30
+ exports.SIGN_IN_TIMEOUT_ERROR_CODE = 'timeout';
31
+ exports.SIGN_IN_TIMEOUT_ERROR_MESSAGE = 'Sign in has to be completed within 5 minutes.';
26
32
  //# sourceMappingURL=constant.js.map
package/dist/cjs/auth/constant.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constant.js","sources":["../../../src/auth/constant.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.OAUTH_GRANT_TYPE = exports.REMOVE_COOKIE_MAX_AGE = exports.AUTH_FLOW_PROOF_MAX_AGE = exports.IS_SIGNING_OUT_COOKIE_NAME = exports.STATE_COOKIE_NAME = exports.PKCE_COOKIE_NAME = exports.COGNITO_IDENTITY_PROVIDERS = exports.SUPPORTED_ROUTES = void 0;\nexports.SUPPORTED_ROUTES = [\n 'sign-in',\n 'sign-in-callback',\n 'sign-up',\n 'sign-out',\n 'sign-out-callback',\n];\nexports.COGNITO_IDENTITY_PROVIDERS = {\n Google: 'Google',\n Facebook: 'Facebook',\n Amazon: 'LoginWithAmazon',\n Apple: 'SignInWithApple',\n};\nexports.PKCE_COOKIE_NAME = 'com.amplify.server_auth.pkce';\nexports.STATE_COOKIE_NAME = 'com.amplify.server_auth.state';\nexports.IS_SIGNING_OUT_COOKIE_NAME = 'com.amplify.server_auth.isSigningOut';\nexports.AUTH_FLOW_PROOF_MAX_AGE = 10 * 60; // 10 mins in seconds\nexports.REMOVE_COOKIE_MAX_AGE = -1; // -1 to remove the cookie immediately (0 ==> session cookie)\nexports.OAUTH_GRANT_TYPE = 'authorization_code';\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,qBAAqB,GAAG,OAAO,CAAC,uBAAuB,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,gBAAgB,GAAG,KAAK,CAAC,CAAC;AAChQ,OAAO,CAAC,gBAAgB,GAAG;AAC3B,IAAI,SAAS;AACb,IAAI,kBAAkB;AACtB,IAAI,SAAS;AACb,IAAI,UAAU;AACd,IAAI,mBAAmB;AACvB,CAAC,CAAC;AACF,OAAO,CAAC,0BAA0B,GAAG;AACrC,IAAI,MAAM,EAAE,QAAQ;AACpB,IAAI,QAAQ,EAAE,UAAU;AACxB,IAAI,MAAM,EAAE,iBAAiB;AAC7B,IAAI,KAAK,EAAE,iBAAiB;AAC5B,CAAC,CAAC;AACF,OAAO,CAAC,gBAAgB,GAAG,8BAA8B,CAAC;AAC1D,OAAO,CAAC,iBAAiB,GAAG,+BAA+B,CAAC;AAC5D,OAAO,CAAC,0BAA0B,GAAG,sCAAsC,CAAC;AAC5E,OAAO,CAAC,uBAAuB,GAAG,EAAE,GAAG,EAAE,CAAC;AAC1C,OAAO,CAAC,qBAAqB,GAAG,CAAC,CAAC,CAAC;AACnC,OAAO,CAAC,gBAAgB,GAAG,oBAAoB;;"}
1
+ {"version":3,"file":"constant.js","sources":["../../../src/auth/constant.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.SIGN_IN_TIMEOUT_ERROR_MESSAGE = exports.SIGN_IN_TIMEOUT_ERROR_CODE = exports.OAUTH_GRANT_TYPE = exports.REMOVE_COOKIE_MAX_AGE = exports.AUTH_FLOW_PROOF_MAX_AGE = exports.IS_SIGNING_OUT_COOKIE_NAME = exports.STATE_COOKIE_NAME = exports.PKCE_COOKIE_NAME = exports.COGNITO_IDENTITY_PROVIDERS = exports.SUPPORTED_ROUTES = void 0;\nexports.SUPPORTED_ROUTES = [\n 'sign-in',\n 'sign-in-callback',\n 'sign-up',\n 'sign-out',\n 'sign-out-callback',\n];\nexports.COGNITO_IDENTITY_PROVIDERS = {\n Google: 'Google',\n Facebook: 'Facebook',\n Amazon: 'LoginWithAmazon',\n Apple: 'SignInWithApple',\n};\nexports.PKCE_COOKIE_NAME = 'com.amplify.server_auth.pkce';\nexports.STATE_COOKIE_NAME = 'com.amplify.server_auth.state';\nexports.IS_SIGNING_OUT_COOKIE_NAME = 'com.amplify.server_auth.isSigningOut';\n// The 5 minutes is from the Cognito Social Identity Provider settings, see:\n// https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social-idp.html\nexports.AUTH_FLOW_PROOF_MAX_AGE = 5 * 60;\n// -1 to remove the cookie immediately (0 ==> session cookie as observed)\nexports.REMOVE_COOKIE_MAX_AGE = -1;\n// With server-side auth flow, we don't support the less secure implicit flow\nexports.OAUTH_GRANT_TYPE = 'authorization_code';\nexports.SIGN_IN_TIMEOUT_ERROR_CODE = 'timeout';\nexports.SIGN_IN_TIMEOUT_ERROR_MESSAGE = 'Sign in has to be completed within 5 minutes.';\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,6BAA6B,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,qBAAqB,GAAG,OAAO,CAAC,uBAAuB,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,gBAAgB,GAAG,KAAK,CAAC,CAAC;AAC7U,OAAO,CAAC,gBAAgB,GAAG;AAC3B,IAAI,SAAS;AACb,IAAI,kBAAkB;AACtB,IAAI,SAAS;AACb,IAAI,UAAU;AACd,IAAI,mBAAmB;AACvB,CAAC,CAAC;AACF,OAAO,CAAC,0BAA0B,GAAG;AACrC,IAAI,MAAM,EAAE,QAAQ;AACpB,IAAI,QAAQ,EAAE,UAAU;AACxB,IAAI,MAAM,EAAE,iBAAiB;AAC7B,IAAI,KAAK,EAAE,iBAAiB;AAC5B,CAAC,CAAC;AACF,OAAO,CAAC,gBAAgB,GAAG,8BAA8B,CAAC;AAC1D,OAAO,CAAC,iBAAiB,GAAG,+BAA+B,CAAC;AAC5D,OAAO,CAAC,0BAA0B,GAAG,sCAAsC,CAAC;AAC5E;AACA;AACA,OAAO,CAAC,uBAAuB,GAAG,CAAC,GAAG,EAAE,CAAC;AACzC;AACA,OAAO,CAAC,qBAAqB,GAAG,CAAC,CAAC,CAAC;AACnC;AACA,OAAO,CAAC,gBAAgB,GAAG,oBAAoB,CAAC;AAChD,OAAO,CAAC,0BAA0B,GAAG,SAAS,CAAC;AAC/C,OAAO,CAAC,6BAA6B,GAAG,+CAA+C;;"}
package/dist/cjs/auth/createAuthRouteHandlersFactory.js CHANGED
@@ -4,14 +4,13 @@
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.createAuthRouteHandlersFactory = void 0;
7
- const utils_1 = require("@aws-amplify/core/internals/utils");
8
- const adapter_core_1 = require("@aws-amplify/core/internals/adapter-core");
9
- const utils_2 = require("./utils");
7
+ const internals_1 = require("aws-amplify/adapter-core/internals");
8
+ const utils_1 = require("./utils");
10
9
  const handleAuthApiRouteRequestForAppRouter_1 = require("./handleAuthApiRouteRequestForAppRouter");
11
10
  const handleAuthApiRouteRequestForPagesRouter_1 = require("./handleAuthApiRouteRequestForPagesRouter");
12
11
  const createAuthRouteHandlersFactory = ({ config: resourcesConfig, runtimeOptions = {}, amplifyAppOrigin, runWithAmplifyServerContext, }) => {
13
12
  const handleRequest = async ({ request, contextOrResponse, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {
14
- if ((0, utils_2.isNextApiRequest)(request) && (0, utils_2.isNextApiResponse)(contextOrResponse)) {
13
+ if ((0, utils_1.isNextApiRequest)(request) && (0, utils_1.isNextApiResponse)(contextOrResponse)) {
15
14
  // In pages router the response is sent via calling `response.end()` or
16
15
  // `response.send()`. The response is not returned from the handler.
17
16
  // To ensure these two methods are called before the handler returns,
@@ -29,8 +28,8 @@ const createAuthRouteHandlersFactory = ({ config: resourcesConfig, runtimeOption
29
28
  // In the Pages Router, the final response is handled by contextOrResponse
30
29
  return;
31
30
  }
32
- if ((0, utils_2.isNextRequest)(request) &&
33
- (0, utils_2.isAuthRoutesHandlersContext)(contextOrResponse)) {
31
+ if ((0, utils_1.isNextRequest)(request) &&
32
+ (0, utils_1.isAuthRoutesHandlersContext)(contextOrResponse)) {
34
33
  // In the App Router, the final response is constructed and returned
35
34
  return (0, handleAuthApiRouteRequestForAppRouter_1.handleAuthApiRouteRequestForAppRouter)({
36
35
  request,
@@ -50,21 +49,21 @@ const createAuthRouteHandlersFactory = ({ config: resourcesConfig, runtimeOption
50
49
  // origin validation should happen when createAuthRouteHandlers is being called to create
51
50
  // Auth API routes.
52
51
  if (!amplifyAppOrigin) {
53
- throw new adapter_core_1.AmplifyServerContextError({
52
+ throw new internals_1.AmplifyServerContextError({
54
53
  message: 'Could not find the AMPLIFY_APP_ORIGIN environment variable.',
55
54
  recoverySuggestion: 'Add the AMPLIFY_APP_ORIGIN environment variable to the `.env` file of your Next.js project.',
56
55
  });
57
56
  }
58
- if (!(0, utils_2.isValidOrigin)(amplifyAppOrigin)) {
59
- throw new adapter_core_1.AmplifyServerContextError({
57
+ if (!(0, utils_1.isValidOrigin)(amplifyAppOrigin)) {
58
+ throw new internals_1.AmplifyServerContextError({
60
59
  message: 'AMPLIFY_APP_ORIGIN environment variable contains an invalid origin string.',
61
60
  recoverySuggestion: 'Ensure the AMPLIFY_APP_ORIGIN environment variable is a valid origin string.',
62
61
  });
63
62
  }
64
63
  // OAuth config validation should happen when createAuthRouteHandlers is being called to create
65
64
  // Auth API routes.
66
- (0, utils_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);
67
- (0, utils_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);
65
+ (0, internals_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);
66
+ (0, internals_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);
68
67
  const { userPoolClientId } = resourcesConfig.Auth.Cognito;
69
68
  const { oauth: oAuthConfig } = resourcesConfig.Auth.Cognito.loginWith;
70
69
  const { cookies: setCookieOptions = {} } = runtimeOptions;
package/dist/cjs/auth/createAuthRouteHandlersFactory.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"createAuthRouteHandlersFactory.js","sources":["../../../src/auth/createAuthRouteHandlersFactory.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createAuthRouteHandlersFactory = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst adapter_core_1 = require(\"@aws-amplify/core/internals/adapter-core\");\nconst utils_2 = require(\"./utils\");\nconst handleAuthApiRouteRequestForAppRouter_1 = require(\"./handleAuthApiRouteRequestForAppRouter\");\nconst handleAuthApiRouteRequestForPagesRouter_1 = require(\"./handleAuthApiRouteRequestForPagesRouter\");\nconst createAuthRouteHandlersFactory = ({ config: resourcesConfig, runtimeOptions = {}, amplifyAppOrigin, runWithAmplifyServerContext, }) => {\n const handleRequest = async ({ request, contextOrResponse, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {\n if ((0, utils_2.isNextApiRequest)(request) && (0, utils_2.isNextApiResponse)(contextOrResponse)) {\n // In pages router the response is sent via calling `response.end()` or\n // `response.send()`. The response is not returned from the handler.\n // To ensure these two methods are called before the handler returns,\n // we use `await` here.\n await (0, handleAuthApiRouteRequestForPagesRouter_1.handleAuthApiRouteRequestForPagesRouter)({\n request,\n response: contextOrResponse,\n handlerInput,\n userPoolClientId,\n oAuthConfig,\n setCookieOptions,\n origin,\n runWithAmplifyServerContext,\n });\n // In the Pages Router, the final response is handled by contextOrResponse\n return;\n }\n if ((0, utils_2.isNextRequest)(request) &&\n (0, utils_2.isAuthRoutesHandlersContext)(contextOrResponse)) {\n // In the App Router, the final response is constructed and returned\n return (0, handleAuthApiRouteRequestForAppRouter_1.handleAuthApiRouteRequestForAppRouter)({\n request,\n handlerContext: contextOrResponse,\n handlerInput,\n userPoolClientId,\n oAuthConfig,\n setCookieOptions,\n origin,\n runWithAmplifyServerContext,\n });\n }\n // this should not be happening\n throw new Error('Invalid request and context/response combination. The request cannot be handled.');\n };\n return (createAuthRoutesHandlersInput = {}) => {\n // origin validation should happen when createAuthRouteHandlers is being called to create\n // Auth API routes.\n if (!amplifyAppOrigin) {\n throw new adapter_core_1.AmplifyServerContextError({\n message: 'Could not find the AMPLIFY_APP_ORIGIN environment variable.',\n recoverySuggestion: 'Add the AMPLIFY_APP_ORIGIN environment variable to the `.env` file of your Next.js project.',\n });\n }\n if (!(0, utils_2.isValidOrigin)(amplifyAppOrigin)) {\n throw new adapter_core_1.AmplifyServerContextError({\n message: 'AMPLIFY_APP_ORIGIN environment variable contains an invalid origin string.',\n recoverySuggestion: 'Ensure the AMPLIFY_APP_ORIGIN environment variable is a valid origin string.',\n });\n }\n // OAuth config validation should happen when createAuthRouteHandlers is being called to create\n // Auth API routes.\n (0, utils_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);\n (0, utils_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);\n const { userPoolClientId } = resourcesConfig.Auth.Cognito;\n const { oauth: oAuthConfig } = resourcesConfig.Auth.Cognito.loginWith;\n const { cookies: setCookieOptions = {} } = runtimeOptions;\n // The call-site of this returned function is the Next.js API route file\n return (request, contextOrResponse) => handleRequest({\n request,\n contextOrResponse,\n handlerInput: createAuthRoutesHandlersInput,\n userPoolClientId,\n oAuthConfig,\n setCookieOptions,\n origin: amplifyAppOrigin,\n });\n };\n};\nexports.createAuthRouteHandlersFactory = createAuthRouteHandlersFactory;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,8BAA8B,GAAG,KAAK,CAAC,CAAC;AAChD,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,cAAc,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAC;AAC3E,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AACnC,MAAM,uCAAuC,GAAG,OAAO,CAAC,yCAAyC,CAAC,CAAC;AACnG,MAAM,yCAAyC,GAAG,OAAO,CAAC,2CAA2C,CAAC,CAAC;AACvG,MAAM,8BAA8B,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,cAAc,GAAG,EAAE,EAAE,gBAAgB,EAAE,2BAA2B,GAAG,KAAK;AAC7I,IAAI,MAAM,aAAa,GAAG,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,GAAG,KAAK;AAC5I,QAAQ,IAAI,IAAI,OAAO,CAAC,gBAAgB,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE;AACzG;AACA;AACA;AACA;AACA,YAAY,MAAM,IAAI,yCAAyC,CAAC,uCAAuC,EAAE;AACzG,gBAAgB,OAAO;AACvB,gBAAgB,QAAQ,EAAE,iBAAiB;AAC3C,gBAAgB,YAAY;AAC5B,gBAAgB,gBAAgB;AAChC,gBAAgB,WAAW;AAC3B,gBAAgB,gBAAgB;AAChC,gBAAgB,MAAM;AACtB,gBAAgB,2BAA2B;AAC3C,aAAa,CAAC,CAAC;AACf;AACA,YAAY,OAAO;AACnB,SAAS;AACT,QAAQ,IAAI,IAAI,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC;AAC/C,YAAY,IAAI,OAAO,CAAC,2BAA2B,EAAE,iBAAiB,CAAC,EAAE;AACzE;AACA,YAAY,OAAO,IAAI,uCAAuC,CAAC,qCAAqC,EAAE;AACtG,gBAAgB,OAAO;AACvB,gBAAgB,cAAc,EAAE,iBAAiB;AACjD,gBAAgB,YAAY;AAC5B,gBAAgB,gBAAgB;AAChC,gBAAgB,WAAW;AAC3B,gBAAgB,gBAAgB;AAChC,gBAAgB,MAAM;AACtB,gBAAgB,2BAA2B;AAC3C,aAAa,CAAC,CAAC;AACf,SAAS;AACT;AACA,QAAQ,MAAM,IAAI,KAAK,CAAC,kFAAkF,CAAC,CAAC;AAC5G,KAAK,CAAC;AACN,IAAI,OAAO,CAAC,6BAA6B,GAAG,EAAE,KAAK;AACnD;AACA;AACA,QAAQ,IAAI,CAAC,gBAAgB,EAAE;AAC/B,YAAY,MAAM,IAAI,cAAc,CAAC,yBAAyB,CAAC;AAC/D,gBAAgB,OAAO,EAAE,6DAA6D;AACtF,gBAAgB,kBAAkB,EAAE,6FAA6F;AACjI,aAAa,CAAC,CAAC;AACf,SAAS;AACT,QAAQ,IAAI,CAAC,IAAI,OAAO,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE;AAC3D,YAAY,MAAM,IAAI,cAAc,CAAC,yBAAyB,CAAC;AAC/D,gBAAgB,OAAO,EAAE,4EAA4E;AACrG,gBAAgB,kBAAkB,EAAE,8EAA8E;AAClH,aAAa,CAAC,CAAC;AACf,SAAS;AACT;AACA;AACA,QAAQ,IAAI,OAAO,CAAC,yBAAyB,EAAE,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC9E,QAAQ,IAAI,OAAO,CAAC,iBAAiB,EAAE,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrE,QAAQ,MAAM,EAAE,gBAAgB,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC;AAClE,QAAQ,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;AAC9E,QAAQ,MAAM,EAAE,OAAO,EAAE,gBAAgB,GAAG,EAAE,EAAE,GAAG,cAAc,CAAC;AAClE;AACA,QAAQ,OAAO,CAAC,OAAO,EAAE,iBAAiB,KAAK,aAAa,CAAC;AAC7D,YAAY,OAAO;AACnB,YAAY,iBAAiB;AAC7B,YAAY,YAAY,EAAE,6BAA6B;AACvD,YAAY,gBAAgB;AAC5B,YAAY,WAAW;AACvB,YAAY,gBAAgB;AAC5B,YAAY,MAAM,EAAE,gBAAgB;AACpC,SAAS,CAAC,CAAC;AACX,KAAK,CAAC;AACN,CAAC,CAAC;AACF,OAAO,CAAC,8BAA8B,GAAG,8BAA8B;;"}
1
+ {"version":3,"file":"createAuthRouteHandlersFactory.js","sources":["../../../src/auth/createAuthRouteHandlersFactory.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createAuthRouteHandlersFactory = void 0;\nconst internals_1 = require(\"aws-amplify/adapter-core/internals\");\nconst utils_1 = require(\"./utils\");\nconst handleAuthApiRouteRequestForAppRouter_1 = require(\"./handleAuthApiRouteRequestForAppRouter\");\nconst handleAuthApiRouteRequestForPagesRouter_1 = require(\"./handleAuthApiRouteRequestForPagesRouter\");\nconst createAuthRouteHandlersFactory = ({ config: resourcesConfig, runtimeOptions = {}, amplifyAppOrigin, runWithAmplifyServerContext, }) => {\n const handleRequest = async ({ request, contextOrResponse, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {\n if ((0, utils_1.isNextApiRequest)(request) && (0, utils_1.isNextApiResponse)(contextOrResponse)) {\n // In pages router the response is sent via calling `response.end()` or\n // `response.send()`. The response is not returned from the handler.\n // To ensure these two methods are called before the handler returns,\n // we use `await` here.\n await (0, handleAuthApiRouteRequestForPagesRouter_1.handleAuthApiRouteRequestForPagesRouter)({\n request,\n response: contextOrResponse,\n handlerInput,\n userPoolClientId,\n oAuthConfig,\n setCookieOptions,\n origin,\n runWithAmplifyServerContext,\n });\n // In the Pages Router, the final response is handled by contextOrResponse\n return;\n }\n if ((0, utils_1.isNextRequest)(request) &&\n (0, utils_1.isAuthRoutesHandlersContext)(contextOrResponse)) {\n // In the App Router, the final response is constructed and returned\n return (0, handleAuthApiRouteRequestForAppRouter_1.handleAuthApiRouteRequestForAppRouter)({\n request,\n handlerContext: contextOrResponse,\n handlerInput,\n userPoolClientId,\n oAuthConfig,\n setCookieOptions,\n origin,\n runWithAmplifyServerContext,\n });\n }\n // this should not be happening\n throw new Error('Invalid request and context/response combination. The request cannot be handled.');\n };\n return (createAuthRoutesHandlersInput = {}) => {\n // origin validation should happen when createAuthRouteHandlers is being called to create\n // Auth API routes.\n if (!amplifyAppOrigin) {\n throw new internals_1.AmplifyServerContextError({\n message: 'Could not find the AMPLIFY_APP_ORIGIN environment variable.',\n recoverySuggestion: 'Add the AMPLIFY_APP_ORIGIN environment variable to the `.env` file of your Next.js project.',\n });\n }\n if (!(0, utils_1.isValidOrigin)(amplifyAppOrigin)) {\n throw new internals_1.AmplifyServerContextError({\n message: 'AMPLIFY_APP_ORIGIN environment variable contains an invalid origin string.',\n recoverySuggestion: 'Ensure the AMPLIFY_APP_ORIGIN environment variable is a valid origin string.',\n });\n }\n // OAuth config validation should happen when createAuthRouteHandlers is being called to create\n // Auth API routes.\n (0, internals_1.assertTokenProviderConfig)(resourcesConfig.Auth?.Cognito);\n (0, internals_1.assertOAuthConfig)(resourcesConfig.Auth.Cognito);\n const { userPoolClientId } = resourcesConfig.Auth.Cognito;\n const { oauth: oAuthConfig } = resourcesConfig.Auth.Cognito.loginWith;\n const { cookies: setCookieOptions = {} } = runtimeOptions;\n // The call-site of this returned function is the Next.js API route file\n return (request, contextOrResponse) => handleRequest({\n request,\n contextOrResponse,\n handlerInput: createAuthRoutesHandlersInput,\n userPoolClientId,\n oAuthConfig,\n setCookieOptions,\n origin: amplifyAppOrigin,\n });\n };\n};\nexports.createAuthRouteHandlersFactory = createAuthRouteHandlersFactory;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,8BAA8B,GAAG,KAAK,CAAC,CAAC;AAChD,MAAM,WAAW,GAAG,OAAO,CAAC,oCAAoC,CAAC,CAAC;AAClE,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AACnC,MAAM,uCAAuC,GAAG,OAAO,CAAC,yCAAyC,CAAC,CAAC;AACnG,MAAM,yCAAyC,GAAG,OAAO,CAAC,2CAA2C,CAAC,CAAC;AACvG,MAAM,8BAA8B,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,cAAc,GAAG,EAAE,EAAE,gBAAgB,EAAE,2BAA2B,GAAG,KAAK;AAC7I,IAAI,MAAM,aAAa,GAAG,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,GAAG,KAAK;AAC5I,QAAQ,IAAI,IAAI,OAAO,CAAC,gBAAgB,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE;AACzG;AACA;AACA;AACA;AACA,YAAY,MAAM,IAAI,yCAAyC,CAAC,uCAAuC,EAAE;AACzG,gBAAgB,OAAO;AACvB,gBAAgB,QAAQ,EAAE,iBAAiB;AAC3C,gBAAgB,YAAY;AAC5B,gBAAgB,gBAAgB;AAChC,gBAAgB,WAAW;AAC3B,gBAAgB,gBAAgB;AAChC,gBAAgB,MAAM;AACtB,gBAAgB,2BAA2B;AAC3C,aAAa,CAAC,CAAC;AACf;AACA,YAAY,OAAO;AACnB,SAAS;AACT,QAAQ,IAAI,IAAI,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC;AAC/C,YAAY,IAAI,OAAO,CAAC,2BAA2B,EAAE,iBAAiB,CAAC,EAAE;AACzE;AACA,YAAY,OAAO,IAAI,uCAAuC,CAAC,qCAAqC,EAAE;AACtG,gBAAgB,OAAO;AACvB,gBAAgB,cAAc,EAAE,iBAAiB;AACjD,gBAAgB,YAAY;AAC5B,gBAAgB,gBAAgB;AAChC,gBAAgB,WAAW;AAC3B,gBAAgB,gBAAgB;AAChC,gBAAgB,MAAM;AACtB,gBAAgB,2BAA2B;AAC3C,aAAa,CAAC,CAAC;AACf,SAAS;AACT;AACA,QAAQ,MAAM,IAAI,KAAK,CAAC,kFAAkF,CAAC,CAAC;AAC5G,KAAK,CAAC;AACN,IAAI,OAAO,CAAC,6BAA6B,GAAG,EAAE,KAAK;AACnD;AACA;AACA,QAAQ,IAAI,CAAC,gBAAgB,EAAE;AAC/B,YAAY,MAAM,IAAI,WAAW,CAAC,yBAAyB,CAAC;AAC5D,gBAAgB,OAAO,EAAE,6DAA6D;AACtF,gBAAgB,kBAAkB,EAAE,6FAA6F;AACjI,aAAa,CAAC,CAAC;AACf,SAAS;AACT,QAAQ,IAAI,CAAC,IAAI,OAAO,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE;AAC3D,YAAY,MAAM,IAAI,WAAW,CAAC,yBAAyB,CAAC;AAC5D,gBAAgB,OAAO,EAAE,4EAA4E;AACrG,gBAAgB,kBAAkB,EAAE,8EAA8E;AAClH,aAAa,CAAC,CAAC;AACf,SAAS;AACT;AACA;AACA,QAAQ,IAAI,WAAW,CAAC,yBAAyB,EAAE,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAClF,QAAQ,IAAI,WAAW,CAAC,iBAAiB,EAAE,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACzE,QAAQ,MAAM,EAAE,gBAAgB,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC;AAClE,QAAQ,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;AAC9E,QAAQ,MAAM,EAAE,OAAO,EAAE,gBAAgB,GAAG,EAAE,EAAE,GAAG,cAAc,CAAC;AAClE;AACA,QAAQ,OAAO,CAAC,OAAO,EAAE,iBAAiB,KAAK,aAAa,CAAC;AAC7D,YAAY,OAAO;AACnB,YAAY,iBAAiB;AAC7B,YAAY,YAAY,EAAE,6BAA6B;AACvD,YAAY,gBAAgB;AAC5B,YAAY,WAAW;AACvB,YAAY,gBAAgB;AAC5B,YAAY,MAAM,EAAE,gBAAgB;AACpC,SAAS,CAAC,CAAC;AACX,KAAK,CAAC;AACN,CAAC,CAAC;AACF,OAAO,CAAC,8BAA8B,GAAG,8BAA8B;;"}
package/dist/cjs/auth/handlers/handleSignInCallbackRequest.js CHANGED
@@ -7,12 +7,38 @@ exports.handleSignInCallbackRequest = void 0;
7
7
  const constant_1 = require("../constant");
8
8
  const utils_1 = require("../utils");
9
9
  const handleSignInCallbackRequest = async ({ request, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {
10
- const { code, state } = (0, utils_1.resolveCodeAndStateFromUrl)(request.url);
10
+ const { code, state, error, errorDescription } = (0, utils_1.parseSignInCallbackUrl)(request.url);
11
+ if (errorDescription || error) {
12
+ const searchParamsString = (0, utils_1.createErrorSearchParamsString)({
13
+ error,
14
+ errorDescription,
15
+ });
16
+ return new Response(null, {
17
+ status: 302,
18
+ headers: new Headers({
19
+ location: `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`,
20
+ }),
21
+ });
22
+ }
11
23
  if (!code || !state) {
12
24
  return new Response(null, { status: 400 });
13
25
  }
14
26
  const { [constant_1.PKCE_COOKIE_NAME]: clientPkce, [constant_1.STATE_COOKIE_NAME]: clientState } = (0, utils_1.getCookieValuesFromRequest)(request, [constant_1.PKCE_COOKIE_NAME, constant_1.STATE_COOKIE_NAME]);
15
- if (!clientState || clientState !== state || !clientPkce) {
27
+ // The state and pkce cookies are removed from cookie store after 5 minutes
28
+ if (!clientState || !clientPkce) {
29
+ const searchParamsString = (0, utils_1.createErrorSearchParamsString)({
30
+ error: constant_1.SIGN_IN_TIMEOUT_ERROR_CODE,
31
+ errorDescription: constant_1.SIGN_IN_TIMEOUT_ERROR_MESSAGE,
32
+ });
33
+ return new Response(null, {
34
+ status: 302,
35
+ headers: new Headers({
36
+ location: `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`,
37
+ }),
38
+ });
39
+ }
40
+ // Most likely the cookie has been tampered
41
+ if (clientState !== state) {
16
42
  return new Response(null, { status: 400 });
17
43
  }
18
44
  const tokensPayload = await (0, utils_1.exchangeAuthNTokens)({
package/dist/cjs/auth/handlers/handleSignInCallbackRequest.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"handleSignInCallbackRequest.js","sources":["../../../../src/auth/handlers/handleSignInCallbackRequest.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.handleSignInCallbackRequest = void 0;\nconst constant_1 = require(\"../constant\");\nconst utils_1 = require(\"../utils\");\nconst handleSignInCallbackRequest = async ({ request, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {\n const { code, state } = (0, utils_1.resolveCodeAndStateFromUrl)(request.url);\n if (!code || !state) {\n return new Response(null, { status: 400 });\n }\n const { [constant_1.PKCE_COOKIE_NAME]: clientPkce, [constant_1.STATE_COOKIE_NAME]: clientState } = (0, utils_1.getCookieValuesFromRequest)(request, [constant_1.PKCE_COOKIE_NAME, constant_1.STATE_COOKIE_NAME]);\n if (!clientState || clientState !== state || !clientPkce) {\n return new Response(null, { status: 400 });\n }\n const tokensPayload = await (0, utils_1.exchangeAuthNTokens)({\n redirectUri: (0, utils_1.resolveRedirectSignInUrl)(origin, oAuthConfig),\n userPoolClientId,\n oAuthConfig,\n code,\n codeVerifier: clientPkce,\n });\n if ('error' in tokensPayload) {\n return new Response(tokensPayload.error, { status: 500 });\n }\n const headers = new Headers();\n (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createTokenCookies)({\n tokensPayload,\n userPoolClientId,\n }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions));\n (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignInFlowProofCookies)({ state: '', pkce: '' }), (0, utils_1.createAuthFlowProofCookiesRemoveOptions)(setCookieOptions));\n // When Cognito redirects back to `/sign-in-callback`, the referer is Cognito\n // endpoint. If redirect end user to `redirectOnSignInComplete` from this point,\n // the referer remains the same.\n // When authN token cookies set as `sameSite: 'strict'`, this may cause the\n // authN tokens cookies set with the redirect response not to be sent to the\n // server. Hence, sending a html page with status 200 to the client, and perform\n // the redirection on the client side.\n headers.set('Content-Type', 'text/html');\n return new Response((0, utils_1.createOnSignInCompleteRedirectIntermediate)({\n redirectOnSignInComplete: (0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignInComplete),\n }), {\n status: 200,\n headers,\n });\n};\nexports.handleSignInCallbackRequest = handleSignInCallbackRequest;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,2BAA2B,GAAG,KAAK,CAAC,CAAC;AAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,2BAA2B,GAAG,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,GAAG,KAAK;AACnI,IAAI,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,IAAI,OAAO,CAAC,0BAA0B,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;AACjF,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACzB,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;AACnD,KAAK;AACL,IAAI,MAAM,EAAE,CAAC,UAAU,CAAC,gBAAgB,GAAG,UAAU,EAAE,CAAC,UAAU,CAAC,iBAAiB,GAAG,WAAW,EAAE,GAAG,IAAI,OAAO,CAAC,0BAA0B,EAAE,OAAO,EAAE,CAAC,UAAU,CAAC,gBAAgB,EAAE,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC;AACrN,IAAI,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,KAAK,IAAI,CAAC,UAAU,EAAE;AAC9D,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;AACnD,KAAK;AACL,IAAI,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,mBAAmB,EAAE;AACjE,QAAQ,WAAW,EAAE,IAAI,OAAO,CAAC,wBAAwB,EAAE,MAAM,EAAE,WAAW,CAAC;AAC/E,QAAQ,gBAAgB;AACxB,QAAQ,WAAW;AACnB,QAAQ,IAAI;AACZ,QAAQ,YAAY,EAAE,UAAU;AAChC,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,OAAO,IAAI,aAAa,EAAE;AAClC,QAAQ,OAAO,IAAI,QAAQ,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;AAClE,KAAK;AACL,IAAI,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAClC,IAAI,IAAI,OAAO,CAAC,sBAAsB,EAAE,OAAO,EAAE,IAAI,OAAO,CAAC,kBAAkB,EAAE;AACjF,QAAQ,aAAa;AACrB,QAAQ,gBAAgB;AACxB,KAAK,CAAC,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,gBAAgB,CAAC,CAAC,CAAC;AACrE,IAAI,IAAI,OAAO,CAAC,sBAAsB,EAAE,OAAO,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,uCAAuC,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAC7L;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;AAC7C,IAAI,OAAO,IAAI,QAAQ,CAAC,IAAI,OAAO,CAAC,0CAA0C,EAAE;AAChF,QAAQ,wBAAwB,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,wBAAwB,CAAC;AAC1G,KAAK,CAAC,EAAE;AACR,QAAQ,MAAM,EAAE,GAAG;AACnB,QAAQ,OAAO;AACf,KAAK,CAAC,CAAC;AACP,CAAC,CAAC;AACF,OAAO,CAAC,2BAA2B,GAAG,2BAA2B;;"}
1
+ {"version":3,"file":"handleSignInCallbackRequest.js","sources":["../../../../src/auth/handlers/handleSignInCallbackRequest.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.handleSignInCallbackRequest = void 0;\nconst constant_1 = require(\"../constant\");\nconst utils_1 = require(\"../utils\");\nconst handleSignInCallbackRequest = async ({ request, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {\n const { code, state, error, errorDescription } = (0, utils_1.parseSignInCallbackUrl)(request.url);\n if (errorDescription || error) {\n const searchParamsString = (0, utils_1.createErrorSearchParamsString)({\n error,\n errorDescription,\n });\n return new Response(null, {\n status: 302,\n headers: new Headers({\n location: `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`,\n }),\n });\n }\n if (!code || !state) {\n return new Response(null, { status: 400 });\n }\n const { [constant_1.PKCE_COOKIE_NAME]: clientPkce, [constant_1.STATE_COOKIE_NAME]: clientState } = (0, utils_1.getCookieValuesFromRequest)(request, [constant_1.PKCE_COOKIE_NAME, constant_1.STATE_COOKIE_NAME]);\n // The state and pkce cookies are removed from cookie store after 5 minutes\n if (!clientState || !clientPkce) {\n const searchParamsString = (0, utils_1.createErrorSearchParamsString)({\n error: constant_1.SIGN_IN_TIMEOUT_ERROR_CODE,\n errorDescription: constant_1.SIGN_IN_TIMEOUT_ERROR_MESSAGE,\n });\n return new Response(null, {\n status: 302,\n headers: new Headers({\n location: `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`,\n }),\n });\n }\n // Most likely the cookie has been tampered\n if (clientState !== state) {\n return new Response(null, { status: 400 });\n }\n const tokensPayload = await (0, utils_1.exchangeAuthNTokens)({\n redirectUri: (0, utils_1.resolveRedirectSignInUrl)(origin, oAuthConfig),\n userPoolClientId,\n oAuthConfig,\n code,\n codeVerifier: clientPkce,\n });\n if ('error' in tokensPayload) {\n return new Response(tokensPayload.error, { status: 500 });\n }\n const headers = new Headers();\n (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createTokenCookies)({\n tokensPayload,\n userPoolClientId,\n }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions));\n (0, utils_1.appendSetCookieHeaders)(headers, (0, utils_1.createSignInFlowProofCookies)({ state: '', pkce: '' }), (0, utils_1.createAuthFlowProofCookiesRemoveOptions)(setCookieOptions));\n // When Cognito redirects back to `/sign-in-callback`, the referer is Cognito\n // endpoint. If redirect end user to `redirectOnSignInComplete` from this point,\n // the referer remains the same.\n // When authN token cookies set as `sameSite: 'strict'`, this may cause the\n // authN tokens cookies set with the redirect response not to be sent to the\n // server. Hence, sending a html page with status 200 to the client, and perform\n // the redirection on the client side.\n headers.set('Content-Type', 'text/html');\n return new Response((0, utils_1.createOnSignInCompleteRedirectIntermediate)({\n redirectOnSignInComplete: (0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignInComplete),\n }), {\n status: 200,\n headers,\n });\n};\nexports.handleSignInCallbackRequest = handleSignInCallbackRequest;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,2BAA2B,GAAG,KAAK,CAAC,CAAC;AAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,2BAA2B,GAAG,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,GAAG,KAAK;AACnI,IAAI,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE,GAAG,IAAI,OAAO,CAAC,sBAAsB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;AACtG,IAAI,IAAI,gBAAgB,IAAI,KAAK,EAAE;AACnC,QAAQ,MAAM,kBAAkB,GAAG,IAAI,OAAO,CAAC,6BAA6B,EAAE;AAC9E,YAAY,KAAK;AACjB,YAAY,gBAAgB;AAC5B,SAAS,CAAC,CAAC;AACX,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;AAClC,YAAY,MAAM,EAAE,GAAG;AACvB,YAAY,OAAO,EAAE,IAAI,OAAO,CAAC;AACjC,gBAAgB,QAAQ,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,yBAAyB,CAAC,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC;AAC9H,aAAa,CAAC;AACd,SAAS,CAAC,CAAC;AACX,KAAK;AACL,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACzB,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;AACnD,KAAK;AACL,IAAI,MAAM,EAAE,CAAC,UAAU,CAAC,gBAAgB,GAAG,UAAU,EAAE,CAAC,UAAU,CAAC,iBAAiB,GAAG,WAAW,EAAE,GAAG,IAAI,OAAO,CAAC,0BAA0B,EAAE,OAAO,EAAE,CAAC,UAAU,CAAC,gBAAgB,EAAE,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC;AACrN;AACA,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,UAAU,EAAE;AACrC,QAAQ,MAAM,kBAAkB,GAAG,IAAI,OAAO,CAAC,6BAA6B,EAAE;AAC9E,YAAY,KAAK,EAAE,UAAU,CAAC,0BAA0B;AACxD,YAAY,gBAAgB,EAAE,UAAU,CAAC,6BAA6B;AACtE,SAAS,CAAC,CAAC;AACX,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;AAClC,YAAY,MAAM,EAAE,GAAG;AACvB,YAAY,OAAO,EAAE,IAAI,OAAO,CAAC;AACjC,gBAAgB,QAAQ,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,yBAAyB,CAAC,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC;AAC9H,aAAa,CAAC;AACd,SAAS,CAAC,CAAC;AACX,KAAK;AACL;AACA,IAAI,IAAI,WAAW,KAAK,KAAK,EAAE;AAC/B,QAAQ,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;AACnD,KAAK;AACL,IAAI,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,mBAAmB,EAAE;AACjE,QAAQ,WAAW,EAAE,IAAI,OAAO,CAAC,wBAAwB,EAAE,MAAM,EAAE,WAAW,CAAC;AAC/E,QAAQ,gBAAgB;AACxB,QAAQ,WAAW;AACnB,QAAQ,IAAI;AACZ,QAAQ,YAAY,EAAE,UAAU;AAChC,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,OAAO,IAAI,aAAa,EAAE;AAClC,QAAQ,OAAO,IAAI,QAAQ,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;AAClE,KAAK;AACL,IAAI,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAClC,IAAI,IAAI,OAAO,CAAC,sBAAsB,EAAE,OAAO,EAAE,IAAI,OAAO,CAAC,kBAAkB,EAAE;AACjF,QAAQ,aAAa;AACrB,QAAQ,gBAAgB;AACxB,KAAK,CAAC,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,gBAAgB,CAAC,CAAC,CAAC;AACrE,IAAI,IAAI,OAAO,CAAC,sBAAsB,EAAE,OAAO,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,uCAAuC,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAC7L;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;AAC7C,IAAI,OAAO,IAAI,QAAQ,CAAC,IAAI,OAAO,CAAC,0CAA0C,EAAE;AAChF,QAAQ,wBAAwB,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,wBAAwB,CAAC;AAC1G,KAAK,CAAC,EAAE;AACR,QAAQ,MAAM,EAAE,GAAG;AACnB,QAAQ,OAAO;AACf,KAAK,CAAC,CAAC;AACP,CAAC,CAAC;AACF,OAAO,CAAC,2BAA2B,GAAG,2BAA2B;;"}
package/dist/cjs/auth/handlers/handleSignInCallbackRequestForPagesRouter.js CHANGED
@@ -7,7 +7,15 @@ exports.handleSignInCallbackRequestForPagesRouter = void 0;
7
7
  const constant_1 = require("../constant");
8
8
  const utils_1 = require("../utils");
9
9
  const handleSignInCallbackRequestForPagesRouter = async ({ request, response, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {
10
- const { code, state } = (0, utils_1.resolveCodeAndStateFromUrl)(request.url);
10
+ const { code, state, error, errorDescription } = (0, utils_1.parseSignInCallbackUrl)(request.url);
11
+ if (errorDescription || error) {
12
+ const searchParamsString = (0, utils_1.createErrorSearchParamsString)({
13
+ error,
14
+ errorDescription,
15
+ });
16
+ response.redirect(302, `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`);
17
+ return;
18
+ }
11
19
  if (!code || !state) {
12
20
  response.status(400).end();
13
21
  return;
@@ -16,7 +24,17 @@ const handleSignInCallbackRequestForPagesRouter = async ({ request, response, ha
16
24
  constant_1.PKCE_COOKIE_NAME,
17
25
  constant_1.STATE_COOKIE_NAME,
18
26
  ]);
19
- if (!clientState || clientState !== state || !clientPkce) {
27
+ // The state and pkce cookies are removed from cookie store after 5 minutes
28
+ if (!clientState || !clientPkce) {
29
+ const searchParamsString = (0, utils_1.createErrorSearchParamsString)({
30
+ error: constant_1.SIGN_IN_TIMEOUT_ERROR_CODE,
31
+ errorDescription: constant_1.SIGN_IN_TIMEOUT_ERROR_MESSAGE,
32
+ });
33
+ response.redirect(302, `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`);
34
+ return;
35
+ }
36
+ // Most likely the cookie has been tampered
37
+ if (clientState !== state) {
20
38
  response.status(400).end();
21
39
  return;
22
40
  }
package/dist/cjs/auth/handlers/handleSignInCallbackRequestForPagesRouter.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"handleSignInCallbackRequestForPagesRouter.js","sources":["../../../../src/auth/handlers/handleSignInCallbackRequestForPagesRouter.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.handleSignInCallbackRequestForPagesRouter = void 0;\nconst constant_1 = require(\"../constant\");\nconst utils_1 = require(\"../utils\");\nconst handleSignInCallbackRequestForPagesRouter = async ({ request, response, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {\n const { code, state } = (0, utils_1.resolveCodeAndStateFromUrl)(request.url);\n if (!code || !state) {\n response.status(400).end();\n return;\n }\n const { [constant_1.PKCE_COOKIE_NAME]: clientPkce, [constant_1.STATE_COOKIE_NAME]: clientState } = (0, utils_1.getCookieValuesFromNextApiRequest)(request, [\n constant_1.PKCE_COOKIE_NAME,\n constant_1.STATE_COOKIE_NAME,\n ]);\n if (!clientState || clientState !== state || !clientPkce) {\n response.status(400).end();\n return;\n }\n const tokensPayload = await (0, utils_1.exchangeAuthNTokens)({\n redirectUri: (0, utils_1.resolveRedirectSignInUrl)(origin, oAuthConfig),\n userPoolClientId,\n oAuthConfig,\n code,\n codeVerifier: clientPkce,\n });\n if ('error' in tokensPayload) {\n response.status(500).send(tokensPayload.error);\n return;\n }\n (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createTokenCookies)({\n tokensPayload,\n userPoolClientId,\n }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions));\n (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignInFlowProofCookies)({ state: '', pkce: '' }), (0, utils_1.createAuthFlowProofCookiesRemoveOptions)(setCookieOptions));\n // When Cognito redirects back to `/sign-in-callback`, the referer is Cognito\n // endpoint. If redirect end user to `redirectOnSignInComplete` from this point,\n // the referer remains the same.\n // When authN token cookies set as `sameSite: 'strict'`, this may cause the\n // authN tokens cookies set with the redirect response not to be sent to the\n // server. Hence, sending a html page with status 200 to the client, and perform\n // the redirection on the client side.\n response\n .appendHeader('Content-Type', 'text/html')\n .status(200)\n .send((0, utils_1.createOnSignInCompleteRedirectIntermediate)({\n redirectOnSignInComplete: (0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignInComplete),\n }));\n};\nexports.handleSignInCallbackRequestForPagesRouter = handleSignInCallbackRequestForPagesRouter;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,yCAAyC,GAAG,KAAK,CAAC,CAAC;AAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,yCAAyC,GAAG,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,GAAG,KAAK;AAC3J,IAAI,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,IAAI,OAAO,CAAC,0BAA0B,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;AACjF,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACzB,QAAQ,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;AACnC,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,MAAM,EAAE,CAAC,UAAU,CAAC,gBAAgB,GAAG,UAAU,EAAE,CAAC,UAAU,CAAC,iBAAiB,GAAG,WAAW,EAAE,GAAG,IAAI,OAAO,CAAC,iCAAiC,EAAE,OAAO,EAAE;AAC/J,QAAQ,UAAU,CAAC,gBAAgB;AACnC,QAAQ,UAAU,CAAC,iBAAiB;AACpC,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,KAAK,IAAI,CAAC,UAAU,EAAE;AAC9D,QAAQ,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;AACnC,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,mBAAmB,EAAE;AACjE,QAAQ,WAAW,EAAE,IAAI,OAAO,CAAC,wBAAwB,EAAE,MAAM,EAAE,WAAW,CAAC;AAC/E,QAAQ,gBAAgB;AACxB,QAAQ,WAAW;AACnB,QAAQ,IAAI;AACZ,QAAQ,YAAY,EAAE,UAAU;AAChC,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,OAAO,IAAI,aAAa,EAAE;AAClC,QAAQ,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;AACvD,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,IAAI,OAAO,CAAC,uCAAuC,EAAE,QAAQ,EAAE,IAAI,OAAO,CAAC,kBAAkB,EAAE;AACnG,QAAQ,aAAa;AACrB,QAAQ,gBAAgB;AACxB,KAAK,CAAC,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,gBAAgB,CAAC,CAAC,CAAC;AACrE,IAAI,IAAI,OAAO,CAAC,uCAAuC,EAAE,QAAQ,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,uCAAuC,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAC/M;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,QAAQ;AACZ,SAAS,YAAY,CAAC,cAAc,EAAE,WAAW,CAAC;AAClD,SAAS,MAAM,CAAC,GAAG,CAAC;AACpB,SAAS,IAAI,CAAC,IAAI,OAAO,CAAC,0CAA0C,EAAE;AACtE,QAAQ,wBAAwB,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,wBAAwB,CAAC;AAC1G,KAAK,CAAC,CAAC,CAAC;AACR,CAAC,CAAC;AACF,OAAO,CAAC,yCAAyC,GAAG,yCAAyC;;"}
1
+ {"version":3,"file":"handleSignInCallbackRequestForPagesRouter.js","sources":["../../../../src/auth/handlers/handleSignInCallbackRequestForPagesRouter.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.handleSignInCallbackRequestForPagesRouter = void 0;\nconst constant_1 = require(\"../constant\");\nconst utils_1 = require(\"../utils\");\nconst handleSignInCallbackRequestForPagesRouter = async ({ request, response, handlerInput, userPoolClientId, oAuthConfig, setCookieOptions, origin, }) => {\n const { code, state, error, errorDescription } = (0, utils_1.parseSignInCallbackUrl)(request.url);\n if (errorDescription || error) {\n const searchParamsString = (0, utils_1.createErrorSearchParamsString)({\n error,\n errorDescription,\n });\n response.redirect(302, `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`);\n return;\n }\n if (!code || !state) {\n response.status(400).end();\n return;\n }\n const { [constant_1.PKCE_COOKIE_NAME]: clientPkce, [constant_1.STATE_COOKIE_NAME]: clientState } = (0, utils_1.getCookieValuesFromNextApiRequest)(request, [\n constant_1.PKCE_COOKIE_NAME,\n constant_1.STATE_COOKIE_NAME,\n ]);\n // The state and pkce cookies are removed from cookie store after 5 minutes\n if (!clientState || !clientPkce) {\n const searchParamsString = (0, utils_1.createErrorSearchParamsString)({\n error: constant_1.SIGN_IN_TIMEOUT_ERROR_CODE,\n errorDescription: constant_1.SIGN_IN_TIMEOUT_ERROR_MESSAGE,\n });\n response.redirect(302, `${(0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignOutComplete)}?${searchParamsString}`);\n return;\n }\n // Most likely the cookie has been tampered\n if (clientState !== state) {\n response.status(400).end();\n return;\n }\n const tokensPayload = await (0, utils_1.exchangeAuthNTokens)({\n redirectUri: (0, utils_1.resolveRedirectSignInUrl)(origin, oAuthConfig),\n userPoolClientId,\n oAuthConfig,\n code,\n codeVerifier: clientPkce,\n });\n if ('error' in tokensPayload) {\n response.status(500).send(tokensPayload.error);\n return;\n }\n (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createTokenCookies)({\n tokensPayload,\n userPoolClientId,\n }), (0, utils_1.createTokenCookiesSetOptions)(setCookieOptions));\n (0, utils_1.appendSetCookieHeadersToNextApiResponse)(response, (0, utils_1.createSignInFlowProofCookies)({ state: '', pkce: '' }), (0, utils_1.createAuthFlowProofCookiesRemoveOptions)(setCookieOptions));\n // When Cognito redirects back to `/sign-in-callback`, the referer is Cognito\n // endpoint. If redirect end user to `redirectOnSignInComplete` from this point,\n // the referer remains the same.\n // When authN token cookies set as `sameSite: 'strict'`, this may cause the\n // authN tokens cookies set with the redirect response not to be sent to the\n // server. Hence, sending a html page with status 200 to the client, and perform\n // the redirection on the client side.\n response\n .appendHeader('Content-Type', 'text/html')\n .status(200)\n .send((0, utils_1.createOnSignInCompleteRedirectIntermediate)({\n redirectOnSignInComplete: (0, utils_1.getRedirectOrDefault)(handlerInput.redirectOnSignInComplete),\n }));\n};\nexports.handleSignInCallbackRequestForPagesRouter = handleSignInCallbackRequestForPagesRouter;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,yCAAyC,GAAG,KAAK,CAAC,CAAC;AAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACpC,MAAM,yCAAyC,GAAG,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,GAAG,KAAK;AAC3J,IAAI,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE,GAAG,IAAI,OAAO,CAAC,sBAAsB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;AACtG,IAAI,IAAI,gBAAgB,IAAI,KAAK,EAAE;AACnC,QAAQ,MAAM,kBAAkB,GAAG,IAAI,OAAO,CAAC,6BAA6B,EAAE;AAC9E,YAAY,KAAK;AACjB,YAAY,gBAAgB;AAC5B,SAAS,CAAC,CAAC;AACX,QAAQ,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,yBAAyB,CAAC,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC;AACrI,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACzB,QAAQ,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;AACnC,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,MAAM,EAAE,CAAC,UAAU,CAAC,gBAAgB,GAAG,UAAU,EAAE,CAAC,UAAU,CAAC,iBAAiB,GAAG,WAAW,EAAE,GAAG,IAAI,OAAO,CAAC,iCAAiC,EAAE,OAAO,EAAE;AAC/J,QAAQ,UAAU,CAAC,gBAAgB;AACnC,QAAQ,UAAU,CAAC,iBAAiB;AACpC,KAAK,CAAC,CAAC;AACP;AACA,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,UAAU,EAAE;AACrC,QAAQ,MAAM,kBAAkB,GAAG,IAAI,OAAO,CAAC,6BAA6B,EAAE;AAC9E,YAAY,KAAK,EAAE,UAAU,CAAC,0BAA0B;AACxD,YAAY,gBAAgB,EAAE,UAAU,CAAC,6BAA6B;AACtE,SAAS,CAAC,CAAC;AACX,QAAQ,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,yBAAyB,CAAC,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC;AACrI,QAAQ,OAAO;AACf,KAAK;AACL;AACA,IAAI,IAAI,WAAW,KAAK,KAAK,EAAE;AAC/B,QAAQ,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;AACnC,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,MAAM,aAAa,GAAG,MAAM,IAAI,OAAO,CAAC,mBAAmB,EAAE;AACjE,QAAQ,WAAW,EAAE,IAAI,OAAO,CAAC,wBAAwB,EAAE,MAAM,EAAE,WAAW,CAAC;AAC/E,QAAQ,gBAAgB;AACxB,QAAQ,WAAW;AACnB,QAAQ,IAAI;AACZ,QAAQ,YAAY,EAAE,UAAU;AAChC,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,OAAO,IAAI,aAAa,EAAE;AAClC,QAAQ,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;AACvD,QAAQ,OAAO;AACf,KAAK;AACL,IAAI,IAAI,OAAO,CAAC,uCAAuC,EAAE,QAAQ,EAAE,IAAI,OAAO,CAAC,kBAAkB,EAAE;AACnG,QAAQ,aAAa;AACrB,QAAQ,gBAAgB;AACxB,KAAK,CAAC,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,gBAAgB,CAAC,CAAC,CAAC;AACrE,IAAI,IAAI,OAAO,CAAC,uCAAuC,EAAE,QAAQ,EAAE,IAAI,OAAO,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,OAAO,CAAC,uCAAuC,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAC/M;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,QAAQ;AACZ,SAAS,YAAY,CAAC,cAAc,EAAE,WAAW,CAAC;AAClD,SAAS,MAAM,CAAC,GAAG,CAAC;AACpB,SAAS,IAAI,CAAC,IAAI,OAAO,CAAC,0CAA0C,EAAE;AACtE,QAAQ,wBAAwB,EAAE,IAAI,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,wBAAwB,CAAC;AAC1G,KAAK,CAAC,CAAC,CAAC;AACR,CAAC,CAAC;AACF,OAAO,CAAC,yCAAyC,GAAG,yCAAyC;;"}
package/dist/cjs/auth/utils/createAuthFlowProofs.js CHANGED
@@ -4,13 +4,13 @@
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.createAuthFlowProofs = void 0;
7
- const utils_1 = require("@aws-amplify/core/internals/utils");
7
+ const internals_1 = require("aws-amplify/adapter-core/internals");
8
8
  const adapter_core_1 = require("aws-amplify/adapter-core");
9
9
  const createAuthFlowProofs = ({ customState, }) => {
10
10
  const codeVerifier = (0, adapter_core_1.generateCodeVerifier)(128);
11
11
  const randomState = (0, adapter_core_1.generateState)();
12
12
  const state = customState
13
- ? `${randomState}-${(0, utils_1.urlSafeEncode)(customState)}`
13
+ ? `${randomState}-${(0, internals_1.urlSafeEncode)(customState)}`
14
14
  : randomState;
15
15
  return { codeVerifier, state };
16
16
  };
package/dist/cjs/auth/utils/createAuthFlowProofs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"createAuthFlowProofs.js","sources":["../../../../src/auth/utils/createAuthFlowProofs.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createAuthFlowProofs = void 0;\nconst utils_1 = require(\"@aws-amplify/core/internals/utils\");\nconst adapter_core_1 = require(\"aws-amplify/adapter-core\");\nconst createAuthFlowProofs = ({ customState, }) => {\n const codeVerifier = (0, adapter_core_1.generateCodeVerifier)(128);\n const randomState = (0, adapter_core_1.generateState)();\n const state = customState\n ? `${randomState}-${(0, utils_1.urlSafeEncode)(customState)}`\n : randomState;\n return { codeVerifier, state };\n};\nexports.createAuthFlowProofs = createAuthFlowProofs;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,oBAAoB,GAAG,KAAK,CAAC,CAAC;AACtC,MAAM,OAAO,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAC;AAC7D,MAAM,cAAc,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AAC3D,MAAM,oBAAoB,GAAG,CAAC,EAAE,WAAW,GAAG,KAAK;AACnD,IAAI,MAAM,YAAY,GAAG,IAAI,cAAc,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;AACvE,IAAI,MAAM,WAAW,GAAG,IAAI,cAAc,CAAC,aAAa,GAAG,CAAC;AAC5D,IAAI,MAAM,KAAK,GAAG,WAAW;AAC7B,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC,EAAE,IAAI,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;AACrE,UAAU,WAAW,CAAC;AACtB,IAAI,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;AACnC,CAAC,CAAC;AACF,OAAO,CAAC,oBAAoB,GAAG,oBAAoB;;"}
1
+ {"version":3,"file":"createAuthFlowProofs.js","sources":["../../../../src/auth/utils/createAuthFlowProofs.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createAuthFlowProofs = void 0;\nconst internals_1 = require(\"aws-amplify/adapter-core/internals\");\nconst adapter_core_1 = require(\"aws-amplify/adapter-core\");\nconst createAuthFlowProofs = ({ customState, }) => {\n const codeVerifier = (0, adapter_core_1.generateCodeVerifier)(128);\n const randomState = (0, adapter_core_1.generateState)();\n const state = customState\n ? `${randomState}-${(0, internals_1.urlSafeEncode)(customState)}`\n : randomState;\n return { codeVerifier, state };\n};\nexports.createAuthFlowProofs = createAuthFlowProofs;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,oBAAoB,GAAG,KAAK,CAAC,CAAC;AACtC,MAAM,WAAW,GAAG,OAAO,CAAC,oCAAoC,CAAC,CAAC;AAClE,MAAM,cAAc,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AAC3D,MAAM,oBAAoB,GAAG,CAAC,EAAE,WAAW,GAAG,KAAK;AACnD,IAAI,MAAM,YAAY,GAAG,IAAI,cAAc,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;AACvE,IAAI,MAAM,WAAW,GAAG,IAAI,cAAc,CAAC,aAAa,GAAG,CAAC;AAC5D,IAAI,MAAM,KAAK,GAAG,WAAW;AAC7B,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC,EAAE,IAAI,WAAW,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;AACzE,UAAU,WAAW,CAAC;AACtB,IAAI,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;AACnC,CAAC,CAAC;AACF,OAAO,CAAC,oBAAoB,GAAG,oBAAoB;;"}
package/dist/cjs/auth/utils/createErrorSearchParamsString.js ADDED
@@ -0,0 +1,18 @@
1
+ 'use strict';
2
+
3
+ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
4
+ // SPDX-License-Identifier: Apache-2.0
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.createErrorSearchParamsString = void 0;
7
+ const createErrorSearchParamsString = ({ error, errorDescription, }) => {
8
+ const errorParams = new URLSearchParams();
9
+ if (error) {
10
+ errorParams.set('error', error);
11
+ }
12
+ if (errorDescription) {
13
+ errorParams.set('error_description', errorDescription);
14
+ }
15
+ return errorParams.toString();
16
+ };
17
+ exports.createErrorSearchParamsString = createErrorSearchParamsString;
18
+ //# sourceMappingURL=createErrorSearchParamsString.js.map
package/dist/cjs/auth/utils/createErrorSearchParamsString.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"createErrorSearchParamsString.js","sources":["../../../../src/auth/utils/createErrorSearchParamsString.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createErrorSearchParamsString = void 0;\nconst createErrorSearchParamsString = ({ error, errorDescription, }) => {\n const errorParams = new URLSearchParams();\n if (error) {\n errorParams.set('error', error);\n }\n if (errorDescription) {\n errorParams.set('error_description', errorDescription);\n }\n return errorParams.toString();\n};\nexports.createErrorSearchParamsString = createErrorSearchParamsString;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,6BAA6B,GAAG,KAAK,CAAC,CAAC;AAC/C,MAAM,6BAA6B,GAAG,CAAC,EAAE,KAAK,EAAE,gBAAgB,GAAG,KAAK;AACxE,IAAI,MAAM,WAAW,GAAG,IAAI,eAAe,EAAE,CAAC;AAC9C,IAAI,IAAI,KAAK,EAAE;AACf,QAAQ,WAAW,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;AACxC,KAAK;AACL,IAAI,IAAI,gBAAgB,EAAE;AAC1B,QAAQ,WAAW,CAAC,GAAG,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,CAAC;AAC/D,KAAK;AACL,IAAI,OAAO,WAAW,CAAC,QAAQ,EAAE,CAAC;AAClC,CAAC,CAAC;AACF,OAAO,CAAC,6BAA6B,GAAG,6BAA6B;;"}
package/dist/cjs/auth/utils/getAccessTokenUsername.js CHANGED
@@ -4,7 +4,7 @@
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
6
  exports.getAccessTokenUsername = void 0;
7
- const core_1 = require("@aws-amplify/core");
8
- const getAccessTokenUsername = (accessToken) => (0, core_1.decodeJWT)(accessToken).payload.username;
7
+ const internals_1 = require("aws-amplify/adapter-core/internals");
8
+ const getAccessTokenUsername = (accessToken) => (0, internals_1.decodeJWT)(accessToken).payload.username;
9
9
  exports.getAccessTokenUsername = getAccessTokenUsername;
10
10
  //# sourceMappingURL=getAccessTokenUsername.js.map
package/dist/cjs/auth/utils/getAccessTokenUsername.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"getAccessTokenUsername.js","sources":["../../../../src/auth/utils/getAccessTokenUsername.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getAccessTokenUsername = void 0;\nconst core_1 = require(\"@aws-amplify/core\");\nconst getAccessTokenUsername = (accessToken) => (0, core_1.decodeJWT)(accessToken).payload.username;\nexports.getAccessTokenUsername = getAccessTokenUsername;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,sBAAsB,GAAG,KAAK,CAAC,CAAC;AACxC,MAAM,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC5C,MAAM,sBAAsB,GAAG,CAAC,WAAW,KAAK,IAAI,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;AACpG,OAAO,CAAC,sBAAsB,GAAG,sBAAsB;;"}
1
+ {"version":3,"file":"getAccessTokenUsername.js","sources":["../../../../src/auth/utils/getAccessTokenUsername.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.getAccessTokenUsername = void 0;\nconst internals_1 = require(\"aws-amplify/adapter-core/internals\");\nconst getAccessTokenUsername = (accessToken) => (0, internals_1.decodeJWT)(accessToken).payload.username;\nexports.getAccessTokenUsername = getAccessTokenUsername;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,sBAAsB,GAAG,KAAK,CAAC,CAAC;AACxC,MAAM,WAAW,GAAG,OAAO,CAAC,oCAAoC,CAAC,CAAC;AAClE,MAAM,sBAAsB,GAAG,CAAC,WAAW,KAAK,IAAI,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;AACzG,OAAO,CAAC,sBAAsB,GAAG,sBAAsB;;"}
package/dist/cjs/auth/utils/index.js CHANGED
@@ -3,7 +3,7 @@
3
3
  // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
4
4
  // SPDX-License-Identifier: Apache-2.0
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.createTokenCookiesRemoveOptions = exports.createTokenCookiesSetOptions = exports.createTokenRemoveCookies = exports.createTokenCookies = exports.resolveRedirectSignOutUrl = exports.resolveRedirectSignInUrl = exports.resolveIdentityProviderFromUrl = exports.resolveCodeAndStateFromUrl = exports.isSSLOrigin = exports.isValidOrigin = exports.isSupportedAuthApiRoutePath = exports.hasActiveUserSessionWithPagesRouter = exports.hasActiveUserSessionWithAppRouter = exports.isNextRequest = exports.isNextApiResponse = exports.isNextApiRequest = exports.isAuthRoutesHandlersContext = exports.getRedirectOrDefault = exports.getCookieValuesFromRequest = exports.getCookieValuesFromNextApiRequest = exports.getAccessTokenUsername = exports.createRevokeEndpoint = exports.createTokenEndpoint = exports.createLogoutEndpoint = exports.createSignUpEndpoint = exports.createAuthorizeEndpoint = exports.createUrlSearchParamsForSignInSignUp = exports.createOnSignInCompleteRedirectIntermediate = exports.createAuthFlowProofs = exports.createAuthFlowProofCookiesRemoveOptions = exports.createAuthFlowProofCookiesSetOptions = exports.createSignOutFlowProofCookies = exports.createSignInFlowProofCookies = exports.appendSetCookieHeadersToNextApiResponse = exports.revokeAuthNTokens = exports.exchangeAuthNTokens = exports.appendSetCookieHeaders = void 0;
6
+ exports.createTokenCookiesRemoveOptions = exports.createTokenCookiesSetOptions = exports.createTokenRemoveCookies = exports.createTokenCookies = exports.resolveRedirectSignOutUrl = exports.resolveRedirectSignInUrl = exports.resolveIdentityProviderFromUrl = exports.parseSignInCallbackUrl = exports.isSSLOrigin = exports.isValidOrigin = exports.isSupportedAuthApiRoutePath = exports.hasActiveUserSessionWithPagesRouter = exports.hasActiveUserSessionWithAppRouter = exports.isNextRequest = exports.isNextApiResponse = exports.isNextApiRequest = exports.isAuthRoutesHandlersContext = exports.getRedirectOrDefault = exports.getCookieValuesFromRequest = exports.getCookieValuesFromNextApiRequest = exports.getAccessTokenUsername = exports.createRevokeEndpoint = exports.createTokenEndpoint = exports.createLogoutEndpoint = exports.createSignUpEndpoint = exports.createAuthorizeEndpoint = exports.createUrlSearchParamsForSignInSignUp = exports.createOnSignInCompleteRedirectIntermediate = exports.createErrorSearchParamsString = exports.createAuthFlowProofs = exports.createAuthFlowProofCookiesRemoveOptions = exports.createAuthFlowProofCookiesSetOptions = exports.createSignOutFlowProofCookies = exports.createSignInFlowProofCookies = exports.appendSetCookieHeadersToNextApiResponse = exports.revokeAuthNTokens = exports.exchangeAuthNTokens = exports.appendSetCookieHeaders = void 0;
7
7
  var appendSetCookieHeaders_1 = require("./appendSetCookieHeaders");
8
8
  Object.defineProperty(exports, "appendSetCookieHeaders", { enumerable: true, get: function () { return appendSetCookieHeaders_1.appendSetCookieHeaders; } });
9
9
  var authNTokens_1 = require("./authNTokens");
@@ -18,6 +18,8 @@ Object.defineProperty(exports, "createAuthFlowProofCookiesSetOptions", { enumera
18
18
  Object.defineProperty(exports, "createAuthFlowProofCookiesRemoveOptions", { enumerable: true, get: function () { return authFlowProofCookies_1.createAuthFlowProofCookiesRemoveOptions; } });
19
19
  var createAuthFlowProofs_1 = require("./createAuthFlowProofs");
20
20
  Object.defineProperty(exports, "createAuthFlowProofs", { enumerable: true, get: function () { return createAuthFlowProofs_1.createAuthFlowProofs; } });
21
+ var createErrorSearchParamsString_1 = require("./createErrorSearchParamsString");
22
+ Object.defineProperty(exports, "createErrorSearchParamsString", { enumerable: true, get: function () { return createErrorSearchParamsString_1.createErrorSearchParamsString; } });
21
23
  var createOnSignInCompleteRedirectIntermediate_1 = require("./createOnSignInCompleteRedirectIntermediate");
22
24
  Object.defineProperty(exports, "createOnSignInCompleteRedirectIntermediate", { enumerable: true, get: function () { return createOnSignInCompleteRedirectIntermediate_1.createOnSignInCompleteRedirectIntermediate; } });
23
25
  var createUrlSearchParams_1 = require("./createUrlSearchParams");
@@ -49,8 +51,8 @@ Object.defineProperty(exports, "isSupportedAuthApiRoutePath", { enumerable: true
49
51
  var origin_1 = require("./origin");
50
52
  Object.defineProperty(exports, "isValidOrigin", { enumerable: true, get: function () { return origin_1.isValidOrigin; } });
51
53
  Object.defineProperty(exports, "isSSLOrigin", { enumerable: true, get: function () { return origin_1.isSSLOrigin; } });
52
- var resolveCodeAndStateFromUrl_1 = require("./resolveCodeAndStateFromUrl");
53
- Object.defineProperty(exports, "resolveCodeAndStateFromUrl", { enumerable: true, get: function () { return resolveCodeAndStateFromUrl_1.resolveCodeAndStateFromUrl; } });
54
+ var parseSignInCallbackUrl_1 = require("./parseSignInCallbackUrl");
55
+ Object.defineProperty(exports, "parseSignInCallbackUrl", { enumerable: true, get: function () { return parseSignInCallbackUrl_1.parseSignInCallbackUrl; } });
54
56
  var resolveIdentityProviderFromUrl_1 = require("./resolveIdentityProviderFromUrl");
55
57
  Object.defineProperty(exports, "resolveIdentityProviderFromUrl", { enumerable: true, get: function () { return resolveIdentityProviderFromUrl_1.resolveIdentityProviderFromUrl; } });
56
58
  var resolveRedirectUrl_1 = require("./resolveRedirectUrl");
package/dist/cjs/auth/utils/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../../../../src/auth/utils/index.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createTokenCookiesRemoveOptions = exports.createTokenCookiesSetOptions = exports.createTokenRemoveCookies = exports.createTokenCookies = exports.resolveRedirectSignOutUrl = exports.resolveRedirectSignInUrl = exports.resolveIdentityProviderFromUrl = exports.resolveCodeAndStateFromUrl = exports.isSSLOrigin = exports.isValidOrigin = exports.isSupportedAuthApiRoutePath = exports.hasActiveUserSessionWithPagesRouter = exports.hasActiveUserSessionWithAppRouter = exports.isNextRequest = exports.isNextApiResponse = exports.isNextApiRequest = exports.isAuthRoutesHandlersContext = exports.getRedirectOrDefault = exports.getCookieValuesFromRequest = exports.getCookieValuesFromNextApiRequest = exports.getAccessTokenUsername = exports.createRevokeEndpoint = exports.createTokenEndpoint = exports.createLogoutEndpoint = exports.createSignUpEndpoint = exports.createAuthorizeEndpoint = exports.createUrlSearchParamsForSignInSignUp = exports.createOnSignInCompleteRedirectIntermediate = exports.createAuthFlowProofs = exports.createAuthFlowProofCookiesRemoveOptions = exports.createAuthFlowProofCookiesSetOptions = exports.createSignOutFlowProofCookies = exports.createSignInFlowProofCookies = exports.appendSetCookieHeadersToNextApiResponse = exports.revokeAuthNTokens = exports.exchangeAuthNTokens = exports.appendSetCookieHeaders = void 0;\nvar appendSetCookieHeaders_1 = require(\"./appendSetCookieHeaders\");\nObject.defineProperty(exports, \"appendSetCookieHeaders\", { enumerable: true, get: function () { return appendSetCookieHeaders_1.appendSetCookieHeaders; } });\nvar authNTokens_1 = require(\"./authNTokens\");\nObject.defineProperty(exports, \"exchangeAuthNTokens\", { enumerable: true, get: function () { return authNTokens_1.exchangeAuthNTokens; } });\nObject.defineProperty(exports, \"revokeAuthNTokens\", { enumerable: true, get: function () { return authNTokens_1.revokeAuthNTokens; } });\nvar appendSetCookieHeadersToNextApiResponse_1 = require(\"./appendSetCookieHeadersToNextApiResponse\");\nObject.defineProperty(exports, \"appendSetCookieHeadersToNextApiResponse\", { enumerable: true, get: function () { return appendSetCookieHeadersToNextApiResponse_1.appendSetCookieHeadersToNextApiResponse; } });\nvar authFlowProofCookies_1 = require(\"./authFlowProofCookies\");\nObject.defineProperty(exports, \"createSignInFlowProofCookies\", { enumerable: true, get: function () { return authFlowProofCookies_1.createSignInFlowProofCookies; } });\nObject.defineProperty(exports, \"createSignOutFlowProofCookies\", { enumerable: true, get: function () { return authFlowProofCookies_1.createSignOutFlowProofCookies; } });\nObject.defineProperty(exports, \"createAuthFlowProofCookiesSetOptions\", { enumerable: true, get: function () { return authFlowProofCookies_1.createAuthFlowProofCookiesSetOptions; } });\nObject.defineProperty(exports, \"createAuthFlowProofCookiesRemoveOptions\", { enumerable: true, get: function () { return authFlowProofCookies_1.createAuthFlowProofCookiesRemoveOptions; } });\nvar createAuthFlowProofs_1 = require(\"./createAuthFlowProofs\");\nObject.defineProperty(exports, \"createAuthFlowProofs\", { enumerable: true, get: function () { return createAuthFlowProofs_1.createAuthFlowProofs; } });\nvar createOnSignInCompleteRedirectIntermediate_1 = require(\"./createOnSignInCompleteRedirectIntermediate\");\nObject.defineProperty(exports, \"createOnSignInCompleteRedirectIntermediate\", { enumerable: true, get: function () { return createOnSignInCompleteRedirectIntermediate_1.createOnSignInCompleteRedirectIntermediate; } });\nvar createUrlSearchParams_1 = require(\"./createUrlSearchParams\");\nObject.defineProperty(exports, \"createUrlSearchParamsForSignInSignUp\", { enumerable: true, get: function () { return createUrlSearchParams_1.createUrlSearchParamsForSignInSignUp; } });\nvar cognitoHostedUIEndpoints_1 = require(\"./cognitoHostedUIEndpoints\");\nObject.defineProperty(exports, \"createAuthorizeEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createAuthorizeEndpoint; } });\nObject.defineProperty(exports, \"createSignUpEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createSignUpEndpoint; } });\nObject.defineProperty(exports, \"createLogoutEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createLogoutEndpoint; } });\nObject.defineProperty(exports, \"createTokenEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createTokenEndpoint; } });\nObject.defineProperty(exports, \"createRevokeEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createRevokeEndpoint; } });\nvar getAccessTokenUsername_1 = require(\"./getAccessTokenUsername\");\nObject.defineProperty(exports, \"getAccessTokenUsername\", { enumerable: true, get: function () { return getAccessTokenUsername_1.getAccessTokenUsername; } });\nvar getCookieValuesFromNextApiRequest_1 = require(\"./getCookieValuesFromNextApiRequest\");\nObject.defineProperty(exports, \"getCookieValuesFromNextApiRequest\", { enumerable: true, get: function () { return getCookieValuesFromNextApiRequest_1.getCookieValuesFromNextApiRequest; } });\nvar getCookieValuesFromRequest_1 = require(\"./getCookieValuesFromRequest\");\nObject.defineProperty(exports, \"getCookieValuesFromRequest\", { enumerable: true, get: function () { return getCookieValuesFromRequest_1.getCookieValuesFromRequest; } });\nvar getRedirectOrDefault_1 = require(\"./getRedirectOrDefault\");\nObject.defineProperty(exports, \"getRedirectOrDefault\", { enumerable: true, get: function () { return getRedirectOrDefault_1.getRedirectOrDefault; } });\nvar predicates_1 = require(\"./predicates\");\nObject.defineProperty(exports, \"isAuthRoutesHandlersContext\", { enumerable: true, get: function () { return predicates_1.isAuthRoutesHandlersContext; } });\nObject.defineProperty(exports, \"isNextApiRequest\", { enumerable: true, get: function () { return predicates_1.isNextApiRequest; } });\nObject.defineProperty(exports, \"isNextApiResponse\", { enumerable: true, get: function () { return predicates_1.isNextApiResponse; } });\nObject.defineProperty(exports, \"isNextRequest\", { enumerable: true, get: function () { return predicates_1.isNextRequest; } });\nvar hasActiveUserSession_1 = require(\"./hasActiveUserSession\");\nObject.defineProperty(exports, \"hasActiveUserSessionWithAppRouter\", { enumerable: true, get: function () { return hasActiveUserSession_1.hasActiveUserSessionWithAppRouter; } });\nObject.defineProperty(exports, \"hasActiveUserSessionWithPagesRouter\", { enumerable: true, get: function () { return hasActiveUserSession_1.hasActiveUserSessionWithPagesRouter; } });\nvar isSupportedAuthApiRoutePath_1 = require(\"./isSupportedAuthApiRoutePath\");\nObject.defineProperty(exports, \"isSupportedAuthApiRoutePath\", { enumerable: true, get: function () { return isSupportedAuthApiRoutePath_1.isSupportedAuthApiRoutePath; } });\nvar origin_1 = require(\"./origin\");\nObject.defineProperty(exports, \"isValidOrigin\", { enumerable: true, get: function () { return origin_1.isValidOrigin; } });\nObject.defineProperty(exports, \"isSSLOrigin\", { enumerable: true, get: function () { return origin_1.isSSLOrigin; } });\nvar resolveCodeAndStateFromUrl_1 = require(\"./resolveCodeAndStateFromUrl\");\nObject.defineProperty(exports, \"resolveCodeAndStateFromUrl\", { enumerable: true, get: function () { return resolveCodeAndStateFromUrl_1.resolveCodeAndStateFromUrl; } });\nvar resolveIdentityProviderFromUrl_1 = require(\"./resolveIdentityProviderFromUrl\");\nObject.defineProperty(exports, \"resolveIdentityProviderFromUrl\", { enumerable: true, get: function () { return resolveIdentityProviderFromUrl_1.resolveIdentityProviderFromUrl; } });\nvar resolveRedirectUrl_1 = require(\"./resolveRedirectUrl\");\nObject.defineProperty(exports, \"resolveRedirectSignInUrl\", { enumerable: true, get: function () { return resolveRedirectUrl_1.resolveRedirectSignInUrl; } });\nObject.defineProperty(exports, \"resolveRedirectSignOutUrl\", { enumerable: true, get: function () { return resolveRedirectUrl_1.resolveRedirectSignOutUrl; } });\nvar tokenCookies_1 = require(\"./tokenCookies\");\nObject.defineProperty(exports, \"createTokenCookies\", { enumerable: true, get: function () { return tokenCookies_1.createTokenCookies; } });\nObject.defineProperty(exports, \"createTokenRemoveCookies\", { enumerable: true, get: function () { return tokenCookies_1.createTokenRemoveCookies; } });\nObject.defineProperty(exports, \"createTokenCookiesSetOptions\", { enumerable: true, get: function () { return tokenCookies_1.createTokenCookiesSetOptions; } });\nObject.defineProperty(exports, \"createTokenCookiesRemoveOptions\", { enumerable: true, get: function () { return tokenCookies_1.createTokenCookiesRemoveOptions; } });\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,+BAA+B,GAAG,OAAO,CAAC,4BAA4B,GAAG,OAAO,CAAC,wBAAwB,GAAG,OAAO,CAAC,kBAAkB,GAAG,OAAO,CAAC,yBAAyB,GAAG,OAAO,CAAC,wBAAwB,GAAG,OAAO,CAAC,8BAA8B,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC,2BAA2B,GAAG,OAAO,CAAC,mCAAmC,GAAG,OAAO,CAAC,iCAAiC,GAAG,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,2BAA2B,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,iCAAiC,GAAG,OAAO,CAAC,sBAAsB,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,GAAG,OAAO,CAAC,oCAAoC,GAAG,OAAO,CAAC,0CAA0C,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,uCAAuC,GAAG,OAAO,CAAC,oCAAoC,GAAG,OAAO,CAAC,6BAA6B,GAAG,OAAO,CAAC,4BAA4B,GAAG,OAAO,CAAC,uCAAuC,GAAG,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,sBAAsB,GAAG,KAAK,CAAC,CAAC;AAC9zC,IAAI,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AACnE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,wBAAwB,CAAC,sBAAsB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,IAAI,aAAa,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;AAC7C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,qBAAqB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,aAAa,CAAC,mBAAmB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC5I,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mBAAmB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,aAAa,CAAC,iBAAiB,CAAC,EAAE,EAAE,CAAC,CAAC;AACxI,IAAI,yCAAyC,GAAG,OAAO,CAAC,2CAA2C,CAAC,CAAC;AACrG,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yCAAyC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,yCAAyC,CAAC,uCAAuC,CAAC,EAAE,EAAE,CAAC,CAAC;AAChN,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,8BAA8B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,CAAC;AACvK,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,+BAA+B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,6BAA6B,CAAC,EAAE,EAAE,CAAC,CAAC;AACzK,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sCAAsC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,oCAAoC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvL,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yCAAyC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,uCAAuC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7L,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvJ,IAAI,4CAA4C,GAAG,OAAO,CAAC,8CAA8C,CAAC,CAAC;AAC3G,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,4CAA4C,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,4CAA4C,CAAC,0CAA0C,CAAC,EAAE,EAAE,CAAC,CAAC;AACzN,IAAI,uBAAuB,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;AACjE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sCAAsC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,uBAAuB,CAAC,oCAAoC,CAAC,EAAE,EAAE,CAAC,CAAC;AACxL,IAAI,0BAA0B,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;AACvE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yBAAyB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,uBAAuB,CAAC,EAAE,EAAE,CAAC,CAAC;AACjK,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,qBAAqB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,mBAAmB,CAAC,EAAE,EAAE,CAAC,CAAC;AACzJ,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,IAAI,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AACnE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,wBAAwB,CAAC,sBAAsB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,IAAI,mCAAmC,GAAG,OAAO,CAAC,qCAAqC,CAAC,CAAC;AACzF,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mCAAmC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,mCAAmC,CAAC,iCAAiC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC9L,IAAI,4BAA4B,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAC;AAC3E,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,4BAA4B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,4BAA4B,CAAC,0BAA0B,CAAC,EAAE,EAAE,CAAC,CAAC;AACzK,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvJ,IAAI,YAAY,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;AAC3C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,6BAA6B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,2BAA2B,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,kBAAkB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,gBAAgB,CAAC,EAAE,EAAE,CAAC,CAAC;AACrI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mBAAmB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,iBAAiB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;AAC/H,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mCAAmC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,iCAAiC,CAAC,EAAE,EAAE,CAAC,CAAC;AACjL,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,qCAAqC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,mCAAmC,CAAC,EAAE,EAAE,CAAC,CAAC;AACrL,IAAI,6BAA6B,GAAG,OAAO,CAAC,+BAA+B,CAAC,CAAC;AAC7E,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,6BAA6B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,6BAA6B,CAAC,2BAA2B,CAAC,EAAE,EAAE,CAAC,CAAC;AAC5K,IAAI,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACnC,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,QAAQ,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3H,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,aAAa,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,QAAQ,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;AACvH,IAAI,4BAA4B,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAC;AAC3E,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,4BAA4B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,4BAA4B,CAAC,0BAA0B,CAAC,EAAE,EAAE,CAAC,CAAC;AACzK,IAAI,gCAAgC,GAAG,OAAO,CAAC,kCAAkC,CAAC,CAAC;AACnF,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,gCAAgC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,gCAAgC,CAAC,8BAA8B,CAAC,EAAE,EAAE,CAAC,CAAC;AACrL,IAAI,oBAAoB,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAC3D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,0BAA0B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,oBAAoB,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,2BAA2B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,oBAAoB,CAAC,yBAAyB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC/J,IAAI,cAAc,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAC/C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,oBAAoB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,kBAAkB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3I,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,0BAA0B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvJ,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,8BAA8B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,CAAC;AAC/J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,iCAAiC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,+BAA+B,CAAC,EAAE,EAAE,CAAC;;"}
1
+ {"version":3,"file":"index.js","sources":["../../../../src/auth/utils/index.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.createTokenCookiesRemoveOptions = exports.createTokenCookiesSetOptions = exports.createTokenRemoveCookies = exports.createTokenCookies = exports.resolveRedirectSignOutUrl = exports.resolveRedirectSignInUrl = exports.resolveIdentityProviderFromUrl = exports.parseSignInCallbackUrl = exports.isSSLOrigin = exports.isValidOrigin = exports.isSupportedAuthApiRoutePath = exports.hasActiveUserSessionWithPagesRouter = exports.hasActiveUserSessionWithAppRouter = exports.isNextRequest = exports.isNextApiResponse = exports.isNextApiRequest = exports.isAuthRoutesHandlersContext = exports.getRedirectOrDefault = exports.getCookieValuesFromRequest = exports.getCookieValuesFromNextApiRequest = exports.getAccessTokenUsername = exports.createRevokeEndpoint = exports.createTokenEndpoint = exports.createLogoutEndpoint = exports.createSignUpEndpoint = exports.createAuthorizeEndpoint = exports.createUrlSearchParamsForSignInSignUp = exports.createOnSignInCompleteRedirectIntermediate = exports.createErrorSearchParamsString = exports.createAuthFlowProofs = exports.createAuthFlowProofCookiesRemoveOptions = exports.createAuthFlowProofCookiesSetOptions = exports.createSignOutFlowProofCookies = exports.createSignInFlowProofCookies = exports.appendSetCookieHeadersToNextApiResponse = exports.revokeAuthNTokens = exports.exchangeAuthNTokens = exports.appendSetCookieHeaders = void 0;\nvar appendSetCookieHeaders_1 = require(\"./appendSetCookieHeaders\");\nObject.defineProperty(exports, \"appendSetCookieHeaders\", { enumerable: true, get: function () { return appendSetCookieHeaders_1.appendSetCookieHeaders; } });\nvar authNTokens_1 = require(\"./authNTokens\");\nObject.defineProperty(exports, \"exchangeAuthNTokens\", { enumerable: true, get: function () { return authNTokens_1.exchangeAuthNTokens; } });\nObject.defineProperty(exports, \"revokeAuthNTokens\", { enumerable: true, get: function () { return authNTokens_1.revokeAuthNTokens; } });\nvar appendSetCookieHeadersToNextApiResponse_1 = require(\"./appendSetCookieHeadersToNextApiResponse\");\nObject.defineProperty(exports, \"appendSetCookieHeadersToNextApiResponse\", { enumerable: true, get: function () { return appendSetCookieHeadersToNextApiResponse_1.appendSetCookieHeadersToNextApiResponse; } });\nvar authFlowProofCookies_1 = require(\"./authFlowProofCookies\");\nObject.defineProperty(exports, \"createSignInFlowProofCookies\", { enumerable: true, get: function () { return authFlowProofCookies_1.createSignInFlowProofCookies; } });\nObject.defineProperty(exports, \"createSignOutFlowProofCookies\", { enumerable: true, get: function () { return authFlowProofCookies_1.createSignOutFlowProofCookies; } });\nObject.defineProperty(exports, \"createAuthFlowProofCookiesSetOptions\", { enumerable: true, get: function () { return authFlowProofCookies_1.createAuthFlowProofCookiesSetOptions; } });\nObject.defineProperty(exports, \"createAuthFlowProofCookiesRemoveOptions\", { enumerable: true, get: function () { return authFlowProofCookies_1.createAuthFlowProofCookiesRemoveOptions; } });\nvar createAuthFlowProofs_1 = require(\"./createAuthFlowProofs\");\nObject.defineProperty(exports, \"createAuthFlowProofs\", { enumerable: true, get: function () { return createAuthFlowProofs_1.createAuthFlowProofs; } });\nvar createErrorSearchParamsString_1 = require(\"./createErrorSearchParamsString\");\nObject.defineProperty(exports, \"createErrorSearchParamsString\", { enumerable: true, get: function () { return createErrorSearchParamsString_1.createErrorSearchParamsString; } });\nvar createOnSignInCompleteRedirectIntermediate_1 = require(\"./createOnSignInCompleteRedirectIntermediate\");\nObject.defineProperty(exports, \"createOnSignInCompleteRedirectIntermediate\", { enumerable: true, get: function () { return createOnSignInCompleteRedirectIntermediate_1.createOnSignInCompleteRedirectIntermediate; } });\nvar createUrlSearchParams_1 = require(\"./createUrlSearchParams\");\nObject.defineProperty(exports, \"createUrlSearchParamsForSignInSignUp\", { enumerable: true, get: function () { return createUrlSearchParams_1.createUrlSearchParamsForSignInSignUp; } });\nvar cognitoHostedUIEndpoints_1 = require(\"./cognitoHostedUIEndpoints\");\nObject.defineProperty(exports, \"createAuthorizeEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createAuthorizeEndpoint; } });\nObject.defineProperty(exports, \"createSignUpEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createSignUpEndpoint; } });\nObject.defineProperty(exports, \"createLogoutEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createLogoutEndpoint; } });\nObject.defineProperty(exports, \"createTokenEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createTokenEndpoint; } });\nObject.defineProperty(exports, \"createRevokeEndpoint\", { enumerable: true, get: function () { return cognitoHostedUIEndpoints_1.createRevokeEndpoint; } });\nvar getAccessTokenUsername_1 = require(\"./getAccessTokenUsername\");\nObject.defineProperty(exports, \"getAccessTokenUsername\", { enumerable: true, get: function () { return getAccessTokenUsername_1.getAccessTokenUsername; } });\nvar getCookieValuesFromNextApiRequest_1 = require(\"./getCookieValuesFromNextApiRequest\");\nObject.defineProperty(exports, \"getCookieValuesFromNextApiRequest\", { enumerable: true, get: function () { return getCookieValuesFromNextApiRequest_1.getCookieValuesFromNextApiRequest; } });\nvar getCookieValuesFromRequest_1 = require(\"./getCookieValuesFromRequest\");\nObject.defineProperty(exports, \"getCookieValuesFromRequest\", { enumerable: true, get: function () { return getCookieValuesFromRequest_1.getCookieValuesFromRequest; } });\nvar getRedirectOrDefault_1 = require(\"./getRedirectOrDefault\");\nObject.defineProperty(exports, \"getRedirectOrDefault\", { enumerable: true, get: function () { return getRedirectOrDefault_1.getRedirectOrDefault; } });\nvar predicates_1 = require(\"./predicates\");\nObject.defineProperty(exports, \"isAuthRoutesHandlersContext\", { enumerable: true, get: function () { return predicates_1.isAuthRoutesHandlersContext; } });\nObject.defineProperty(exports, \"isNextApiRequest\", { enumerable: true, get: function () { return predicates_1.isNextApiRequest; } });\nObject.defineProperty(exports, \"isNextApiResponse\", { enumerable: true, get: function () { return predicates_1.isNextApiResponse; } });\nObject.defineProperty(exports, \"isNextRequest\", { enumerable: true, get: function () { return predicates_1.isNextRequest; } });\nvar hasActiveUserSession_1 = require(\"./hasActiveUserSession\");\nObject.defineProperty(exports, \"hasActiveUserSessionWithAppRouter\", { enumerable: true, get: function () { return hasActiveUserSession_1.hasActiveUserSessionWithAppRouter; } });\nObject.defineProperty(exports, \"hasActiveUserSessionWithPagesRouter\", { enumerable: true, get: function () { return hasActiveUserSession_1.hasActiveUserSessionWithPagesRouter; } });\nvar isSupportedAuthApiRoutePath_1 = require(\"./isSupportedAuthApiRoutePath\");\nObject.defineProperty(exports, \"isSupportedAuthApiRoutePath\", { enumerable: true, get: function () { return isSupportedAuthApiRoutePath_1.isSupportedAuthApiRoutePath; } });\nvar origin_1 = require(\"./origin\");\nObject.defineProperty(exports, \"isValidOrigin\", { enumerable: true, get: function () { return origin_1.isValidOrigin; } });\nObject.defineProperty(exports, \"isSSLOrigin\", { enumerable: true, get: function () { return origin_1.isSSLOrigin; } });\nvar parseSignInCallbackUrl_1 = require(\"./parseSignInCallbackUrl\");\nObject.defineProperty(exports, \"parseSignInCallbackUrl\", { enumerable: true, get: function () { return parseSignInCallbackUrl_1.parseSignInCallbackUrl; } });\nvar resolveIdentityProviderFromUrl_1 = require(\"./resolveIdentityProviderFromUrl\");\nObject.defineProperty(exports, \"resolveIdentityProviderFromUrl\", { enumerable: true, get: function () { return resolveIdentityProviderFromUrl_1.resolveIdentityProviderFromUrl; } });\nvar resolveRedirectUrl_1 = require(\"./resolveRedirectUrl\");\nObject.defineProperty(exports, \"resolveRedirectSignInUrl\", { enumerable: true, get: function () { return resolveRedirectUrl_1.resolveRedirectSignInUrl; } });\nObject.defineProperty(exports, \"resolveRedirectSignOutUrl\", { enumerable: true, get: function () { return resolveRedirectUrl_1.resolveRedirectSignOutUrl; } });\nvar tokenCookies_1 = require(\"./tokenCookies\");\nObject.defineProperty(exports, \"createTokenCookies\", { enumerable: true, get: function () { return tokenCookies_1.createTokenCookies; } });\nObject.defineProperty(exports, \"createTokenRemoveCookies\", { enumerable: true, get: function () { return tokenCookies_1.createTokenRemoveCookies; } });\nObject.defineProperty(exports, \"createTokenCookiesSetOptions\", { enumerable: true, get: function () { return tokenCookies_1.createTokenCookiesSetOptions; } });\nObject.defineProperty(exports, \"createTokenCookiesRemoveOptions\", { enumerable: true, get: function () { return tokenCookies_1.createTokenCookiesRemoveOptions; } });\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,+BAA+B,GAAG,OAAO,CAAC,4BAA4B,GAAG,OAAO,CAAC,wBAAwB,GAAG,OAAO,CAAC,kBAAkB,GAAG,OAAO,CAAC,yBAAyB,GAAG,OAAO,CAAC,wBAAwB,GAAG,OAAO,CAAC,8BAA8B,GAAG,OAAO,CAAC,sBAAsB,GAAG,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC,2BAA2B,GAAG,OAAO,CAAC,mCAAmC,GAAG,OAAO,CAAC,iCAAiC,GAAG,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,GAAG,OAAO,CAAC,2BAA2B,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,0BAA0B,GAAG,OAAO,CAAC,iCAAiC,GAAG,OAAO,CAAC,sBAAsB,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,GAAG,OAAO,CAAC,oCAAoC,GAAG,OAAO,CAAC,0CAA0C,GAAG,OAAO,CAAC,6BAA6B,GAAG,OAAO,CAAC,oBAAoB,GAAG,OAAO,CAAC,uCAAuC,GAAG,OAAO,CAAC,oCAAoC,GAAG,OAAO,CAAC,6BAA6B,GAAG,OAAO,CAAC,4BAA4B,GAAG,OAAO,CAAC,uCAAuC,GAAG,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,mBAAmB,GAAG,OAAO,CAAC,sBAAsB,GAAG,KAAK,CAAC,CAAC;AACl2C,IAAI,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AACnE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,wBAAwB,CAAC,sBAAsB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,IAAI,aAAa,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;AAC7C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,qBAAqB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,aAAa,CAAC,mBAAmB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC5I,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mBAAmB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,aAAa,CAAC,iBAAiB,CAAC,EAAE,EAAE,CAAC,CAAC;AACxI,IAAI,yCAAyC,GAAG,OAAO,CAAC,2CAA2C,CAAC,CAAC;AACrG,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yCAAyC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,yCAAyC,CAAC,uCAAuC,CAAC,EAAE,EAAE,CAAC,CAAC;AAChN,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,8BAA8B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,CAAC;AACvK,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,+BAA+B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,6BAA6B,CAAC,EAAE,EAAE,CAAC,CAAC;AACzK,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sCAAsC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,oCAAoC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvL,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yCAAyC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,uCAAuC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7L,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvJ,IAAI,+BAA+B,GAAG,OAAO,CAAC,iCAAiC,CAAC,CAAC;AACjF,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,+BAA+B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,+BAA+B,CAAC,6BAA6B,CAAC,EAAE,EAAE,CAAC,CAAC;AAClL,IAAI,4CAA4C,GAAG,OAAO,CAAC,8CAA8C,CAAC,CAAC;AAC3G,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,4CAA4C,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,4CAA4C,CAAC,0CAA0C,CAAC,EAAE,EAAE,CAAC,CAAC;AACzN,IAAI,uBAAuB,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;AACjE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sCAAsC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,uBAAuB,CAAC,oCAAoC,CAAC,EAAE,EAAE,CAAC,CAAC;AACxL,IAAI,0BAA0B,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;AACvE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yBAAyB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,uBAAuB,CAAC,EAAE,EAAE,CAAC,CAAC;AACjK,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,qBAAqB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,mBAAmB,CAAC,EAAE,EAAE,CAAC,CAAC;AACzJ,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,0BAA0B,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,IAAI,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AACnE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,wBAAwB,CAAC,sBAAsB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,IAAI,mCAAmC,GAAG,OAAO,CAAC,qCAAqC,CAAC,CAAC;AACzF,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mCAAmC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,mCAAmC,CAAC,iCAAiC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC9L,IAAI,4BAA4B,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAC;AAC3E,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,4BAA4B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,4BAA4B,CAAC,0BAA0B,CAAC,EAAE,EAAE,CAAC,CAAC;AACzK,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,sBAAsB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,oBAAoB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvJ,IAAI,YAAY,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;AAC3C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,6BAA6B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,2BAA2B,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,kBAAkB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,gBAAgB,CAAC,EAAE,EAAE,CAAC,CAAC;AACrI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mBAAmB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,iBAAiB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,YAAY,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;AAC/H,IAAI,sBAAsB,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;AAC/D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,mCAAmC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,iCAAiC,CAAC,EAAE,EAAE,CAAC,CAAC;AACjL,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,qCAAqC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,sBAAsB,CAAC,mCAAmC,CAAC,EAAE,EAAE,CAAC,CAAC;AACrL,IAAI,6BAA6B,GAAG,OAAO,CAAC,+BAA+B,CAAC,CAAC;AAC7E,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,6BAA6B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,6BAA6B,CAAC,2BAA2B,CAAC,EAAE,EAAE,CAAC,CAAC;AAC5K,IAAI,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACnC,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,QAAQ,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3H,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,aAAa,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,QAAQ,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;AACvH,IAAI,wBAAwB,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAC;AACnE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,wBAAwB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,wBAAwB,CAAC,sBAAsB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,IAAI,gCAAgC,GAAG,OAAO,CAAC,kCAAkC,CAAC,CAAC;AACnF,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,gCAAgC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,gCAAgC,CAAC,8BAA8B,CAAC,EAAE,EAAE,CAAC,CAAC;AACrL,IAAI,oBAAoB,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAC3D,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,0BAA0B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,oBAAoB,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,2BAA2B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,oBAAoB,CAAC,yBAAyB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC/J,IAAI,cAAc,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAC/C,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,oBAAoB,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,kBAAkB,CAAC,EAAE,EAAE,CAAC,CAAC;AAC3I,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,0BAA0B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,wBAAwB,CAAC,EAAE,EAAE,CAAC,CAAC;AACvJ,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,8BAA8B,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,4BAA4B,CAAC,EAAE,EAAE,CAAC,CAAC;AAC/J,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,iCAAiC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,cAAc,CAAC,+BAA+B,CAAC,EAAE,EAAE,CAAC;;"}
package/dist/cjs/auth/utils/origin.js CHANGED
@@ -9,6 +9,9 @@ const originRegex = /^(http:\/\/localhost(:\d{1,5})?)|(https?:\/\/[a-z0-9-]+(\.[
9
9
  const isValidOrigin = (origin) => {
10
10
  try {
11
11
  const url = new URL(origin);
12
+ if (url.protocol === 'http:' && url.hostname !== 'localhost') {
13
+ console.warn('HTTP origin detected. This is insecure and should only be used for local development.');
14
+ }
12
15
  return ((url.protocol === 'http:' || url.protocol === 'https:') &&
13
16
  originRegex.test(origin));
14
17
  }
package/dist/cjs/auth/utils/origin.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"origin.js","sources":["../../../../src/auth/utils/origin.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.isSSLOrigin = exports.isValidOrigin = void 0;\n// a regular expression that validates the origin string to be any valid origin, and allowing local development localhost\nconst originRegex = /^(http:\\/\\/localhost(:\\d{1,5})?)|(https?:\\/\\/[a-z0-9-]+(\\.[a-z0-9-]+)*(:\\d{1,5})?)$/;\nconst isValidOrigin = (origin) => {\n try {\n const url = new URL(origin);\n return ((url.protocol === 'http:' || url.protocol === 'https:') &&\n originRegex.test(origin));\n }\n catch {\n return false;\n }\n};\nexports.isValidOrigin = isValidOrigin;\nconst isSSLOrigin = (origin) => {\n if ((0, exports.isValidOrigin)(origin)) {\n return origin.startsWith('https://');\n }\n return false;\n};\nexports.isSSLOrigin = isSSLOrigin;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,aAAa,GAAG,KAAK,CAAC,CAAC;AACrD;AACA,MAAM,WAAW,GAAG,qFAAqF,CAAC;AAC1G,MAAM,aAAa,GAAG,CAAC,MAAM,KAAK;AAClC,IAAI,IAAI;AACR,QAAQ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;AACpC,QAAQ,QAAQ,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ;AACtE,YAAY,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;AACtC,KAAK;AACL,IAAI,MAAM;AACV,QAAQ,OAAO,KAAK,CAAC;AACrB,KAAK;AACL,CAAC,CAAC;AACF,OAAO,CAAC,aAAa,GAAG,aAAa,CAAC;AACtC,MAAM,WAAW,GAAG,CAAC,MAAM,KAAK;AAChC,IAAI,IAAI,IAAI,OAAO,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;AAC5C,QAAQ,OAAO,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAC7C,KAAK;AACL,IAAI,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AACF,OAAO,CAAC,WAAW,GAAG,WAAW;;"}
1
+ {"version":3,"file":"origin.js","sources":["../../../../src/auth/utils/origin.ts"],"sourcesContent":["\"use strict\";\n// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nObject.defineProperty(exports, \"__esModule\", { value: true });\nexports.isSSLOrigin = exports.isValidOrigin = void 0;\n// a regular expression that validates the origin string to be any valid origin, and allowing local development localhost\nconst originRegex = /^(http:\\/\\/localhost(:\\d{1,5})?)|(https?:\\/\\/[a-z0-9-]+(\\.[a-z0-9-]+)*(:\\d{1,5})?)$/;\nconst isValidOrigin = (origin) => {\n try {\n const url = new URL(origin);\n if (url.protocol === 'http:' && url.hostname !== 'localhost') {\n console.warn('HTTP origin detected. This is insecure and should only be used for local development.');\n }\n return ((url.protocol === 'http:' || url.protocol === 'https:') &&\n originRegex.test(origin));\n }\n catch {\n return false;\n }\n};\nexports.isValidOrigin = isValidOrigin;\nconst isSSLOrigin = (origin) => {\n if ((0, exports.isValidOrigin)(origin)) {\n return origin.startsWith('https://');\n }\n return false;\n};\nexports.isSSLOrigin = isSSLOrigin;\n"],"names":[],"mappings":";;AACA;AACA;AACA,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9D,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,aAAa,GAAG,KAAK,CAAC,CAAC;AACrD;AACA,MAAM,WAAW,GAAG,qFAAqF,CAAC;AAC1G,MAAM,aAAa,GAAG,CAAC,MAAM,KAAK;AAClC,IAAI,IAAI;AACR,QAAQ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;AACpC,QAAQ,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE;AACtE,YAAY,OAAO,CAAC,IAAI,CAAC,uFAAuF,CAAC,CAAC;AAClH,SAAS;AACT,QAAQ,QAAQ,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ;AACtE,YAAY,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;AACtC,KAAK;AACL,IAAI,MAAM;AACV,QAAQ,OAAO,KAAK,CAAC;AACrB,KAAK;AACL,CAAC,CAAC;AACF,OAAO,CAAC,aAAa,GAAG,aAAa,CAAC;AACtC,MAAM,WAAW,GAAG,CAAC,MAAM,KAAK;AAChC,IAAI,IAAI,IAAI,OAAO,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;AAC5C,QAAQ,OAAO,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAC7C,KAAK;AACL,IAAI,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AACF,OAAO,CAAC,WAAW,GAAG,WAAW;;"}